I've just finished reading a rather lengthy thread on my ISP's forum regarding some disturbing news that has similarities (in fact has been suggested is the same in principle) to the Phorm fiasco. An utterly illegal and dispicable intrusion, IMO.
This "service" is being rolled out (secret trials were carried out on the unsuspecting customer base which is how this came to light and subsequently investigated by the toothless ICO) under the guise of making our experience better by identifying malware riddled websites (and subsequently blocking them - duh, I have several layers of that protection already!) whereas the evidence suggests it's just another way of spying on our usage for commercial gain at the very least - the ICO have already reprimanded my ISP for not disclosing it to them or it's customers.
The problem is, despite all that's occured, my ISP is telling us it will go live soon and opt-out is not possible, just the option to bypass the block.
What's particularly disturbing is the alleged manner it operated (and presumably will) which could well have a negative effect on FCF (hence this post) and all other services I frequent.
Ok, so what has this got to do with FCF, I hear? Well, it might be nothing or might be more serious but in basic terms, it's impersonating it's customers and therefore stealing bandwidth from sites/services and this is how.
It monitors customers URL requests and copies them for it's own use to be replayed moments later! Yes, within a few minutes of my visit it impersonates me, attempts to go exactly where I've been using copies of my URL requests (which can contain login and other personal/identifying info for instance) and then purportedly determines if there's any malware in the sites/pages returned. It's been reported by site admins that this includes non-public admin control panel pages for instance, it just copies everything in the URL request regardless.
So, in short, I feel I have to apologise if only for the wasted bandwidth/resources my ISP has, is or will be stealing. I'm also concerned what other negative effects this can have (stalling pages comes to mind?) to both myself and the site admins that I'm not aware of. Sorry guys, I feel extremely embarrassed by this even though I know I'm not directly responsible
Bad news regarding my ISP and internet usage
Moderator: myglaren
- Gingerposer
- Posts: 244
- Joined: 04 Oct 2009, 21:28
- Location: Balmedie, Aberdeenshire
- My Cars:
- x 6
- spider
- Posts: 3949
- Joined: 05 Jan 2010, 14:28
- Location: Derby.
- My Cars: Soon, I hope...
- x 77
- Contact:
I'd agree. Vote with your wallet, change ISP.
It is a pain to do I know but it is worth it, if they are going to (attempt) to retain session data etc
The software itself will probably be OK as there will be an IP and cookie mismatch if it did attempt to post again. Depends on how x_forward is setup iirc.
It is a pain to do I know but it is worth it, if they are going to (attempt) to retain session data etc
The software itself will probably be OK as there will be an IP and cookie mismatch if it did attempt to post again. Depends on how x_forward is setup iirc.
Andy.
91 205D-Turbo, gone but still missed
02 106D, TUD5B, gone but not really missed apart from the MPG
91 205D-Turbo, gone but still missed
02 106D, TUD5B, gone but not really missed apart from the MPG
-
- Posts: 4809
- Joined: 11 Jun 2007, 16:17
- Location: Christchurch, Dorset. UK
- My Cars: 2005 C5restyle 1.6HDI 16v 110hp VTR Estate
2008 C5 X7 1.6HDI VTR+ Saloon - x 231
I'm tied into 18months starting from last month Besides, I'm getting the best speed I've had in over four years for £10pm less than the competition and kind of like their service - no need for call centres, they've got an online forum manned by staff that speak/write perfect english and did a great job of sorting my first bill's problem.
Who is this ISP? TalkTalk!
Who is this ISP? TalkTalk!
-
- (Donor 2020)
- Posts: 742
- Joined: 17 Apr 2008, 22:39
- Location: Clydebank, Near Glasgow.
- My Cars:
- x 2
Mike, you might find a VPN service to be of use. This is the way things are going and ISPs are introducing all sorts of stupid ideas. I use a service called "VyperVPN" that I get free as part of my Giganews subscription. Virgin Media apply traffic shaping to usenet traffic on their 50mb package, and I usually get a 90% performance drop at peak times. Fortunately, VyperVPN allows me to side step that for most part, and has the added benefit of much improved privacy. It would protect you from Phorm or any other system used by your ISP to intercept web traffic.
'96 405 1.6 GLX with 306 GTI engine on Cat cams @ 195bhp
'05 RenaultSport Clio 182 Cup, 102k
'97 406 1.9TD, 314k.
'05 RenaultSport Clio 182 Cup, 102k
'97 406 1.9TD, 314k.
-
- Posts: 4809
- Joined: 11 Jun 2007, 16:17
- Location: Christchurch, Dorset. UK
- My Cars: 2005 C5restyle 1.6HDI 16v 110hp VTR Estate
2008 C5 X7 1.6HDI VTR+ Saloon - x 231
I looked into VPN following your suggestion, thanks evilally. Although it might have the desired effect I've been warned it might also introduce delays, reduce speed and cause other problems I've not looked into so will take this into consideration in due course.
To updates my findings on this topic, it seems TalkTalk have been naughty and got a "telling off" (gotta love those teeth) from the ICO in the first instance of carrying out trials covertly. Anyone remember the PHORM fiasco? It's scarily very similar.
What has come to light is the way Deep Packet Inspection works in this context. It copies every customers URL request (which can contain personal data/info) and replays them later to see what the response from the website gives. This has shown to be, in some instances, access to people's profiles, inbox, private web pages and other areas you wouldn't have thought it would go, given their recent publication (marketing spin) of how it works.
As a result, websites are, AFAIC, being hacked (again, Ala PHORM) which upsets a lot of owners, not least commercial sites.
To updates my findings on this topic, it seems TalkTalk have been naughty and got a "telling off" (gotta love those teeth) from the ICO in the first instance of carrying out trials covertly. Anyone remember the PHORM fiasco? It's scarily very similar.
What has come to light is the way Deep Packet Inspection works in this context. It copies every customers URL request (which can contain personal data/info) and replays them later to see what the response from the website gives. This has shown to be, in some instances, access to people's profiles, inbox, private web pages and other areas you wouldn't have thought it would go, given their recent publication (marketing spin) of how it works.
As a result, websites are, AFAIC, being hacked (again, Ala PHORM) which upsets a lot of owners, not least commercial sites.
-
- (Donor 2020)
- Posts: 742
- Joined: 17 Apr 2008, 22:39
- Location: Clydebank, Near Glasgow.
- My Cars:
- x 2
True, a VPN does add overhead, but a decent service should give you a minimal performance penalty. Web browsing on VyperVPN is not noticeably different. Download wise it's a bit slower, but much better than what VM hobble my connection to and still "fast".
'96 405 1.6 GLX with 306 GTI engine on Cat cams @ 195bhp
'05 RenaultSport Clio 182 Cup, 102k
'97 406 1.9TD, 314k.
'05 RenaultSport Clio 182 Cup, 102k
'97 406 1.9TD, 314k.