Broadband provider TalkTalk are following its users around the Internet in a bid to develop a new anti-malware system. Dubbed StalkStalk by The Register, the company is using a system to collect every URL or web address that its users visit and then follows them to the site to scan it for malware threats. The first part of this system is compulsory, so users cannot chose not to have the sites they visit scanned. The data collected will in future be used to build a list of sites that can be blocked at the network level to avoid customers being infected by malicious websites.
The system came to light after users on TalkTalk's forums saw that they appeared to be stalked by two TalkTalk/Opal IP's. As people browse the web, TalkTalk's system collects the URL's and these are recorded and checked against a list of blacklisted sites known to carry malware and also a list of whitelisted sites that have been scanned and approved in the last 24hours. If the site doesn't appear on either list, the user is followed to the site and the page is scanned for malware.
Users may be concerned that this sounds similar to Phorm which some ISPs such as BT tested previously, however this system does not monitor or record who looks at what sites.
"Our scanning engines receive no knowledge about which users visited what sites (e.g. telephone number, account number, IP address), nor do they store any data for us to cross reference this back to our customers."
"We are not interested in who has visited which site - we are simply scanning a list of sites which our customers, as a whole internet community, have visited."TalkTalk Statement
Customers are expected to be able to access the system in the second half of this year which will also include parental control features. It will be opt-in and will be available at no extra cost.