back to article Wikimedia becomes latest to ban Phorm

The Wikimedia Foundation has asked Phorm to exclude all its domains and websites - including Wikipedia - from Phorm's BT trials, because it considers such scanning to be an infringement of its users' privacy. Phorm's automated reply said it was likely the ban would go into effect within 48 hours. Earlier this week Amazon took …

COMMENTS

This topic is closed for new posts.
Thumb Up

For once...

...they've done something reasonable - big hand for the Wikians

0
0
Thumb Up

I bet ...

... the phorm bots just loved that e-mail when they opened their inbox this morning.

Well done wiki. Come on Facebook.

0
0
Happy

One Question...

...has The Reg?

0
0
Anonymous Coward

Banned

[hahahahahha]

0
0
Go

Good idea...?

Isn't this our anti-phorm answer? Don't we just encourage EVERYBODY to have their domains excluded? We can start petitions with leading sites (starting with the tech ones like ElReg and then move to the traffic monsters like BBC, etc) to convince them to apply to be excluded from Phorm to the point that their service has such low coverage that it becomes pointless?

I've looked around the Phorm website to exclude my own sites and can't see an obvious "exclude my website from your illegal service" option. Where's the link?

0
0
Thumb Up

BBC

It would be good if the BBC and other news and media organisations could also do the same. Organisations such as yourself for example.. HINT HINT!

0
0
Thumb Up

What a great week it's been!

That is all.

0
0
Happy

Phuck Of Phorm

that is all

0
0
MJI
Silver badge
Thumb Up

Brilliant!

So who will be next?

I hope TheRegister has opted out?

0
0

Give us a link then!

I'm sure some of the webmasters on here would like to get their sites taken off Phorm's scan list. How do we do it?

0
0
3x2

Validation

While large organisations rejecting Phorm is always a good thing I still don't see why that organisation should have to register with a scumware vendor in order to avoid being wire-tapped.

Registering your OPT OUT simply validates an illegal scheme. Can I opt out of being burgled?

0
0
Thumb Up

Et tu, brute?

And how about El Reg?

It only costs an email...

0
0
Boffin

So how do we...

Submit our URLs to be excluded. If everyone submits their favorite domain via an automated system then very quickly it will become unmanagable... and once it is discovered Phorm ignore the request, then the time in courts will come.

Of course it goes without saying that all El-Reg domains will be excluded. Perhaps someone should register the 'freefromphorm.net' and 'freefromphorm.com' addresses - and offer services like webmail and proxy browser sessions.

0
0
Anonymous Coward

I despair

The ORG are complete simpletons, wiki and Amazon along with them. All they are doing is legitimising phorm and the unreasonable steps they are requiring to opt out.

It wont be possible to verify that their pages are not being scanned, their content will still pass through phorm's boxes in any case and their cookies will still be tampered with/their domains spoofed or the system would not work at all.

Do they REALLY trust the word of Kent and his bunch of spyware vendors? Cos I sure don't.

0
0
Alert

localhost?

Has The Register aka Situation Publishing ban Phorm?

If not that bad Phorm!

0
0
Thumb Up

What about...

...if someone were to, say, over a period of time (say one message per second, until finished), send one email to them, for every domain name registered on the internet? That would give them some work to think about, huh? ;)

(and because they are dodgy types, you wouldn't trust them with your *real* email address or details, only a made-up one (unique per email?), sent from a spoofed IP address via an open relay (purely, to protect yourself from them, of course... ;) ))

Just a thought.

0
0
Stop

One little niggle:

We have the same issue here as people opting out have: We still have to take their word for it that our traffic goes nowhere near their insidious L7 inspection boxes. Make no mistake, this is what we want, a verifiable opt-out which means our traffic goes nowhere near that cesspool of privacy fail. We (and the Phorm-stricken punters) just aren't getting what we want.

And what's this "request" bollocks? DEMAND, not request. I ORDER you shits, with whom I have no contractual relationship whatsoever and an expectation of privacy with regards to my personal communications, not to route MY traffic anywhere NEAR your layer 7 spyware crap. That, and ONLY that is good enough.

0
0

All mine are out, have been a while

Email: website-exclusion@phorm.com

Giving a list of all your domains and stating that they are to be excluded from the phorm system and scan.

You'll get an auto response giving the 48 hour line, in my case back in November it took them 5 days to respond to say that they had been excluded.

Interestingly it said in the auto response it said.

'If there are no obvious grounds to doubt the legitimacy of the request the URL will be blocked as soon as possible, usually within 48 hours'

Yet all my domains are set to private so no information proving that they belonged to me would show on a whois.

0
0
Thumb Up

@Greg

Website owners may implement any of the following methods:

1. HTTPS: No HTTPS traffic passes through the system or is profiled

2. Standard HTTP password-protection : Pages protected using standard HTTP password protection, as defined by RFC 1945, will not be profiled

3. robots.txt: The Webwise system will observe the rules that a website sets for major search engines using the robots.txt method. If the website's robots.txt file is set such that "*" (any robot) is not permitted to crawl it, then Webwise will not profile its pages.

Alternatively, you may request specifically that your website is not scanned by Webwise. To request that your website not be scanned by Webwise, please email:

website-exclusion{at}webwise.com.

0
0
Dead Vulture

enough with the wikipedia bashing

especially when there's no indication that YOU have done the same yet...

0
0

Its Easy

Lets just get .com and .co.uk excluded

0
0
Thumb Down

Isn't this what robot.txt files are for?

They obviously know what would happen if they made it that easy!

0
0

RE: I despair

I agree - ignore their opt-out process, otherwise you are legitimising it.

Just stick legal notices on your websites to exclude such interception/profiling and then there is no doubt whatsoever that it's illegal. At present they can carry on pretending it's legal, if you xclude it in your usage terms then there's no doubt that it isn't.

0
0
Silver badge
Paris Hilton

Don't opt out!

Send them a legal letter telling them you'll sue. Don't legitimise their activity by following an opt-out policy.

Icon: PHorms legal advisor.

0
0
Happy

Words fail me......

....so I'll leave it to my old friend, the Laughing Dog.

Take it away.....

ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!

ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!

ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!

ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!

ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!ARF!

0
0
Stop

A title is required

Details for stopping Phorm can be found here:

http://www2.bt.com/static/i/btretail/webwise/help.html#how-do-i-prevent-webwise-from-scanning-my-site

I think the bit about using robots.txt is interesting. They are essentially saying, "If we can't spider, then nor can anybody else."

0
0
Anonymous Coward

@AC - "I despair"

The problem is that we have no way delegitimising Phorm because of the way the authorities have reacted ("la la, I'm not listening, la la")

So the only way we have of "fighting back" is to make it that the major information sites that people go to are not scraped by phorm and so their user profiling and thus advert delivery system just doesn't give that targeted advert response. If the targeting doesn't work then the advertisers will walk away and the money will dry up.

Of course I don't trust Kent and his slimy cronies and lets face it having Lamont on their board really says it all about the sort of unpleasant people they are.

0
0

@Benny

"Website owners may implement any of the following methods:"

They may also implement the following method:

Place a notice on their website explicitly forbidding the interception of data from the site for advertising purposes. Then you're covered for any snooping outfit, not just Phorm.

Why should website owners have to opt out, any more than ISP customers? If Phorm's business model works, there'll be dozens of these parasites to deal with.

In any case, didn't early opt-outers find that a Phorm spider promptly catalogued their site as part of the opt-out process? Phorm will still be using data from your site to deliver advertising on behalf of your competitors, it'll just be out of date data.

0
0

Phorm opt out

Anyone any suggestions on a good mail to Phorm for site owners such that it is clear you do not consent to their interception without implicitly legitimising their activity?

Thanks.

0
0
Happy

Surely

If Google and Microsoft opt out Phorm will be nerfed. My homepage is Google, as are many of my customers and or MSN. If Phorm isn't opted out of a customers PC, just by profiling their home pages they'll be breaking the agreement, and whilst Phorm/BT may have British politicians in their pockets, they will be crushed by Google and MS. Hopefully.

The news just gets better and better. Smiley for hope.

0
0

What to send Phorm

For an example of the sort of stuff you need to send to Phorm to get your domain excluded, see the exact transcript of the conversation I had with them about getting my own domains here:

https://secure.grepular.com/blog/index.php/2009/03/28/phorm-webwise/

0
0

Blocking only sorts part of the problem

From what I know about Phorm, a lot of the problems are caused by it reading where you're going and logging that data, so even without scanning web sites it's going to be able to figure a lot about you. Just URL alone will help for keywords (like Google does).

As for blocking the webwise system, what'd be useful is to know the IP ranges of the bots esp as their robots.txt knowledge seems to be essentially zilch, ie: not offering a user agent. Wonder what user agent they're going to use, eg: fake it?

As a sidenote -,interesting to see they're trying to sell this as an anti-phishing system as well as advertising tracking. Can't imagine how that'll work, and there are so many better systems out there that we don't need another faked one. Oh well - hopefully they'll get closed down by the EU.

0
0
Anonymous Coward

@ GREG

3. robots.txt: The Webwise system will observe the rules that a website sets for major search engines using the robots.txt method. If the website's robots.txt file is set such that "*" (any robot) is not permitted to crawl it, then Webwise will not profile its pages.

nice try, what you mean is if we block google as well you wont spider us.

0
0
Thumb Up

Good.

That is a big loss of a potential data source to phorm, sure it makes them a LOT less appealing to advertisers.

0
0
Thumb Up

Web Designer Power!

I have just sent removal requests and advised all of my customers to do the same. After checking, I've managed to get 50....yes FIVE OH, removal requests sent.

I'm doing my part....are you?

0
0

@ Pete Foster

' Details for stopping Phorm can be found here:

http://www2.bt.com/static/i/btretail/webwise/help.html#how-do-i-prevent-webwise-from-scanning-my-site

I think the bit about using robots.txt is interesting. They are essentially saying, "If we can't spider, then nor can anybody else." '

Indeed! Little shits! I WANT Googlebot to index my sites = I DON'T WANT Phorm profiling my sites!

0
0
Gold badge
Thumb Up

To anyone with a commercial website

Phorm is gunning for you. Either they want to grab your visitors data (all of your visitors keystrokes as well as the pages they are visiting) or pressure you into advertising with them otherwise "You'll be left out."

Go to HTTPS pages now. With up to date procedures your customers won't notice. If you do a site layout change and introduce new products after the change which a Phorm sign up targets that would suggest they have scraped your site anyway. Class action suit time.

As a shopper I want choice and the ability to do comparison shopping. I want a site which loads fast. I don't want some re-branded malware company snooping my data (which if I buy will include my bank or credit account details) which will be passed on to who-knows-who and sent to who-knows-where.

I am not Phorm's customer. You are. Unless you tell them to get lost.

Thumbs up as i welcome Wikpedia's ban.

0
0
Thumb Down

Something they apparently haven't thought of...

When they are trying to sell this service to advertisers they obviously need to convince them that the targetting is accurate. However the traffic they see will only be identified by the source IP which will be the address of the firewall between the private network and the interenet. So at my house there will be three completelty different people with differing interests. If they hit my wife with adverts for cycling gear it will be wasted, or how about me with Thomas the Tank engine, or my son with card making stuff? That probably means that two thirds of their targetted ads will hit the wrong target. And if that wasn't bad enough how about those browsing from a corporate network? How long before potential advertisers figure out that their "targetted" advertising is more scattergun advertising?

The there's the whole issue of all commercial sites who don't advertise with Phorm opting out, which of course they will because they don't want Phorm hitting their clients with adverts for the competition.

Have they got anything that is, or could be, patented? If not and their service gets the legal green light then no doubt the big boys (OK, google) will step in and undercut them and they'll be out of business in no time.

The more you look at this the more you realise their business model is flawed at all levels.

0
0
Pirate

How about

Someone draws some packet sniffer data, so it becomes possible to signature these assholes and fence them off completely.

They'll get bored pretty quickly if they have to keep avoiding blacklists every day.

0
0
Bronze badge

El Reg

I know I'm not the first to ask, but can we please have an official statement from El Reg?

0
0
Sal

robots

I have sent an email to Google highlighting my concerns about Phorm/webwise abusing the robots.txt system which Google not only respects, but also depends on for quality search results.

Perhaps everyone should do the same?

Along with the other more obvious concerns, it may go some way in encouraging the Google folk to make a stand.

0
0
This topic is closed for new posts.

Forums