Reader mccalli writes: Phorm, a controversial UK deep-packet inspection/ad-injection company discussed on Slashdot many times before, has ceased trading today. Phorm was controversial for, among other things, editing and approving UK government advice on privacy, offering hospitality to the police prior to a decision over prosecution, and being the subject of an EU investigation for its practices and close relationship with the then UK government. The Register has a more editorialized version of the news, but it is fair to say that Phorm will not be mourned by fans of internet privacy.
Chinese Internet Service Providers (ISPs) have been caught red-handed for injecting advertisements as well as malware through their network traffic. Three Israeli researchers uncovered that the major Chinese-based ISPs named China Telecom and China Unicom, two of Asia's largest network operators, have been engaged in an illegal practice of content injection in network traffic. Chinese ISPs had set up many proxy servers to pollute the client's network traffic not only with insignificant advertisements but also malware links, in some cases, inside the websites they visit. If an Internet user tries to access a domain that resides under these Chinese ISPs, the forged packet redirects the user's browser to parse the rogue network routes. As a result, the client's legitimate traffic will be redirected to malicious sites/ads, benefiting the ISPs.
siliconbits passes along this quote from a Wall Street Journal report: "'... two US companies, Kindsight Inc. and Phorm Inc., are pitching deep packet inspection services as a way for Internet service providers to claim a share of the lucrative online ad market. Kindsight and Phorm say they protect people's privacy with steps that include obtaining their consent. They also say they don't use the full power of the technology, and refrain from reading email and analyzing sensitive online activities. Use of deep packet inspection this way would nonetheless give advertisers the ability to show ads to people based on extremely detailed profiles of their Internet activity. To persuade Internet users to opt in to be profiled, Kindsight will offer a free security service, while Phorm promises to provide customized web content such as news articles tailored to users' interests. Both would share ad revenue with the ISPs. Kindsight says its technology is sensitive enough to detect whether a particular person is online for work, or for fun, and can target ads accordingly."
Shokaster writes "The Register reports that Virgin Media are to begin monitoring file sharing using a deep packet inspection system, CView, provided by Deltica, a BAE subsidiary. The trial will cover about 40% of customers, although those involved will not be informed. CView's deep packet inspection is the same technology that powered Phorm's advertising system. Initially Virgin Media's implementation will focus on music sharing and will inspect packets to determine whether the content is licensed or unlicensed, based on data provided by the record industry. Virgin Media emphasised that records will not be kept on individual customers and that data on the level of copyright infringement will be aggregated and anonymised."
Tom DBA notes a story up at The Register that begins "BT has abandoned plans to roll out Phorm's controversial web monitoring and profiling system across its broadband network, claiming it needs to concentrate resources on network upgrades... BT's announcement comes a day before MPs and peers of the All Party Parliamentary Communications Group are due to begin an investigation of Internet privacy. Their intervention follows the EU's move to sue the UK government over its alleged failure... properly [to] implement European privacy laws with respect to the trials, drawing further bad publicity to the venture." We've discussed Phorm many times in the past.
MJackson writes "UK cable operator Virgin Media has announced the first real-world customer pilots of up to 200Mbps broadband services using DOCSIS3 technology from Cisco, which could make it one of the fastest Internet Service Providers (ISPs) in the world. Following successful lab trials, the 6 month long pilot started last week in Ashford, Kent (England), and will ultimately employ 100 customers in the testing process. The pilot will, among other things, test future online consumer applications, including High Definition Internet TV (HD IPTV) and the ability to deliver applications and support for home IT needs through its network. By comparison J:Com in Japan supplies broadband at up to 160Mbps and Cablevision in the US supplies broadband at up to 101Mbps. Like Virgin Media, both companies use DOCSIS3 technology for broadband over cable networks."
Barence was one of several readers to send in word that the UK Home Office checked whether its interpretation of the law suited Phorm, before issuing advice on the legality of the controversial advertising service. The Home Office and Phorm entered a dialogue about the company's services back in August 2007, at Phorm's request. In an email sent to Phorm in January 2008, a Home Office official writes: 'I should be grateful if you would review the attached document, and let me know what you think.' After Phorm made deletions and amendments to the document, the Home Office sent another email to the company stating: 'If we agree this, and this becomes our position do you think your clients and their prospective partners will be comforted.' From the BBC: "Baroness Sue Miller, Liberal Democrat spokeswoman on Home Affairs, told BBC News: 'My jaw dropped when I saw the Freedom of Information exchanges. ... Anything the Home Office now says about Phorm is completely tainted.'"
ais523 writes "Wikipedia (and other websites run by Wikimedia) have requested to opt-out from Phorm; according to the email they sent, they 'consider the scanning and profiling of our visitors' behavior by a third party to be an infringement on their privacy.'" Another reader points to this post on techblog.wikimedia.org which includes a confirmation from Phorm that those sites will be excluded.
clickclickdrone writes "The BBC are reporting that Amazon has said it will not allow online advertising system Phorm to scan its web pages to produce targeted ads. For most people this is a welcome step, especially after the European Commission said it was starting legal action against the UK earlier this week over its data protection laws in relation to Phorm's technology. Anyone who values their privacy should applaud this move by Amazon."
MJackson writes "The European Commission has opened an infringement proceeding against the UK after a series of complaints by Internet users, and extensive communication with UK authorities, about the use of Phorm's behavioural advertising system, which uses Deep Packet Inspection (DPI) technology, by internet service providers. Phorm works with UK ISPs to monitor what websites you visit for use in targeted advertising campaigns, though its methods have raised more than a few fears about invasions of privacy. Similar services in the USA have caused an equal level of controversy."
Deep Packet Inspection, or DPI, is at the heart of the debate over Network Neutrality — this relatively new technology threatens to upset the balance of power among consumers, ISPs, and information suppliers. An anonymous reader notes that the Canadian Privacy Commissioner has published a Web site, for Canadians and others, to educate about DPI technology. Online are a number of essays from different interested parties, ranging from DPI company officers to Internet law specialists to security professionals. The articles are open for comments. Here is the CBC's report on the launch.
MJackson writes "The Open Rights Group (ORG) has issued a public letter to the Chief Privacy Officers (or the nearest equivalent) for seven of the world's largest website giants (including Microsoft and Google), asking them to boycott Phorm. The controversial Phorm system works with broadband ISPs to monitor what websites you visit for use in targeted advertising campaigns. Meanwhile, the Joseph Rowntree Reform Trust has issued a new report slamming the UK government's plans for a Communications Database. This would be designed to intercept and log every UK ISP user's e-mail headers, website accesses and telephone history. The report warns that the public are often, 'neither served nor protected by the increasingly complex and intrusive holdings of personal information invading every aspect of our lives.'"
Jack Spine writes "The inventor of the World Wide Web has pointed out some of the dangers of deep packet inspection. Sir Tim said that ISPs 'snooping' on data was similar to the interception of mail. 'This is very important to me, as what is at stake is the integrity of the internet as a communications medium,' Berners-Lee said on Wednesday. TBL's comments come as the UK government is gearing up to intercept all web communications in the UK through the Intercept Modernisation Programme, and echo comments he made last year about Phorm."
superglaze (ZDNet UK) writes "Google is gearing up to launch cookie-based 'interest-based' advertising, which involves monitoring the user's passage across various WebSense partner sites. The idea is to have better-targeted advertising, which is not a million miles away from what Phorm is trying to do — the difference, it seems at first glance, is that Google is being relatively up-front about its intentions."
phorm writes "While filtering for spam on email and other related mediums seems to be fairly productive, there is a growing issue with spam on forums, message-boards, blogs, and other such sites. In many cases, sites use prevention methods such as captchas or question-answer values to try and restrict input to human-only visitors. However, even with such safeguards — and especially with most forms of captcha being cracked fairly often these days — it seems that spammers are becoming an increasing nuisance in this regard. While searching for plugins or extensions to spamassassin etc I have had little luck finding anything not tied into the email framework. Google searches for PHP-based spam filtering tends to come up with mostly commercial and/or more email-related filters. Does anyone know of a good system for filtering spam in general messages? Preferably such a system would be FOSS, and something with a daemon component (accessible by port or socket) to offer quick response-times."
phorm writes "BBC is carrying an article which states that 90% of visitors to Europe's 'video game addiction clinic' are not, in fact, addicted. The problem is a social one rather than a psychological issue. In other words, the patients have turned to heavy gaming because they felt they didn't fit in elsewhere, or that they fit in better 'in the game' than elsewhere in 'the real world.' This has been discussed before, with arguments ranging from gaming being a good way to socialize, the clinical definition of gaming addiction, and claims than males are wired for video-game addiction."
An anonymous reader writes "The Register reports that BT, the UK's dominant telecom and internet service provider, has 'banned all future discussion of Phorm and its "WebWise" targeted advertising product on its customer forums, and deleted all past threads about the controversy dating back to February.' Phorm is a controversial opt-out system for delivering targeted advertising that intercepts traffic passing through an ISP in order to profile subscribers via an assigned unique ID based on their online activities. Subscribers can opt-out at the Webwise website but are opted-in again if the Phorm cookie is cleared. Firefox users can install Melvin Sage's Firephorm add-on to manage their interaction with Phorm and Webwise."
angelheaded tips a Wired story about the resignation of Bob Dykes, CEO of net eavesdropping firm NebuAd. NebuAd has encountered financial troubles lately as the privacy controversy surrounding the company's tracking methods has driven communications companies away. Over in the UK, Phorm responded to the NebuAd news by affirming that it is making progress with its advertising methods. From The Register: "In response to the outcry over our revealing its two secret trials, BT said in April it would re-engineer the planned deployment so traffic to and from customers who do not want their web use profiled for marketing purposes would not come into contact with the Phorm system. The original blueprint meant that a opt-out cookie would tell the technology to simply ignore refuseniks' browsing as it passed through. It's thought the change has proved tricky. Phorm did not immediately respond to a request for comment on the alleged technical problems, but [BT's chief press officer Adam Liversage] said: 'We have been working on some things with Phorm.'"