New Govt petition / British Telecom spying

BillScarab

Hmm, I know the hosts file won't stop this but everything I've read suggests Tor will as it creates an encrypted tunnel between your PC and whatever site you are going to. So from the ISP's point of view they will just see encrypted packets being sent to Tor and won't know what the final destination is.

EDIT: As I have little faith in the government petitions I've also contacted Watchdog about this as a bit of prime time bad publicity may help. If anyone else wants to you can contact them form this page

BritBrat

Hmm, I know the hosts file won't stop this but everything I've read suggests Tor will as it creates an encrypted tunnel between your PC and whatever site you are going to. So from the ISP's point of view they will just see encrypted packets being sent to Tor and won't know what the final destination is.

If more and more people start doing that the security services will have an headache because I bet they look for encrypted data and think why is that encrypted? must be a terrorist.

Then they will not be able to find the real bad people amongst all the good ones using encryption.

djheath

To put it simply:

The service doesn't keep a log of anything. When you complete a search on say google, you get ads shown in the results. This system will basically look at the search term you have used, or the website you are on, and display relavent ads to what you are looking at.
It does this by using a cookie on your pc, just like thousands of other website do already.
The system also checks to make sure you are looking at legit sites and not fake ones trying to steal your identity.

You can opt out of the system at any time by going to this site:
http://webwise.bt.com/webwise/index.html
You will see on the left hand side the system saying it is switched on or Off. Switching it off will mean no information is used.

I would read the Help section and the other sections on the website. It clears a lot up.


I personally cant see how different this is to using a tesco clubcard, siging up for email mailing lists on websites etc etc. You can opt in or out quite easily and it seems media hype is stirring up a lot of missinformation. I can understand that it hasn't been widely publicised which definately has fueled a "they are spying on us without us knowing" attitude, but if you look into it, its not that much different to other marketing techniques.

Extract from the FAQ:
"Do you collect any information that can identify me by name, address or any other personally-identifying information?

No. All users are assigned a random user identifier (cookie) to preserve anonymity but keep the ability to be served relevant ads. BT Webwise does not collect personal information, cannot use it to serve ads and does not attempt to identify you in any way."

BillScarab

In this system the only cookie is one that identifeis your machine. Phorm will find out what websites you are looking at by your ISP forwarding the details of all of the requests made by your browser. At the moment no-one has answered the question at whoch point does the opt-out take place. Does it take place before your ISP sends the data or when the data has been sent to Phorm and they just don't act on it but still have a record of what you have been doing?

If this is all so sweet and innocent why are the ISP's in question not publicising it more? Also why isn't it set up so you have to opt IN rather than opt OUT?

DatabaseError

billscarab, sensible questions, would be nice to know the answers. another liberty getting sold to the highest bidder, and many will lie back and take it without considering that once the door is open, more privacy may follow.
needs stopping in its tracks (my isp has stated no interest, so doesn't affect me, but i'm concerned for the millions that it will affect.)
djheath, no matter what they say, data is being collected about you! the cookie and data they collect traces back to your ip address (otherwise ads couldnt be served), which, in turn, can be easily traced to you! if you have any concern about privacy you should be against this, if you think that everything big business does is for your own good, then embrace it.

albertross_2

Google/doubleclick's tracking can be thwarted by deleting cookies, and changing IP. This is very different.

As AOL found out when their customers search records leaked, you can identify a person from search records alone. This and much more is being given to a 3rd party by the ISP as you surf, along with a unique identifier, it is not the same as being given a tracking cookie, but just to ram it home, they give you one anyway, and you need to keep it there if you don't want targeted ads (but it doesn't stop the tracking).

Who wants ads anyway, targeted or otherwise, they just slow the surfing experience down, and use more electricity (video ads).

djheath

tonyhague wrote: »

djheath, no matter what they say, data is being collected about you! the cookie and data they collect traces back to your ip address (otherwise ads couldnt be served), which, in turn, can be easily traced to you! if you have any concern about privacy you should be against this, if you think that everything big business does is for your own good, then embrace it.

I realise what you are saying but if you read the FAQ on the link I posted it explicitly says your IP address is not stored. Also an IP address is used and stored by pretty much every website you visit, identifying you as the one that visited it. MSE will have a log full of your IP addresses for example.

I can understand the concerns, and personally will be having the system switched off, as I really just dont want adds, much in the same way I am ex directory and the way I tick boxes on surveys saying "no contact please". Its not a matter of privacy, i have nothing to hide with my surfing habits, its a matter of I dont want spammy ads all over the page.

If however, this webwise thing goes against what they say they will do and they sell your data regardless of you opting out, then thats another thing all together, but it doesn't say anywhere that they will do that.

DatabaseError

i guess we'll have to agree to disagree, heath. your isp stores your ip (mine is static, so even easier), 99.9% of webstes i visit are 'safe', but some (security related) sites aren't remotely, and i accept that very site i visit knows my ip (or the one i'm showing), the amin at MSE can find out exactly when i logged on, and off the site, they can't find the rest of by browsing history. my isp does have a full record, but as i am under contract with them they have a duty to keep that data secure and respect my privacy, i honestly wouldn't trust a 3rd party, especially an american business, to keep the data harvesting to the level they suggest, i'm not a member of the 'tinfoil hat' brigade, but it would be a very (very) small step to collect a bit more data in the interests of national Security, and another civil liberty is eroded away under the guise of keeping me 'safe'.

BillScarab

tonyhague wrote: »

i guess we'll have to agree to disagree, heath. your isp stores your ip (mine is static, so even easier), 99.9% of webstes i visit are 'safe', but some (security related) sites aren't remotely, and i accept that very site i visit knows my ip (or the one i'm showing), the amin at MSE can find out exactly when i logged on, and off the site, they can't find the rest of by browsing history. my isp does have a full record, but as i am under contract with them they have a duty to keep that data secure and respect my privacy, i honestly wouldn't trust a 3rd party, especially an american business, to keep the data harvesting to the level they suggest, i'm not a member of the 'tinfoil hat' brigade, but it would be a very (very) small step to collect a bit more data in the interests of national Security, and another civil liberty is eroded away under the guise of keeping me 'safe'.

Exactly, especially when the founder of that 3rd party company used to distribute what he called adware and what the security companies called spyware. The other point is do you trust every employee of Phorm to be honest? The less places my data is stored and the less people who have a chance to access it the better as far as I am concerned.

One of my concens about this is that there is no tangible benefit to me. If I have a Tesco clubcard Tesco can track my shopping habits and send me targetted ads but I also get discount vouchers and points I can spend that are of benefit to me. With this scheme my habits are tracked and I get targetted ads but I don't see any benefit to me. Now if the ISP's start offering serious discounts to people who sign up at least then I would get some benefit if I decided to sign up.

djheath

tonyhague wrote: »

i guess we'll have to agree to disagree, heath. your isp stores your ip (mine is static, so even easier), 99.9% of webstes i visit are 'safe', but some (security related) sites aren't remotely, and i accept that very site i visit knows my ip (or the one i'm showing), the amin at MSE can find out exactly when i logged on, and off the site, they can't find the rest of by browsing history. my isp does have a full record, but as i am under contract with them they have a duty to keep that data secure and respect my privacy, i honestly wouldn't trust a 3rd party, especially an american business, to keep the data harvesting to the level they suggest, i'm not a member of the 'tinfoil hat' brigade, but it would be a very (very) small step to collect a bit more data in the interests of national Security, and another civil liberty is eroded away under the guise of keeping me 'safe'.

To be honest I do agree. :DWhat you say is correct. I would rather they didn't do this than they actually do it.

The point I am trying to make I think is that if BT say something which says your information is not going to be tracked then that should be the outcome so there isn't anything to worry about. Maybe I am too trusting.