quote:

---

"The Guardian has pulled out of its targeted advertising deal with Phorm, following a public outcry over plans for the UK's three largest ISPs to report the browsing habits of their customers in exchange for a cut of revenues...

---

We are designing high-performance algorithms and developing reliable, fault-tolerant and scalable real-time systems that can handle massive volume of data for in-depth analysis of user behavior to enable targeted advertising.

Essential Job Functions
- Develop high-performance algorithms for precision targeting
- Research and investigate academic and industrial data mining, machine learning and modeling techniques to apply to our specific business case

Requirements
- Ph.D. in computer science or related
- 3+ years industry experience in data mining and machine learning.
- Internet advertisement technology and distributed computing related experience highly desirable.

quote:

---

Where are the indignant people who object strenuously when a website sets a tracking cookie? Where is the outrage that was caused by the Sony rootkit or Windows validation? And the list goes on.

---

quote:

---

What I do care about is that my information is shared with a third party for profit without my knowledge which has already happened.

---

quote:

---

If it passed, computer users could request that companies like Google, Yahoo, AOL and Microsoft, which routinely keep track of searches and surfing conducted on their own properties, not follow them around. Users would also have to give explicit permission before these companies could link the anonymous searching and surfing data from around the Web to information like their name, address or phone number.

Because there is no federal legislation on these subjects, Mr. Brodsky’s bill — and, to a lesser extent, the one in Connecticut — could set interesting precedents.

---

said by Just Basics :

The opt-out given by Phorm really isn't an opt-out at all - it stops the targeting advertising, but all your requests are still going through their servers, you no longer have a direct internet connection, and they still get to profile you.

quote:

---

After reading about how Internet companies like Google, Microsoft and Yahoo collect information about people online and use it for targeted advertising, one New York assemblyman said there ought to be a law.

So he drafted a bill, now gathering support in Albany, that would make it a crime — punishable by a fine to be determined — for certain Web companies to use personal information about consumers for advertising without their consent.

And because it would be extraordinarily difficult for the companies that collect such data to adhere to stricter rules for people in New York alone, these companies would probably have to adjust their rules everywhere, effectively turning the New York legislation into national law.

“Should these companies be able to sell or use what’s essentially private data without permission? The easy answer is absolutely not,” said the assemblyman who sponsored the bill, Richard L. Brodsky, a Democrat who has represented part of Westchester County since 1982.

Mr. Brodsky is not the only lawmaker with this idea. In Connecticut, the General Law Committee of the state assembly has introduced a bill that focuses on data collection rules for ad networks, the companies that serve ads on sites they do not own.

The New York bill, still a work in progress, is shaping up as much broader. Although it is likely to see some tinkering before it comes to a vote — which Mr. Brodsky hopes will happen this spring — it aims to force Web sites to give consumers obvious ways to opt out of advertising based on their browsing history and Web actions.

If it passed, computer users could request that companies like Google, Yahoo, AOL and Microsoft, which routinely keep track of searches and surfing conducted on their own properties, not follow them around. Users would also have to give explicit permission before these companies could link the anonymous searching and surfing data from around the Web to information like their name, address or phone number.

Because there is no federal legislation on these subjects, Mr. Brodsky’s bill — and, to a lesser extent, the one in Connecticut — could set interesting precedents.

In recent weeks, Microsoft and Yahoo have sent lobbyists to meet with Mr. Brodsky, and AOL, a unit of Time Warner, is planning a meeting. Unlike most Web companies, Microsoft favors legislation about online privacy and advertising practices and has lobbied federal lawmakers to establish regulations, said Michael Hintze, associate general counsel for Microsoft.

Microsoft asked Mr. Brodsky to broaden his bill to include all sorts of companies that serve ads around the Web, not just those that show ads based on users’ behavior. Such a change would create a bill that more clearly includes Microsoft’s chief competitor, Google.

Mr. Brodsky says he has asked the Web companies point-blank if they would support legislation similar to what he has proposed. Microsoft gave him a firm “yes,” but Yahoo, he said, seemed to be opposed to any sort of regulation. Yahoo declined to comment on its meeting with Mr. Brodsky.

---

quote:

---

Big companies like AOL, Microsoft and Yahoo, and smaller ones like Revenue Science, are gathering various crumbs about online behavior to use in their advertising systems. They are limited to gathering data from their own sites and their networks of affiliates.

Eventually, cellphone companies will start to face the same choice. If there is a G.P.S. unit in your phone, it will be able to keep track of what stores you visit, among many other things.

All these partial schemes may well be rendered as useless as a blindfolded spy by some new companies that want to tap into the records of Internet service providers. Their objective: following every single click users make. That way, in theory, they have the best ability to find ads that can indulge each users passion of the moment. Among the companies trying to build out this sort of system are Phorm, NebuAd, FrontPorch.

---

quote:

---

My ISP was using the Coretel network and the transparent proxy from adzilla - here is a link to a rant about their services:

»www.sendcoffee.com/minorsage/adzilla.html

A way to detect any page changes made by your ISP:

»vancouver.cs.washington.edu/#results

---

quote:

---

He was wondering if he was ranting too much LOL.

---

quote:

---

This article "Some notes from the Phorm sales pitch" is excellent and highly revealing!

---

quote:

---

BT has admitted that it secretly used customer data to test Phorm's advertising targeting technology last summer, and that it covered it up when customers and The Register raised questions over the suspicious redirects.

The national telecoms provider now faces legal action from customers who are angry their web traffic was compromised.

---

quote:

---

The Foundation for Information Policy Research (Fipr) has issued an open letter to the Information Commissioner Richard Thomas, claiming that Phorm’s ad serving technology is illegal in the UK.

According to Nicholas Bohm, general counsel at Fipr, both parties must consent to interception in order for it to be lawful, according to the Regulation of Investigatory Powers Act.

He says that Phorm’s system is like the Post Office opening letters to see what the recipient is interested in, and then targeting them with relevant junk mail.

---

quote:

---

Hi all,

I've been seeing lots of hits from Russia on Dephormation.org.uk from
IP
address 78.110.48.130. Badphorm.org.uk is getting the same.

---

quote:

---

Security firms are split about whether they will classify Phorm's targeting cookies as adware.

Kaspersky Lab, whose anti-virus engine is licensed to many other security vendors, said it would detect the cookie as adware. However, AVG, developer of the most widely used free of charge anti-virus scanner, said it would not detect Phorm's cookie even though the Czech firm's CTO Karel Obluk describes the technology as "borderline".

As previously reported, Trend Micro said there was a "very high chance" that it would add detection for the tracking cookies as adware. PC Tools echoed Trend's concerns about privacy and security, urging Phorm to apply an opt-in approach.

Specialist anti-spyware firm Sunbelt Software also expressed concerns, saying Phorm's tracking cookies were candidates for detection by its anti-spyware software.

Webroot, another prominent anti-spyware firm, reported difficulties at getting samples of Phorm's tracking cookies for evaluation purposes.

We polled a number of security firms on their attitudes to Phorm. We are waiting for responses from Symantec and McAfee, the two largest anti-malware vendors, as well as Check Point, which markets the popular Zone Alarm personal firewall.

---

said by ilago :

DePhormication - I'm not seeing how anything you do with your browser at your machine can stop your data being handled by the Phorm hardware in your ISPs hardware.

said by Dephormation :

---

With each page you view in your browser, a Phorm 'opt out' cookie is set automatically, and the Phorm UID cookie is randomised. Even if you delete all your cookies regularly.

The Dephormation Add On ensures that your decision to opt out of Phorm profiling cannot be undone.

Optionally, the Add On can also alert you to sites using Phorm/Webwise/OIX profile based advertising.

---

said by The Register :

---

In a fresh blow to its hopes of winning consumer acceptance, a top three anti-malware firm has said it will very likely include Phorm's targeting cookies in its adware warning database.

Trend Micro told The Register: "The nature of Phorm's monitoring of all user web activity is certainly of some concern, and there is a very high chance that Trend Micro would add detection for the tracking cookies as adware in order to protect customers.

"Obviously, as with other adware/spyware Trend Micro would need to constantly monitor things like... how aware users are that they are being tracked and whether the user has the ability to completely opt out of the service."

If Trend adds detection for Phorm then millions of home computers running a scan using its protection software would get a warning that their ISPs have dropped either a Phorm opt-in or an opt-out cookie onto their systems.

PC Tools, another large anti-malware firm, based in Australia, echoed Trend Micro's concerns for its customers' privacy and security. It said in a statement:

If our research confirms that Phorm places an opt-out cookie on the desktop PC, we will evaluate if it safe to remove it without re-opting the customer back into the Phorm tracking mechanisms.

If the cookie cannot simply be removed but we can find a reliable method to detect the Phorm service, and the Phorm service was evaluated and identified using our threat matrix, we will then endeavour to alert our customers of its existence.

Naturally we encourage all companies involved in handling, monitoring or storing personal information, such as web-surfing behaviour, to prominently disclose whether there is information being supplied or used by a third-party. Ideally any service with privacy implications should require users to consciously opt-in after they know all the facts.

PC Tools is a significant player in consumer desktop security because its Spyware Doctor software is bundled with the Google Pack. We are waiting for responses from Symantec and McAfee, the two largest anti-malware vendors.

---

said by Grimy :

It's not just Phorm.

»Wide Open West Using NebuAD

quote:

---

NebuAd installs equipment inside the facilities of Internet service providers (ISPs), which see everything their customers do online. NebuAd's boxes examine many of the sites people visit, what they do there and what they hunt for on search engines.

The company won't say how many carriers or advertisers it works with, though CEO Bob Dykes said Internet providers representing millions of customers run NebuAd's system to let it gather information. In return, they get a share of the revenue from advertising NebuAd places.

The only ISP known to be working with NebuAd is Monroe, La.-based CenturyTel Inc., which has 530,000 broadband subscribers scattered throughout the country. NebuAd says some of the largest ISPs are at least testing the service.

Aspects of NebuAd's technique are already in play. For example, besides cookies, many online retailers deploy "clickstream analysis" tools that monitor what customers do on a given site — what they browse, what they read, which items they put in their shopping carts but fail to buy.

---

quote:

---

Don't let Phorm/Webwise force you to opt in by default.

Download the Dephormation v1.2 Firefox Add On [visit site].

Why you should be concerned about Kent Ertugrul and Phorm

The Dephormation Add On ensures that your decision to opt out of Phorm profiling cannot be undone.

Optionally, the Add On can also alert you to sites using Phorm/Webwise/OIX profile based advertising.

With each page you view in your browser, a Phorm 'opt out' cookie is set automatically, and the Phorm UID cookie is randomised. Even if you delete all your cookies regularly.

But Dephormation is not a solution. Its a fig leaf for your privacy.

Phorm's webwise product presents so many security/privacy risks it should never be implemented.

Note that Dephormation cannot protect applications like iTunes, Google Earth, other browers such as Lynx and Internet Explorer, instant messaging applications, remote desktop tools, RSS/ATOM feed readers, or external images embedded in HTML email.

www.badphorm.co.uk
www.politicalpenguin.org.uk
Petition to the UK Prime Minister
www.StopPhorm.bebo.com

Complain to your ISP. Your MP.
And the Information Commissioner.
Stop Phorm. Protect your right to privacy.

---

quote:

---

Campaign body the Open Rights Group (ORG) has called for further detail on the workings of ad system Phorm.

BT, Virgin and Talk Talk have signed up to trial the system, which intercepts users' web surfing to analyse habits.

In a statement ORG said: "Question marks are beginning to appear over Phorm's compliance with the law.

"Can ISPs' employment of Phorm comply with the Data Protection Act? Is intercepting traffic in this manner an offence under section 1 of Ripa (the Regulation of Investigatory Powers Act)?"

There is concern that the interception of users web surfing data may contravene Ripa, which makes the interception of any transmission across a public telecommunication system illegal without the explicit consent of users.

---

quote:

---

BT, Virgin Media, and Carphone Warehouse have agreed to feed data on their subscribers' web activities to Phorm. Data will be fed into the Open Internet Exchange, Phorm's advertising network, where advertisers will pay to target interest groups. Frequent visits to the BBC's Top Gear site might result in being served up more car ads, for example.

---

quote:

---

TalkTalk, BT and Virgin Media, the three biggest broadband providers in the country with more than nine million customers, last week announced a deal with Ertugrul's Aim-listed Phorm that will put 'targeted advertising' in front of millions of internet users.

---

quote:

---

For years now, ISPs have been searching for alternative revenue streams to avoid just being "dumb pipes." A few years ago, they picked up on the fact that they have a tremendous amount of data about what you (yes, you!) do online. A bunch of ISPs then started selling your clickstream data to companies that could do something useful with it (though, those ISPs probably neglected to tell you they were doing this). Late last year, we heard about a company that was trying to work with ISPs to make use of that data themselves to insert their own ads based on your surfing history -- and now we've got the first report of some big ISPs moving into this realm. Over in the UK three big ISPs, BT, Carphone Warehouse and Virgin Media have announced plans to use your clickstream data to insert relevant ads as you surf through a new startup called Phorm.

---

quote:

---

...Due to concerns over the practices of some of its distribution partners, ContextPlus has determined that it is no longer able to ensure the highest standards of quality and customer care and therefore is discontinuing further distribution of its software....

...Not surprisingly, the company is blaming its affiliates — sounds familiar, yes? According to this article, several high-level investigations are underway. ContextPlus also is responsible for PeopleOnPage...

---

quote:

---

For users who don't opt out, the way the system works is much more clear (see "Active mode" slide). Hit a link in your browser and the HTTP request will be intercepted by the ACE and rerouted to Phorm's Anonymiser. Having hijacked the request, the Anonymiser can then set a tracking cookie, which it keeps hold of.

Without a response, the browser resubmits its request for the web page you want to visit. It is again rerouted to Phorm, but only as far as the F5 hardware, which bounces it on to the website you originally wanted, but also sends a copy of the request to Phorm's profiler kit.

The website reruns the content you want, which is again intercepted by the ACE. A copy of the page contents is sent to the Profiler, this time with the cookie in tow. If the publisher of the page is a member of the OIX, keywords in the page can be used to target ads. Finally the page is served up on your screen, and if everything is worked correctly, the browser and the user should be none the

As the process iterates the cookie will sit there, gradually building up a profile of your interests as you browse. It doesn't matter if most of the websites you visit aren't members of the OIX - their content will go towards targeting adverts on those that are.

---