Welcome to WebmasterWorld Guest from 54.221.87.97

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

British Telecom Ad Replacement Trial Brings Calls For Prosecution

test involved replacing website ads with their own.

     

engine

1:36 pm on Jun 6, 2008 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



BT should face prosecution for its "illegal" trials of a controversial ad-serving technology, a leading computer security researcher has said.

Dr Richard Clayton at the University of Cambridge made his comments after reviewing a leaked BT internal report.

The document reveals details of a 2006 BT trial with the Phorm system, which matches adverts to users' web habits.

"It's against the law of the land," he told BBC News. "We must now expect to see a prosecution."

AD Trial Brings Calls For Prosecution [news.bbc.co.uk]

Earlier stories
[webmasterworld.com...]
[webmasterworld.com...]
[webmasterworld.com...]
[webmasterworld.com...]
[webmasterworld.com...]

ronin

1:10 pm on Jun 7, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Personally I say let the hackers have at Phorm if it's taken live.

It will be rather a large, evil target, won't it? >;->

Isn't this like dragging a table, a chair, some merchandise and folded-up display board through the front door of shop, setting up a stall which blocks access to the rest of the shop and then selling passers-by your own goods from the stall?

How is this not trespassing?

superclown2

5:48 pm on Jun 7, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



One of my ADSL lines is from BT so I got angry with them and told them to either assure me that they would not be using Phorm to snoop on me or else close the account. Their reply was:

"Unfortunately I am in no position to give assurances about anything related to what services BT Business consider using in future, however based on the BT Webwise situation I can tell you that any such thing will be publicised before launch. It will also almost certainly be an opt-in system, as this was a condition imposed by the regulator on BT Webwise."

So; the system is to be opt-in, not because that's the way BT want it but because 'the regulator' says so. Now how many people are going to opt-in to a scheme that spies on their browsing habits and then throws more ads at them? Not very many IMO and those that do so will only be potential purchasers of masochist gear and straitjackets.

Frank_Rizzo

7:26 pm on Jun 7, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Webwise is only for BT Home customers. BT Business Broadband is not part of the system.

I was categorically told that by BT. But then, back in July 2007 I was categorically told by them that there was no testing of 121media / Phorm going on.

Can anyone trust them?

As for how many people will opt-in that will depend on the question they put in the consent box.

Remember, the whole benefit for users of Webwise is that they get a super-duper anti-phising tool to protect them from all the nasty websites out there.

If the question is framed in such a way that Joe Punter thinks he's getting something for nothing then the opt-in rate could be better than the 10% now expected.

johnnie

11:25 pm on Jun 7, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I currently see three options to counter this thievery:

1. Block all IP-ranges from ISPs who implement this. Redirect users to a page that tells them 'this service is unavailble to customers of your internet service provider'. Explain your potential user what is going on and how they can improve their own internet experience (ie. switch ISP)

2. A massive class-action lawsuit on behalf of all webpublishers.

3. All get a certificate and go SSL

Receptional Andy

11:45 pm on Jun 7, 2008 (gmt 0)



Block all IP-ranges from ISPs who implement this

To re-iterate, it's a cookie based system. Many users of the ISPs will not opt in (or 'opt in' to opting out, depending on how they want play it), so IP-based blocking is not a very effective option.

johnnie

8:33 am on Jun 8, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I guess that makes it easy to detect; if not through foreign cookie handling, then through page hashing. Redirection could then occur selectively, so that only those who opted in (likely unknowingly through some obscure line in the TOS) could be redirected to our 'not for you'-page. Ofcourse, SSL is a viable option in any case, given that ISPs don't tap into secure streams. This might affect hosting providers though, since server load will increase as a result of en/decryption.

I must say, this development is both deeply disturbing and thought-provoking at the same time.

Frank_Rizzo

9:44 am on Jun 8, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Don't forget that it has not been confirmed yet that not opting in means that the none of the users traffic gets Phormed.

Originally not opting in only meant that the user was not protected by the Webwise phising tools and would not receive the targeted ads. His traffic was still to be processed by Phorm so your pages will still be processed if a BT user (opted in or not) visits your site.

Phorm have created a procedure for webmasters to ask for their sites to be excluded from all Phorm processing but I would advise not to do that.

You have to write in with the domain name and proof of ownership. That has it's problems itself but the main reason for not doing this is because it is forcing us web site owners to have to opt-out our sites.

If Phorm want our sites to be used for their marketing they should ask us to opt-in our sites.

johnnie

11:50 am on Jun 8, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



By the way: If google doesn't get its share of this bargain, it's likely going to hunt this down till it crashes, burns and rests in its ashes. I'd like to see what happens when google bans phorm-users for replacing adwords ads on the SERPs.

Hugene

3:34 pm on Jun 9, 2008 (gmt 0)

10+ Year Member



We need to take an active stand againts this. From reading here there are 3 suggestions already on how to fight this spyware (cause that's it trully is):
* generating a hash of the page you server and use this hash to see if it was changed (not sure if this can work, won't AdSense and other 3rd party generated content on your page break this?)
* use gzip compression (sounds good)
* detect webwise cookies and act on their existence (the question here is, HOW to act)

Now, I haven't tested any of this, but someone with a large website and a substantial number of users in the Uk should try this, and then create a post with suggestions on how we should react. Thanks in advance.

g1smd

6:44 pm on Jun 9, 2008 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Check out the Dephormation extension for Firefox.

That's the user end catered for already.

Frank_Rizzo

7:12 pm on Jun 9, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



If you do check it out do so within the next few hours!

Later today the creator is suspending it in protest at today's ICO announcement.

The head of the ICO Richard Thomas has to resign for this latest announcement. It is beyond fantasy.

[pcpro.co.uk...]

[edited by: encyclo at 1:02 am (utc) on June 10, 2008]
[edit reason] fixed link [/edit]

g1smd

8:31 pm on Jun 9, 2008 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



That is outrageous. We haven't heard the last of this.

Dabrowski

10:43 pm on Jun 11, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Hmmm, the Wiki page is currently unavailable,

<snip>

I'm imagining BT have bullied them sufficiently into removing the content, anyone here copy it?

There is one simple answer to this: everyone boycot the ISP's involved, currently BT, Virgin and TalkTalk.

It should be fairly easy to make a JS/CGI page validation system with something like Perl, based on a hash of the page. You could have a JS file that calls a CGI script on your server, that returns a hash of the calling page (use the referrer string). The JS then compares that with a hash of the actual page.

Something like that anyway, I'll have a think.

[edited by: engine at 4:14 pm (utc) on June 12, 2008]
[edit reason] removed broken link [/edit]

Frank_Rizzo

11:06 pm on Jun 11, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



You could try the same url but at .org instead of .be

Dabrowski

11:43 am on Jun 12, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



ok, I found a copy on another site, if anyone needs it let me know; it's 17Mb.

[edited by: lawman at 12:03 pm (utc) on June 12, 2008]

Dabrowski

12:54 pm on Jun 12, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Ooo even simpler, an advert will always be attached to a link right, so the validation could simply use the DOM to count the A tags, and validate with the server.

scyth

2:14 pm on Jun 19, 2008 (gmt 0)

5+ Year Member



guys, i work for virgin media and this phorm program isn't going down so well. People don't want phorm tracking what they do on the internet as what they do is there business. I can tell you virgin are still deciding weather or not to use it so its not final.I'm in the complaints department and we've had huge amounts of complaints about it. by the way its optional customers don't have to use if they don't want to. i'll post more as i find out

Dabrowski

4:48 pm on Jun 20, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Article confirming above post...
[theregister.co.uk...]

g1smd

2:10 am on Jul 21, 2008 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



EU tells UK to "sort it out or we will"...

[theregister.co.uk...]

Dabrowski

9:15 pm on Jul 21, 2008 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



More good reading regarding the protest at the BT AGM.

[nodpi.org...]
[dephormation.org.uk...]

This 50 message thread spans 2 pages: 50
 

Featured Threads

Hot Threads This Week

Hot Threads This Month