Stealing Phorm's business model (MOD PARENT UP)
Ian G Batten
ukcrypto at chiark.greenend.org.uk
Tue, 8 Apr 2008 08:57:50 +0100 (BST)
On Mon, April 7, 2008 14:36, Paul Barnfather wrote:
> If the GUID is easily available then any website operator has access
> to a very valuable data set: GUID + registration info (which may include
> name, address, email, credit card, etc). This data can (and presumably
> will) be sold on by unscrupulous operators.
>
> Any site operator purchasing this data will be able to instantly
> obtain personally identifiable data on every visitor by simply recording
> the GUID.
>
> Surely this would enable a privacy invasion of spectacular proportions?
>
That has to be the money shot of this discussion. Perhaps Richard can
comment on the practicality of this attack for a well-trafficed but shady
website.
ian