18 Jul



In part one of this Phorm series we covered the technology behind the Phorm implementation in the U.K. which could in turn be applied here in the United States if we become complacent about our privacy. This is part two, covering more general FAQ’s about Phorm and why we need to be concerned.

The Facts about Phorm & Co. from

The purpose of this page is to set out the facts around this deal, without spin, marketing drivel or any other kind of distraction. Just facts, so you can make up your own mind. This page has been updated to reflect new information received since it was originally written.

Who is Phorm anyway?
Phorm is an Internet marketing company. They make money by selling advertising on web pages to various companies through their brokerage which they call the Open Internet Exchange (OIX). You can find out more about Phorm and the OIX from their website ( but beware of the marketing-speak!

What’s so different about that, google has been doing it for years!
Google’s advertising relies solely on Google’s own database to ‘target’ it’s adverts. It does this based on the content of the page you’re viewing, and doesn’t use any kind of browsing history unless you specifically opt-in (by creating a Google account). Phorm on the other hand targets it’s advertising based solely on your browsing history, which it collects direct from your ISP. You can opt-out of Phorm’s tracking by allowing a cookie to be set on your PC.

So you’re saying I’m automatically opted in?
Yes. If your ISP is Virgin Media, BT or Talk Talk, your browsing details WILL be sent to Phorm by default, you will require to disable the Phorm system by opting out on every browser that uses your network connection. There is no way to ‘globally opt out’ of the Phorm system.

So what do they actually see?
Phorm doesn’t just see the URL of every page you visit, they see the entire content of every single web page (with the exception of encrypted pages). That means they can read your mail if you use most types of web-mail, view all the posts you make or read on web forums, obtain the content of most web-forms you complete, in fact just about anything you do on the web that is not encrypted can be hoovered up by Phorm. Phorm claim they do not store this information for more than 14 days.

What do they store?
According to their website, Phorm store an aggregate history of your browsing, not a detailed history of each page you visit. Even so, such a history would reveal considerable detail about your browsing and potentially about your personal life.

Can this history be tied to my identity?
Phorm claim they do not store any personally identifiable information (including IP addresses) or interface with any ISP systems that would allow them to identify you, however they assign each user a unique ‘tracking ID’ which relates directly to their browsing profile. If someone connected the ID to any piece of personally identifying information your browsing history would no longer be anonymous.

I heard Phorm was associated with a rootkit, is that true?
Phorm is not, however their predecessor company (121 Media) was. This has been confirmed by Phorm’s current CEO, who was also involved with 121 Media.

More info can be obtained hereat BadPhorm.

Alexander Hanff, of NoDPI was recently interviewed on Steve Gibson’s Security Now Podcast, Episode #153 which made for an interesting listen and can be found here.

Hanff-“Yeah. Of course the ISPs involved were claiming that they’ve had legal advice, and they’re perfectly happy with the legal situation. They believe it’s legal. But a number of technical experts, a number of legal experts, peers in the House of Lords, people at the European Commission, MPs in our own government, all believe that this technology is currently, and certainly was during the covert trials, illegal without the informed, and it has to be the expressed informed, consent of the individuals involved. So it isn’t a case of they can bury the terms in some end-user license agreement or the terms and conditions. These must be explicit informed consent because it’s dealing with communications and issues around privacy.”

In the near future it may become important to pressure ISP’s to reject deep packet inspection systems like Phorm. Without ironclad assurances from U.S. ISP’s that can gaurentee privacy, security, legal, copyright, and technical concerns we will likely have to act to protect the integrity of the public communication systems carrying private citizens information. How we do that, time will only tell.


Posted by on July 18, 2008 in Computing, Public Service


Tags: , ,


  1. serial

    July 19, 2008 at 4:53 PM

    Thanks for helping spread the word about this insidious new technology.

  2. Christopher

    July 19, 2008 at 9:44 PM

    It’s all we can do at this point!

  3. mxsive

    July 21, 2008 at 2:00 PM

    One of the scary points is that Phorm is the saying they don’t keep the personal info… They confirm they are not distributing rootkits… It troubles me, I hate conspiracies but I really don’t like the idea of yet another “big brother” watching and TRACKING my every move on the internet.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: