Skip Navigation


Phorm and surfing privacy debate continues
Friday 29 February 2008 16:01:05 by Andrew Ferguson

It would appear that at least one BT customer who posted on our forums could have unknowingly been involved in some form of beta testing or evaluation of the Open Internet Exchange software. The Register highlighted this thread which resulted in someones web browser accessing dns.sysip.net whenever they visited a website.

Phorm claims to be setting a 'gold standard' in online privacy, but with the denials and confusion that this person has gone through, it will make many question the reassuring statements that are appearing.

In theory, if what Phorm say they are doing works as expected, peoples information should be safe. The servers running at the ISP, while they will see things like the URL of the site you are visiting and other data a HTTP request provides, they are meant to filter this information and immediately mask out things like numbers longer than three digits and phrases with @ in them. The site is then looked up in a categories database to determine the sites type and then the count for this category is incremented against the unique identifier for that user. So in theory even if the persistent data that is stored in the database is compromised, all it should be able to tell someone is that user 1234 views lots of motoring websites and a few online shopping sites.

That is the theory as we understand it but, as always, the proof will be in how it works and whether the data is exactly as described. For example if something as simple as a domain name was also included in the persistent data, by analysing this you could perhaps identify individuals. A home worker may often visit his companies website and have a personal domain also, the two tied together could lead you to identiy someone.

For those using one of the many millions of BT Wholesale based ADSL connections, the BT division involved in the Phorm deal is BT Retail and will only affect BT Retail customers. Another item on The Register confirms that even the providers such as Plusnet and Madasafish who are owned by BT Retail will not be affected. With regards to Virgin Media, one presumes that both the cable and ADSL services will be affected. In respect of TalkTalk, it is not clear whether this will affect just TalkTalk customers or also include AOL Broadband who are part of the Carphone Warehouse group.

Comments

Posted by Guzzo over 9 years ago
Who are "Phorm" who funds them and why is this "monitoring" necessary? From the initial reports and quotes:
"it should be able to tell someone is that user 1234 views lots of motoring websites". So basically anyone with acccess to this information can use it as they see fit. Will this include leaving it on a laptop in the tube or losing it in the post? Not that privacy is a big issue anymore under this low tone form of modified Marxism we live under but enough is enough.
Posted by Guzzo over 9 years ago

I would like people like CARPETBURN to please specify exactly the best way to avoid this type of "phishing" because that is what it is. Its all well saying block the site refuse the cookie and all. But many will not know how to do this. Is it OK in this forum to point people to the tutorials on how best to do this?
Posted by herdwick over 9 years ago
The people with a clue seem to be saying you can't avoid your data being harvested unless you use secure tunnelling or similar, as the kit sits between you and the interent.

This isn't a forum, BTW :-)
Posted by Dawn_Falcon over 9 years ago
herdwick - yea, encrypted DNS and certain other blocks...for which I'm sure instructions will be widely distributed if they impliment this crap.
Posted by KarlAustin over 9 years ago
Encrypted DNS won't help you as my understanding of the system goes. As it intercepts the HTTP request, not the DNS - the request is effectively re-written by the Cisco ACE hardware, the DNS matters not in this situation.
Posted by CARPETBURN over 9 years ago
LOL and the paranoia continues lol, im sure by now every employee of Phorm are shopping away merrily on ebay with you name, dob, address, credit card and bank details and everything else you have ever typed on the net... Honestly why people cant just realise its an advert scheme to make money and is nothing new (theres loads of systems like this) i dont know.
Posted by diggsy over 9 years ago
Yup, seeing that ID theft etc. is already prevalent would Phorm really invent a scheme that makes them the prime suspect in any dodgy online dealings?
Also, not being particularly paranoid, I would imagine that those who need to know who does what online already have systems in place for anti-terrorist, organised crime etc.purposes but don't advertise in the media.
Posted by carrot63 over 9 years ago
You have to question the judgement of people who start a service (for want of a better word) likely to raise hackles in a big way, then give it a name that sounds like some devious corporate enemy in an 80s James Bond movie.

What would be nice would be some tighter regulation of the way data is sold on, with users in control of the way their behaviour is harvested, and then recompensed for agreed use.
Posted by herdwick over 9 years ago
"likely to raise hackles in a big way" - would the cannon fodder using mass market ISPs have a clue ? AOL has been Advert City, Arizona for long enough and its users seem oblivious.
Posted by cideaton over 9 years ago
I thought the Data Protection Act had been changed so that we're all Opted Out by Default and had to Opt In.

Not that I've anything to hihde, but why would I want anyone and everyone knowing which sites I visit and how often. Unless I'm breaking the law it is my business and no one elses.

I don't want "Targeted Advertising" I get enough adverts in my life.
Posted by comnut over 9 years ago
herdwick: no its not a forum, its blog or 'comments'.... blame the website authors for allowing it!!!
Posted by bosie over 9 years ago
You can see what's coming next. If ISPs are now facilitating snooping without recourse to the users involved it can only be a matter of time before the big hand of the law thumps down to regulate, and it won't be pretty. Shame on the ISPs involved, how dare they abuse customer trust.
Posted by Clearsky2 over 9 years ago
"I thought the Data Protection Act had been changed so that we're all Opted Out by Default and had to Opt In." So did I!

I can just see this all blowing up in BT's face. Especially when consumer programmes such as 'Watchdog' become involved (or The Gadget Show). Afterall it is not Phorm who are spying on the surfer, it is BT.
Posted by Clearsky2 over 9 years ago
BTW, I've just blocked 'dns.sysip.net' on the outbound network firewall. Will this stop access to Phorm?
Posted by herdwick over 9 years ago
can't see the DNS being relevant if they're harvesting the contents of HTTP packets.
Posted by kamelion over 9 years ago
Call me paranoid if you like, but why have they gone for three companies who offer telephonic as well as electronic communications?
Posted by ste__ over 9 years ago
Well.. people want cheap broadband. If this is the only way ISP's can get more money without upsetting cheapskate punters then so be it.

If you're not happy about it, vote with your feet and PAY for a decent ISP.
Posted by AndrueC over 9 years ago
Sad that so many people are surprised by this. The whole /point/ of the Internet is that your data is passed from hand to hand through dozens of different systems. If you have ever assumed that unencrypted data was private then you're a fool. Even assuming that encrypted data is private naive. Someone at some level can read it otherwise there'd be no point sending it.

All this does is allow companies to tailor advertising. It's slightly irritating but only a logical extension of the sytem. Time to wake up and realise what the Internet is and always was.
Posted by comnut over 9 years ago
ste__: very true. but there is a *sucker* 'grabbed' every second....and the salesmen just LUV them!!! :( :( I have 'warned' a few myself - they never listen, though....

Isn't this just 'google ads'(targeted ads by webpage content) with a different name, though??

And YES - using unencrypted data through the internet is just like sending 'secret' (??) messages by *postcard* in the post!!
Posted by Clearsky2 over 9 years ago
This is a question of INTEGRITY.

We expect cyber-attacks from criminals (phishing, hacking, etc), but we do not expect our legitimate A to B traffic being intercepted by our own ISP and then sent onto C.

Sadly some people here seem to think this a justified. Yeh, and some women think being beaten by their own husbands is legitimate.
Posted by c_j_ over 9 years ago
There is *much* more to this than Google Ads, and *much* more concern over whether Phorm's activities are actually legal in the UK. It's not just "more targeted advertising" (which an adblocker would stop). It's been said (correctly) that there is no privacy on the Internet, but the Phorm concept takes it from a concern in the background to a significant issue for all customers of major ISPs. If you haven't already read Friday's Register article, read it. As well as privacy issues, Phorm also creates new bottlenecks and new single points of failure...
Posted by kamelion over 9 years ago
Should we be surprised by this? Next someone will be saying "you don't know you telephone conversations are being monitored - are you ignorant?"

What you don't realise andruec is that there is a difference between advertising on the internet and targetted advertising because your internet habits have been monitored. It is about time YOU woke up.
I know what the internet is. It is a connection between various networks to provide and effect provision of information between various networks.
Posted by sealion over 9 years ago
People are saying "But I thought the Data Protection Actprevented this", but has anyone actually raised the issue with the Information Registrar/Commissioner (or whatever his title actually is)?

If everyone with concerns sent an e-mail asking him to investigate, then at least we'd get some clarity of the legal position (and he might order BT to scrap the whole thing)
Posted by jelv over 9 years ago
Plusnet have confirmed that this *will* affect their PAYG users who are on RIN:

[quote]Just to confirm, Phorm will impact RIN customers.

We're currently drafting an email to inform RIN customers of this and providing instructions on how to rejoin the PlusNet network.

Capacity shouldn't be an issue.

Kind Regards,

James Bailey
PlusnetComms Team[/quote]
Posted by Guzzo over 9 years ago
"LOL and the paranoia continues"
ROFL. We should be used to this monitoring. The British people are dangerous. The Governement MUST have an eye on them at all times. Thought crime is rife. Considerations of self interest simply do not fit Party needs.
The solution? Simple. Switch off the PC and get on with living while you still can.
Posted by AndrueC over 9 years ago
@Kamelion:I am fully awake. I just already know that there is a high likelihood of my Internet use being monitored - or at least being available for later study. Whether that's right or wrong is another matter but personally I don't care. I wouldn't use the 'net for anything I wanted to keep secret anyway and advertisers are gits and always will be.

I was just pointing out that this doesn't significantly affect the [lack of] privacy and security that has always been inherent in the system.
Posted by AndrueC over 9 years ago
@Guzzo:I wouldn't go that far but you should certainly use the Internet with the assumption that you are being monitored. Same with telephones. It's just a risk factor to be considered and (for me) for the most part discounted as irrelevant.

As for adverts - I block them as much as I can and I ignore them. I have plenty of self-control when it comes to spending money and don't subscribe to modern commercialism. If others lack that self-control or haven't twigged that it's all a scam then they have more to worry about than some minor strategic change in the way advertising is operated.
Posted by RepairExpert over 9 years ago
I wonder how many people would trust a company that in the past had engineered toolkits, and now employ Russian Programmers. Phorm is such a company.
Anyone who thinks this is harmless should at least read this thread and the links below...
http://bbs.adslguide.org.uk/showflat.php?Cat=&Board=virgin_adsl&Number=3281307&page=0&view=collapsed&sb=5&o=2&fpart=
http://www.techdirt.com/articles/20080218/024203278.shtml
http://techdirt.com/articles/20080227/114140370.shtml
http://www.badphorm.co.uk/page.php?3
Mike.
Posted by RepairExpert over 9 years ago
That first line should have read 'Rootkits' not 'toolkits' of course.
You must be logged in to post comments. Click here to login.