Meet the iMarker, Russian targeted ad service which analyze your traffic on ISP side
cypherpunks at cheiraminhavirilha.com
Fri Jan 9 14:52:13 PST 2015
Can someone using this Russians ISPs being monitored / DPI'd, paste
some traffic logs?
Or install the firefox plugin and say if it detects the redirect URLs
----- Message from Anton Nesterov <komachi at openmailbox.org> ---------
Date: Fri, 09 Jan 2015 11:07:32 +0000
From: Anton Nesterov <komachi at openmailbox.org>
Subject: Re: Meet the iMarker, Russian targeted ad service which
analyze your traffic on ISP side
To: cypherpunks at cpunks.org
> Actually, it seems like *it is* Phorm. They mention yourself as Phorm's
> representatives in Russia here:
> Seems like Phorm bought them at the some stage, and that tweet from
> iMarker founder says they fired him
> https://twitter.com/mberlizev/status/501487701124972544, also some info
> about replaced software inside ISP networks without their knowledge
> https://twitter.com/mberlizev/status/497329705163710464, another posts
> in Mikhail Berzliev's company ADEx FB mention takeover by Phorm
>> It remembers me about Phorm at UK, BR, some other countries also.
>> There is a firefox addon to detect / scramble / block this kind of
>> redirects URLs, generating random unique IDs to throw garbage on the
>> data the ISP collects.
>> But seems its not open source.
>> ----- Message from Anton Nesterov <komachi at openmailbox.org> ---------
>> Date: Thu, 08 Jan 2015 20:45:13 +0000
>> From: Anton Nesterov <komachi at openmailbox.org>
>> Subject: Meet the iMarker, Russian targeted ad service which analyze
>> your traffic on ISP side
>> To: cypherpunks at cpunks.org
>>> How it works?
>>> ISPs install the iMarker equipment and mirror all user's traffic on it
>>> (Russian surveillance system, SORM, works the same way). Software takes
>>> time, URL and HTTP Headers from HTTP requests. Then scraper with IP
>>> 188.8.131.52 and User-Agent WebIndex follow every visited URL and
>>> analyze its content. All this information used to build a profile for
>>> user. They says that information is removed right after analysis, and
>>> software saves only result of that analysis. Their website lists that
>>> they categorize users by search queries, online shopping activity, time
>>> of visits, activity on social networks, keywords on visited pages,
>>> visited websites, social-demographic info, such as sex, age, marital
>>> status, and education level, and then they use that data to distribute
>>> users for consumers groups. Every user has some kind of pseudonymous ID
>>> with linked profile.
>>> It's also has an opt-out option http://www.imrk.net/status
>>> How many users affected?
>>> They says it's 38 million people all over Russia. Minister of
>>> Communication Nikolay Nikiforov said in 2014 there was 62 million people
>>> in Russia using Internet, 56m of them do it every day, so it's 61% of
>>> Russian Internet users. iMarker's website list Akado, Rostelecom,
>>> ER-Telecom, NetByNet, Qwerty, and TTK as ISPs that installed iMarker's
>>> How to check if this affects you?
>>> If you are a client of Russian ISP, you can check it here
>>> http://imarker.valdikss.org.ru If you own a webserver, grep the logs for
>>> connections from 184.108.40.206.
>>> How do check script works?
>>> It generate a random link and wait for 3 seconds for connection from
>>> iMarker's IP address.
>>> How long iMarker works?
>>> Company start work on January 2010, commercial sells started on August
>>> http://imarker.valdikss.org.ru/ — script that checks if your ISP use
>>> http://www.vedomosti.ru/tech/news/15669231/bolshoj-reklamnyj-brat —
>>> report on iMarker from 2013, says they are ready to provide free DPI to
>>> ISPs in exchange of user's data (Russian)
>>> http://sporaw.livejournal.com/347832.html — blog post quoting private
>>> mails from iMarker's crew (Russian)
>>> http://www.imrk.net/privacy — TOS (Russian)
>>> http://habrahabr.ru/post/247465/ — blog post about iMarker (Russian)
>>> http://www.imarker.ru/ — iMarker website (Russian)
>>> http://www.imrk.net/status — opt-out page (Russian)
>>> http://minsvyaz.ru/ru/news/index.php?id_4=44571 — Nikiforov's statement
>>> on number of Russian Internet users (Russian)
>>> GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4
>> ----- End message from Anton Nesterov <komachi at openmailbox.org> -----
> GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4
----- End message from Anton Nesterov <komachi at openmailbox.org> -----
More information about the cypherpunks