In response to your:
> Below is a copy of the java script taken from the UK BT Webwise site
> http://webwise.bt.com/webwise/index.html
> To ths left is the link for turing this on and off the code should be
> there, this copy was taken several days ago.
> What is your view on this ???
> function showBTWebwiseStatus() {
> /*
> if (readCookie(btwwCookieName) != null) {
> res = '<p>BT Webwise is <strong>ON</strong></p>';
> }
> else {
> res = '<p>BT Webwise is <strong>OFF</strong></p>';
> }
> document.write(res);
> showBTWebwiseStatusLink();
> */
> }
<script type="text/javascript">
// showBTWebwiseStatus();
</script>
(/*...*/ is a comment section and "// stuff" is a single line comment)
However, the page has an iframe,
iframe src="http://webwise.net/webwise_status/frame.php"
which is the section on the left with the link to turn on webwise
which sends one to http://[referrer]/webwise/webwise-on.html
(getting http://webwise.net/webwise_status/frame.php with no
referrer shows a link
http:///webwise/webwise-on.html
getting it with a referrer of www.junk.com shows a link
http://www.junk.com/webwise/webwise-on.html
getting it with the original URL as referrer shows
http://webwise.bt.com/webwise/webwise-on.html
getting it with the referrer of http://webwise.net/webwise_status/frame.php
(the frame which has the url) shows
http://webwise.net/webwise/webwise-on.html
That last is what I got, but that is due to my browser/proxy setting (I don't like
being tracked by cookies so I have a proxy which forges the source as the referrer)
but you should get a new page, http://webwise.bt.com/webwise/webwise-on.html
Much of the javascript code is commented out and would, if the ORIGINAL
javascript you showed were invoked to turn it on, it would have simply sent
one to http://webwise.bt.com/webwise/webwise-on.html
res = '<p><a style="font-weight: normal" href="webwise-on.html">Click here to switch BT Webwise ON</a>
document.write(res)
(the commented out function showBTWebwiseStatusLink(){} function)
In any case, one should wind up at http://webwise.bt.com/webwise/webwise-on.html
At http://webwise.bt.com/webwise/webwise-on.html one has a link
to (in the main text) to turn webwise on which loads (in an iframe)
http://webwise.net/webwise_status/setwebwise.php?opt=in
then, a second later
http://a.webwise.net/services/OO?op=in
then redirects the page (not the iframe) back to
http://webwise.bt.com/webwise/index.html
which loads has the iframe
http://webwise.net/webwise_status/frame.php
to show the current (new) status of the setting.
The webwise.net, a.webwise.net opt=in and op=in return empty
(0 length) pages to me and may for bt.com users as well.
They just notify webwise of the option to turn the setting on
and then load the index.html page which loads the webwise status
frame.php which, for me, still says webwise is OFF. Heck, they
can't hijack my (not-BT.com) connection.
It may be that only bt.com customers will get it to work (it may
require a connection going through their system
You don't need to download anything to use BT Webwise
it works in BT's network, so you only need to keep BT Webwise on.
BT Webwise works in BT's network, ...
The http://webwise.bt.com/webwise/help.html page states that
BT Webwise uses cookies stored on your computer to capture your preference.
These cookies are linked to individual computers, user accounts and
browsers. This allows users to choose whether to turn BT Webwise on or off
on their individual computer, user account or browser. This means that
turning BT Webwise on or off on one computer, user account or browser will
not automatically turn it on or off on any others.
so that other users on the same broadband connection are not locked into one
setting but I wonder if that is true for NAT'ted connections (one IP address -
once one is off the local network, all the systems behind the NAT interface
appear to be one).
There have been some news stories of some ISPs apparently hijacking TCP
connections to port 80 (routing them to their own system which proxies the data
from the desired site but modifying it in transit back to the customer so they
can replace google ads, microsoft ads, etc. with their own). They might just
hijack connections to google (to change the ad which would then appear to be
from google but not be) or the connection for the original page and replace the
URL for the ad with another. It does give them the chance to add information to
the pages (warnings about sites) (unless they don't hijack but simply monitor
and one has to keep another window open to bt.com which pops up windows with
the warnings and other ads but that would not give them the ability to replace
ads).
Bt.com only replaces generic material on participating sites:
BT Webwise also replaces generic adverts you see on participating websites
with adverts more relevant to your interests, based on the web sites you
visit and the things for which you search.
Other software, if run on the same computer, can monitor connections locally
but BT says theirs runs totally on their network without software on the
client machine. They might for example, just add a tiny bit of Javascript
at the top of a page from a malicious site to pop up a warning window.
It may be a service to protect their users (and may be quite effective) but they
are not doing it for that reason. They will make money on the targetted ads.
They claim they won't keep personally identifiable data (and had best not as
US laws are quite lax, but other laws are more stringent in protecting users).
Many users are not very computer literate. Even the knowledgeable ones can
get caught. BT.com's "protection" will not be perfect. Their "How it Works"
page gives no technical information on how the service actually works.
What do I think of it? It will protect some users (much as using google to
reach a site by searching for its URL and relying on their warnings instead
of those from BT.com) but ... who designed it? It seems bt.com is taking
credit and responsibility for its design and operation and yet at
webwise.net, webwise.com ...
Webwise is provided by major Internet Service Providers in response to
consumers growing concerns and frustrations with the Internet.
and webwise.net, webwise.com seem to US based (with its lax privacy laws).
> The opt-out server is in China.
> I'm sure they'll treat any anonymous data with the respect it
> deserves.
> %dig oix.com
Registrant:
Phorm, Inc
264 W 40th Street 16th Floor
New York, New York 10018
United States
Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: WEBWISE.COM
Created on: 05-Sep-95
Expires on: 31-Dec-09
Last Updated on: 12-Feb-08
Administrative Contact:
Cote, Chris chris.c...@phorm.com
Phorm, Inc
264 W 40th Street 16th Floor
New York, New York 10018
United States
2123592030 Fax -- 2129380131
Domain servers in listed order:
NS1.PHORM.COM
NS2.PHORM.COM
Registrant:
Phorm, Inc
264 W 40th Street 16th Floor
New York, New York 10018
United States
Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: WEBWISE.NET
Created on: 30-Dec-02
Expires on: 30-Dec-09
Last Updated on: 20-Feb-08
Administrative Contact:
Cote, Chris chris.c...@phorm.com
Phorm, Inc
264 W 40th Street 16th Floor
New York, New York 10018
United States
2123592030 Fax --
Domain servers in listed order:
NS1.WEBWISE.NET
NS2.WEBWISE.NET
Registrant:
Phorm, Inc.
264 W. 40th St., 16th Floor
New York, New York 10018
United States
Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: PHORM.COM
Created on: 29-Apr-00
Expires on: 29-Apr-09
Last Updated on:
Administrative Contact:
Cote, Chris chris.c...@phorm.com
Phorm, Inc.
264 W. 40th St., 16th Floor
New York, New York 10018
United States
2123592030 Fax --
Domain servers in listed order:
NS1.PHORM.COM
NS2.PHORM.COM
Registrant:
Phorm, Inc.
264 W 40th Street 16th Floor
New York, New York 10018
United States
Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: OIX.COM
Created on: 28-Jul-95
Expires on: 27-Jul-11
Last Updated on: 29-Feb-08
Administrative Contact:
Cote, Chris chris.c...@phorm.com
Phorm, Inc.
264 W 40th Street 16th Floor
New York, New York 10018
United States
2123592030 Fax --
Domain servers in listed order:
NS1.OIX.NET
NS2.OIX.NET
Registrant:
Phorm, Inc.
264 W. 40th Street, 16th Floor
New York, New York 10018
United States
Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: OIX.NET
Created on: 22-Feb-01
Expires on: 22-Feb-10
Last Updated on: 07-Dec-07
Administrative Contact:
Cote, Chris chris.c...@phorm.com
Phorm, Inc.
264 W. 40th Street, 16th Floor
New York, New York 10018
United States
2123592030 Fax --
Domain servers in listed order:
NS1.OIX.NET
NS2.OIX.NET
> %dig oix.com
> ; <<>> DiG 9.3.4-P1 <<>> oix.com
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59612
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUESTION SECTION:
> ;oix.com. IN A
> ;; ANSWER SECTION:
> oix.com. 172633 IN A
...
|
