Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

[madslug]

Quote:

Originally Posted by BetBlowWhistler

The basic principle of the operation is a proxy service, which by default is an interception as it terminates your connection before making the onward connection on your behalf.

If they claim they are just mirroring the datastream for analysis, how the hell are they supposed to inject different adverts?

The same way that all the other targeted systems do. The script which displays the advert uses the UID in the domain cookie to talk to the Webwise/OIX UID databases - not within the ISP side of the firewall, and then deliver the advert.

As the code which calls the script is hosted by a webpage which the user has requested, the browser trusts it and calls the script. The same way that the browser trusts the google-analytics script. It gets around the usual 3rd party script/cookie blocking by using the domain name of the web page.

All the initial datastream will have is the ad script so there won't be any modification there by the proxy. Have to assume that there is no bouncing around when the ad script talks to the external ad serving database. If there were, by the time the advert was delivered, most people would already have clicked away from the page.

If you think of it - the script is delivered by the proxy, the analysis by the mirror, which advert you see/last saw is handled by the webwise/oix database server. (No wonder there were comments about power usage)

The above is open to correction: I just can't see any other way it could be done.

[Wildie]

sounds not very green

[madslug]

Quote:

Originally Posted by tarka

We know that the device that intercepts your requests strips out the forged cookies that they create. What is to stop them stripping out any cookies from competing ad networks? Eg doubleclick, google etc. I'm not saying that I approve of the other ad networks but there is definately an unfair advantage to be gained by doing so.

You worry about competing ad networks? How about when Phorm was trying to sign up as an affiliate at all the ad networks - would you trust them not to modify the affiliate ID? No one would expect them to modify 100% of the IDs because that would be too easy to trace. What about 1% - or even 0.1%?

When someone sits in the middle of a datastream, you really do have to trust them with everything. Start to think about it and the only conclusion that you can come to is that if just one thing can be injected into the datastream then the final delivery can no longer be trusted. Neither the up nor the down stream is pure.

Where DPI is used for traffic control, the worst thing that happens is that the ISP router delays some data packets in preference for other data packets. There is no modification of or addition to the data packets.

With Phorm, there are additional data packets and those packets can contain anything. Only cookies, as far as we know. UIDs are stored in cookies. Affiliate IDs are stored in cookies. Passwords are stored in cookies. Usernames are stored in cookies. IP addresses are stored in cookies. Anything can be stored in cookies.

Trust.

[phormwatch]

Quote:

Originally Posted by Peter N

The problem is that the whole thing is layered rather than mapped so 2D diagram is going to be all but impossible.

What is it that you are actually hoping to show with your diagram? If you can ut it into words it may hel you to organise your thoughts and perhaps starting again would be easier than trying to correct the existing chart.

Just a suggestion but maybe the user should be at the centre of your map.

Well, the diagram was not intended for general public consumption - though they are more than welcome to look at it if they please. My original intention was to show all the people involved and their relationships to help clarify *in my mind* what was going on. Then I realised it could be useful for the anti-Phorm campaign, since it would give us a bigger picture of what is going on and areas to investigate.

Therefore, I think it's right that Phorm stays in the middle of the diagram.

As for dabs - I've already heard a few people claim to have started a boycott with this information. Many people seem to want to leave it. Unless someone can come up with a very good reason to remove it, I shall leave it there for the time being.

I'm off to Italy today. Will try to post while I'm there, but it's not certain.

Keep up the fight!

That makes sense to me.

Have a good holiday and don't forget to send a postcard :-)

Hi, just a quick update to the Hosts file inclusions....
I have contacted MVPS and received the following email which may be of interest

Thanks for the feedback ...

re: Please consider the following for inclusion"
I already have included the following:

# [NebuAd]
127.0.0.1 a.faireagle.com
127.0.0.1 www.faireagle.com
127.0.0.1 www.nebuad.com

As for Phorm ... most of the entries you included are not valid.
Most of those sites are now "For Sale" and thus no longer legit.

Once any valid evidence of what entries are "in use" I will surely
add those to the HOSTS file ...

Microsoft MVP - Internet Explorer & Consumer Security
"There's no place like 127.0.0.1"
http://www.mvps.org/winhelp2002/hosts.htm

[Deko]

Slightly OT, FYI


For all those commenting on the odd share price PHRM LN is not a SETS stock its a market maker stock.


They are

KAUP
WINS
CANA

[3x2]

Quote:

Lord West, who is a former First Sealord and Chief of the Naval Staff, also issued a general warning about the lack of privacy in using the internet.

He said internet service providers could already assess ""information about the consumer's internet use for the provision of value-added services"".

""People must realize - and I used to say this within the Navy - there will be more people look at your internet information than look at a postcard when you write it,"" he told the House of Lords. ""People tend to forget that - and

[that] it is used for quite legal purposes, some of it.""

I keep seeing this quoted in various stories and it's beginning to annoy me. Is this the standard by which policy is being made by senior figures in government and elsewhere? Looking at a postcard only requires opportunity and the ability to read. Viewing my net activity requires deliberate interception by skilled people using expensive network kit. If my net activity is being routinely intercepted and "looked at" who exactly is doing it and under what authority?

Why am I reminded of "Senator tubes" over in the US when I read this sort of comment from a senior figure?

[tarka]

Quote:

Originally Posted by madslug

You worry about competing ad networks? How about when Phorm was trying to sign up as an affiliate at all the ad networks - would you trust them not to modify the affiliate ID? No one would expect them to modify 100% of the IDs because that would be too easy to trace. What about 1% - or even 0.1%?

When someone sits in the middle of a datastream, you really do have to trust them with everything. Start to think about it and the only conclusion that you can come to is that if just one thing can be injected into the datastream then the final delivery can no longer be trusted. Neither the up nor the down stream is pure.

Where DPI is used for traffic control, the worst thing that happens is that the ISP router delays some data packets in preference for other data packets. There is no modification of or addition to the data packets.

With Phorm, there are additional data packets and those packets can contain anything. Only cookies, as far as we know. UIDs are stored in cookies. Affiliate IDs are stored in cookies. Passwords are stored in cookies. Usernames are stored in cookies. IP addresses are stored in cookies. Anything can be stored in cookies.

Trust.

I definately don't worry about competing ad networks. I was just trying to highlight the sort of abuse that the system is open to.

There have been so many MOD laptops left on busses and in taxis over the last couple of years that Data Protection is clearly not that well understood by the military.

[Portly_Giraffe]

Quote:

Originally Posted by 3x2

Viewing my net activity requires deliberate interception by skilled people using expensive network kit. If my net activity is being routinely intercepted and "looked at" who exactly is doing it and under what authority?

I agree. He has chosen the wrong analogy. I would expect my unencrypted Internet communications to be as secure as a postal letter. To view the contents of a letter you have to open it, which is illegal (except under very specific conditions) if you are a third party.

So ... who is volunteering to persuade Lord West to alter his position?

[icsys]

Quote:

Originally Posted by Portly_Giraffe

I agree. He has chosen the wrong analogy. I would expect my unencrypted Internet communications to be as secure as a postal letter. To view the contents of a letter you have to open it, which is illegal (except under very specific conditions) if you are a third party.

So ... who is volunteering to persuade Lord West to alter his position?

The problem is, it has been said, and quoted all over the place.

It's like a lawyer making a statement in court only for the judge to say "the jury will disregard that comment" Too late! it has been said and the jury is influenced.

When all of this came to light in February, I don't think any of us realised just how unsecured our daily internet usage really is. Although his Lordship's remarks are inaccurate I think that people reading them will at least be more alert to the risks and receptive to the case for controls.

I don't believe that anyone would read that and think that it means it's too late to address the problem. More likely that they'll say "what can we do about it?" and it's up to people like us to provide at least some of the answers.

[Privacy_Matters]

Hey Guys

In regards to my post about receiving a letter form my MP, Rt Hon Alistair Darling MP, a few days ago - I emailed him and received another response today, touching on the view from BERR:

"Thank you for you email. Looking at Mr Hutton's letter again, he doesn't say that he has no real concerns about the Phorm system at all. He does say that the Government is committed to ensuring that people's privacy is protected. That's why the Information Commissioner's Office has been looking at these proposals and that it is compliant with the Regulation of Investigatory Powers Act. Howver, I shall ask Mr Hutton to deal with the other points in your email and write to you again as soon as I can."

I thought it prudent to post this, as it clearly shows there is concern within BERR, and Mr Darling clearly wished to indicate this as soon as he could.

Again, Mr Darling is very hands on and I trust him to gain the information I requested.

[tarka]

Quote:

Originally Posted by Privacy_Matters

Hey Guys

In regards to my post about receiving a letter form my MP, Rt Hon Alistair Darling MP, a few days ago - I emailed him and received another response today, touching on the view from BERR:

"Thank you for you email. Looking at Mr Hutton's letter again, he doesn't say that he has no real concerns about the Phorm system at all. He does say that the Government is committed to ensuring that people's privacy is protected. That's why the Information Commissioner's Office has been looking at these proposals and that it is compliant with the Regulation of Investigatory Powers Act. Howver, I shall ask Mr Hutton to deal with the other points in your email and write to you again as soon as I can."

I thought it prudent to post this, as it clearly shows there is concern within BERR, and Mr Darling clearly wished to indicate this as soon as he could.

Again, Mr Darling is very hands on and I trust him to gain the information I requested.

I didn't think the ICO had anything to do with RIPA?