Digiweb using a Webwise / Phorm type system

U

Username99

Registered User
Messages
11
I feel it's both interesting and very important for Digiweb customers to read the following post:

After having numerous problems with my Digiweb broadband connection, very odd traceroutes and strange cookies and asking the right question,

Digiweb wrote to me: With regard to your query: ' Does Digiweb use any Deep Packet Inspection, traffic management or monitoring systems on services provided under account number **REDACTED**' Please be advised, not specifically customer by customer, but there is this capability for the overall operation.'

Straight from the horses mouth. I read that to mean network wide and I have evidence to demonstrate that it has been active for some time now. Digiweb customers should have a close look. I looked, I'm horrified.
 
Last edited:
I think he's trying to say that Digiweb monitor his internet activity. All isp's monitor internet traffic. I'd be more shocked if they didn't.
 
Phorm is a system used to genearate targeted marketing for web users, allegedly being trialled by BT in the UK. It's not gone down well with privacy advocates.
 
Sorry ClubMan,

In a nutshell, Digiweb use a system much like Phorm or Webwise.

http://www.theregister.co.uk/2008/02/29/phorm_roundup/

If you use a Digiweb connection for any sensitive information, legal or medical work you should stop. The technology fakes cookies, intercepts your traffic and changes it and is a major, major breach of privacy.

Some say that it is not as legal as it should be. The E.U. are investivaging a similar system in the U.K. and have objected strongly to it's use.

I accept that you might need to be a geek to really understand what's going on and I suspect that you have more interesting ways to spend your time. Some geek might read the post and investigate this further.

I tried and failed to put line breaks and spaces into my original post but couldn't, if a Mod could it would be great.

The use of such a system has privacy implications but sadly not enough people value their privacy. I do though and I'm very unhappy with it.

The most interesting thing is the written admission from Digiweb that they use the system at all, a lot of people have suggested that it is illegal to use such a system without informing customers first,

M
 
To be clear,

All ISPs are required by law to log all Internet activity and I expect and understand this. The system Digiweb use changes a web page rather than simply monitoring activity. This has many serious privacy implications when done without consent.

I am all for lawful intercept systems and I strongly endorse their use but this is not a lawful intercept system.
 
Username99 said:
To be clear,

All ISPs are required by law to log all Internet activity and I expect and understand this. The system Digiweb use changes a web page rather than simply monitoring activity. This has many serious privacy implications when done without consent.

I am all for lawful intercept systems and I strongly endorse their use but this is not a lawful intercept system.
Click to expand...

Apologies I thought you were referring to ISP's monitoring torrent or p2p traffic.
I can't believe any ISP would implement this. If my own provider did I would switch straight away!
 
That's why I was shocked to get it in writing from a Digiweb customer service rep.

I have a technical background and I was surprised to see cookies landing on my system from web servers that don't use cookies (one of my web servers). I was in a position to use Ethernet analysis tools and different Internet connections to investigate what was going on.

Digiweb was rewriting my web pages on the fly, but not doing it correctly. That breaches my copyright for one thing.

This thread is relevant: http://www.askaboutmoney.com/showthread.php?t=41209

I was amazed to see what I saw so I asked them if they used such a system, they wrote that they had such a system.

My trace routes are still dodgy and they were messing with cookies up to a few days ago, I haven't checked today.


I haven't heard anyone say that this is legal or above board
 
I don't think you know what deep packet inspection is , and suggest you do a little reading before making strange claims like the ones above...
 
Deep packet inspection technology is one normally used in legal intercept systems and traffic shaping systems such as those manufactured by Verint and Nortel.

I am very familiar with them thanks.

It isn't the DPI that bothers me, it's the content manipulation. I accept that this is a niche topic and I am trying not to swamp readers with detail. That's why I provided links, read as much as you find interesting.

I did point out that I can document this and have evidence of content manipulation.
 
I'm a bit confused.

Digiweb say they may use deep packet inspection. They don't say that they are using phorm , yet you jump to the conclusion that they are?

Packet inspection is not the same thing as content manipulation

How did you manage to reach that conclusion?
 
I am writing that Digiweb use content manipulation technologies and DPI is the technology that allows them to do this. I have heard no one say that content manipulation without prior consent is legal.

If anyone working for Digiweb (and says so), can clarify this, it would be great.





More detail:

If you're interested, I can post a few traceroutes and show you Wireshark dumps of cookies being served from servers that don't serve cookies. That sounds odd; the server doesn't serve a cookie but one gets delivered to the client. I suggest that the 'man in the middle' content manipulation system is serving this cookie. I can show you websites incorrectly reporting the subscriber IP address. I suggest that the IP adress being reported is that of 'the man in the middle'.

D.P.I. is the underlying technology in a suite of systems. Lawful intercept was the pioneer of DPI systems. A DPI system is able to not just look at the raw TCP/IP traffic but is able to go deeper, it analyses the packet for content. Specifically it analyses the packet regardless of port in use or TCP header and can determine that you're running HTTP, SIP, P2P stuff or whatever, based on an analysis of the real packet content. Better ones will crack a VPN while the more available ones will just give you an audio feed of SIP calls as well as a breakdown on protocols etc.

If anyone would like to go into more detail or correct my detail, I'm always keen to learn.
 
Username99 said:
Do you work for Digiweb?

How do you know that they are not?
Click to expand...

No , but I spent 8 years working at tier 3 tech for an isp , so I know how these things work...

my only connection to digiweb is as a happy customer of their hosting service....
 
I'm delighted to read that you're another happy customer of Digiweb, I hope your relationship is fruitful and long lasting.

I don't see how being a hosting customer can put you in a position of knowledge of their Internet access side of business, perhaps you could elaborate.

Edit: Unless you were recently an employee of Digiweb, were you?
 
Last edited:
JHegarty, I was trying to determine how you are so confident in this matter. If you were recently a Digiweb employee I could understand your confidence.

What you write here doesn't have to be good enough for me, if you're happy with it it's good enough.

Perhaps you could elaborate on the source of your confidence.
 
You must log in or register to reply here.
Back
Top