Coding activists have developed an application designed to confound Phorm's controversial behaviour-tracking software by simulating random web-browsing. The folks behind AntiPhormLite says this means actual browsing habits are buried in noise. The app, which is available free of charge, is designed to poison the anonymised click …
Unbelieveable that we have to use something like this!
The fact that its necessary is distasteful
The vast majority of users aren't going to run this application so the Phorm business model is going to still work well for them! Key to kill Phorm and others is to ensure ISPs see their customers vote with their feet whenever this technology is deployed.
The best way to deal with Phorm is to migrate away from any ISP that uses the technology. Let the ISP know the reason for moving and send their senior managers / MD an email or letter that informs on your views about Phorm and their involvement in such a techology.
A Webmaster Writes ...
Oh great, as if I don't have enough bots getting random stuff from my websites already.
(robots.txt was a nice idea. Pity only Google reads it.)
Please, can it be renamed as 'PhormPhucker (Lite)' ? :)
as per UKNOT
"honest g'vnor, I wasn't browsing for child porn - I was just trying to obfuscate my browsing habits from Phorm. The process was automated and not under my control..."
Paris?? Because, well, you know you'd hit that... maybe with a stick?
Sadly I believe your right. Most bog-standard users on an ISP don't know and even if they did, quite frankly they probably wouldn't care, the tired old "What have you got to hide?", would come out. In the end Phorm may still get in, and if/when they do they will still get enough meaningful data to make it worthwhile.
I think it's great that some people are dedicated enough to not take this lying down, even releasing the source so it can be ported, but much like ad blockers, how many non-geeks will use it? Like others have said, vote with your wallet. I jumped ship from Virgin to a) avoid Virgin's ludicrous costs and b) the Phrom debacle.
a source of white noise
maybe they should hook up an atomic vector plotter to a nice source of brownian motion like, say, amanfrommars's noggin. If they can peel off the tin-foil hat, that is.
ObRule34: Camel Case + Port Manteau = CamelTeau
You know, there's a good reason I wouldn't follow the "natural surfing behavior" of most users on a Windows PC.
Mine's the one owned by hundreds of bots.
but I have to agree with J.A.T.
Only way to kill Phorm (and others like them) is to starve them of cash.
If it could be proven to work against ALL the little leeches though...
Paris, coz she looks like she's intercepting someone's data in the picture!
This is a completely pointless application.
If you are with an ISP that is using Phorm and it bothers you (and clearly it bothers a lot of people, which is fair enough) then why on earth would you want to stay with them?
Just move to another ISP! It's simple.
Ha ha ha
If enough people use this program then it will suck up extra bandwidth costing the ISPs that deploy this Phorm of spyware even more money than they will find it worth to screw their own customers who have been paying them in good faith.
Serves them right.
Paris, because she also likes sucking up people's bandwidth.
Another way to vote with your feet
Perhaps if someone maintained a list of companies that advertise through phorm we could all boycott those too.
If only ...
I'm on Virgin's Cable network rather than an ADSL connection (not that I ever signed up with them of course, when I took out a contract for a cable internet connection it was still Cable London, not even Telewest!) and there is no way I'd want to replace that wide, permanent pipe with a questionable ADSL connection over ancient copper. So I'm rather trapped at the moment thanks to the now monopoly that exists in cable.
Otherwise I'd leave Virgin immediately ...
Not Only But Also..
Not only poison phorms data, but penalise the ISP also by making repeated Data requests using oh so precious bandwidth! Excellent now where do I and my unlimited connection sign up... however the extra traffic might be a problem for website owners though...
WHAT. THE. FUCK?
>"The application needs DirectX 9.0C or later installed."
Colour me boggled. DX9? For a trivial bit of socket-based code? Which doesn't even render the bleedin' html? This is why everything's so goddamn bloated these days.
>" It ignores bandwidth-heavy images, flash and video files in a bid to make sure that its doesn't eat through a user's bandwidth and thereby"
...gives its identity away and can be easily filtered by Phorm?
It is outrageous that we should have to consider something like this to protect our privacy. If my ISP go ahead with their Phorm snoop deal then I shall be taking my business elsewhere as I imagine most Reg readers would be inclined to do. Admittedly the numbers are against us with the majority of customers oblivious to what is happening.
However, in light of another Reg story today, "Government orders data retention by ISPs", I would still consider running AntiPhormLite or a similar obfuscation tool. Again it is all about the numbers. A few techies running such applications would be little more than an inconvenience to a government determined to goose step us towards a police/ surveillance state but it would make me feel a bit better!
isn't CamelTeau illegal now?
I've just jumped ship to Zen, connection goes live on the 20th. Bye bye BT, I won't be coming back *ever*.
does it work against government enforced data retention?
Wouldn't it be easier for the app to target the phorm cookie directly rather that attempt to obfuscate actual hits?
As the man already said? DX9, wtf?
This app doesn't need to be more than 50 lines of C(++) sockets code and a few config files to allow specification of which sites are on the let's read list.
What are these people *really* up to?
@ John Leyden & Ralph B
VM has not signed a deal to include Webwise/Phorm, as is stated here: http://www.virginmedia.com/customers/webwise.php
and as previously noted in El Reg.
Antiphormlite is a neat idea, pity that it's XP & Vista only.
However I have just come across another weapon which should keep Ralph B happy, called Dephormation. It's a Firefox add-on and can be downloaded from here:
Another good reason to dump IE &/or Safari in favour of FF, easily the most secure browser out there.
With this now installed I couldn't give two hoots whether my ISP signs a deal with Phorm or not. I had been seriously thinking of changing ISP, but the aggravation of notifying everyone of numerous email address changes was putting me off. Problem now solved.
Exactly what i did yesterday... bye bye BT.
Now lets see how long it takes O2 to feck-up.
Changing aint always so easy :S
I'm on Virgin Media, and aside from the nightly throttling, I'm pretty happy. I pay naff all and get better speeds than I can on ADSL in my area. I habve no BT line in my house whatsoever, so to switch providers I'd have to
1: Get a worse broadband connection
2: Pay a huge installation fee to BT (I mean really - £120 fo put in a wire?)
3: Probably have a hard download limit, as opposed to the current slowing down.
Phorm sucks, and its pretty bad you cant simply opt out (even for a fee), but the other options simply mean changing ISNT an option........
"in light of another Reg story today, "Government orders data retention by ISPs", I would still consider running AntiPhormLite or a similar obfuscation tool. Again it is all about the numbers. A few techies running such applications would be little more than an inconvenience to a government determined to goose step us towards a police/ surveillance state but it would make me feel a bit better!"
That's what I was thinking.
I dare say this is the start of a new approach to confounding the US Patriot Act and various other government regimes world wide. Binladen hand and shrimp.
A title is required.
I agree with Ralph B, this is bad for webmasters. If it doesn't respect robots.txt it shouldn't be encouraged, and if it does it will be easy to identify and filter.
Re: WHAT. THE. FUCK?
Damn got there before me on both points.
Why waste this bandwidth
... consumed by requesting random pages? How about doing something useful with it instead by parsing the text and links contained therein to create an index of the Web which could then be collated in a distributed database? Just a thought...
It's all good till..
..it accidentally views sites with fertiliser for sale and anything slightly middle eastern twice in a week and all of a sudden you're up against the wall.
good idea, and one I keep hearing,
but for those of us stuck at the end of badly installed copper, at the extreme distance limit from the exchange with a top speed that makes RFC 1149 look attractive (and, with only one working pair left according to the last BT engineer who looked at it 15+ years ago, who then proceeded to make expensive sounding noises about us bearing the cost of any new cable run..at which point, we said hello NTL.), care to name any feasible non-BT copper alternative to VM cable ? (and as cheap as VM, which costs me £10 pcm at present)
I'd jump ship the morrow, if I could (I do not trust the public statements the VM marketing droids have come out with), but I've no alternative service in this area which would match the speed of their cable, e.g. Slackware 12.1 iso downloaded at a consistent 250KB/s overnight, other iso images on previous nights at 150KB/s, total data transferred over three nights; approx 19GB, the worst download speed over the past month being 110KB/s, btw, I don't hammer it like this every night, most nights, the only inbound traffic is NTP and ClamAV updates related (and the usual lame port scans), but I like to know the bandwidth is there when I need it.
So, any non-BT copper ISP suggestions gratefully welcomed..
This is not the first such app
You can do this in your FF Browser using TrackMeNot:
I've also written a couple of Java and Python scripts to do this. You can see them here:
Award for most pointless app
Sorry but that thing is the biggest load of ... If you really think that browsing other websites is going to hide the sites you already visit, then you deserve phorm.
So you don't trust phorm but trust some unkown app, that pulls unkown URLs. All you will end up doing is slightly alter the ads you get served, your personal data is still intercepted by phorm. Just move ISP.
for non-winders people
Most people should be able to knock up a version of this for Unix-like systems using lynx, wget and some perl glue.
...Write my own software to counteract this sort of thing, but then again this has to be installed in large numbers of computers to be successful.
The requirement of directx 9 is just as bizarre as the language choice for this project, Dark Basic is mainly a games development tool.
It strikes me that the targetted advertising is something google has been doing for sometime, just being more obvious about it, and of course you have the choice not to use google. Well you would if every single application you installed wasn't offered a "free google toolbar!!!" with every download.
I remember when using the internet was about the free exchange of information, everybody helping everybody else and writing poems about their dead pets, not about selling you something around every corner.
The required title
On the whole I do not think this will make much difference over all to phorm, after all how many people will install the application.
It will make a big difference to the invester who does not understand technology, and thinks anything computer is scary.
If the invester thinks the revinue stream for Phorm will go down with this application, then that is a good thing. So lets all download it, just to clock up numbers of downloads, make it look like 1,000s of people have installed. Make a lot of noise and watch the share price tank.
The deterent effect may be all that is needed to stop the scum.
@Richard Cain - you need a new ISP
I wrote it. Your problem is not solved. You need to change ISP if you are dependant on Dephormation.
Dephormation was originally intended to demonstrate how daft Phorm's design is, on the assumption that someone in BT/Virgin would get slapped. Sadly, I was wrong.
I'm not with Virgin any more. When you need to take measures to fight your own ISP, the solution is staring you in the face. Get a new ISP.
I think the ISPs are *relying* on the phorm complainers to jump ship.
First, to make it clear, I hate Phorm and think it must die.
However, I'm sure that the ISPs probably believe there is a significant overlap between the group of people liable to be deeply upset by Phorms actions and the group of people who use the most bandwidth on their networks (ie the less profitable customers). Not only will Phorm make a profit for them, it'll shift people who they don't want off their network.
Doesn't make it right though. I hope legislation will kill this thing off permanently.
The medicine worse than the disease ?
1. I trust software like this less than I do phorm.
2. It would require widespread adoption to affect phorm's income
3. Unnessecary costs to web hosts - waste of bandwidth
4. Risk of surfing to inaprropriate websites.
5. phorm could easily counteract this "ignore websites only visited once"
I would prefer a method where a database was built containing phorm cookies. Then a clientside app randomly changes your cookie for one contained in the database.
@ dephormation.org.uk / Pete
Phuk!! And Double Phuk!
Does anyone know how to keep @ISP addresses live when changing over? It's law that telecom providers (land-line and mobile) allow porting of numbers, but I am uncertain of the situation with ISPs. I am pretty sure that it's impossible, but hope to be proven wrong by some kind Reg reader!
On the borderline of adware?
Phorm is most definitely adware and a particularly nasty, cunning, stealthy variant it is. What it's on the borderline of is spyware, but Intra-ISP Spyware (I2Spy) sums it up nicely.
As for AntiPhormLite requiring DX9, why, you have the source (http://www.antiphorm.com/page_software.htm) so go and have a butchers. It's probably just because it's coded in some odd IDE that links world+dog to your simple code. It's also possible that instead of using sockets it's using the DirectPlay API for network access. Use the source, Luke.
I wrote to my MP about this.
I got a reply... The very nice lady is signing the EDM in parliament and writing to both the secretary of state for trade and business as well as writing to the Ofcom chap for updates on the shenanigans.
So that is some faith restored in my otherwise anti parliment (They don't care about us) stance.
I am still hoping BT wake up and smell the doo doo, or get slapped big style by a guy in a wig that gets called "Me Lord". So that steps like this don't need to be used.
Non-BT Copper ISP
PlusNet aren't involved in the Phorm thing, last I heard. I assumed they would be, so as they're my ISP I sent a few emails and got an assurance that PlusNet ADSL customers are in the clear.
They are shite though.
@ Geoff Mackenzie
PlusNet were bought by BT in January 2007.
White noise is the key to counter intelligence
Has always been. I believe any people worried by facebook should take some of their time to create fake profiles also.
As for the "change ISP" brigade, yeah, easy when in Central London, not when you're in a less populated place with only 2 ISPs available on your POP.
If/when they agree on Phorm, you're screwed and only can counter by white noise, until they realise how much it costs them and stop logging.
Sad but unavoidable to counter Phorm's business case.
Whilst I don't know who your MP is (nor do I need to), I couldn't help remembering the old "joke"...
How do you tell when a Politician is lying?
Their lips move.
Only now, of course, they can do it over the 'Net too. Not saying yours is, but I'm just a little cynical when the NuLab Thought Police are pushing through so much anti-free thought legislation and nobody seems to be prepared to stand up nd say 'No' in case someone says "So you support [insert bad behaviour here] then"...
Don't worry, be happy. The State is your friend. And we can think for you. That dim glow in the corner? Oh, just your personal freedoms disappearing into the dim and distant past.
How about a good old fashioned grassroots FUD campaign? Viral videos (I've got a cat and he's willing to volunteer), making the whole Web 2.0 thing useful for a change and other such things. Using their marketing description it would sound like something not worth bothering about to most users; use a more accurate description and it sounds pretty evil. It is evil.
I'm not really interested in putting this sort of software on my computer. Maybe when a more professional version comes along, but not this. Dark Basic? Really?
@Non-BT Copper ISP
Maybe I should have phrased it a bit better.
by Non-BT Copper ISP I meant any alternative ISP to VM which does not require the use of the BT owned copper (phone lines, exchanges &etc).
My situation is that as I'm so far out from the exchange and my line is in such a state that ADSL from any ISP using the BT infrastructure isn't a viable or credible alternative to VM in terms of bandwidth and/or cost.
It seems, from other comments, I'm not the only one in this position.
@Richard Cain re. new ISP
As far as I know, IP addresses are allocated en-bloc to ISPs, so you can't transfer an IP address if you move ISP. Also, the IP address 'belongs to' the ISP as is usually stated in their Terms and Conditions.
If you need a fixed internet Identity so that you and your friends/family can access your private webserver or whatever you're running, then go to dyndns.org who will give you up to five free 'dyndns-name' to IP address mappings, for personal use only. I use them for my personal webserver and it works fine.
You can map these indentities to any IP address you like (yours obviously) and you can also set up flexible web redirects and mail server configurations. They let you change the IP mapping every month so that should take care of any ISP hopping you want to do.
For more than five 'identities' and for more flexibility and features, you can have a paid account (not expensive) that lifts the limits of the free allocations.
For those of you outraged and offended by Phorm, save some of your energy for Comscore.
Comscore is a far more intrusive program than Phorm and DOES harvest all your personal information including, for instance, online banking transactions (passwords anyone?), and save it, and use it, and use 'forensic' tactics to fill in the gaps, and reconcile its ill gotten information with other sources, and disseminate it, and does not anonomise it, and can presumably pass it on to God knows who and where.
Bad though Phorm is, Comscore is so very much worse and, according The Register, IS happening to suckers who, for example, download a free screensaver but don't read the 54 pages of terms and conditions and thereby do actually opt in without realising what it is they've done.
PLEASE go here and read about it to see how vile Comscore is.
and then start to raise hell about it.
I've said it before
As soon as they sign, all my traffic is being routed over an encrypted VPN tunnel to Amsterdam (where i have a server). Anyone wanting to jump on board is more than welcome.
I asked o2, my ISP, about Phorm. They were very quick and polite to assure me that the don't and won't use Phorm. O2 have been good to me - I recommend them.
Penguin - Because it's silly and it's Friday and why not?