Feeds

Activist coders aim to deafen Phorm with white noise

Faking it for data pimps

Security for virtualized datacentres

Updated Coding activists have developed an application designed to confound Phorm's controversial behaviour-tracking software by simulating random web-browsing.

The folks behind AntiPhormLite says this means actual browsing habits are buried in noise. The app, which is available free of charge, is designed to poison the anonymised click stream Phorm collects with meaningless junk, thereby (at least in theory) undermining its business model.

Its developers reckon the chaff AntiPhormLite generates would be indistinguishable from genuine surfing. AntiPhormLite works with any browser a user cares to use and includes customised options so that each installation can be configured differently, making countermeasures Phorm might apply more difficult to develop.

The beta release comes with source code, allowing security experts to verify that it does only what it says on the tin. The app features "natural time delays" and throttling so that computer generated traffic would be difficult to distinguish from the real thing, as explained below:

AntiPhormLite runs independently and silently in the background of your PC. It connects to the web and intelligently simulates natural surfing behavior across thousands of customizable topics. This creates a background noise of false information disguising and inverting your own interests. We believe our technology is indistinguishable from that of a typical user engaging the internet. To support this claim we have introduced a preview mode that works with any of your preferred browsers, and together with a detailed reporting system and a host of custom options each AntiPhormLite will appear unique.

AntiPhormLite is a Windows (Vista and XP) only app. The application does not execute web pages directly inside a browser, minimising the possibility that it might become a conduit for drive-by-download attacks. It ignores bandwidth-heavy images, flash and video files in a bid to make sure that its doesn't eat through a user's bandwidth and thereby slow regular web surfing.

The application needs DirectX 9.0C or later installed. Future versions based on a screen saver are in development.

Phorm has signed deals with BT, Virgin Media and TalkTalk to deliver targeted ads based on a user's surfing habits. Other firms including NebuAd and Front Porch are attempting to exploit the same emerging market. The technology has provoked a huge privacy debate spurring an anonymous group of "artists, programmers and designers" to develop AntiPhormLite. Whether AntiPhormLite works against technology from NebuAd and Front Porch is unclear.

Particularly when left in default mode (the settings most users apply) it may not be too difficult for Phorm to filtering out traffic generated by AntiPhormLite. Phorm's developers, whatever else you might think of them, have shown themselves to be tenacious and technically skilled. Many people would have to use AntiPhormLite to skew results and the biggest disadvantage is that those users would have to consent to using Phorm's behavior tracking software in the first place.

Data pimping fight-back

AntiPhormLite does however represent another front against Phorm, which is under close scrutiny from anti-malware firms, many of which consider its technology to be on the borderline of adware classification.

The UK Information Commissioner has called on ISPs to apply Phorm's technology on an opt-in basis, something Phorm itself has resisted but Talk Talk has agreed to. Security watchers, most notably Richard Clayton of Cambridge University and the Foundation for Information Policy Research, have questioned the legality of Phorm's approach, particularly in relation to UK data interception law.

Meanwhile internet activists have created a site, BadPhorm, highlighting concerns about the Phorm's behaviour tracking technology, and the company's background as adware firm 121Media.

More on AntiPhormLite can be found here. ®

Update

The app went live on Thursday afternoon. There is no physical address and phone number on the AntiPhorm site, prompting a bit of concern about the provenance of the app in a thread on the BadPhorm forum. One poster complained that it generated multiple tabs in a browser window.

Commentors elsewhere suggest switching to a Phorm-fee ISP is a better approach than applying a as yet-unproven application.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
'Serious flaws in the Vertigan report' says broadband boffin
Report 'fails reality test' , is 'simply wrong' and offers ''convenient' justification for FTTN says Rod Tucker
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
Apple Watch will CONQUER smartwatch world – analysts
After Applelocalypse, other wristputers will get stuck in
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.