I hope it's not BT, Virgin Media or Talk Talk.

The above mentioned providers have apparently reached agreement with Phorm to sell your surfing destinations to enable them to target advertising more specifically at you.

http://www.theregister.co.uk/2008/02/27/bt_phorm_121media_summer_2007/

The company mentioned Phorm have gone through several name changes in their time - not surprisingly since they apparently have their roots in spyware.

Scary! Thanks for the "heads up".

I'm glad I'm not with one of those three.

Can one block Phorm in any way?

I do believe they have to give you the "option to opt out" .......

Luckily, however, I don't use them..... but I suspect if it's an earner then it won't be long before the others join in.

Ugh. But there is something you can do: run Firefox, with a couple of plugins:
- AdBlock Plus, plus the Filterset.G Updater
- NoScript.

The last mentioned gives you control over Javascript, which is how this Phorm stuff works. By default, nothing runs, but you can set it so that scripts always run if they belong to the site you actively went to,and 3rd-party scripts are blocked - which suits GMail etc.

Phorm may not last long.

http://www.theregister.co.uk/2008/03/17/phorm_fipr_illegal/

If you go to http://webwise.bt.com/webwise/index.html It tells you if it's switched on or not or as in my case that it's not available in my area.

They very craftily tie it up with a so called security feature

BT Webwise helps to increase your protection against online fraud and make your Internet browsing more relevant.
BT Webwise automatically increases your protection against online fraud by checking against a list of known fraudulent and untrustworthy websites. When you visit any website on the list, you'll receive a warning, so you can choose whether or not to visit it. It's another way BT is helping to protect you online.
BT Webwise also personalises the online advertising you see on participating websites by linking it to your interests. For example, if you search for a weekend trip to Paris or visit pages related to Paris, BT Webwise would help provide relevant advertising for travel or hotel information. You won't see pop ups. You won't see any more adverts than you normally do — they'll just be more relevant!

Unfortunately, it doesn't seem to matter if you opt in or out.
The system only appears to check for the presence of the opt out cookie *after* your browser request has gone through the profiler. So all you actually opt out of are the targeted ads. Phorm still get the marketing data.

Was with BT, now have the MACs for my 2 accounts and actively looking for a principled ISP.

The closest real world analogy to what they are doing is having your postman open all your mail, read it through for keywords and seal it back up so he can better target you with more relevant junk mail. Obviously totally acceptable :rolleyes:

Make no mistake, even if you have logged in to PPRuNe, any posts you make here are on an unencrypted (non-HTTPS) page and would be included in the profiler, as would any mail you checked via web-mail.

Edited to include last 2 paras

I agree it's totally unacceptable I believe that some people who have been caught by it are planning to sue BT, I await the outcome with interest.

Yes, the people that are looking at suing BT were business customers!
When approached about it, BT outright lied that they were anything to do with the anomalous browser behaviour these guys noticed.
Add to that, I think it's under the DPA, trialling a system on live customer data is illegal.

I'm awaiting responses from Aquiss and IDnet regarding their policy regarding Phorm. Zen, so far, seem to be the only one that have stated they will have nothing to do with it.

Out of interest, I contacted my ISP, www.plus.com (http://www.plus.com) about "phorm".

Within a short time, I received this e-mailed reply:

"Dear P.P.,

Thank-you for your query. We have no plans to implement any of Phorm's technology in any capacity.

If you have any further queries please do not hesitate to get in touch.

Regards,

Plus.com"

P.P.

Thanks P.P.

Aquiss, Zen, Seriously!, Fast and Entanet (I guess that means their resellers too) have publicly stated they won't have anything to do with this.
IDnet have just called me back and confirmed the same. :D

Happy (unprofiled) surfing to all :ok:

I'm with Orange/ex Freeserve are they doing this? Hope not. I uderstand it's an intrustion of my human rights.

daz

it may be a breach of the data protection act but it certainly is not a breach of your "yoomin roights"... :ugh:

As a BT customer you can see why I was concerned enough to start this thread. Of course as has been said upthread (is that a word?) where BT go today I'm sure others will follow- if they get away with it.

There is a thread currently running on a BT support forum http://www.beta.bt.com/bta/forums/thread.jspa?threadID=2612&start=0&tstart=0

where this is being debated. It is very much up to date and BT staff do contribute. However if you were to read through it, and unfortunately it's over 20 pages long, you'll find that the staff have been frequently contradicting one another and Phorm employees contradicting them.

Staff have been caught out lying in the thread too.

It appears that BT have been less than honest about the whole matter.

What is interesting to note is that the trials that were due to start on the 12th of March in Some areas of London have not in fact done so.

In response to my query, have been informed by my ISP (Madasafish) that they "have no intention of using Phorm". I have previously had direct dealings with the lady who gave me this promise and she has always been reliable in the past.

Mostly reassured by this but I cannot put out of my mind that Maaf were recently bought out by BT although they do still seem to be operating independently.

Well, I've just managed to get throughthe entire thread on the BT website referred to above. The obvious solution to all the concerns being aired there is "find another isp". My isp, as I have posted above has categorically stated that they have no intention of incorporating Phorm, however, as was pointed out on the BT website, plus.com is now owned by BT. Althought it would appear that they have managerial independence at present, for how long?

P.P.

There is a good article about this in this months Computing Which? It would seem that the Information Commisioner's Office is now involved, requesting info from Phorm and from the three ISP's so far involved (BT, Virgin Media, and Talk Talk). Talk Talk it would seem is the only ISP to indicate that its customers will need to opt in rather than opt out. The Consumers Association is also to be involved in discussions about Phorm.

So far my ISP (Orange/Wanadoo/Freeserve) does not seem to be involved.

And now Talk Talk seems likely to be the one to buy Tiscali (my ISP).
Oh B*gger.....

Phorm.

...a company run by and employing some folks with a very checkered past... is attempting to take advantage of ISPs' lust for advertising dollars, and setup a centrally controlled system (spanning not only ISPs, but countries) that is designed to capture, analyze, and retain information about the browsing histories and behavior of hundreds of millions of individuals. On top of that, the system is designed to deliver content to and redirect browsers based on very fine grained channel rules. It is not only a wet dream for targeted advertisers, but for government agencies and hackers as well. Which is of even greater concern give that the software for the system is the product of Russian developers and Phorm has said that ISPs aren't given access to the source code.

But Phorm promises that their system won't store or use personal information. Honest.
So we don't need to worry about that then, do we? :sad:

I'm bringing this thread back from the past to post more up to date information for those members who might be affected by this Phorm/Webwise issue.

This link:BT, Webwise and Phorm: What you need to know (http://www.inphormationdesk.org/welcome.htm) has a pretty good comprehensive list of relevant links and information about Webwise.

There is also a protest meeting being organised at BTs AGM at the Barbican on the 16th of July (if you are interested click the "About" link at the top of the page to get the details)

On a personal level I've now left BT and moved to another ISP who say they have no intention of implementing Phorm, well I hope it's true but time will tell.

The interception of customer's search requests that BT have already- apparently illegally-carried out and at first denied, then reluctantly admitted, so far have gone unpunished but there is at least one court case pending.

I don't expect anyone to actually read through this:Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797] - Cable Forum (http://www.cableforum.co.uk/board/12/33628733-virgin-media-phorm-webwise-adverts-updated.html) thread but if you did there is more than enough background information there to keep you busy for a week :) It's a 700+ page thread with 10,000 posts!

Apologies for the messy layout, I did put paragraphs etc in it originally, honest.

This may be useful

Tor: anonymity online (http://www.torproject.org/)

Not being particularly au fait with internet technology I asked some of those people that are whether TOR would protect you against Phorm intercepting and harvesting practically all you do on the internet. Here are some of the quotes I received: "TOR would work, in so far as your communications cannot be traced back to you. However, at some point, there needs to be what's called an 'exit node', which means that at some point, an unencrypted request to a website needs to be made. If Phorm has its spyware software on the ISP on which this request is made, then it can be intercepted& quot; "TOR would fox Phorm, but it also exposes you to risks... If you run a TOR exit node, you would not know who was using your ISP account to surf the net (yet you would be held responsible for their traffic). And you would not know where your own web traffic was ultimately emerging" "If the exit node you are using was on a phormed ISP connection, or if phorm were to run their own exit nodes, then the Phorm Webwise UID would be unique for each person's browser, so each person would be tracked individually. Providing a Tor exit node, or running a public proxy would be a good way to test phorm - in fact the leaking javascript in Phorm's 2006 tests contained a variable which indicated the ISP that was running the test, and one of the values was "I.PUBLICPROXY". I guess you could monitor your traffic for webwise.net redirects and Nebuad faireagle.com requests and blacklist exit nodes that exhibit those symptoms, however you'll have no guarantee that the owner of the exit node isn't monitoring your activity - TOR aims to provide anonymity not privacy - Also if you intend to use a proxy such as tor it is wise to delete all your cookies first because a dodgy exit node could use man-in-the-middle type exploits to trick your browser into sending cookies for any site they are interested in so that it can capture them." On the Webwise topic again, the one ISP that finally admitted it had carried out secret tests on its customers was BT - Virgin and Talk Talk has said they are interested but have not tested the technology yet - and they had no choice since the evidence became overwhelming that they had in fact carried out testing. Someone, probably an insider, released a document pertaining to the trial and it's interesting that BT who use the word transparent a lot in their terms and conditions use it much differently in regard to their trial. When they talk about transparency there it means inserting cookies and javascript into pages you have requested that you can't see. Why is it that something like Webwise which BT/Phorm insist is really good for us, the customers, because it allegedly prevents phishing attacks and shows us "more relevant" advertising not allowed to stand on its own two feet and let us choose to use it or not. Is it because if you have to physically select to have it set for your pc most people would opt out? After all it's easy to block most ads and the main browsers have anti phishing features anyway. BT now say they are working on a new system to allow you to choose whether or not to use Webwise (at the moment even if you go through all the reluctantly given procedure to opt out you still have all your data stream passing through Phorm's profiling servers and presumably profiled but not acted upon). Of course they had to do something once they were found out conducting illegal trials and intercepting customer's data. The best way for any customer who's at all concerned about all this and uses one of the fore mentioned ISPs is simply to change to another ISP, there are some about. And here's a couple of quotes from some well regarded experts in privacy issues. “The message has to be this: if you care about your privacy, do not use BT, Virgin or Talk-Talk as your internet provider” - Professor Ross Anderson, Cambridge University, UK. Web users angry at ISPs' Phorm spyware tie-up | This is Money (http://www.thisismoney.co.uk/bbphone/article.html?in_article_id=432233&in_page_id=182) " I would want to use an ISP that doesn't [monitor which websites I go to]. I personally want to feel free." - Sir Tim Berners Lee, Inventor of the World Wide Web, Director of the World Wide Web Consortium BBC NEWS | Technology | Questions and answers: Tim Berners-Lee (http://news.bbc.co.uk/1/hi/technology/7300434.stm)

Sorry, this is the only place where I can't seem to post with all the relevant paragraphs in place etc.

Thanks to Saab Dastard I've managed to make my post above more readable.

You may not be too bothered by all this BT/Phorm/Webwise issue but at least you can now read it more easily!

I just need to practice my links now...



Not being particularly au fait with internet technology I asked some of those people that are whether TOR would protect you against Phorm intercepting and harvesting practically all you do on the internet.


Here are some of the quotes I received:


TOR would work, in so far as your communications cannot be traced back to you. However, at some point, there needs to be what's called an 'exit node', which means that at some point, an unencrypted request to a website needs to be made. If Phorm has its spyware software on the ISP on which this request is made, then it can be intercepted
TOR would fox Phorm, but it also exposes you to risks...If you run a TOR exit node, you would not know who was using your ISP account to surf the net (yet you would be held responsible for their traffic).And you would not know where your own web traffic was ultimately emerging

If the exit node you are using was on a phormed ISP connection, or if phorm were to run their own exit nodes, then the Phorm Webwise UID would be unique for each person's browser, so each person would be tracked individually.
Providing a Tor exit node, or running a public proxy would be a good way to test phorm - in fact the leaking javascript in Phorm's 2006 tests contained a variable which indicated the ISP that was running the test, and one of the values was "I.PUBLICPROXY"
I guess you could monitor your traffic for webwise.net redirects and Nebuad faireagle.com requests and blacklist exit nodes that exhibit those symptoms, however you'll have no guarantee that the owner of the exit node isn't monitoring your activity - TOR aims to provide anonymity not privacy - Also if you intend to use a proxy such as tor it is wise to delete all your cookies first because a dodgy exit node could use man-in-the-middle type exploits to trick your browser into sending cookies for any site they are interested in so that it can capture themOn the Webwise topis again, the one ISP that finally admitted it had carried out secret tests on its customers was BT - Virgin and Talk Talk has said they are interested but have not tested the technology yet - and they had no choice since the evidence became overwhelming that they had in fact carried out testing. Someone, probably an insider, released a document pertaining to the trial and it's interesting that BT who use the word transparent a lot in their terms and conditions use it much differently in regard to their trial. When they talk about transparency there it means inserting cookies and javascript into pages you have requested that you can't see.


Why is it that something like Webwise which BT/Phorm insist is really good for us, the customers, because it allegedly prevents phishing attacks and shows us "more relevant" advertising not allowed to stand on its own two feet and let us choose to use it or not. Is it because if you have to physically select to have it set for your pc most people would opt out? After all it's easy to block most ads and the main browsers have anti phishing features anyway.


BT now say they are working on a new system to allow you to choose whether or not to use Webwise (at the moment even if you go through all the reluctantly given procedure to opt out you still have all your data stream passing through Phorm's profiling servers and presumably profiled but not acted upon). Of course they had to do something once they were found out conducting illegal trials and intercepting customer's data.


The best way for any customer who's at all concerned about all this and uses one of the fore mentioned ISPs is simply to change to another ISP, there are some about.


And here's a couple of quotes from some well regarded experts in privacy issues.


“The message has to be this: if you care about your privacy, do not use BT, Virgin or Talk-Talk as your internet provider” - Professor Ross Anderson, Cambridge University, UK.
http://www.thisismoney.co.uk/bbphone/article.html?in_article_id=432233&in_page_id=182


"I would want to use an ISP that doesn't [monitor which websites I go to]. I personally want to feel free." - Sir Tim Berners Lee, Inventor of the World Wide Web, Director of the World Wide Web Consortium


http://news.bbc.co.uk/1/hi/technology/7300434.stm