URLs, IPs and interception
ken
ukcrypto at chiark.greenend.org.uk
Mon, 03 Mar 2008 11:58:09 +0000
Peter Fairbrother wrote:
> Roland Perry wrote:
>
>>> And they do, else why do they claim to filter out numbers with more
>>> than 3 digits (to prevent credit card umbers being collected), or
>>> anything with an @ in it (to avoid collecting email addresses?
>>
>> I'm not familiar with whatever it is you are quoting from.
>
> http://www.phorm.com/user_privacy/EY_Phorm_Exam.pdf
The document is quite waffly. It looks as if it was written by
someone who has never used this new-fangled Internet-thingy. It
boils down to "Trust me, I've got enough money to pay an
accountant". But the "assurances" and "assertions" are merely
that. No hint of either legal accountability or transparency nor
any discussion of the technical methods used to achieve the
claimed privacy.
It also says that the opt-out mechanism only works "as long as a
user retains the Phorm opt-out cookie" - so they require the
user to allow them to store something on their own computer and
offer it up for inspection in order top prevent them storing. If
you delete the opt-out cookie you are supposed to go back to
their website to opt-out again.
If anyone can think of an ISP can can offer decent speed in to
domestic users in south London and that actually works and that
doesn't have any business connection with BT or NTL/Virgin I'd
be very tempted....