Phorm (Yuck)

April 8, 2008 at 16:13 | Posted in Blogging, Privacy/Security, Revver Stuff, Tech | 1 Comment
Tags: , , , , , ,

It seems that there is a lot of noise about Phorm in the Blogosphere and that it is just catching my attention recently. (odd really since I spend a lot of time reading on Security and Privacy matters).

There are a couple of anti-Phorm web sites most of which you can get to by starting at BadPhorm. Of particular interest is a counter measure (tho limited) available here

So far it seems to be mainly ISP’s in the UK that have gone ahead with this very bad idea. That in no sense means it is a UK only problem as I am sure that Phorm will try to sign up as many ISP’s as they can globally. I would urge anyone who is interested in preserving their privacy to write to their respective ISP and let them know you don’t want them to implement Phorm webwise technology. It would definitely be worth noting in any letter that you send the history of “Phorm” which was formerly 121media which even just minor googling of, brings up their association with spyware.

If anyone has examples of Phorm mangled cookies, (paired with their un-mangled versions) I’d appreciate getting my hand on them to see if it is possible to write a Firefox add-on or proxy software that can strip the phorm tags back off the cookies thus rendering Phorm moot.

Another idea until there is a better solution to this might be for those of us in un-affected countries to run SSL proxies like Psiphon for people in the UK to tunnel through as that would (by my current understanding) encrypt the cookies (via the ssl tunnel) and thus make them invisible to the Phorm boxen.

addemdum — it seems (from the technical writeup mentioned in the Blue light Touchpaper Blog below) that even a simple proxy would work to bypass Phorm/WebWise as long as the proxy was not on port 80. For example, an open proxy on port 12000 or 443 or anything other then 80 would totally be ignored by Phorm/WebWise. Provided, of course, that the proxy was not on an infected (errrr, pardon me affected) ISP.

Thoughts and comments appreciated

addendum.. people in th UK on effected ISP’s may wish to consider using TOR and configure it to use non-UK exit nodes. not the best option and a little technical to set up (be sure to use torbutton and Privoxy). But possibly better then being tracked every step of the way. There is also I2P (I’ll provide a link when I can be sure I’m looking at the correct site.. their old URL seems defunct) but I that to be a bit bandwidth heavy. YMMV

Addendum 2 – I just downloaded technical documentation from the Blue Light Touchpaper Blog on Phorm. I’ll give it a read over and see if there are any new insights.


1 Comment

  1. […] Probably most people that read my blog will already know of this controversy as I have covered it before. I am VERY happy to see Steve Gibson using his reach to get the word out about this growing trend, […]

Sorry, the comment form is closed at this time.

Create a free website or blog at
Entries and comments feeds.

%d bloggers like this: