Feeds

Activist coders aim to deafen Phorm with white noise

Faking it for data pimps

Internet Security Threat Report 2014

Updated Coding activists have developed an application designed to confound Phorm's controversial behaviour-tracking software by simulating random web-browsing.

The folks behind AntiPhormLite says this means actual browsing habits are buried in noise. The app, which is available free of charge, is designed to poison the anonymised click stream Phorm collects with meaningless junk, thereby (at least in theory) undermining its business model.

Its developers reckon the chaff AntiPhormLite generates would be indistinguishable from genuine surfing. AntiPhormLite works with any browser a user cares to use and includes customised options so that each installation can be configured differently, making countermeasures Phorm might apply more difficult to develop.

The beta release comes with source code, allowing security experts to verify that it does only what it says on the tin. The app features "natural time delays" and throttling so that computer generated traffic would be difficult to distinguish from the real thing, as explained below:

AntiPhormLite runs independently and silently in the background of your PC. It connects to the web and intelligently simulates natural surfing behavior across thousands of customizable topics. This creates a background noise of false information disguising and inverting your own interests. We believe our technology is indistinguishable from that of a typical user engaging the internet. To support this claim we have introduced a preview mode that works with any of your preferred browsers, and together with a detailed reporting system and a host of custom options each AntiPhormLite will appear unique.

AntiPhormLite is a Windows (Vista and XP) only app. The application does not execute web pages directly inside a browser, minimising the possibility that it might become a conduit for drive-by-download attacks. It ignores bandwidth-heavy images, flash and video files in a bid to make sure that its doesn't eat through a user's bandwidth and thereby slow regular web surfing.

The application needs DirectX 9.0C or later installed. Future versions based on a screen saver are in development.

Phorm has signed deals with BT, Virgin Media and TalkTalk to deliver targeted ads based on a user's surfing habits. Other firms including NebuAd and Front Porch are attempting to exploit the same emerging market. The technology has provoked a huge privacy debate spurring an anonymous group of "artists, programmers and designers" to develop AntiPhormLite. Whether AntiPhormLite works against technology from NebuAd and Front Porch is unclear.

Particularly when left in default mode (the settings most users apply) it may not be too difficult for Phorm to filtering out traffic generated by AntiPhormLite. Phorm's developers, whatever else you might think of them, have shown themselves to be tenacious and technically skilled. Many people would have to use AntiPhormLite to skew results and the biggest disadvantage is that those users would have to consent to using Phorm's behavior tracking software in the first place.

Data pimping fight-back

AntiPhormLite does however represent another front against Phorm, which is under close scrutiny from anti-malware firms, many of which consider its technology to be on the borderline of adware classification.

The UK Information Commissioner has called on ISPs to apply Phorm's technology on an opt-in basis, something Phorm itself has resisted but Talk Talk has agreed to. Security watchers, most notably Richard Clayton of Cambridge University and the Foundation for Information Policy Research, have questioned the legality of Phorm's approach, particularly in relation to UK data interception law.

Meanwhile internet activists have created a site, BadPhorm, highlighting concerns about the Phorm's behaviour tracking technology, and the company's background as adware firm 121Media.

More on AntiPhormLite can be found here. ®

Update

The app went live on Thursday afternoon. There is no physical address and phone number on the AntiPhorm site, prompting a bit of concern about the provenance of the app in a thread on the BadPhorm forum. One poster complained that it generated multiple tabs in a browser window.

Commentors elsewhere suggest switching to a Phorm-fee ISP is a better approach than applying a as yet-unproven application.

Remote control for virtualized desktops

More from The Register

next story
YOU are the threat: True confessions of real-life sysadmins
Who will save the systems from the men and women who save the systems from you?
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Virgin Media struck dumb by NATIONWIDE packet loss balls-up
Turning it off and on again fixes glitch 12 HOURS LATER
Ofcom snatches 700MHz off digital telly, hands it to mobile data providers
Hungry mobe'n'slab-waving Blighty swallows spectrum
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.