phorming
DESCRIPTION
Phorming - The legal and the technical aspects of Phorming. IS phorming a serious threat or a boon?TRANSCRIPT
![Page 1: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/1.jpg)
Phorming (….and privacy issues)
Sandeep Sreenivasan
Techie
![Page 2: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/2.jpg)
Outline
• What is phorming?• How phorming works?
» Technical aspects» Legal Aspects
• Pros of phorming• Cons of phorming• Conclusion
![Page 3: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/3.jpg)
What is Phorming?
• “A parasitic marketing technique, which involves intercepting website traffic to profile ISP user’s interests and affiliations (without explicit consent from either the website or their users)” [1]
• Phorm – 121 Media
![Page 4: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/4.jpg)
How phorming works?
• Technical Aspects:- Assignment of 24 digit random number (Phom UID)- User searches for query- Search Query and UID sniffed by Phorm server- Retrieval of user search query from web- Compare web information with relevant channels- Sending search response and targeted Ads
![Page 5: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/5.jpg)
ISP Server
Client Machine
Web Server
Phorm Server
![Page 6: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/6.jpg)
ISP Server
Web Server
Phorm Server
![Page 7: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/7.jpg)
![Page 8: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/8.jpg)
![Page 9: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/9.jpg)
![Page 10: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/10.jpg)
ISP Server Phorm Server
Client machine
![Page 11: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/11.jpg)
How phorming works?
• Legal Aspects:
- Interception of communication: An offence contrary to Section 1 of RIPA 2000
- Fraud: An offence contrary to Section 1 of Fraud Act 2006
- Unlawful processing of sensitive personal data: Contrary to DPA 1998
![Page 12: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/12.jpg)
Pros of phorming
• Receive targeted Ads instead of random ones• Expertise and time required for searching
information is reduced• Browser independent• Minimal bandwidth usage• Add on facilities
» Monitoring surfing habits and suggest related web pages» Protection against phishing
![Page 13: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/13.jpg)
Cons of phorming• Third party private company( No contractual arrangement with)
gets to see all your HTTP traffic
• If you opt out, third party can still see your traffic
• If you opt out, but clear you cookies you are back into the system
• Anti phishing services are already standard with most modern web browsers
• Phorm under previous incarnation produced spyware
![Page 14: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/14.jpg)
Conclusion
• Key benefits: ISP and phorming company
• Vicious circle for the user
![Page 15: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/15.jpg)
Questions??
![Page 16: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/16.jpg)
References[1] The urban dictionary – http://www.urbandictionary.com/define.php?term=phorming
[2] Phorm: http://www.phorm.com/faq.html
[3] Phorm “Webwise” system – Richard Clayton, May 2008, www.cl.cam.ac.uk/~rnc1/080518-phorm.pdf
[4] Wikipedia: www.wikipedia.com
[5] Images courtesy: www.images.google.com
![Page 17: Phorming](https://reader036.vdocument.in/reader036/viewer/2022062513/55550490b4c905c35e8b4c46/html5/thumbnails/17.jpg)