* Posts by poh

9 posts • joined 25 Feb 2008

You'll hate Google's experimental Chrome UI, but so will phishers

poh

If this change ever does get taken up, perhaps it will finally encourage phishers to make better use of homograph attacks.

4
0

Voice analysis trial gives wobbly results

poh

The technology is extremely doubtful

Anyone interested in the technology behind the DWP's lie detector technology should see the paper by Eriksson and Lacerda

http://www.scribd.com/doc/9673590/Eriksson-Lacerda-2007

It would be interesting to see if a voice analysis package which undertook the much simpler task of estimating age and sex would be sufficient to get the results claimed for the DWP trials.

0
0

BT and Phorm secretly tracked 18,000 customers in 2006

poh

members of the labour party

> Does anyone know if any senior members of the Labour Party sit on BTs board?

Patricia Hewitt.

And slimeware supremo Ben Verwaayen was knighted yesterday at Lancaster House (unless this was an April fool).

http://www.publictechnology.net/modules.php?op=modload&name=News&file=article&sid=14985

0
0

AJAX patent threat to giants under the hammer

poh

Filed in 1999

Could be wrong here, but I'm pretty sure that XMLHTTPRequest was in IE 5.0, which came out in March 1999 and was presumably in wide Beta before the Jan 7th filing of the patent claim.

eg http://www.codinghorror.com/blog/archives/000606.html

I wonder what they're claiming beyond the functionality XMLHTTPRequest provided.

0
0

Top security firm: Phorm is adware

poh

Detect users coming in via Phorm

Just a quick question. Does anybody know how I as a web host can detect if one of my users is coming in from via a Phorm wire-tap? Will there be odd IP ranges to look out for (perhaps not, seeing as the Phorm wire-taps are within the ISP)? Given that Phorm seem to have some mechanism for injecting a cookie into my domain, does this mean I can find it with Javascript?

0
0

ISP data deal with former 'spyware' boss triggers privacy fears

poh

To Simon Davies

Do you accept that interception at the ISP, where the Phorm servers get to read your entire HTTP traffic, is inherently vastly more dangerous than the systems used by Doubleclick/Google etc?

Did you perform a forensic analysis of the the source code of the applications being used by Phorm for scanning and discarding personal data? If not, what exactly is it that you verified?

0
0
poh

re: It's not just URL's

That's right. Though GET queries appended to URL's can be pretty revealing in themselves. Phorm claim that they will be stripping out number sequences of more than three digits (which incidentally or otherwise means they get postcodes), but the fact that they are stripping these out means that at some stage they have the whole content.

0
0

The Phorm files

poh

@ pieman

The Phorm ads will only appear on OIX/Phorm signed up sites. If you're advertising on a site which isn't signed up with OIX/Phorm then your ads should be unaffected.

If your ads are on an OIX signed up site, I guess it's up to you to do a deal with Phorm or the site owner as to the exposure you want.

0
0
poh

Relevance is a danger in itself

Even taking Phorm at it's word, relevant ads based on your whole browsing history are pretty scary. Say I visit the Consumer Credit Counselling Service URL, a few minutes later I'm at a phorm fed site and up pops an ad for Ocean Finance.

0
0

Forums