Forums
| BadPhorm - When good ISPs go bad! :: Forums :: Tips & Breaking News :: Media Sightings |
|
<< Previous thread | Next thread >> |
| Phorm - an accident waiting to happen | ||
|
Moderators: Jim Murray, narcosis, felixcatuk, Sammy
|
| Author | Post | ||
| compo |
| ||
 Registered Member #18 Joined: Mon Feb 25 2008, 06:31PMPosts: 39 | Phorm - an accident waiting to happen February 26th, 2008 posted by Dick Morrell Now this is a good one. Dick Morrell worked for Virgin Media heading up their Internet Security division Phorm - an accident waiting to happen I have not seen this point raised yet "There are other issues as well in that from a data retention perspective Phorm now become a central easy target for the badly paid badly educated and badly directed people in European Law Enforcement to serve disclosure warrants on, a soft target - and they’d legally under UK RIPA II be regulated to conform." So he thinks that dat is being retained, and he should know, after woking for VM security. I wonder if People are telling lies about data storage and retaing personal info.. | ||
| Back to top | | ||
| Jim Murray |
| ||
  Registered Member #1 Joined: Thu Feb 21 2008, 08:29PMPosts: 133 | Funnily enough, the point had crossed my mind but I'd refrained (so far) from making it because there's already enough complexity surrounding this entire issue. However, since it's now been brought up it's time to bring that discussion out into the open. Admin/press enquiries : [email protected] | ||
| Back to top | | ||
| compo |
| ||
| Registered Member #18 Joined: Mon Feb 25 2008, 06:31PMPosts: 39 | I think the fact that this was posted by an EX VM security expert. Somebody whi is in the know as to some of the technical details of teh Phorm system. Makes it even more scary. The RIPA can only be used if there is data to use it on. So by default there must be data and user info stored. Otherwise somebody in his position would not have raised the issue. | ||
| Back to top | | ||
| Jim Murray |
| ||
| Registered Member #1 Joined: Thu Feb 21 2008, 08:29PMPosts: 133 | From a purely Virgin customer perspective this bit made me laugh. From an IT security persepctive (that's my background) it makes me cringe. "I’d be more worried if I was a BT customer because the only people capable of deploying this to work properly from a data retention perspective at Virgin Media no longer work there as we all left in 2006/7." Now, as promised, on to RIPA, disclosure orders and Phorm. Under RIPA, Phorm can be required to disclose any information they hold about any particular user. Ok, Phorm say they don't hold any identifiable information, just a random number and the categories it matches - so what good is that? Well, consider an example. It's quite reasonable to assume that certain advertisers may wish to create a category intended to target BitTorrent users. That category would presumably match when those users accessed any of the torrent search sites. Now, if RIAA/MPAA were to get an order siezing your computer (or get hold of your Phorm cookie some other way), they'd be in posession of your Phorm ID too. With that, and a court order to Phorm they can get the list of the categories you matched in the last 6 months... with dates & timestamps. Take the ones that matched the BitTorrent category, pressure the ISP for the IP address assigned to you on that day and you have a problem. By using Phorm, they can prove the one thing they haven't been able to prove before - intent. They can show, with reasonable certainty, that you were searching for torrents at or around the time the they caught you downloading something. That's one possibility. I'm an IT sec guy, not a lawyer - I'm sure a competent landshark could find plenty more possibilities too. Jim. Admin/press enquiries : [email protected] | ||
| Back to top | | ||
| Phormic Acid |
| ||
| Registered Member #22 Joined: Mon Feb 25 2008, 11:11PMPosts: 93 | compo wrote ... I have not seen this point raised yet I have. Blogs and the like Part of the reason for asking for a different forum was to stop them getting lost. | ||
| Back to top | | ||
| Jim Murray |
| ||
| Registered Member #1 Joined: Thu Feb 21 2008, 08:29PMPosts: 133 | Phormic Acid wrote ... Part of the reason for asking for a different forum was to stop them getting lost. Your wish is my command.... see The Blogroll! Admin/press enquiries : [email protected] | ||
| Back to top | | ||
| Phormic Acid |
| ||
| Registered Member #22 Joined: Mon Feb 25 2008, 11:11PMPosts: 93 | Thanks. Hopefully it’ll be nice and long. I wouldn’t want to run out of blogroll. | ||
| Back to top | | ||
| felixcatuk |
| ||
  Registered Member #95 Joined: Wed Mar 05 2008, 12:03AMPosts: 239 | I was discussing similar issues with the local Tory candidate yesterday, on a political slant. If Phorm can create a profile of you, potentially including political affiliations or memberships of minority/ controversial / ethnic groups, while there may be no risk to you currently... politics can change. If (given the apparent 'mobility' of the Phorm UID across borders) that profile information is made accessible outside the UK, that also raises the question of the UK as a safe haven. ISP customers; you don't need Phorm, pure and simple. Don't be a passive recipient of Phorm cookies. Until Phorm can be stopped, use the Dephormation Firefox Add On. http://www.dephormation.org.uk The user called PhormUKPRTeam/PhormUKTechTeam is a PR consultant from Citigate Drew Rogerson. RIPA: ISPs HAVE NO CONSENT FOR INTERCEPTION OF THIS TRANSMISSION ;o) | ||
| Back to top | | ||
| Gleneagles |
| ||
| Registered Member #124 Joined: Fri Mar 07 2008, 06:53PMPosts: 26 | Jim Murray wrote ... By using Phorm, they can prove the one thing they haven't been able to prove before - intent. Funny you should say that, I was just thinking the same thing earlier today. I think the Government and ISP's would love to see Phorm implemented. Only weeks ago were the ISP's put under a lot of pressure from the Government regarding piracy, and ultimately stating they had responibility to stop / regulate this. Most if not all of us here have read up on lawsuits involving the R.I.Ass.A (Cheers El Reg) and short of having dodgy files on your PC and them having an IP address that was pretty much it. From a technical point of view not exactly a watertight case. However with this system implemented can now show intent! a side of a case that people like the R.I.Ass.A, Police, Government et. al. have never had before. but because you have gone to that page and opted in to the Phorm system could this not be considered self incriminating and raise the same issues that the new law stating that you have to hand over any encryption keys when asked by police of face jail time. It's just another piece in what is already a complicated puzzle. | ||
| Back to top | | ||
| Midnight_Voice |
| ||
| Registered Member #180 Joined: Thu Mar 13 2008, 08:51PMPosts: 41 | Phormic Acid wrote ... Thanks. Hopefully it’ll be nice and long. I wouldn’t want to run out of blogroll. Don't worry. There will always be plenty of the UKMisinPhormation Team's tissue of l - oh no, hang on, we have to be nice to them, don't we? Big Brother: a programme people watch, or a program watching people? | ||
| Back to top | | ||
Powered by e107 Forum System