Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

BT Silences Customers Over Phorm

Soulskill posted more than 5 years ago | from the lalala-i-can't-hear-you dept.

Privacy 196

An anonymous reader writes "The Register reports that BT, the UK's dominant telecom and internet service provider, has 'banned all future discussion of Phorm and its "WebWise" targeted advertising product on its customer forums, and deleted all past threads about the controversy dating back to February.' Phorm is a controversial opt-out system for delivering targeted advertising that intercepts traffic passing through an ISP in order to profile subscribers via an assigned unique ID based on their online activities. Subscribers can opt-out at the Webwise website but are opted-in again if the Phorm cookie is cleared. Firefox users can install Melvin Sage's Firephorm add-on to manage their interaction with Phorm and Webwise."

cancel ×

196 comments

Heuristic: (5, Insightful)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#25855497)

If you have to suppress speech about what you are doing, you shouldn't be doing it.

Re:Heuristic: (0, Funny)

Anonymous Coward | more than 5 years ago | (#25855639)

If people still have to look up a word you use, even after you clearly define it, you shouldn't be saying it.

Re:Heuristic: (1)

Tubal-Cain (1289912) | more than 5 years ago | (#25856021)

Good thing nobody here needs to look it up.

Re:Heuristic: (4, Insightful)

Z00L00K (682162) | more than 5 years ago | (#25856293)

Another question is if they by injecting information into the HTML stream is violating the copyright of the original content.

Otherwise this is also a good motivation for sites and users to use HTTPS more.

Another heuristic: (-1, Redundant)

GuldKalle (1065310) | more than 5 years ago | (#25856437)

If your post starts with "Another question", it means you are posting it at the wrong place, and that you should stop threadjacking.

Re:Heuristic: (4, Insightful)

theaveng (1243528) | more than 5 years ago | (#25856537)

It surely violates the webowners' rights, who PAID to have their ads appear on your screen, but instead British Telecom is blocking them: "BT Webwise also personalizes the online advertising you see when browsing on participating websites by linking ads to your interests. For example, if you search for a weekend trip to Paris or visit pages related to Paris, BT Webwise would replace the standard ads....."

I know if I was Google, Apple, Microsoft, or some other website, I would not be happy.

Ads are what pay my bills. How dare BT remove my revenue-source and jeopardize my ability to continue providing a Free website to my customers?

Is this really how it works? (5, Informative)

KingSkippus (799657) | more than 5 years ago | (#25856845)

How dare BT remove my revenue-source and jeopardize my ability to continue providing a Free website to my customers?

It is my understanding that BT won't be removing your ads. Instead, "WebWise" will be a competing advertising provider to the likes of Google, Microsoft, etc. You can elect to put Phorm ads on your site instead, and in theory, those ads will be behaviorally targeted at the people browsing your site. (Or at least, the people who haven't opted out.) If you don't use Phorm, whatever provider's ads you sign up for will be shown.

The shitstorm, as I understand it, isn't that website owners' ads won't be displayed. It's that people using this WebWise thing while browsing your site will be reporting what they're doing to a third party, and since it's opt-in, many (most?) probably won't even know that they're doing it.

Worse, because WebWise now knows that Joe Schmo is interested in whatever it is your web site is advertising, say, cars, then it will start displaying car ads from your competitors on sites that have contracts with Phorm because Joe browsed your site.

All in all, pretty scummy, but I'd genuinely be surprised if it actually removes ads from sites that have nothing to do with it. Especially since they're talking about making it opt-in, I can't imagine that wouldn't be unquestionably illegal.

Re:Is this really how it works? (1)

theaveng (1243528) | more than 5 years ago | (#25856897)

Okay. Let's suppose I'm Google, and I have expenses to pay, so I put ads on my site. However people from British Telecom are seeing ads from Phorm instead. How does the money flowing into Phorm pay my google.com bills? The answer of course is that it does not.

So we're back to what I said before: "BT is removing my revenue-source and jeopardizing my ability to continue providing a Free website."

Re:Is this really how it works? (0, Flamebait)

giorgiofr (887762) | more than 5 years ago | (#25856927)

True, but they're doing it on their own network, not yours. It's obviously hostile behaviour but they don't actually owe you anything.

Still not correct? (3, Informative)

KingSkippus (799657) | more than 4 years ago | (#25857399)

Okay. Let's suppose I'm Google, and I have expenses to pay, so I put ads on my site. However people from British Telecom are seeing ads from Phorm instead.

Again, this is not my understanding of how it works.

As I read it, if you put Google ads on your site, people from British Telecom are seeing Google ads, period. However, as a web site owner, you can instead choose to put Phorm ads on your site, in which case, people from British Telecom will see the behavior tailored ads.

There's nothing new in that. What is new, and what I understand has everyone so up in arms, is that when British Telecom people are visiting your site (and seeing Google ads), Phorm is finding out about it and logging that fact, so that when British Telecom people visit other sites that have Phorm ads, what they will see is based on what they saw when they visited your site (with Google ads).

Plus, as an opt-out system, people won't know that the sites they're visiting are being silently watched by a third party, which is always very uncool.

If they're actually replacing content served by non-affiliated third parties (i.e. Google, or site owners who run Google ads), I'd like to see a reference to that, because I'm wrong in how I believe this works.

Re:Heuristic: (5, Insightful)

TubeSteak (669689) | more than 5 years ago | (#25855971)

[Adam Liversage, BT's chief press officer] said the fact that BT had chosen not only to close the threads but delete them entirely was insignificant. "It doesn't matter either way because the people who are following this will have the threads backed up in multiple copies," he said.

Wow, that's something only a PR man could say with a straight face.

Seems they don't want to admit the difference between stopping speech and suppressing it.

Re:Heuristic: (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25856285)

how are they stopping you talking about? your free to setup your own fucking website and talk about it all you want. BT don't have to give you the soapbox, it's up to YOU to supply that.

Re:Heuristic: (1)

Anonymous Coward | more than 4 years ago | (#25857553)

"BT don't have to give you the soapbox"

True BT don't, but they have shown (without any doubt now) just how arrogant their attitude is to people, by censoring their own website of effectively Thought Crimes against them. They don't want people to speak out against them and they are not interested in serving their customers. They have proved they want to dictate to their customers.

Also by censoring the one place all BT customers meet at, they are (trying to) prevent a centralised website containing most of the comments about their behaviour. People only have real power, when they stand together, against a large corporation like BT. Individual comments are not as effective, in creating a concentrated public backlash, against their plans. This is what they seek to prevent.

The solution is to create a centralised website, (which they cannot take down or legally block), which is constantly advertised, by all posters on BTs forums, to constantly highlight BTs behaviour and to discuss ways to act, against their plans. The new centralised comments website, needs to be treated like constantly highlighted meme idea. It needs relentlessly to be highlighted. (Like /. memes such as "I for one etc.." ... constantly highlighting it and helping to highlight the website, will act like an advertising slogan and advertising campaign for the centralised website).

If BT win with Phorm, other ISPs are going to try similar tactics. Phorm needs concentrated action to kill it now, sending a clear message to BTs competitors not to try this approach. BT also need to be sent a clear message.

Re:Heuristic: (3, Insightful)

theaveng (1243528) | more than 5 years ago | (#25856429)

Well...

As someone who's been banned from a couple forums, I can attest that "forums are private and there's no requirement for free speech". In other words the owner of the forum can be a dictatorial censor is that's what he wishes; it's his forum. Same applies to British Telecom.

The only catch: If BT is a government-owned company, then the government may be in violation of its own laws. Too bad the U.K. doesn't have some "supreme law of the land" to act as a contract which the government must follow, and provides guarantees such as free speech which cannot be over-ruled by a politician.

Re:Heuristic: (0)

Anonymous Coward | more than 5 years ago | (#25856453)

So set up your own forum, and then you can be the dictatorial censor.....

BT are not government-owned.

Re:Heuristic: (5, Insightful)

SmokeyTheBalrog (996551) | more than 5 years ago | (#25856803)

The US has a "supreme law of the land" yet that hasn't stopped the government from blatantly ignoring it whenever it's convenient.

And I'm not talking about just the last eight years.

Re:Heuristic: (1)

theaveng (1243528) | more than 5 years ago | (#25856883)

As far as I can tell the U.S., States, and other courts enforce the Supreme Law quite well. Not perfectly, but better than if we had no Supreme Law to protect our free speech.

Re:Heuristic: (4, Insightful)

digitig (1056110) | more than 5 years ago | (#25856925)

If BT is a government-owned company

It isn't.

then the government may be in violation of its own laws.

They're not.

Too bad the U.K. doesn't have some "supreme law of the land" to act as a contract which the government must follow

It does.

and provides guarantees such as free speech which cannot be over-ruled by a politician.

It does. It could be over-ruled by a whole lot of politicians working together, of course. Can you say "constitutional amendment"? Or maybe "Patriot Act" is easier (at least, it was for the politicians).

Re:Heuristic: (-1)

Anonymous Coward | more than 5 years ago | (#25857129)

Fuck you.

As a BT customer (5, Funny)

Anonymous Coward | more than 5 years ago | (#25855521)

I'm concerned about how they're hiding the history of ***** use. Deleting post on ***** is quite extreme, and who knows what they'll do next? Start censoring the use of ***** on their network?

Re:As a BT customer (5, Funny)

Anonymous Coward | more than 5 years ago | (#25855657)

They're banning all history of hunter2?

Re:As a BT customer (0)

Anonymous Coward | more than 5 years ago | (#25855707)

They're banning all history of *******?

That password only appears to you. See? I can type it all the time and it's just stars! hunter2 hunter2 hunter2

Re:As a BT customer (1)

ijakings (982830) | more than 4 years ago | (#25857157)

Accidentally modded overrated, just a post to clear that and say for the other mods to mod it on up

Not a tech support issue? (4, Insightful)

cjfs (1253208) | more than 5 years ago | (#25855549)

Our broadband support forums are designed to be a place where customers can discuss technical support issues and offer solutions.

And someone hijacking and modifying your data isn't a technical support issue?

Re:Not a tech support issue? (4, Interesting)

icebike (68054) | more than 5 years ago | (#25855729)

This seems to be the tactic of the day. Apple does the same thing in their forums, delete any posts mentioning things they don't want mentioned on the grounds that it is a user to user technical support forum.

Yet you can post gushing praise of Apple without asking for help or offering to help and the moderators leave those fanboy posts alone.

This is a good reason to start an independent forum on any one of a number of forum hosting sites, preferably out of the reach of BT.

Re:Not a tech support issue? (0, Flamebait)

Idiomatick (976696) | more than 5 years ago | (#25855813)

Before the apples get here and mod you to -253245:
 
But thats different because apple doesnt do bad things. So they aren't really hiding what people are saying they are just bringing the truth forwards to more easily see. The two are totally unrelated.

Re:Not a tech support issue? (2, Insightful)

mrsteveman1 (1010381) | more than 5 years ago | (#25855815)

If you are a BT subscriber, it appears nothing is out of their reach at this point.

Re:Not a tech support issue? (0)

kdemetter (965669) | more than 5 years ago | (#25856073)

Well , it can be : just start up your own forum to discuss it. Easier , look at this thread. What are we doing here right now ?

There is no way they can legally ban you from talking about it. And if they find some way of filtering it ( wich may be possible , with Phorm ), using ssl encrypted sites should stop any filtering attempt.

Re:Not a tech support issue? (5, Insightful)

AnalPerfume (1356177) | more than 5 years ago | (#25855847)

The smart person would see the lack of criticism as a pretty obvious sign that the site is being stage managed to hide the negative. Any time I compare products / services I look for the good and the bad reviews; the lack of any bad reviews means I stay away from it for just this reason. The lack of a thing can tell just as much as the presence of a thing.

Re:Not a tech support issue? (1)

theaveng (1243528) | more than 5 years ago | (#25856459)

Most people aren't that smart.

They don't see negative reviews, so they never think anything is amiss. ("Out of sight; out of mind.") Removing negative reviews is an effective strategy for BT to use.

Re:Not a tech support issue? (1)

KDR_11k (778916) | more than 5 years ago | (#25856873)

But if they don't even know this Phorm thing exists?

Re:Not a tech support issue? (4, Informative)

RocketRabbit (830691) | more than 5 years ago | (#25855923)

I encountered this with Apple. I was on their forum a few times, making rational complaints that they didn't support a certain professional camera's RAW files (Epson R-D1). Within hours, the post would be deleted. The first time I thought it was a glitch. After that I knew they were fucking with me.

Re:Not a tech support issue? (4, Informative)

Xiroth (917768) | more than 5 years ago | (#25856245)

Hmm, here in Australia we have Whirlpool [whirlpool.net.au] for exactly that. The forums are very active, and all of the major ISPs have employees who get involved to at least refute rumours and clarify information about their services. It's being able to get unfiltered comments from customers which is the most valuable, though. It's a very useful resource.

Re:Not a tech support issue? (4, Insightful)

mlts (1038732) | more than 5 years ago | (#25855775)

Not just hijacking and modifying data, but an active classic man in the middle attack.

Imagine this ad server being compromised, and instead of "just" adding random ads to pages and logging customer activities for sale, picture it redirecting to phishing sites or just grabbing passwords sent to sites that are not SSL protected.

Same here ... (2, Interesting)

Jahf (21968) | more than 5 years ago | (#25855551)

My ISP recently turned on a similar system. I'm quite unhappy about it but I really don't have a realistic alternate ISP (boonies, telco, blah blah blah). It really does suck when things like this happen. I don't do anything illegal, but I still like my (relative) privacy and the ISP is the easiest place to attach my real identity to my data paths.

So, for now, I'm pondering going back to a fulltime SSH VPN to my web host for everything except the few apps I use that need low latency.

Re:Same here ... (1, Interesting)

Anonymous Coward | more than 5 years ago | (#25855819)

My ISP recently turned on a similar system.

Care to share the name of your ISP so that we can taunt them?

Re:Same here ... (1)

Tubal-Cain (1289912) | more than 5 years ago | (#25856027)

...so that we can taunt them?

A second time?

Wasn't Google working on something against this? (4, Insightful)

mlts (1038732) | more than 5 years ago | (#25855553)

I remember Google was working on something on the app layer that would guard against this type of connection hijacking but without the setup and teardown overhead of full blown SSL.

Its probably in Google's best interest to get something like this widely deployed -- a lot of ISPs are frothing at the mouth to get Phorm/NebuAd on their networks for more revenue streams, and it won't be long before a Google query would not route to Google (even if done at www.google.com), but to wherever the ISP desires.

Re:Wasn't Google working on something against this (4, Interesting)

cjfs (1253208) | more than 5 years ago | (#25855607)

I remember Google was working on something on the app layer that would guard against this type of connection hijacking but without the setup and teardown overhead of full blown SSL.

Sounds like you're thinking of the obfuscated tcp [slashdot.org] story. Wasn't so much a Google project as someone who happened to work at Google iirc.

Re:Wasn't Google working on something against this (0)

Anonymous Coward | more than 5 years ago | (#25856125)

A better solution against targetted advertising would be for every BT subscriber to install software that emulated in a completely indistinguishable manner an end user browsing websites using the Phorm program causing ads to be loaded but never clicked, or to always be clicked but never resulting in any sale.

Analytics would then show either that the cost per impression is way too high to make economic sense and Phorm would be priced out of business, or ROI was similarly way too low.

Perhaps if such an attack on Phorm were to take place widescale Phorm and BT would find a better way to let users opt-out of Phorm. Something that made sense. Like, oh, I don't know... opt-out by MAC address.

Typical BT Behavior (4, Insightful)

Your Anus (308149) | more than 5 years ago | (#25855637)

Isn't this the same BT that sued everyone claiming a patent on hyperlinking? Would you expect anything less from these drones?

Re:Typical BT Behavior (1)

maxume (22995) | more than 4 years ago | (#25857347)

I was aware that I occasionally talked out of my ass, but, clearly, things have gotten out of hand.

Just a thought... (0, Troll)

mnslinky (1105103) | more than 5 years ago | (#25855669)

While I don't live in the UK, I know how I'd feel about such things if they were happening to me.

To begin, it's a private company, and they're allowed to censor whatever they want from their customer forum. Keep in mind, they have to worry about marketing and PR as much as any other private company. Generally, you have options to go to another company if you don't like how they operate. If not, find another place to discuss your beef.

Second, advertising is a means to profit for most any media. We're going through a transition and *everyone* needs to adapt, equally. Many people pay for cable or satellite TV. There are free programs, and paid programs. Everything needs to be funded, somewhere. Let's all try to be reasonable and work this out. There's a learning process to be had, but it'll get sorted out.

Re:Just a thought... (3, Insightful)

andymadigan (792996) | more than 5 years ago | (#25855737)

Advertising in television is done with the consent of the content creators, not so with Phorm. Modifying a site in this manner is completely unacceptable, there is no discussion to be had.

If it were done with the consent of the content creators, there would be little or no benefit over google ads.

Re:Just a thought... (4, Informative)

Anonymous Coward | more than 5 years ago | (#25855809)

That appears to be the case:

KentErtugrul
Just to clarify: we do not serve adverts into the traffic stream. The websites within which the ads appear are in fact our partners. They choose to partner with us to bring you more helpful, relevant and yes, more valuable advertising

http://www.webwise.com/how-it-works/transcript_080306.html

Re:Just a thought... (3, Informative)

IBBoard (1128019) | more than 5 years ago | (#25856607)

Mod parent (insightful and informed AC) up.

As much as I hate Phorm (luckily I'm not with a Phorm ISP), that's not entirely accurate. As mentioned by an AC (but likely to get lost) Phorm only modifies the ad selection for the Phorm advertising network. It does not strip out other ads and replace them with their own (although it wouldn't surprise me if someone had suggested that), it just tries to target ads from a select network of advertisers.

That said, it does still piggy-back any content that I put up on my website by reading it and gaining marketting data from it. I sure as hell didn't agree to that, so I'm investigating methods of stopping them profiting from my content when I don't get a cut and when I purposefully don't put adverts on my sites.

Re:Just a thought... (1)

IBBoard (1128019) | more than 5 years ago | (#25856615)

Gah, I meant the GP's "modifying content without permission" isn't accurate. The AC's comments are accurate (complete with a reference!)

Re:Just a thought... (1)

wumpus188 (657540) | more than 5 years ago | (#25856751)

You are wrong. Not sure about Phorm, but at least NebuAd does this with content owner consent. Content owner then gets some clicks from the ads, just like with AdWords.

Re:Just a thought... (4, Insightful)

Rakishi (759894) | more than 5 years ago | (#25855829)

The difference is that my TV doesn't track what I watch, who I watch it with, who I talk to, what mail I send and when I go to the bathroom.

Re:Just a thought... (4, Insightful)

shentino (1139071) | more than 5 years ago | (#25856003)

...yet...

Re:Just a thought... (1)

riceboy50 (631755) | more than 5 years ago | (#25856171)

It's nothing Mr. Orwell didn't predict [wikipedia.org] long ago. We're closer than ever to making it a reality.

Re:Just a thought... (1)

bipbop (1144919) | more than 5 years ago | (#25856203)

British Telecom tracks when you go to the bathroom? Yikes!

Re:Just a thought... (1)

mnslinky (1105103) | more than 4 years ago | (#25857323)

LOL @ Troll. I forgot that on slashdot, unpopular opinion = troll mod-down.

fucktards

What about wget ? (5, Insightful)

mmu_man (107529) | more than 5 years ago | (#25855705)

Firefox can keep a cookie, but what about all those apps doing http requests (wget, media players, apt-get...) without maintaining cookies ??? Those can't opt-out, so basically they are forcing that on you.
That's just plain discusting anyways.

Re:What about wget ? (2, Informative)

mmu_man (107529) | more than 5 years ago | (#25855721)

Actually wget can use cookies, but you have to pass it a cookies file each time... so any script using it will miss the thing.

Re:What about wget ? (3, Informative)

tck42 (227122) | more than 5 years ago | (#25855793)

Or just us a .wgetrc file and specify your cookie file in there. I use curl instead, but same idea with .curlrc...

Re:What about wget ? (1)

DigitAl56K (805623) | more than 5 years ago | (#25856089)

wget and curl may store cookies, but how would you perform the opt-out procedure in these clients anyway? ;)

My understanding is that you have to opt-out in every client that you use on every system that you own and ensure that the opt-out cookie does not expire and is never cleared. Ironically it's likely that certain pro-privacy software will clear cookies, including the option in Firefox to clear private data on exit.

It's certainly an interesting solution from the good folks at Phorm and BT for giving subscribers a "choice", wouldn't you agree?

Re:What about wget ? (1)

theapeman (1068448) | more than 5 years ago | (#25856739)

Sounds like you need a simple proxy server whose only job is to insert the cookie. Then direct all your clients to use the proxy server. Could even be a transparent proxy in your router.

Re:What about wget ? (1)

Dogtanian (588974) | more than 4 years ago | (#25857165)

Sounds like you need a simple proxy server whose only job is to insert the cookie. Then direct all your clients to use the proxy server. Could even be a transparent proxy in your router.

Frankly, the fact that anyone should need to even consider going to such lengths to make up for such a flawed opt-out system on a disgusting scheme like Phorm (that would suck even if it were opt-in) says a lot about the whole obnoxious setup.

Re:What about wget ? (1)

Darundal (891860) | more than 4 years ago | (#25857497)

How is it flawed? Do you honestly think they want people to opt-out? The way it is set up people get to go through a procedure that placates most of them insofar as their personal privacy concerns, and at the same time allow them to swallow up as much data as possible. The people who realize that it is all smoke and mirrors and bullshit are a minority, and one that is very ignored at that.

Re:What about wget ? (1)

maxume (22995) | more than 4 years ago | (#25857435)

To clarify, they can use the cookies from your browser.

I don't know if they understand the sqlite storage that firefox 3 uses yet, but searching a bit, it looks like people have made it work (by dumping the database to a cookie file):

https://addons.mozilla.org/en-US/firefox/addon/8154 [mozilla.org]
http://blog.schlunzen.org/2008/06/19/firefox-3-und-cookiestxt/ [schlunzen.org]

It looks like the addon also dumps session cookies.

Re:What about wget ? (4, Insightful)

corsec67 (627446) | more than 5 years ago | (#25855745)

Plus, if they are basing opt-out on a cookie, they are still doing deep packet inspection, since the cookie isn't in the TCP/IP packet headers (being an application layer thing and all).

I would think that people would want to opt out of Phorm interacting with their data at all, not setting a flag that is essentially "don't use this data for marketting purposes."

Re:What about wget ? (4, Insightful)

QuantumRiff (120817) | more than 5 years ago | (#25855955)

Thats really the key of this all. The cookie prevents it from showing you ads. It does not stop the DPI, and tracking.

Re:What about wget ? (0)

Anonymous Coward | more than 4 years ago | (#25857249)

I have a suggestion. Spoof the cookies. Why not get a valid cookie, and then share it widely and set it to the same value in the browser, so that everyone on the ISP who participates is using the same cookie. Sure, you'll still be tracked, and you won't be anonymous (the IP is still in there), but good luck doing anything meaningful with the data if hundreds/thousands of people are using identical cookies.

The browser user theoretically has a lot of control over the cookie. I don't know if cloning cookies will work, but maybe something else can be done with them to introduce garbage and make the scheme largely useless.

Re:What about wget ? (1)

sleeponthemic (1253494) | more than 5 years ago | (#25855825)

That's just plain discusting anyways.

Well what if I like custard? What of it?

well im glad that slashdot has never deleted posts (0)

Anonymous Coward | more than 5 years ago | (#25855733)

or censored discussion of mald.. NO CARRIER

cookie (1)

z-j-y (1056250) | more than 5 years ago | (#25855773)

does anyone know why they have to implement it with cookies and redirects? (according to wikipedia)

couldn't they have done this silently and leave users completely unaware of it?

Re:cookie (2, Informative)

jimicus (737525) | more than 5 years ago | (#25856417)

does anyone know why they have to implement it with cookies and redirects? (according to wikipedia)

couldn't they have done this silently and leave users completely unaware of it?

As far as I can gather, it's not BT doing the dirty work. They simply route all HTTP traffic through the Phorm system, and their processes are set up so there's no way to filter whose traffic gets routed that way.

By the time it reaches the Phorm system, it may well not be associated with any specific BT user - Phorm don't know who has what IP address - so the only realistic option for them to use something at the application level.

If anything, it's an indictment of our data protection laws that customer rights can be so easily signed away - all that needs to happen is for BT to include in their next bill "Oh, by the way, we're updating our terms and conditions, please check our website for further details".

Re:cookie (3, Interesting)

h4rm0ny (722443) | more than 5 years ago | (#25856465)


If it went to court, any customer in the UK would be able to get away with terminating their contract on these grounds. I would recommend a formal notification of terminating the contract, the clear reasons why and the promise that this would be resolved via legal action if they chose to pursue you. I would also promise legal action if they in anyway impeded my freedom to move to another ISP.

Re:cookie (1)

jimicus (737525) | more than 5 years ago | (#25856693)

If it went to court, any customer in the UK would be able to get away with terminating their contract on these grounds. I would recommend a formal notification of terminating the contract, the clear reasons why and the promise that this would be resolved via legal action if they chose to pursue you. I would also promise legal action if they in anyway impeded my freedom to move to another ISP.

This won't happen just because it's front page news on a few news for nerds websites - put simply, not enough people know about it.

It needs to be in the more hysterical tabloid press as frontpage news : "BT SPIES ON MILLIONS OF CUSTOMERS!!!111oneoneone" type of thing - every day for a week. Then we'll see some real action.

Otherwise you're just one customer in a sea of millions who don't know enough to give a fuck.

Copyright Infringement? (2)

corsec67 (627446) | more than 5 years ago | (#25855795)

Since it seems like they store a copy of the websites visited, could a website have a license that is "only end users can keep a copy of the data on this site", and then sue Phorm if they keep the data? Or would their impersonating other servers be fraud, especially if people have the "opt-out" cookie?

Looking at the wiki diagram [wikipedia.org] of what they do, that is just insane. They are a man in the middle, adding cookies, hiding cookies, redirecting requests to unrelated sites, etc. They are slowing down every site, and what happens if they get overloaded? Does everything come to a halt?

Imagine if someone got a server on a network and added an entry to webwise.net to the /etc/hosts file (or equivalent), they would get a record of every site that everyone with the extra DNS entry visited. Combine a server with a DNS poisoning attack, and you can get the traffic for a large number of people.
Maybe people should point www.webwise.net to a non-routing address to be safe?

Re:Copyright Infringement? (5, Interesting)

TheRaven64 (641858) | more than 5 years ago | (#25857021)

There is absolutely no way in which this isn't copyright infringement. Any web page is copyrighted. This comment is copyrighted and owned by me. The Slashdot terms of use say that they get a nonexclusive distribution right to them. No one else has the right to reproduce them or modify them. The complete page is also copyrighted and owned jointly by all of the posters and by Slashdot.

A carrier has an implicit license to distribute exact copies to their customers and, if the correct headers are set, to cache a copy. Inserting adverts, however, is creating and distributing a derived work from the copyrighted material. Since they profit from the adverts, it counts as commercial infringement, which typically has much larger financial penalties.

The maximum fine for online copyright infringement in the UK is now £5,000 per offence. Every single page that is modified counts as an instance of infringement. The total fines would come to more than the market capitalisation of BT at the moment.

Re:Copyright Infringement? (2, Interesting)

maxume (22995) | more than 4 years ago | (#25857461)

There is absolutely no way in which this isn't copyright infringement. Any web page is copyrighted. This comment is copyrighted and owned by me. The Slashdot terms of use say that they get a nonexclusive distribution right to them. No one else has the right to reproduce them or modify them. The complete page is also copyrighted and owned jointly by all of the posters and by Slashdot.

A carrier has an implicit license to distribute exact copies to their customers and, if the correct headers are set, to cache a copy. Inserting adverts, however, is creating and distributing a derived work from the copyrighted material. Since they profit from the adverts, it counts as commercial infringement, which typically has much larger financial penalties.

The maximum fine for online copyright infringement in the UK is now £5,000 per offence. Every single page that is modified counts as an instance of infringement. The total fines would come to more than the market capitalisation of BT at the moment.

You don't need BT at all (5, Informative)

AnalPerfume (1356177) | more than 5 years ago | (#25855823)

For years I assumed I needed to pay BT for the line rental so I could get broadband through the telephone line, as I assumed only they could provide it. I got my calls and broadband from companies who give a shit about their customers. Then I found out that there are several companies who can do line rental / call / broadband deals (all of those I checked out were cheaper than BT, and not all signed up for Phorm). When I found this out I was completely away from BT within one month. If you're in the UK, and value privacy and a company who actually wants to please you, I suggest you do some Googling and be prepared to switch. They escaped criminal punishment, government punishment, the only reason they keep doing it is that they assume most people believe they are stuck with BT. If you do switch, make sure you tell them why; who knows, if they see enough rats abandoning ship it may make them rethink the Phorm deal. ispreview.com & adslguide.org should give you a starting point.

Re:You don't need BT at all (1)

mmu_man (107529) | more than 5 years ago | (#25856257)

Wow, it's amaizing ISPs don't publicize total degrouping in UK while it's been there in france for years... I thought UK was all about free market and you still have a single operator visible ? how odd.

Re:You don't need BT at all (1)

jonbryce (703250) | more than 5 years ago | (#25856371)

Tiscali are quite keen to get you to switch everything to them, as are TalkTalk. But TalkTalk are also involved in Phorm so don't switch to them.

Re:You don't need BT at all (1)

rohan972 (880586) | more than 5 years ago | (#25856267)

If you're in the UK, and value privacy

MWAHAHAHA!

Re:You don't need BT at all (1)

ion.simon.c (1183967) | more than 5 years ago | (#25856511)

Why don't you name the companies who are providing your connections? Have they requested your silence on the matter?

Perhaps an Enterprising Brit could make cash? (4, Insightful)

mlts (1038732) | more than 5 years ago | (#25855939)

What a company could do, assuming it had the cash for reasonable Internet peering, would be to make a VPN service. Give directions for novice BT users to set up and route through. It doesn't have to be an "anonymous" service, however it would be a boon for privacy if TCP/IP logs are held just long enough in case of a security issue (or to make the UK government happy), and then promptly deleted. This service would be hosted physically in the UK to ensure decently fast connections, as opposed to other services located elsewhere around the world where packets would possibly have to cross through high latency overseas lines.

It could offer the usual PPTP services. It can also offer a SSL proxy (plain or using stunnel) for Web traffic so only the Web browser would have to be configured if the user doesn't have administrative rights. For users using ssh, it can offer PPP over ssh.

Then, this company can provide some decent instructions for people to set up a VPN to its site with the usual operating systems (Linux, OS X, BSD, Windows.)

Of course, BT could try to block or throttle the packets, but that is starting a type of legal battle with another company that may not be in BT's interest.

Re:Perhaps an Enterprising Brit could make cash? (4, Informative)

compro01 (777531) | more than 5 years ago | (#25856045)

I personally know an enterprising Scot making a decent stack on this concept.

https://www.vpntunnel.co.uk/ [vpntunnel.co.uk]

Re:Perhaps an Enterprising Brit could make cash? (1)

jonbryce (703250) | more than 5 years ago | (#25856375)

Why not just switch to another ISP? Nobody is forced to use BT.

Re:Perhaps an Enterprising Brit could make cash? (1)

jimicus (737525) | more than 5 years ago | (#25856651)

Why not just switch to another ISP? Nobody is forced to use BT.

Because half the other ISPs on the market are openly using this, the other half probably are but haven't announced it.

Re:Perhaps an Enterprising Brit could make cash? (3, Informative)

jdfox (74524) | more than 5 years ago | (#25856689)

Why not just switch to another ISP? Nobody is forced to use BT.

In some parts of the UK, especially in rural areas, BT is indeed the only provider. I can't imagine how they manage to sell any broadband at all in urban areas where there actually is competition: they're quite expensive, and their support is shockingly awful.

tech support forum (1)

Skapare (16644) | more than 5 years ago | (#25855963)

So find a forum somewhere else that can be used for all the legal/moral/ethical/boycott/etc issues. If there isn't one, make one (rent a server).

Re:tech support forum (0)

Anonymous Coward | more than 5 years ago | (#25856047)

How much did BT pay for your 5 digit /. ID so you can shill for them?

I thought Phorm had to be Opt-in (3, Interesting)

IAmAI (961807) | more than 5 years ago | (#25856031)

I thought it had been decided that Phorm was only legal in the UK if it was an opt-in service, rather than an opt-out service?

So ... (1)

garry_g (106621) | more than 5 years ago | (#25856149)

Can any BT Customer still trust that ANYTHING (s)he's reading through non-SSL-connections is unmodified? Or even unmoderated?

Sorry, but why do the UK people let their government and companies put them way beyond "1984"?

Re:So ... (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25856231)

This is the case with Europeans in general. After the pure devastation and immense suffering caused by World War II, which just cannot be fathomed by anything by today's standards, it's part of the mentality in Europe to do anything they can other than fight with each other or their governments.

Its not cowardice or a weak will on their part; its the fact that almost every living thing on that continent faced eradication in the 1940s. They do not want to fight because they know what happens when people go to war. They definitely will not do anything against their governments.

Even if it means having shackles of groaning slavery clapped on, nation by nation.

Re:So ... (0)

Anonymous Coward | more than 5 years ago | (#25856323)

This is the case with Europeans in general. After the pure devastation and immense suffering caused by World War II, which just cannot be fathomed by anything by today's standards, it's part of the mentality in Europe to do anything they can other than fight with each other or their governments.

Its not cowardice or a weak will on their part; its the fact that almost every living thing on that continent faced eradication in the 1940s. They do not want to fight because they know what happens when people go to war. They definitely will not do anything against their governments.

Even if it means having shackles of groaning slavery clapped on, nation by nation.

Sounds like Europe in the 1930's. You know... when they didn't want to go to war because they'd just been through a big one a few years earlier.

How'd that whole not wanting to go to war thing work out for them anyway?

Oh wait...

Glad I Left (3, Interesting)

KingJ (992358) | more than 5 years ago | (#25856431)

I left BT a few months ago after they continued with the trial, despite massive outcry from customers and other internet users. Thankfully, here in the UK it's easy to switch ADSL providers, just request a MAC transfer code and give it to your ISP. I moved to ADSL24, a reseller of Entanet who are very open about their network, while other ISPs like to hide it. I have been extremely satisfied with my new provider, and I am going to make sure that I never give any money to BT again. Bad idea to annoy those younger customers, they've still got quite a lot to spend into the future.

Central point of failure? (4, Interesting)

sakdoctor (1087155) | more than 5 years ago | (#25856507)

What would happen if the webwise.net domain (which shares an IP with phorm.com) was to accidentally get DDOSed?

Going by the Phorm diagram on wikipedia, it would seem that webwise.net is a central point of failure for the system.

Injection warnings (2, Informative)

Wowsers (1151731) | more than 5 years ago | (#25856641)

It's about time that all http web traffic was https instead, so the likes of BT could not inject their garbage into pages without people knowing the pages have been compromised.

No! (1)

Shivinski (1053538) | more than 5 years ago | (#25856771)

This should be made completly illegal! I do not want my traffic intercepted and advertising directed at me...and this isnt the first time BT have kept quiet about something. In the past they didn't say a word to customers when they where performing gradual updates to individual exchanges, which bought internet speed down to only 300Kb/s for a whole month! Even after 5 call's to BT, no-one would admit it was DRM. I only found out from an online forum that my connection was being DRM'ed...and even after that I found out that the update had been finished I had to call up, and specifically mention DRM for them to uncap my connection again. If I hadn't done that, I would still be stuck at 300Kb/s!

I am soon hoping to switch ISP to Virgin Media. My advice, Stay Away from BT!!

Hit BT for copyright violation (1)

jonwil (467024) | more than 5 years ago | (#25856965)

IANAL nor do I know how UK copyright law works but why doesn't someone who owns a website (preferably one involving paid content or something) and who also has an account with BT visit their website via their BT connection, have all the inserted ads come up and then sue BT for copyright violation.

Facism (1)

myspace-cn (1094627) | more than 5 years ago | (#25856979)

One way to deal with fascism.

Make the public aware.
Stop funding them.
Lobby against them.
Send a battalion of Lawyers or Solicitors after them.

webwise tries to sell this insecure proxy spying nonsense as a security product. They are telling you it's safe, but you must take it on blind faith that it's safe. In essence they are trying to make the whole web their own personal network. You have to trust them. Perhaps if you can prove that it's false advertising, and a deceptive lie, you can get them shut down and outlawed.

If they are routing all their packets through a router, you have no choice but to find another ISP, stop using the web, or accept it.

What a unacceptable world this fascist company has created. I'd resist. Straight up. There is no way I would stay with that nonsense.

I am wondering if cidr ban on their/8 would help your cause? By getting complaints for no connectivity perhaps this should be part of the solution.
If you have the IP / cidr numbers post them!

Maybe we who host websites outside of their networks can do re-directs to a page explaining the problem. We need the cidr and or ip numbers so we can detect, then either block or redirect their connections. And we need a text of what to say specifically.

Meanwhile, Cancel your contract, and sue them for spying.
Short their stock, make their company worth zero. Get this out on Newspaper, Magazines, Broadcast tv, and radio. Move fast!

Don't just hope to switch ISP's, do it right now.

Have they not learned? (1)

moxley (895517) | more than 5 years ago | (#25857087)

I can't believe that whoever handles this stuff for BT isn't aware of the "Streisand Effect." Maybe their PR staff had nothing to do with it.

It's the stupidest thing you can do these days, tring to censor your customer base in public like that.

It's one of the things that really makes me feel good about the internet, and one of the few phenomenons in these times where people can organize (without even organizing) and change the behavior of a corporate behemoth.

It must drive authoritarian corporations and governments crazy. I love it.

Copyright Issue (2, Insightful)

secondhand_Buddah (906643) | more than 5 years ago | (#25857099)

Surely Phorm violates copyright at some level?
They are effectively modifying content in such a way that what is presented, is not what was published
There could also be some issues effecting the value of the content. I create content, and BT defaces it before it reaches my client/consumer, they are in a sense effectively damaging my property and assets. If I was a large website owner I might take offense to this kind of behavior.

Where's Bruce Schneier? (1, Interesting)

Anonymous Coward | more than 4 years ago | (#25857259)

If this was any other company (Time Warner, AOL, etc), Bruce Schneier would be all over the privacy and censorship issues here. But he's the CTO of British Telecom, and when the gravy train is on the line, the privacy-vocal cipherpunk is nowhere to be found.

What about content creator's rights? (1)

EQ (28372) | more than 4 years ago | (#25857383)

As a web author:

-> I did NOT give them permission to place or inject their ads on *my* site.

-> I have no control over what ads are delivered with my content -- some of it may be counter to things I beleive, and some ads may imply an endorsement of products, people or policies that I abhor.

-> I am not recieving ad revenues from their ad hits which my site geneates for them.

To me, this is outright theft of my content to generate revenue for them. I beleive the legal term is "conversion", taking someone else's property and using it to make money as if it was your own property.

What legal recourse do content creators and holders have against this theft of thier content to produce revenues for someone else?

Re:What about content creator's rights? (0)

Anonymous Coward | more than 4 years ago | (#25857533)

It doesn't do that. I suggest you read the above comments to see what it actually does do. There's no question that it still sucks, though.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...