Meet the iMarker, Russian targeted ad service which analyze your traffic on ISP side
How it works? ISPs install the iMarker equipment and mirror all user's traffic on it (Russian surveillance system, SORM, works the same way). Software takes time, URL and HTTP Headers from HTTP requests. Then scraper with IP 92.242.35.54 and User-Agent WebIndex follow every visited URL and analyze its content. All this information used to build a profile for user. They says that information is removed right after analysis, and software saves only result of that analysis. Their website lists that they categorize users by search queries, online shopping activity, time of visits, activity on social networks, keywords on visited pages, visited websites, social-demographic info, such as sex, age, marital status, and education level, and then they use that data to distribute users for consumers groups. Every user has some kind of pseudonymous ID with linked profile. It's also has an opt-out option http://www.imrk.net/status How many users affected? They says it's 38 million people all over Russia. Minister of Communication Nikolay Nikiforov said in 2014 there was 62 million people in Russia using Internet, 56m of them do it every day, so it's 61% of Russian Internet users. iMarker's website list Akado, Rostelecom, ER-Telecom, NetByNet, Qwerty, and TTK as ISPs that installed iMarker's equipment. How to check if this affects you? If you are a client of Russian ISP, you can check it here http://imarker.valdikss.org.ru If you own a webserver, grep the logs for connections from 92.242.35.54. How do check script works? It generate a random link and wait for 3 seconds for connection from iMarker's IP address. How long iMarker works? Company start work on January 2010, commercial sells started on August 2011. http://imarker.valdikss.org.ru/ — script that checks if your ISP use iMarker http://www.vedomosti.ru/tech/news/15669231/bolshoj-reklamnyj-brat — report on iMarker from 2013, says they are ready to provide free DPI to ISPs in exchange of user's data (Russian) http://sporaw.livejournal.com/347832.html — blog post quoting private mails from iMarker's crew (Russian) http://www.imrk.net/privacy — TOS (Russian) http://habrahabr.ru/post/247465/ — blog post about iMarker (Russian) http://www.imarker.ru/ — iMarker website (Russian) http://www.imrk.net/status — opt-out page (Russian) http://minsvyaz.ru/ru/news/index.php?id_4=44571 — Nikiforov's statement on number of Russian Internet users (Russian) -- https://nesterov.pw GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4 https://keybase.io/komachi/key.asc
It remembers me about Phorm at UK, BR, some other countries also. There is a firefox addon to detect / scramble / block this kind of redirects URLs, generating random unique IDs to throw garbage on the data the ISP collects. https://www.dephormation.org.uk/?page=2 But seems its not open source. --Virilha ----- Message from Anton Nesterov <komachi@openmailbox.org> --------- Date: Thu, 08 Jan 2015 20:45:13 +0000 From: Anton Nesterov <komachi@openmailbox.org> Subject: Meet the iMarker, Russian targeted ad service which analyze your traffic on ISP side To: cypherpunks@cpunks.org
How it works?
ISPs install the iMarker equipment and mirror all user's traffic on it (Russian surveillance system, SORM, works the same way). Software takes time, URL and HTTP Headers from HTTP requests. Then scraper with IP 92.242.35.54 and User-Agent WebIndex follow every visited URL and analyze its content. All this information used to build a profile for user. They says that information is removed right after analysis, and software saves only result of that analysis. Their website lists that they categorize users by search queries, online shopping activity, time of visits, activity on social networks, keywords on visited pages, visited websites, social-demographic info, such as sex, age, marital status, and education level, and then they use that data to distribute users for consumers groups. Every user has some kind of pseudonymous ID with linked profile.
It's also has an opt-out option http://www.imrk.net/status
How many users affected?
They says it's 38 million people all over Russia. Minister of Communication Nikolay Nikiforov said in 2014 there was 62 million people in Russia using Internet, 56m of them do it every day, so it's 61% of Russian Internet users. iMarker's website list Akado, Rostelecom, ER-Telecom, NetByNet, Qwerty, and TTK as ISPs that installed iMarker's equipment.
How to check if this affects you?
If you are a client of Russian ISP, you can check it here http://imarker.valdikss.org.ru If you own a webserver, grep the logs for connections from 92.242.35.54.
How do check script works?
It generate a random link and wait for 3 seconds for connection from iMarker's IP address.
How long iMarker works?
Company start work on January 2010, commercial sells started on August 2011.
http://imarker.valdikss.org.ru/ — script that checks if your ISP use iMarker http://www.vedomosti.ru/tech/news/15669231/bolshoj-reklamnyj-brat — report on iMarker from 2013, says they are ready to provide free DPI to ISPs in exchange of user's data (Russian) http://sporaw.livejournal.com/347832.html — blog post quoting private mails from iMarker's crew (Russian) http://www.imrk.net/privacy — TOS (Russian) http://habrahabr.ru/post/247465/ — blog post about iMarker (Russian) http://www.imarker.ru/ — iMarker website (Russian) http://www.imrk.net/status — opt-out page (Russian) http://minsvyaz.ru/ru/news/index.php?id_4=44571 — Nikiforov's statement on number of Russian Internet users (Russian)
-- https://nesterov.pw GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4 https://keybase.io/komachi/key.asc
----- End message from Anton Nesterov <komachi@openmailbox.org> -----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I realize that you all have heard of this before, but you seriously need to take a look at bitmessage or pybitmessage. I've noticed that some users (for example in or near China) have had major lag in sending or receiving the messages sometimes, but it's pretty good at avoiding censorship and traffic tracking associated with typical server-oriented models of communication. See: https://bitmessage.org/wiki/Main_Page Works best if the bitmessage application is left running and has eight to ten connections. - ------------------- Я понимаю, что вы все слышали об этом раньше, но вы серьезно должны взглянуть на Bitmessage или pybitmessage. Я заметил, что некоторые пользователи (например, в или вблизи Китая) имели серьезные задержки в отправке или получении сообщения иногда, но это довольно хорошо избегая цензуры и отслеживания трафика, связанного с типичными серверными ориентированных моделей коммуникации. Увидеть: https://bitmessage.org/wiki/Main_Page Virilha:
It remembers me about Phorm at UK, BR, some other countries also.
There is a firefox addon to detect / scramble / block this kind of redirects URLs, generating random unique IDs to throw garbage on the data the ISP collects.
https://www.dephormation.org.uk/?page=2
But seems its not open source.
--Virilha
----- Message from Anton Nesterov <komachi@openmailbox.org> --------- Date: Thu, 08 Jan 2015 20:45:13 +0000 From: Anton Nesterov <komachi@openmailbox.org> Subject: Meet the iMarker, Russian targeted ad service which analyze your traffic on ISP side To: cypherpunks@cpunks.org
How it works?
ISPs install the iMarker equipment and mirror all user's traffic on it (Russian surveillance system, SORM, works the same way). Software takes time, URL and HTTP Headers from HTTP requests. Then scraper with IP 92.242.35.54 and User-Agent WebIndex follow every visited URL and analyze its content. All this information used to build a profile for user. They says that information is removed right after analysis, and software saves only result of that analysis. Their website lists that they categorize users by search queries, online shopping activity, time of visits, activity on social networks, keywords on visited pages, visited websites, social-demographic info, such as sex, age, marital status, and education level, and then they use that data to distribute users for consumers groups. Every user has some kind of pseudonymous ID with linked profile.
It's also has an opt-out option http://www.imrk.net/status
How many users affected?
They says it's 38 million people all over Russia. Minister of Communication Nikolay Nikiforov said in 2014 there was 62 million people in Russia using Internet, 56m of them do it every day, so it's 61% of Russian Internet users. iMarker's website list Akado, Rostelecom, ER-Telecom, NetByNet, Qwerty, and TTK as ISPs that installed iMarker's equipment.
How to check if this affects you?
If you are a client of Russian ISP, you can check it here http://imarker.valdikss.org.ru If you own a webserver, grep the logs for connections from 92.242.35.54.
How do check script works?
It generate a random link and wait for 3 seconds for connection from iMarker's IP address.
How long iMarker works?
Company start work on January 2010, commercial sells started on August 2011.
http://imarker.valdikss.org.ru/ — script that checks if your ISP use iMarker http://www.vedomosti.ru/tech/news/15669231/bolshoj-reklamnyj-brat — report on iMarker from 2013, says they are ready to provide free DPI to ISPs in exchange of user's data (Russian) http://sporaw.livejournal.com/347832.html — blog post quoting private mails from iMarker's crew (Russian) http://www.imrk.net/privacy — TOS (Russian) http://habrahabr.ru/post/247465/ — blog post about iMarker (Russian) http://www.imarker.ru/ — iMarker website (Russian) http://www.imrk.net/status — opt-out page (Russian) http://minsvyaz.ru/ru/news/index.php?id_4=44571 — Nikiforov's statement on number of Russian Internet users (Russian)
-- https://nesterov.pw GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4 https://keybase.io/komachi/key.asc
----- End message from Anton Nesterov <komachi@openmailbox.org> -----
- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJUr7imAAoJEGxwq/inSG8CxgAIAId54GGsbyCxc2XVrmAjR6p9 rvE6JR4O6bKklKoNWNBTJNcNOLArHVKG4bE3ji4aL3ezTyLCRMWULiFBFjA+nW1y 8e/5mrCYJyyMWj+err1l7EnmkL3Eh4i5gNwgt26meBSepHd3Hi8K8N/QGi/Yxx0W E48zgi1XKxeJ5rMSAvI7Jr3reSz3qzAS+r9y9CB7mieC1++d6ld7RZWImrt6EfUZ s3aPlCmQt1VQuSXNBa3I/Y9Y3+SOWvda4MTnRWkByM8rcZfgG51EN+YhEkMl68Nv FH18q8gQSLCHrlfAgHXoCO3mDjK0V+Yrq8Qnf4PK6vc02LHIkopcPpx6iMCGAVE= =jI4m -----END PGP SIGNATURE-----
participants (3)
-
Anton Nesterov -
odinn -
Virilha