Phorming - The legal and the technical aspects of Phorming. IS phorming a serious threat or a boon?

1. Phorming (….and privacy issues) Techie Sandeep Sreenivasan

2. Outline What is phorming? How phorming works? Technical aspects Legal Aspects Pros of phorming Cons of phorming Conclusion

3. What is Phorming? “A parasitic marketing technique, which involves intercepting website traffic to profile ISP user’s interests and affiliations (without explicit consent from either the website or their users)” [1] Phorm – 121 Media

5. User searches for query

6. Search Query and UID sniffed by Phorm server

7. Retrieval of user search query from web

8. Compare web information with relevant channels

10. Web Server ISP Server Phorm Server

14. ISP Server Phorm Server Client machine

16. Fraud: An offence contrary to Section 1 of Fraud Act 2006

18. Cons of phorming Third party private company( No contractual arrangement with) gets to see all your HTTP traffic If you opt out, third party can still see your traffic If you opt out, but clear you cookies you are back into the system Anti phishing services are already standard with most modern web browsers Phorm under previous incarnation produced spyware

19. Conclusion Key benefits: ISP and phorming company Vicious circle for the user

20. Questions??

21. References [1]The urban dictionary – http://www.urbandictionary.com/define.php?term=phorming [2] Phorm: http://www.phorm.com/faq.html [3] Phorm “Webwise” system – Richard Clayton, May 2008, www.cl.cam.ac.uk/~rnc1/080518-phorm.pdf [4] Wikipedia: www.wikipedia.com [5] Images courtesy: www.images.google.com