Posted: 22nd Apr, 2008 By: MarkJ
Back in March we reported on how one notable security firm, Trend Micro, was already considering adding Phorm to its database of adware (
original news). Today it's emerged that F-Secure, Network Box, Symantec, Sophos and McAfee are all keeping an eye on the situation with a view to potentially doing the same.
Phorm, which works with ISPs (
Virgin Media, BT and Talk Talk) to develop targeted advertising campaigns by monitoring the websites you visit, uses cookies (client side text file created by your browser) to manage the opt-in/out process. The honorary exception being TalkTalk, which manages this on the server side. However, the cookie method is unpopular among security firms:
Stefan Lundstrom, an anti-spyware researcher at F-Secure, said it had been in discussion with Phorm about how its system works. He added that it would take a firm decision when the system goes live.
"Phorm have hinted that most ISP's will choose an opt-out solution based on a cookie," he said. "We have expressed our concern that's not informed consent and most likely will meet our detection criteria."
Symantec, Trend Micro and McAfee said they would monitor Phorm as it gets rolled out to see how the cookie is used in practice and whether users need warning about it.
The
BBC News Online piece notes that Network Box has already decided to block Phorm, largely because of consumer pressure and concerns. Though the group noted that Phorm's situation would be monitored, suggesting that its block is not set in stone.
Meanwhile Sophos claimed that its focus on business services meant that Phorm probably wouldn't be blocked, yet they would add it to a security database, thus giving users a choice. Naturally Phorm is unhappy and argues that its cookie is just like any other, such as those used by Google to track advertising data.