UK ISP To Trial Virus Alert System

Forum Moderators: IanTurner & engine

Message Too Old, No Replies

UK ISP To Trial Virus Alert System

engine

2:17 pm on Nov 25, 2010 (gmt 0)

UK ISP To Trial Virus Alert System [bbc.co.uk]

Talk Talk is launching trials of a controversial anti-malware system following intervention by the Information Commissioner (ICO).

The Virus Alert system keeps an eye on the websites customers visit to stop them accidentally going to places riddled with viruses.

The ICO admonished the ISP when the service was debuted because customers were not told it was going ahead.

Talk Talk said the trials would be with customers that have opted in to use it.

Frank_Rizzo

3:11 pm on Nov 25, 2010 (gmt 0)

A few untruths in that article.

ICO says "The statement added that it would take seriously any complaints it received about the service but said it had not received any to date."

Untrue. There were / are complaints.

"Talk Talk said the trials would be with customers that have opted in to use it."

This is misleading. The Q&A which TalkTalk recently posted says:

7. Will only customers who sign up to Network Security have the websites they visit scanned?
We are scanning all the websites our customer base as a whole visits, in complete anonymity, You have to opt-into the Virus Alerts product itself, so if you don't want the warnings while you browse you don't have to enable the service, or if you activate Virus Alerts, you can switch it off again at any time afterwards

From that customers can choose to opt-in to the virus alert service. But there is no confirmation or denial that their data is still intercepted. This is similar to BTs Webwise front. You had the choice of opting out of their malware detection service, but all your data was still processed by DPI and the profiler.

A detailed analysis of the TalkTalk trials is here [nodpi.org...]

Heads up. The CPS said that the end of November is when they would announce their decision as to whether to prosecute over the Phorm trials in 2006 and 2007. That's next week (and nearly 800 days since they were first handed the case file).

Lorry loads of Crown Whitewash Paint seen being delivered to 2 Southwark Bridge.

Frank_Rizzo

11:15 am on Nov 27, 2010 (gmt 0)

Huaweisymantecspider this is the bot which TalkTalk are using for their 'antivirus system'.

is starting to make an appearance in log files. First visit I had from it was 2-Nov. Yesterday it seems that the main crawl switch was activated as there is now more activity from the bot. All china hosted sites.

Info on the Huaweisymantec bot:
[nodpi.org...]

Why TalkTalk customers should get their MAC and leave:
[nodpi.org...]

dstiles

9:55 pm on Nov 27, 2010 (gmt 0)

Most of the hits at the start of this month (from 2nd Nov but may have begun any time before Nov) have been from ChinaCache USA but from 26th Nov they all seem to be from Opal on an IP range I partially blocked back in June when I had around 300 hits in 15 days on two IPs and another couple of thousand on a few others. Knowing what I do now at least some of that was obviously the experimental period of the bot around June/July.

ChinaCache North America: 69.28.48.0 - 69.28.63.255
Owned by Beijing Blue I. T. Technologies Co Ltd
Admin in US by Citynet.

Opal Telecommunications full Opal range: 62.24.128.0 - 62.24.255.255

Within that range I've had multiple bot-like hits from webmarketing company Global Media Applications Ltd (G-MAPPS-UK) on 62.24.226/23 as well as many other "bots" going back before April across several sub-ranges.

I find I already have this bot in my "block this UA" list so it annoyed me before I knew its origin/use.

My brother has a TalkTalk account (can't "talk" him out of it!) so I'll get him to access a couple of sites and see what happens.