* Posts by John Dohrr

1 post • joined 7 Mar 2008

Phorm launches data pimping fight back

John Dohrr
Flame

Time to make SSL the standard rather than the exception

A gem from the audit by Ernst & Young:

"If a user deletes their opt-out cookie, then the co-opt status, which is contained in the cookie, is lost, and the user will be opted-back into the Phorm Service."

WHAT!?

Let me get this straight: I'm subscribed by default *unless* I keep a specific cookie in my web-browser?

And how is it, pray tell, that my browser will know to include said cookie with *every* outgoing URL request, unless it's completely domain-unrestriced. In which case said cookie can be used to track me by all and sundry across the internet?

I see nothing about Phorm stripping this cookie out from my traffic as it leaves the ISP.

(Ironically, Phorm state that they use a cookie as part of the opt-out process, so my opt-out'ness can follow me around the countryside: "to ensure that such opt-out is effective no matter where the user should take his or her computer and is in other ways more protective of a user's identity". Gasp splutter on that last bit).

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019