On 13 Mar 2008 at 15:02, Harold Fuchs wrote:
> On 13/03/2008 11:37, mike scott wrote:
> > Looking at the effect phorm's systems(*) will have on privacy of
> > documents, it appears windows users may have a potential problem
> > where linux users don't.
Just to clarify there - I meant 'users of OOo' specifically, not
'users' in general. Sorry if that misled anyone.
> >
> > If OOo is used to open a document via http, it appears the windows
> > version (2.3.1/xp) sends a Mozilla user agent header. The linux
> > version (2.3/ubuntu) doesn't seem to send any user agent information.
....
> 1) Where on Phorm's web site does it talk about checking the user agent?
> I scanned its privacy policies and didn't see any mention of it. Of
> course, I may need new spectacles ...
I doubt you need new specs :-) It's been said by phorm's rep in an
interview somewhere, I think. Can't remember where offhand. (And this
wonderful XP won't start a browser at present, so I can't check my
bookmarks :-{ )
>
> 2) Why does the privacy of a document, or the lack of it, depend on the
> user agent? Or on whether or not Phorm checks the user agent?
Because phorm promise to have a whitelist of UAs that they check,
thereby ignoring private documents which they assert give a different
UA. Except it doesn't work quite that way in practice.
>
> 3) Why should Windows users be more affected than Linux users? I may
> have the wrong end of some stick but you seem to be suggesting that
> Phorm will somehow respect a document's privacy if and only if the user
> agent is other than IE. Browsers, including IE, let you block cookies by
> domain; the Phorm web sites says OIX uses cookies. Ergo ..
It's the user agent thing. Using OOo to open a document from the web
(ie type "http://.........."; in the file open dialogue) does one of
two things: on XP it gives a UA of Mozilla; on ubuntu, it gives /no/
UA header. One would expect phorm to scan the document if opened from
XP as it's not distinguishable from a browsed page, /possibly/ not
when requested from ubuntu, but no-one's sure.
The scanning isn't a cookie issue - as far as anyone can tell from
the information supplied by phorm, your pages may be scanned
depending on UA; the cookie determines solely whether you get the
targetted ads or not. Hence the storm raging at present about privacy
invasion.
>
> 4) Phorm says you can opt out via something called Webwise. I went to
> its web site: "not available in your area". Huh?
Yeh. People were using the BT webwise site to test anti-phorm code
for firefox. They think BT got wise - the arms race seems to have
started. Webwise /is/ phorm btw. The system corrupts the http data
stream, forcing a retry by the browser, and inserts its own cookies.
Totally illegal afaict, on multiple grounds.
Does that make sense?
Must reboot to get a web browser back......... and they call this an
OS -- non-operating system, more like! :-}
--
http://www.scottsonline.org.uk lists incoming sites blocked because
of spam
[EMAIL PROTECTED] Mike Scott, Harlow, Essex, England
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
