Re: PHORM & BT
“The other problem is that with browsers being asked to re-submit the page request as the first is intercepted for profiling.”
Packet sniffing will be sufficient for that; no need to cause a re-request. At least, not a repeat HTTP request.
I find it reasonable (for Phish's purposes, which I don't find reasonable) if the propagation of the intercepted packets from the web server is delayed "a little" to allow for analysis of the page content. (That might cause re-requests, i.e. sending of duplicate packets, something which is normal in TCP/IP communication in the absence of a sufficiently timely response.)
Think of the eyes in the icon as those of Big Brother Pharm. Privacy is exposure.