Phorming
-
Upload
sandyvasan -
Category
Documents
-
view
495 -
download
1
description
Transcript of Phorming
Phorming (….and privacy issues)
Sandeep Sreenivasan
Techie
Outline
• What is phorming?• How phorming works?
» Technical aspects» Legal Aspects
• Pros of phorming• Cons of phorming• Conclusion
What is Phorming?
• “A parasitic marketing technique, which involves intercepting website traffic to profile ISP user’s interests and affiliations (without explicit consent from either the website or their users)” [1]
• Phorm – 121 Media
How phorming works?
• Technical Aspects:- Assignment of 24 digit random number (Phom UID)- User searches for query- Search Query and UID sniffed by Phorm server- Retrieval of user search query from web- Compare web information with relevant channels- Sending search response and targeted Ads
ISP Server
Client Machine
Web Server
Phorm Server
ISP Server
Web Server
Phorm Server
ISP Server Phorm Server
Client machine
How phorming works?
• Legal Aspects:
- Interception of communication: An offence contrary to Section 1 of RIPA 2000
- Fraud: An offence contrary to Section 1 of Fraud Act 2006
- Unlawful processing of sensitive personal data: Contrary to DPA 1998
Pros of phorming
• Receive targeted Ads instead of random ones• Expertise and time required for searching
information is reduced• Browser independent• Minimal bandwidth usage• Add on facilities
» Monitoring surfing habits and suggest related web pages» Protection against phishing
Cons of phorming• Third party private company( No contractual arrangement with)
gets to see all your HTTP traffic
• If you opt out, third party can still see your traffic
• If you opt out, but clear you cookies you are back into the system
• Anti phishing services are already standard with most modern web browsers
• Phorm under previous incarnation produced spyware
Conclusion
• Key benefits: ISP and phorming company
• Vicious circle for the user
Questions??
References[1] The urban dictionary – http://www.urbandictionary.com/define.php?term=phorming
[2] Phorm: http://www.phorm.com/faq.html
[3] Phorm “Webwise” system – Richard Clayton, May 2008, www.cl.cam.ac.uk/~rnc1/080518-phorm.pdf
[4] Wikipedia: www.wikipedia.com
[5] Images courtesy: www.images.google.com