While having my broadband provided by Virgin Media I started to recieve various adds [..]. They appear in my open window bar at the bottom of the screen.

Sounds like adware to me: You want to follow the advice, and or discuss it further on a specialist site:

http://www.stopbadware.org/home/badware_remove

Thanks for the quick reply.

More info please?

While having my broadband provided by Virgin Media I started to recieve various adds for Insurance, Ugg boots, iPhones, shirts from T.M Lewins etc. They appear in my open window bar at the bottom of the screen. When I click to close them they open the tab into full screen mode and then I can close them. I’ve since left Vigrin and have a BT line through Sky. According to Wikepedia both Virgin and Bt have trailed phorm but offer no way of stopping this from happening.

Is what I describe the phorm advertising that appears on my screen? I run Windows Defender and Stopzilla to stop pop ups but still get the ads. I’m now unsure wether I have phorm or another problem….any ideas please?

Can I and how can I stop this phorm rubbish popping up all the time?

Avoid going to Korea… at the present time (Autumn 2009) Phorm’s system is not going to be deployed in the UK. They’ve been testing it with a Korean ISP — but don’t expect to see it in the UK any time soon, if at all.

Stumbled across you postings here and I have a some question.

In plain English, Can I and how can I stop this phorm rubbish popping up all the time? I’ve read your postings and for the average simpleton like myself have no idea what you are talking about. Sorry for being so dense.

I don’t know whether opting out is honoured, I expect that it would be illegal to continue to monitor someone when they have explicitely opted out - perhaps someone can indicate whether phorm does actually stop?

Perhaps some people might be willing to go ahead, if phorm offered an incentive like for example a share of the profits, since this system is designed to generate reveneue, and in many cases is actually costing the subscriber money by furthur depleting the available volume of data available to capped users. Such money should in my opinion be provided on the basis of the volume of data/cookies injected into a particular “victims” IP address - To cover the cost, the advertisers should then pay not just the normal fees, but to compensate the persons subjected to their advertising.

I’m kind of curious - since most adverts these days appear in the form of an image or an animated/streamed video with various formats, filtering on URL’s is one method of preventing advertising, since most embeded adverts are pulled from another location, but has anyone given any thought to how to block adverts that are embeded from the same URL as the URL requested? If it is possible to “invisibly” inject cookies, code and other things into a HTML site, what is to stop the ISP/phorm from simply reformating the Web Page on the fly to embed the adverts directly to hide their origin?

The use of monitoring browsing habits remotely could in principle make old methods using cookies redundant, so many of the traditional counter-measures would be redundant.

The only way to counter selective advertising would be to automate random browsing, or design software filters to identify objects containing adverts, for example the image or video and to eliminate these or to opt out where this is possible

I also think ISP should be compelled by law to provide a mechanism to opt in and out and to assume by law that a subscriber does not give consent unless they explicitly opt in - i.e. the default is disabled.

Webwise.net is also used to ask if you want to opt-in or “opt-out”.

So if you block webwise.net in the hosts file, when you attempt to visit any website your browser will try to open 127.0.0.1, and report an error.

See Richard Clayton’s account of how phorm works- The phorm webwise system

I’m no artist (far from it in fact), but I’ve previously had a stab at drawing a diagram in an attempt to show how webwise works -
Phorm Webwise Diagram if it is of any help.

I’m also not convinced that using public proxies as a work around is a good idea. There’s no guarantee the proxy/exit node isn’t using Phorm. In fact one of the forum posts that appeared to have been corrupted with javascript as a result of the early sysip.net tests had “I.PUBLICPROXY” as the ISP variable.

(my appologies for the O/T post.)

Phorm are in the ad-serving business, and mapping domains in this way blocks adverts, so it’s not surprising that they would not recommend it.

a) your countermeasure using 127.0.0.1 is not recommended by Phorm, will slow down your browsing and BT claim (probably wrongly) will prevent you browsing at all. It’s also rather Windows specific

b) your other countermeasures will be more effective, but have little to do with the topic of this article.

1)

Edit your ‘Hosts’ file…

Start –> Run –> Type:

notepad “c:\windows\system32\drivers\etc\hosts”

Add the following line to the bottom of the file:

127.0.0.1 oix.net
127.0.0.1 oix.com
127.0.0.1 phorm.com
127.0.0.1 webwise.net
127.0.0.1 webwise.com
127.0.0.1 sysip.net
127.0.0.1 qkilbdr.net
127.0.0.1 121media.com
127.0.0.1 openinternetalliance.com
127.0.0.1 openinternetalliance.net
127.0.0.1 youcanoptin.com
127.0.0.1 youcanoptin.net
127.0.0.1 youcanoptout.com
127.0.0.1 youcanoptout.net

File –> Save

File –> Exit

(You may, at first, have go into the file’s temporary and untick the ‘Read-only’ box).

(HEY MOD! Have I got the first bit right, this time)?

2)

Visit http://www.dephormation.org.uk/ and Download the Dephormation v1.6 Firefox Add On.

“The Dephormation Add On ensures that your decision to permanently opt out of Phorm profiling cannot be undone in Firefox.

Optionally, the Add On can also alert you to sites using Phorm/ Webwise/ OIX profile based advertising.

With each page you view in your browser, a Phorm ‘opt out’ cookie is set automatically, and the Phorm UID cookie is randomised. Even if you delete all your cookies regularly”.

3)

Visit http://www.torproject.org/ and install TorBrowser, a Windows Browser Bundle (Containing Tor, Torbutton, Polipo, and Firefox).

Looking at the technical description, the Phorm system could easily block me from browsing any web sites. At step 15, my firewall (or content filter such as SurfControl) may not allow access to webwise.net. If my firewall blocks webwise.net then the redirected request will never happen and my attempt to visit http://www.cnn.com will fail. I can only get to desired web sites by changing my firewall to also allow access to webwise.net.

There are many organisations that implement a whitelist to limit sites that can be browsed at work. Vendors (such as SurfControl) supply dynamic blacklists and whitelists of sites. What is the incentive to include webwise.net in any whitelist?

Unless I add webwise.net to the whielist in my firewall my access to the Internet is blocked. Transparent - no. Friendly - no. Trivial change to T&C - no.