I’m not an alarmist, normally. But listening to Steve Gibson’s “Security Now Episode 149 - ISP Betrayal”  - describing a really disturbing new trend in ISP privacy violations - makes me think we are headed for a drive off a big cliff, privacy-wise, if we don’t take notice and act soon.

Full episode transcript - http://www.grc.com/sn/SN-149.htm

According to Steve, there are a number of companies offering to put equipment in ISP facilities - for free - to profile “all unencrypted content”, even to the point of tracking when dynamic IP addresses of clients change, so that they can “better target ads in their network” and share the profits with the ISPs. They even try to spin the marketing copy to imply that their anonymization technology actually “improves” customer privacy.

The following ad networks are actively marketing to ISPs, but most are still early in their life-cycles:

- www.nebuad.com
- www.adzilla.com
- www.frontporch.com
- www.phorm.com

Here’s a quick quote from Steve G. about the past life of “Phorm Inc.” - one of these ad companies, from the podcast:

“These people, though, are not good people. They used to be called 121Media.”… “They did something called “PeopleOnPages” and also did something called “Apropos.” Apropos was one of the worst adware that used rootkit technology. It installed itself into randomly named directories. And then it installed a kernel-level driver to hook the API Windows to - and it used, it was a kernel rootkit that was in there hiding, inventorying people’s machines and monitoring everything that they did. These are the people that bring us now this Phorm system. And in two weeks I’m going to talk about the technology that these guys have come up with. It’s just unbelievably invasive.”

Apparently, most of the top ISPs in the UK are already using this stuff, and Charter Communications (in the US) has been the target of a little “congressional attention” in the past few weeks, forcing it to delay its implementation of the Nebuad technology. So, they are actively marketing to North American ISPs now.

The bottom line is that I think this stuff will happen eventually in a free market, but that they should be forced to make it “opt-in for a discount on your service”. So, if you like getting better targeted ads, then it makes sense to save some money on your internet service. But when ISPs are trying to make a buck by allowing third parties to spy on customers with an “it’s better for you” spin, they should get slapped. This could be just the tip of the iceberg, if you think of the kinds of things ISPs could start doing, such as “walled gardens” limiting where and how their clients can surf, and modifying content as it flows between web servers and client browsers…

As mentioned in the podcast, Steve will be describing - in technical detail - his understanding of how the Phorm system works in his upcoming Episode 151. I encourage everyone to check it out. Just search for Steve Gibson or SecurityNow on the podcatchers, or go to the http://www.grc.com/securitynow website to download the audio or transcripts.

Any comments? Am I being alarmist?