As a Webmaster I am concerned about what my UK ISP (BTYahoo!/BT
Broadband) have told me about their plans to implement Webwise, a
technology patented by former spyware company 121Media, now known as
Phorm.Inc.
121 Media were formerly responsible for PeopleonPage, and for placing
difficult to remove rootkits on people's computers.
This technology uses Layer 7 interception of a users complete http
traffic to profile/mirror their browsing behaviour, and then use the
information to serve up targeted ads, based on an anonymised, cookie-
based UID placed on the users computer. It also involves the forging
of a cookie, purporting to come from the website visited, even if that
website has a privacy policy that says it does not set cookies.
It is similar but not identical to the US company NebuAd technology.
There has been relatively little debate about the isses this
technology raises for webmasters.
BT have stated that Webwise/Phorm will assume implied consent of
webmasters, to profile copyrighted web content, copy it, and exploit
it for commercial gain IF THE WEBMASTER CONSENTS TO A GOOGLE SPIDER
visiting their site.
They are equating their deep level Layer 7 intrusive interception
technology with that of the Google search engine. This may even lead
to confusion in people's minds between Webwise and Google, and they
may think that Google is in some way linked to Phorm/Webwise.
They are refusing to give webmasters a way of excluding Webwise
specifically using robots.txt - instead they are saying if we let
Google in, we let Webwise in. They have specifically repeatedly named
Google as the search engine robots.txt directive they will be looking
for in order to establish what they claim will be implied consent for
Webwise on the part of Webmasters.
Of course the major search engines allow and even assist webmasters to
exclude their robot from spidering sites by the use of specific user
agent strings. Webwise will neither set a user agent string, nor
permit itself to be specifically excluded via robots.txt.
Google need to be aware of this as it means that one possible step a
webmaster might take is to allow all other search engines to crawl
their site, but exclude Google. That way, they can exclude Webwise,
because they have excluded Google.
I would imagine Google would not be happy about this as it has the
potential to adversely impact their business model, by linking access
to Google robots with Layer 7 interception by Phorm/Webwise.
I am happy to provide further information to Google on this, including
details of communications received from my ISP, if someone from
google contacts me by email. A good starting point for information is
here
http://www.inphormationdesk.org/
My email is robmjsubs53 HYPHEN google AT yahoo DOT co DOT uk
(remove the spaces, and turn the words in capitals back into what they
represent)
I had a spat with nebuad a while back when my ISP suddenly started
adding scripts to some pages served to me (and probably to others of
their users).
At the time the scripts weren't doing anything that I could tell
(unless they were collecting information only), they were only visible
in the source code, added after the </html> tag. Perhaps they needed
yet to be activated from the nebuad end. I only found out by accident
when viewing my source code, I forget why I was looking at it. The
validator never pointed the invalid code out, simply because it was
never getting the script tacked on.
I complained to my ISP, they denied it, but changed my fixed IP to a
new one. It stopped. Hmm...
Reading up on nebuad's methods I was appalled that the only way to
stop it from happening was to set a blocking cookie on my pc - while
we all know cookies don't persist for very long. So there was no real
acceptable way to stop it for good, except actively blocking nebuad's
domain and subdomain in the hosts file.
I believe it's still happening on and off on my connection but I've
not managed to put my finger on it yet. It might even be a different
but similar ad server site.
I don't think it was in any way tied in to the website I was accessing
though, at least not robotically. It was tied in to my IP address and
my browsing habits. The script was being added to the site I was
visiting most often at the time (what I was working on). Perhaps as
they collect information on my browsing habits they also spider the
site maybe to find content to match the ads to. I don't know. This
never got off the ground as far as I can tell.
But it's a worrisome prospect when ISP's opt in to such gimmicks.
Despicable. And if the scripts being added also contain a malware
element this is absolutely criminal.
> Perhaps as they collect information on my browsing habits they
> also spider the site maybe to find content to match the ads to.
They don't even need to spider those sites (they wouldn't get past
password protected sites that way). If they are able to insert
<script> tags directly into the datastream to your computer, that
means they can read the page as it travels over the network to your
computer. How do you think it figured out where the </html> tag was to
begin with?
> I had a spat with nebuad a while back when my ISP suddenly started
> adding scripts to some pages served to me (and probably to others of
> their users).
> At the time the scripts weren't doing anything that I could tell
> (unless they were collecting information only), they were only visible
> in the source code, added after the </html> tag. Perhaps they needed
> yet to be activated from the nebuad end. I only found out by accident
> when viewing my source code, I forget why I was looking at it. The
> validator never pointed the invalid code out, simply because it was
> never getting the script tacked on.
> I complained to my ISP, they denied it, but changed my fixed IP to a
> new one. It stopped. Hmm...
> Reading up on nebuad's methods I was appalled that the only way to
> stop it from happening was to set a blocking cookie on my pc - while
> we all know cookies don't persist for very long. So there was no real
> acceptable way to stop it for good, except actively blocking nebuad's
> domain and subdomain in the hosts file.
> I believe it's still happening on and off on my connection but I've
> not managed to put my finger on it yet. It might even be a different
> but similar ad server site.
> I don't think it was in any way tied in to the website I was accessing
> though, at least not robotically. It was tied in to my IP address and
> my browsing habits. The script was being added to the site I was
> visiting most often at the time (what I was working on). Perhaps as
> they collect information on my browsing habits they also spider the
> site maybe to find content to match the ads to. I don't know. This
> never got off the ground as far as I can tell.
> But it's a worrisome prospect when ISP's opt in to such gimmicks.
> Despicable. And if the scripts being added also contain a malware
> element this is absolutely criminal.
It didn't figure out where the </html> tag was, it simply added after
the end of the transmissio, whihc in my case was right after </html> .
But as it was obviously spying on my connection, it must have known
what site I was accessing. It was always the same site getting that
script, none others as far as I could tell.
> > Perhaps as they collect information on my browsing habits they
> > also spider the site maybe to find content to match the ads to.
> They don't even need to spider those sites (they wouldn't get past
> password protected sites that way). If they are able to insert
> <script> tags directly into the datastream to your computer, that
> means they can read the page as it travels over the network to your
> computer. How do you think it figured out where the </html> tag was to
> begin with?
> On May 13, 4:28 am, webado wrote:
> > I had a spat with nebuad a while back when my ISP suddenly started
> > adding scripts to some pages served to me (and probably to others of
> > their users).
> > At the time the scripts weren't doing anything that I could tell
> > (unless they were collecting information only), they were only visible
> > in the source code, added after the </html> tag. Perhaps they needed
> > yet to be activated from the nebuad end. I only found out by accident
> > when viewing my source code, I forget why I was looking at it. The
> > validator never pointed the invalid code out, simply because it was
> > never getting the script tacked on.
> > I complained to my ISP, they denied it, but changed my fixed IP to a
> > new one. It stopped. Hmm...
> > Reading up on nebuad's methods I was appalled that the only way to
> > stop it from happening was to set a blocking cookie on my pc - while
> > we all know cookies don't persist for very long. So there was no real
> > acceptable way to stop it for good, except actively blocking nebuad's
> > domain and subdomain in the hosts file.
> > I believe it's still happening on and off on my connection but I've
> > not managed to put my finger on it yet. It might even be a different
> > but similar ad server site.
> > I don't think it was in any way tied in to the website I was accessing
> > though, at least not robotically. It was tied in to my IP address and
> > my browsing habits. The script was being added to the site I was
> > visiting most often at the time (what I was working on). Perhaps as
> > they collect information on my browsing habits they also spider the
> > site maybe to find content to match the ads to. I don't know. This
> > never got off the ground as far as I can tell.
> > But it's a worrisome prospect when ISP's opt in to such gimmicks.
> > Despicable. And if the scripts being added also contain a malware
> > element this is absolutely criminal.
Exactly, if it knew where the end of the transmission was, it had to
know there was a transmission to begin with. Which means it could see
the page as it traveled over the network.
> It didn't figure out where the </html> tag was, it simply added after
> the end of the transmissio, whihc in my case was right after </html> .
> But as it was obviously spying on my connection, it must have known
> what site I was accessing. It was always the same site getting that
> script, none others as far as I could tell.
> On May 13, 3:36 pm, ShoreTel wrote:
> > > Perhaps as they collect information on my browsing habits they
> > > also spider the site maybe to find content to match the ads to.
> > They don't even need to spider those sites (they wouldn't get past
> > password protected sites that way). If they are able to insert
> > <script> tags directly into the datastream to your computer, that
> > means they can read the page as it travels over the network to your
> > computer. How do you think it figured out where the </html> tag was to
> > begin with?
> > On May 13, 4:28 am, webado wrote:
> > > I had a spat with nebuad a while back when my ISP suddenly started
> > > adding scripts to some pages served to me (and probably to others of
> > > their users).
> > > At the time the scripts weren't doing anything that I could tell
> > > (unless they were collecting information only), they were only visible
> > > in the source code, added after the </html> tag. Perhaps they needed
> > > yet to be activated from the nebuad end. I only found out by accident
> > > when viewing my source code, I forget why I was looking at it. The
> > > validator never pointed the invalid code out, simply because it was
> > > never getting the script tacked on.
> > > I complained to my ISP, they denied it, but changed my fixed IP to a
> > > new one. It stopped. Hmm...
> > > Reading up on nebuad's methods I was appalled that the only way to
> > > stop it from happening was to set a blocking cookie on my pc - while
> > > we all know cookies don't persist for very long. So there was no real
> > > acceptable way to stop it for good, except actively blocking nebuad's
> > > domain and subdomain in the hosts file.
> > > I believe it's still happening on and off on my connection but I've
> > > not managed to put my finger on it yet. It might even be a different
> > > but similar ad server site.
> > > I don't think it was in any way tied in to the website I was accessing
> > > though, at least not robotically. It was tied in to my IP address and
> > > my browsing habits. The script was being added to the site I was
> > > visiting most often at the time (what I was working on). Perhaps as
> > > they collect information on my browsing habits they also spider the
> > > site maybe to find content to match the ads to. I don't know. This
> > > never got off the ground as far as I can tell.
> > > But it's a worrisome prospect when ISP's opt in to such gimmicks.
> > > Despicable. And if the scripts being added also contain a malware
> > > element this is absolutely criminal.
> Exactly, if it knew where the end of the transmission was, it had to
> know there was a transmission to begin with. Which means it could see
> the page as it traveled over the network.
> On May 13, 1:02 pm, webado wrote:
> > It didn't figure out where the </html> tag was, it simply added after
> > the end of the transmissio, whihc in my case was right after </html> .
> > But as it was obviously spying on my connection, it must have known
> > what site I was accessing. It was always the same site getting that
> > script, none others as far as I could tell.
> > On May 13, 3:36 pm, ShoreTel wrote:
> > > > Perhaps as they collect information on my browsing habits they
> > > > also spider the site maybe to find content to match the ads to.
> > > They don't even need to spider those sites (they wouldn't get past
> > > password protected sites that way). If they are able to insert
> > > <script> tags directly into the datastream to your computer, that
> > > means they can read the page as it travels over the network to your
> > > computer. How do you think it figured out where the </html> tag was to
> > > begin with?
> > > On May 13, 4:28 am, webado wrote:
> > > > I had a spat with nebuad a while back when my ISP suddenly started
> > > > adding scripts to some pages served to me (and probably to others of
> > > > their users).
> > > > At the time the scripts weren't doing anything that I could tell
> > > > (unless they were collecting information only), they were only visible
> > > > in the source code, added after the </html> tag. Perhaps they needed
> > > > yet to be activated from the nebuad end. I only found out by accident
> > > > when viewing my source code, I forget why I was looking at it. The
> > > > validator never pointed the invalid code out, simply because it was
> > > > never getting the script tacked on.
> > > > I complained to my ISP, they denied it, but changed my fixed IP to a
> > > > new one. It stopped. Hmm...
> > > > Reading up on nebuad's methods I was appalled that the only way to
> > > > stop it from happening was to set a blocking cookie on my pc - while
> > > > we all know cookies don't persist for very long. So there was no real
> > > > acceptable way to stop it for good, except actively blocking nebuad's
> > > > domain and subdomain in the hosts file.
> > > > I believe it's still happening on and off on my connection but I've
> > > > not managed to put my finger on it yet. It might even be a different
> > > > but similar ad server site.
> > > > I don't think it was in any way tied in to the website I was accessing
> > > > though, at least not robotically. It was tied in to my IP address and
> > > > my browsing habits. The script was being added to the site I was
> > > > visiting most often at the time (what I was working on). Perhaps as
> > > > they collect information on my browsing habits they also spider the
> > > > site maybe to find content to match the ads to. I don't know. This
> > > > never got off the ground as far as I can tell.
> > > > But it's a worrisome prospect when ISP's opt in to such gimmicks.
> > > > Despicable. And if the scripts being added also contain a malware
> > > > element this is absolutely criminal.
