back to article Top security firm: Phorm is adware

In a fresh blow to its hopes of winning consumer acceptance, a top three anti-malware firm has said it will very likely include Phorm's targeting cookies in its adware warning database. Trend Micro told The Register: "The nature of Phorm's monitoring of all user web activity is certainly of some concern, and there is a very high …

COMMENTS

This topic is closed for new posts.

Page:

Thumb Down

I don't just want to avoid Phorm....

...I want vengeance. Can we destroy this thing? Botnets, DoS attacks, poisoning the database? Anything is fair game. Let's see the oft-rumored anarchist internet factions use these assholes as target practice.

0
0
Ed

Email etc

Indeed, if I enter a password for a website, e.g. a blog's admin system or my webmail etc, then that's certainly not a public page that should be able to be read by Phorm (or anyone except me). What about all the people who rely on obscure URLs to hide things. Not good security practice, sure, but they're not intended for public consumption.

0
0
Coat

"[This] should not be taken...

as a definitive statement or interpretation of the law, which only the courts can give."

So they'll most likely go ahead anyway, until someone takes the fuckers to court, where they'll most likely employ the usual army of expensive briefs and "experts" to defend their position.

And win.

Back to pen & paper and the scud-mags then!

Mine's the long, dirty, brown Mac (No, the OTHER kind of Mac, fuckwit!)

0
0
Thumb Up

10 out of 10

Excellent, now then, can you guys have a look at the ISP download speeds for us?

0
0

Wish I'd seen this earlier

I've just finished send of my latest email owning VM tech support.

The first reply was just "go away, there's nothing going on" signed by (Your Name)

Second was a link to the original Reg article and signed by (Your Name)

Third directed me to VM Q&A which answered none of my questions but at least "Julian" paid attention to me mocking them for failing at email templates

Fourth reply suggested I used ad-blocker software but did admit that no-one at VM tech support has been told anything about what's going on, but does quote from the Q&A the we "will have the choice to keep their internet experience exactly as it is now"

Until I get an unqualified yes to the following question, I'm going to keep harassing them;

"Will it be possible for me to ensure that none of my data enters any hardware or software system owned by, operated by or supplied by Phorm or any of their aliases or subsidiaries?"

0
0
Thumb Down

phorm is adware

the microsoft definition of adware

Advertising that is integrated into software. Adware is often combined with a host application that is provided at no charge as long as the user ...

www.microsoft.com/security/glossary.mspx

the f-secure definition of adware

A type of Advertising Display Software that delivers advertising content potentially in a manner or context that may be unexpected and unwanted by users. Many adware applications also perform tracking functions, and therefore may also be categorized as Tracking Technologies. ...

www.f-secure.com/security_center/malware_code_glossary.html

just because the software is on the ISP's server not your PC need i say more

it is an unwanted intrusion to privacy

sign the petition at http://petitions.pm.gov.uk/ispphorm/

and complaint to you isp bt's complaint page is a link on http://www2.bt.com/contactus

0
0
Anonymous Coward

More Progress But...

All I want is independently confirmed proof that my ISP won't be sending one single packet of my data to Phorm.

0
0
Bronze badge

Dear ISP

I understand that lax business practices have dropped the price for internet connectivity to below cost. Please allow those of us who care to pay 20% above cost instead of being sold to the highest bidder.

Seriously. The policy here is that because they're not charging us enough they decide instead to sell our things without asking? In what universe does that make sense?

0
0
Thumb Down

Ive asked to opt out........

of my new 12 month contract I agreed over the phone 3 or 4 days before the phit hit the phan. I have not yet had a response to the question:

"Did the contract I agreed to verbally contain any notification that all my data was going to be intercepted"

Nor have I had a response to the question:

"If you are going to change the terms and conditions of my contract to include a clause along the lines of 'please feel free to intercept all my data and profile me' will I be able to cancel my contract because I would not agree with you doing this with my data"

I havent even had an answer to the question:

"Since I assume you have stitched me up tighter than the manx kippers I brought back from the island last week and I have no way to cancel my new contract without penalty could you please tell me how much the penalty clause is for early cancellation?"

I'll let you know if I get anything other than cut & paste replies.

0
0
Flame

@Phorm

"Phorm and its ISP partners have all stated repeatedly they believe the system to be 100 per cent compliant with RIPA and the Data Protection Act."

They can believe in the *&%$ing Tooth Fairy, for all I care; it doesn't make them right. What they propose is an illegal wiretap - we shouldn't even be discussing this, we should be screaming for the ISPs' and Phorm's diectors to be arrested if they so much as try it.

0
0
Coat

Virgin

Virgin will be getting my cancellation call as soon as my new line is up and running (currently penned in for next week).

0
0
Coat

Imagine the scene:

I fall for the whole thing and let Phorm monitor my web usage and supply ads related to my surfing habits. Nice. Then the wife gets onto the net for 5 minutes and all she sees is ads for pr0n sites.

Who's she gonna be looking at? Hmmmm? ANSWER THE QUESTION MISTER!!!

Mine's the one that's been slashed and dumped in the garden with everything else I own...

0
0
Paris Hilton

sky?

does anyone know if sky have signed upto this yet?

Paris - just because

0
0
Thumb Down

@Mycho

I dont want to pay anymore! I want to pay the same amount of money, and get the service that I should be getting - no interception for any reason ever, unobtrusive traffic shaping (if you really must), 99.999% uptime, UK call centres only.

Anyway, its funny to see Phorm in such denial. "Its not Adware or Spyware!", Phorm says scandalized. "Its useful, its relevant, its.... its...."

Its advertising software, sorry Phorm, you Phail.

Now the question is, as Trend Micro says, is there a better solution to opting out than storing a cookie on your machine? What if I want to remove all traces of Phorm, even including the opt-out cookie? It seems self-defeating, I know, but I dont want any part of Phorm on my computer at all.

PS: can we have an Epic Fail pic? Like the Failboat, or Fail Kitty?

0
0

Understandable

I can see the point of anti-malware reps being miffed at this.

If your whole business model is all about protecting users from being monitored/profiled and spammed with ads, then its kind of annoying when an ISP and former malware criminal team up to implement a near unstoppable system that encompasses every user.

In that case we may as well let all the profilers have our browsing history and fight amongst themselves to inject the ads.

0
0
Flame

@ Mycho - Well, not really, just agreeing

Part of my interest in Phorm is that we switched to BT from Pipex, following the Tiscali move. We went live THE DAY BEFORE Vulture Central broke the news.

We were happy with Pipex, we were happy to be paying more for a good quality connection with Tech Support based in the UK. (Insert tales of woe about telling non-native english speakers "We know it's not the Microfilters - It's at your end, probably the [frobinator]" here )

Then we saw Tiscali's prices for new customers, then we saw the line drops, the speed drops and ultimately the customer drops.

So to all the ISP's: Just sell us a good quality connection at a price that will make you some profit. If it costs you more for UK based tech support, then pass the cost on to us. We Will Pay. Cheerfully. We will gladly recommend you to our friends.

Just don't pimp our data or cut corners when we need help.

0
0
Ash

@Steve

You missed "or connected (directly or indirectly)", and the phrase "but not limited to".

Read more EULA's and you'll get the idea ;)

0
0
Anonymous Coward

Adware

Maybe the ISPs should offer this:

1. Free Broadband (at max speed or should it be upto max speed) for agreeing to have adware sent to you.

2. Or just subscribe for broadband as normal with no ads.

Would there be any takers then?

0
0
Heart

@Peter Sommer, CW and JL

Please guys also consider the issue of consent in the following cases:

1.) Private email (under RIPA) - both parties to the email must consent, yes? What steps has Phorm Webwise really taken to ensure that every web-based personal communication tool, from corporate email servers to social networks and charities will be blacklisted from examination, when to the servers it just looks like another webpage? The technical arguments about HTML <form>s are irrelevant as message threads can be reproduced as inline text etc.

2.) Protected non-public content accesed via username and password, under copyright law.

And can someone please get onto the Open Rights Group and offer some technical help over this statement on their front page "Here’s what we’ve been told about the workings of Phorm so far. Phorm assigns a user’s browser a unique identifying number, which, it is claimed, nobody can associate with your IP address, not even your ISP"

Plesae explain to them that, since cookies are transmitted in cleartext, and every packet on the network has the originator's IP address, the ISP can with a simple network sniffer easily create a lookup table of ID vs IP.

This just gets worse every day I read about it.

0
0

copyrighted information

Even if the default option is opt-in, and some BT/Virgin user has done the opt-in, and the BT/Virgin user reads an email (webmail) I have sent to them (from another internet connection), isn't some law still being broken?

They might have asked the Virgin/BT user for their permission to profile/phorm their communications, but they won't have asked the sender to read/copy/profile/intercept the private/copyrighted email they sent to that user via webmail.

Similar to this:

http://community.zdnet.co.uk/blog/0,1000000567,10007508o-2000331777b,00.htm

0
0
Thumb Down

HTTP

One thing that ISPs have to understand is that HTTP traffic is used for many more things than private individuals browsing e-commerce sites. Big companies tend to have this mindset that the internet is all about e-commerce ... of course the bits of it that are of interest to them really are, but most of the rest of it isn't.

There are all manner of private status pages and control panels which people use of their broadband line, not to mention the myriad of automated systems which communicate by HTTP (1).

ALL of this traffic will be captured and analysed by Phorm's system, even if you opt out of having your 'browsing experience' enhanced via cookie.

My vote is a big fat NO.

(1) Although fortunately anything obscured by HTTPS should avoid interception as far as I've read so far.

0
0

Stonewalled by BT

Has *anyone* had a response from BT about Phorm/scumsuckers/WebWise?

I asked a week ago on their 'it'll all be lovely and won't someone think of the children' page and have yet to have a response. Likewise a question to their laughable technical support address has gone unanswered.

0
0
Black Helicopters

So now it's official

ISP really does now stand for Internet Spyware Provider.

0
0

"not adware"

It's software. It delivers advertising. Which part of that is hard to understand? Oh right, the "advertising is not an experience which consumers enjoy, it is a burden they have to put up with" part.

0
0
Paris Hilton

@ Nick Palmer

"They can believe in the *&%$ing Tooth Fairy, for all I care; it doesn't make them right"

That actually made me choke on my coffee and fall off my chair, bravo sir! :-D

-----------

Surely if the said ISP's change their T&C's to incorperate this, aren't the user entitled to cancel without penalty as the new T&C's aren't acceptable :-s

TBH I'd be surprised if this takes off, Phorm's share price has nearly halved since this all kicked off - and the more it gets discussed the less viable it appears.

0
0
Black Helicopters

Back dooor shenanigans?

"Targeted online advertising services should be provided with the explicit consent of ISPs' users or by the acceptance of the ISP terms and conditions"

So, we'll all be opting in by a backdoor change of some obscure section of TOCs?

0
0

@Stonewalled by BT

I left BT Intercept (err, I mean Internet) years ago because I NEVER EVER got any response from them when I complained about their crap connection and poor service.

I would be staggered if you are treated any better these days.

One thought, of course, is that if you go down the "opt out" cookie route, you'll get automatically opted back in if you ever clear the cookies from your browser (which I do now and then for no particular reason other than to stop lots of crud building up)

I've got to hand it to the salesmen though; trying to convince their punters that this is all for their own good!

0
0

My mail to BT

I have been following with interest BTs plans to incorporate Phorm's targeted ad software into the BT Broadband package.

As I do not consider myself to be anyone's "target market" and value my privacy highly, I would be grateful if BT could confirm either:

1. That opting out of the service will mean that none of my traffic will go anywhere near any hardware or software owned, operated or supplied by Phorm or their subsidiaries.

or

2. The substantial change in the Terms and Conditions and Privacy Policy that implementing this system will require will allow me to leave my fixed term contract early with no penalites.

I'm sure they'll enjoy ignoring that.

0
0
Paris Hilton

@ (re BT) I've asked to opt out........

If you have agreed to a contract over the phone they are supposed to send you written confirmation, and you have seven days from the day after you received it to change your mind. If they don't send you written confirmation you can change your mind within three months and seven days of the verbal agreement - see http://www.out-law.com/page-430#services

0
0
Thumb Down

Reply From CEO Office BT

I sent an email to the CEO of BT last week and i have recieved a reply today reply below (replaced names with xxxx) sent full emails to elreg.

If BT intercept any data from my password protected http pages I will sue the pants of them for infringment of my interletual property rights the pages are passworded for a reason KEEP OUT !..........

BT can't answer simple questions just keep forwarding you to their webwise page.

Dear Mr xxxxxxx

I am writing in response to your email sent to BT’s Chairman & Chief Executive’s Office and acknowledged by xxxxxxx xxxxxxxx.

I appreciate your concerns regarding the recent publicity about BT’s trial of BT Webwise. However, I would like to assure you that the proposed service is an “opt in” service. There is no intention to automatically intercept your internet connection data stream in order to collect internet usage patterns. Should a customer choose to take advantage of BT Webwise, BT is very careful to ensure that only specific data is collected.

More information, including a comprehensive questions and answers section can be found at http://webwise.bt.com/webwise/help.html. I can assure you that, in spite of your reservations, the information found there is completely trustworthy.

If I can be of any further assistance please do not hesitate to contact me.

Yours sincerely

xxxx xxxxxxxxx

0
0
Alert

BT Webwise 'completely trustworthy'?

It's interesting to compare the BT Webwise site:

http://webwise.bt.com/webwise/help.html?_faqs=13,14,15,16,17,18#f13

with:

http://www.webwise.com/how-it-works/faq.html

Apart from putting 'BT' instead of 'ISP', these answers are word-for-word the same. So who wrote them, do you think? (Clue: who has been quoting them in interviews?)

But it's OK, they are completely trustworthy. (Except perhaps for the 'Why do I have to opt out?' question, which mysteriously vanished earlier this week; perhaps that wasn't....)

And curiously (i) webwise.com seems to have fallen off Google...though Phorm hasn't, so it doesn't look like a Google backlash

and (ii) only the BT and TalkTalk logos appear on the Webwise site - Virgin is conspicuous by its absence. I hope this means more than just that VM haven't biked over the logo artwork yet....

0
0
Anonymous Coward

hang on...

if some arsehole is using a bt subscribers connection via bt fon does that mean that bt subscriber will be bombarded with x-rated ads from phorm?

0
0
Anonymous Coward

hang on...

if some arsehole is using a bt subscribers connection via bt fon for some single handed web browsing does that mean that bt subscriber will be bombarded with x-rated ads from phorm?

0
0
Ian

BT CEO Mail, @mark

If they really said ``I would like to assure you that the proposed service is an “opt in” service.'' then that's a massive change of position. If CPW and BT go for an opt-in scheme (ie default opt-out) and Virgin join them then the game is essentially over for Phorm.

0
0
Coat

Leave Phorm Alone!

How dare you talk about Phorm like that, do you know what she's been through?!

0
0
Anonymous Coward

What are the chances…

What are the chances of getting an injunction prohibiting any deployment of Phorm in the UK until all these very important legal questions have wended their way through to the House of Lords?

0
0

Let's saturate Phorm with rubbish

The first comment is my sentiment. Just for fun I've written a Javascript applet that generates a mix of real and randomly generated web access. I chose Javascript because I can't think of any way an ISP can easily tell the difference between a script in a browser navigating to a page, and me typing.

Anyone know something I don't ?

0
0
Flame

cookies

It to easy to be true to poisoning there database.

We can use there system against them self.

Remember Phorm do not get IP number information. There "so called" privacy is there akiles heal. Well you going to love this.

The only why Phorm can ID users is supposable only by a cookie this is done for "so called" privacy reasons..

Why don't we all use the same cookie. Making sites you go to pointless as 99.9% there system knows about has nothing to do with you.

All for 1 cookie and 1 cookie for all.

I say we should call this Operation Cookie Monster, yes like from Sesame Street.

;)

0
0
Boffin

@ Kevin re interception of email

I think Kevin has a good point here - if I am using Webmail, one interception is taking place of the (http) transmission between the webhost and me; but isn't another interception taking place of the correspondence between the sender of the email and me?

I know google et al scan email for keywords to target advertising, but I have agreed to this in the signup T&Cs, that doesn't give the ISP or Phorm the right to use my email contents for advertising. And if the email comes from a person using another ISP host then doesn't he/she have to consent too?

0
0
Paris Hilton

Pop! The sweet sound of another bubble bursting!

Fancy a laugh at the expense of the investors?

http://www.iii.co.uk/investment/detail?code=cotn:PHRM.L&display=discussion&it=le

Enjoy.

In response to one of the investors whining - "But what have they got to hide?"

Paris says - "well nothing...obviously..I'm for sharing!"

0
0
IT Angle

IF COMCAST want to give me a OCR999 Internet Connection FREE

Then they can send me all the ads they want. But as long as I pay for the connection whatever it is PHORM can go jump in a lake with a Aircraft Carrier Anchor attached to their waist.

0
0
Law
Flame

RE: Reply From CEO Office BT

"I can assure you that, in spite of your reservations, the information found there is completely trustworthy."

Oh, that's ok then. We all feel like a bunch of idiots now, imagine, an ex-spyware company misusing the fountain of private information given to them from our ISPs... silly us.

<coughs> lying-t*ssers </coughs>.......

A flame, to cleanse BT!!

0
0
Happy

Phorm Share price

Tuesday March 11, 10:47 AM

" LONDON (Thomson Financial) - Phorm Inc (LSE: PHRX.L - news) said it is not aware of any undisclosed commercial reasons for the recent movement in its share price, as it issued a statement to clarify 'some misconceptions which we are taking steps to address' on privacy issues.

The company has been criticised in recent weeks over concerns that its technology, which categorizes web-surfing habits in order to target online advertising, compromises user privacy."

BTW the shares ended up down -11.60% at closing.

0
0
Thumb Down

A fscking cookie??

Let's presume I'm a retarded cabbage and actually stick with an ISP that shoves this down my throat without joining a class action suit against them. Presume.

So this magic cookie that is the basis of my having opted out of the Pharm scam... Where is it? It can't be on MY PC. Well, it could be I suppose, but what happens when I run my small suite of anti-malware/virus/adware and optimization tools which routinely delete all cookies (with my blessing)? Does this magic cookie go away? Am I now opted in by default? Do I need to go opt out after every system cleansing?

I call shenanigans. Boo-urns.

0
0
Silver badge

Just hoping that

this too has an even greater negative effect on the Phorm share price.

I'm not usually one to gloat over another's misfortunes. However, I will make an exception in the case of Phorm. I will raise a glass when they crash and burn.

I am lucky not to use any of the ISP's due to be infested by Phorm. And I have much respect for my ISP. They are not cheap but do provide an excellent service and a UK based support center.

Respecting ones rights to privacy as I do, I sympathise with the victims of Phorms bad practice. And wish you well in dissuading your respective ISP's from this gross invasion of privacy, or finding an alternative provider you can trust.

Good luck with this.

0
0
Go

Phorm and RIPA

Re the Home Office letter:

Paras 6 and 8 seem to confirm the view that Phorm are doing interception as defined under RIPA.

Para 9, I am guessing, applies to the non-processed data from opt-outs. But I don't think it is sound; the filter belongs to the 'person' (Phorm), and even though the person elects to do nothing with it, they could have processed it, so it has been made available to them. You'll notice that Phorm talk about 'our servers' at the ISP, and not about 'our software' on the ISP's servers.

Para 13 makes it clear that *both* ends must consent to the interception, for it to be authorised. So the subsequent OIX use for ad serving is entirely legal. But that is then what the letter goes on to talk about.

Instead, it should be considering the data collection at the ISP; *I* might consent to my end of a session with 'WebHost', but unless WebHost also consents, we have unauthorised interception.

The argument in para 15, for possible implied consent by WebHost, can be rapidly dismissed. Until I contact WebHost, they have no knowledge that a message is coming, and so cannot possibly have consented to its being intercepted unless they have issued some sort of blanket permission for this, in advance; and such permission could hardly be an implied permission.

We then hardly have to consider the second leg, where WebHost reply to me and the communication is again intercepted, without their knowledge. However, if we must, I need only point out that if what WebHost provide is a paid-for, password-protected, service, then the presumption of any implied consent to interception must also fail.

Re paras 16-18, I'd suggest that the lawful interception under 3(3) doesn't apply, as the Phorm data collection is clearly additional to the services needed to provide the ISP service. (Indeed, if it wasn't, then I couldn't be posting here now). And it's stretching the definition to breaking point to interpret it otherwise.

However, if what Phorm are planning is allowable under 3(3), then no sender or receiver permissions would be required. and the recommendation in para 20 would be just that - a recommendation. But it seems clearly wrong that this should be so, and para 20 should be enforceable in law, in my view.

Para 21 remains wrong about being able to assume the implied consent of web hosts. Especially, I would imagine, rival advertising services.

Para 22 I find wrong as well. However, I then have a difficulty in that the spam-blocking service provided by my other ISP, and which I have cheerfully opted into, would also seem to me not to be lawful interception under 3(3). And if not, I very much doubt that the spammers have given their consent, implied or otherwise, under section 2.

Anyone help me square this circle?

0
0
Alert

Public Notice

I own and operate Spamblocked.com and Kryptonite Hosting, and I explicitly, categorically, and without reservation *deny* to Phorm, OIX, and any other third party who is not an end-user's ISP or legitimate search engine permission to intercept and/or profile traffic sent by my server(s) ins response to the end-user's query. I further deny permission for such traffic information to be conveyed to any such third party.

0
0
Thumb Down

webwise cookies

below is lifted from BT's webwise faq page

it seems to infer that there are both opt out and opt in cookies and if it can't put a cookie on the machine (because you have blocked them) it seems to assumes opt out from below

About use of cookies in BT Webwise

What happens if I delete my cookies?

You will receive a new cookie from your Internet service provider (ISP) when you go online. You will need to choose again whether to turn BT Webwise on or off. You should return to www.bt.com/webwise and turn it on or off as necessary. [X]

Why does BT Webwise use cookies?

This is so that we can send relevant advertising without learning a customer's identity. [X]

I delete my cookies regularly, and I want to keep BT Webwise switched off. How do I do that?

If you regularly delete your cookies and want to ensure that Webwise is permanently switched off, simply add "www.webwise.net" to the Blocked Cookies settings in your browser. Up-to-date versions of both Internet Explorer and Mozilla Firefox have this capability. [X]

0
0
Anonymous Coward

Recognizing Phorm invasion

How will we recognize a "Phorm invasion" if an ISP signs up to it? My guess is that BT will foist it on its customers. Does Phorm cookie appear in the browser cookie log from where it can be deleted?

0
0
Anonymous Coward

@tech idiot

I think the comment "But what have they got to hide?" is a mocking comment.

That "investor" only posts negative comments about Phorm from ZDnet and TheRegister and talktalkmembers.com

I suspect they are not an investor but an IT guy.

Just a thought....

0
0

Page:

This topic is closed for new posts.

Forums