Phorm PR: obfuscation and evasion

More news on the Phorm phront...

BadPhorm has an update with Phorm's responses to some questions. Note how the PhormPR companiesare able to take advantage of the system architecture to deliberately obfuscate discussions of data privacy.

Q8. Are Phorm's servers within the ISP prebuilt (OS & software wise) by Phorm, or are they built by ISP technical groups following instructions given by Phorm?
A8. Prebuilt by Phorm.

Q9. Is all Phorm proprietary software delivered in unobfuscated source form to the ISPs and compiled by trustworthy employees of the ISP?
A9. No, ISPs don't get access to the source code.

Q23. Can you assure us that an opt-out ensures that no data of any kind passes through or is mirrored to the Profiler?
A23. ISP infrastructures and server installations vary widely, so discussion of particular servers is not useful. When you opt out -- or switch the system off -- it's off. No browsing data whatsoever is passed from the ISP to Phorm. It should also be stressed that the Phorm servers are located in the ISP's network and browsing data is not transmitted outside the ISP.

So here we see confirmation that the hardware is supplied by Phorm, but considered by them to be part of the ISP's system. The software is similarly supplied by Phorm, and the ISP does not get sight of the source code (therefore cannot really see what it is doing, or what it is capable of doing). Note that reports elsewhere state that Phorm can access these machines remotely.

Q23 also reveals the devious nature of this scheme. By gifting the equipment and software to the ISP, Phorm are able to evade the question. Note that the question is whether data is passed through the Profiler. All Phorm are willing to say is that the data are not passed externally to Phorm. They do not answer this serious point - we must assume that all data, from all customers, will be profiled, whether ot not the customer has opted out. This remains the most serious objection to the system and its implementation.

How BT (and other ISPs involved) can get themselves embroiled in a system of this nature is beyond me. Don't forget Phorm's track record as 121media...

×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Icknield Road Club 30K 30/3/08
Phorm, dishonesty and data interception

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 21 November 2024

Captcha Image