Sunday, September 14th, 2008
by alphaxion
Holy mother fucking crap.
Have a read of this register story and try to stop yourself from foaming at the mouth in rage.
The UK government are flat out refusing to punish BT and Phorm for the total abuse of privacy on the grounds that “it’s too hard to explain to you simpletons” and so it’s best we let them continue shafting your privacy because it gives them comfortable pensions and kickbacks BT profits.
How difficult is it to say “BT are providing access to everything you do on the net to an outside company with a history of spyware production in exchange for money you will never see a share of, but it’s ok because they promise that they’ll make it anonymous and that they won’t look at anything sensitive”.
If you ever want to see how they’re not looking out for the best interests of the citizens they are meant to work for and instead wish to only line their own pockets and keep their friends and family rich at the cost of the the citizens taxes and privacy then this is a perfect example of corruption between a government and the corporations that operate in its jurisdiction.
Roll on the EC and stomp the fuck out of both the BT and the UK government.
I fully recommend that everyone writes a letter to Commisioner Vivian Reding and inform her about your fears and concerns as well as requesting thsi be investigated and criminal proceedings started against the members of government that refuse to uphold the law and the companies involved.
Sunday, September 14th, 2008
by alphaxion
Since feb, I have been following the story of Phorm in the UK and doing my hardest to make others aware of what is going on.
The register has been the best for coverage, with the guardian doing some good work too, but this news has been largely ignored by the rest of the media and the BBC posting totally pathetic stories that were nothing more than copy and pastes of the PR crap spewed by phorm themselves - absolutely ZERO journalism on the part of the BBC, no effort at all to investigate! Way to go you corporate shills.
If you want to know about Phorm and their plans to snoop on your browsing habits, here is a round up of all the stories run by the register - here.
So, what exactly is happening with this phorm (also known as webwise, with their ad banner network known as OIX) “service”?
In basic terms, phorm install some equipment at your ISP known as Deep Packet Inspection (DPI) switches.
They have been trying to make it opt out buy presenting you with a webpage asking if you wish to use webwise which must be done per browser per user and clearing away your cookies enables the “service” once again.
Whenever you access a website, phorms DPI switch will intercept your traffic, analyse it for key words and store the result of that analysis in categories next to a unique number that is associated with you.
This will happen REGARDLESS OF WHETHER YOU OPTED OUT OR IN, opting out will only stop you from seeing ads based on the results of the analysis of your browsing habits, it DOESN’T STOP YOU FROM HAVING YOUR BROWSING BEING SNOOPED ON.
Sounding like a great thing yet?
They try to say that because they don’t hold anything other than these categories and a number, that it is completely anonymous.
But what if the switch that is performing the analysis with the raw data before they have “anonymised” it gets compromised by someone looking to gather peoples identities?
You might be “anonymising” it now, but what about feature creep? What about being bought out by people who don’t care about “anonymising” this data?
There is nothing to say that this would be set in stone!
How about the poor 17,000 original “test subjects” who had some javascript injected into their pages by Phorm, a search on the net for this javascript code will bring about personal websites and forum usernames… while their data may be “anonymised”, you can still track them down because of how the system during the trial actually worked!
For now, you will not be getting any adverts “injected” into the sites you visit, it will only show up targeted ad’s based on your browsing habits if the site is a customer of phorms OIX ad banner network based on the cookie that was dropped onto your system when you opted in or out.
Many geeks have raised a valid point about this very cookie… it represents a security risk! The data can be rewritten by others and could be used to find a way to compromise your system!
Now, for the moment this snooping is only happening on port 80 (which is the port used for websites) but there is nothing to stop “feature creep” from adding all the other ports so that everything you do on the net can be analysed.
Imagine it, you have just spent the past 3 hours playing a game online and you do a little bit of browsing when all the sites that use OIX start showing you ads for games and gaming related hardware… been playing an old game? maybe the ads will be of video card and newer pc’s..
At the end of the day, this is a complete destruction of your privacy so that your ISP can make money from your browsing habits. They try to claim that webwise will improve your security by blocking phishing sites.. well, there are plugins available for your browser that already do this, and without snooping on your browsing in the process.
And onto the sad news, it appears the UK government don’t want to do a single fucking thing about this massive abuse of your privacy by a commercial entity. You try to report this to the home office, the IOC, OFCOM, the police and your MP’s and pretty much all of them will either wash their hands of you and/or the problem or will play pass the idiot with you and send you onto another department.
If you thought it couldn’t get any worse, then it can.. it appears that members and ex members of the UK government are actually members of the board at some of the companies involved, most noticably a certain Patricia Hewitt is a non-exec director at the ISP that is trying to push this the hardest (BT) after leaving the employment of the government!
If you wish to read more about this please visit badphorm.co.uk.
And now to the bad news for you americans… systems such as phorm are rampant in the US and you have had pretty much a complete media blackout over it!
Such companies as NebuAd, Frontporch, Adzilla and Project Rialto are working with the big US ISP’s, with NebuAd claiming to already be snooping on about 10% of *all* US netizens due to their deals with, amongst others, Charter Communications.
Here’s a couple of links to stories about these worrisome entities:
Charter and NebuAd dealHow bad the scourge of web snooping is in the US
But, it’s not all bad news. Despite this being pretty much unreported in the US media, it has reached the ears of some of your elected officials who have begun asking questions and sending out letters asking to know more about what they do and the legality of their “services”.. This register story covers it.
So, despite a media storm going on here in the UK, we have largely margionalised MP’s fighting for us and we have government advisory panels saying that phorm and their kind are illegal, the UK government is still turning a blind eye.
While it at a far more advanced stage in the US, you are finally getting members of congress to pay attention… all that is needed now is for the british and american general population to be informed about this abuse of our privacy and maybe we can get somewhere, though I don’t hold my breath of anything good happening in good old corrupted UK. 