Meet the iMarker, Russian targeted ad service which analyze your traffic on ISP side

Virilha cypherpunks at cheiraminhavirilha.com
Fri Jan 9 14:52:13 PST 2015 

Can someone using this Russians ISPs being monitored / DPI'd, paste  
some traffic logs?

Or install the firefox plugin and say if it detects the redirect URLs  
correctly?

--Virilha

----- Message from Anton Nesterov <komachi at openmailbox.org> ---------
    Date: Fri, 09 Jan 2015 11:07:32 +0000
    From: Anton Nesterov <komachi at openmailbox.org>
Subject: Re: Meet the iMarker, Russian targeted ad service which  
analyze your traffic on ISP side
      To: cypherpunks at cpunks.org


> Actually, it seems like *it is* Phorm. They mention yourself as Phorm's
> representatives in Russia here:
> https://www.facebook.com/imarker.ru/photos/a.340885905946086.85421.332865510081459/905366306164707/
> Seems like Phorm bought them at the some stage, and that tweet from
> iMarker founder says they fired him
> https://twitter.com/mberlizev/status/501487701124972544, also some info
> about replaced software inside ISP networks without their knowledge
> https://twitter.com/mberlizev/status/497329705163710464, another posts
> in Mikhail Berzliev's company ADEx FB mention takeover by Phorm
> https://facebook.com/adex.provider/posts/630807190348314
> https://facebook.com/adex.provider/posts/630182937077406
>
> Virilha:
>> It remembers me about Phorm at UK, BR, some other countries also.
>>
>> There is a firefox addon to detect / scramble / block this kind of
>> redirects URLs, generating random unique IDs to throw garbage on the
>> data the ISP collects.
>>
>> https://www.dephormation.org.uk/?page=2
>>
>> But seems its not open source.
>>
>> --Virilha
>>
>> ----- Message from Anton Nesterov <komachi at openmailbox.org> ---------
>>    Date: Thu, 08 Jan 2015 20:45:13 +0000
>>    From: Anton Nesterov <komachi at openmailbox.org>
>> Subject: Meet the iMarker, Russian targeted ad service which analyze
>> your traffic on ISP side
>>      To: cypherpunks at cpunks.org
>>
>>
>>> How it works?
>>>
>>> ISPs install the iMarker equipment and mirror all user's traffic on it
>>> (Russian surveillance system, SORM, works the same way). Software takes
>>> time, URL and HTTP Headers from HTTP requests. Then scraper with IP
>>> 92.242.35.54 and User-Agent WebIndex follow every visited URL and
>>> analyze its content. All this information used to build a profile for
>>> user. They says that information is removed right after analysis, and
>>> software saves only result of that analysis. Their website lists that
>>> they categorize users by search queries, online shopping activity, time
>>> of visits, activity on social networks, keywords on visited pages,
>>> visited websites, social-demographic info, such as sex, age, marital
>>> status, and education level, and then they use that data to distribute
>>> users for consumers groups. Every user has some kind of pseudonymous ID
>>> with linked profile.
>>>
>>> It's also has an opt-out option http://www.imrk.net/status
>>>
>>>
>>> How many users affected?
>>>
>>> They says it's 38 million people all over Russia. Minister of
>>> Communication Nikolay Nikiforov said in 2014 there was 62 million people
>>> in Russia using Internet, 56m of them do it every day, so it's 61% of
>>> Russian Internet users. iMarker's website list Akado, Rostelecom,
>>> ER-Telecom, NetByNet, Qwerty, and TTK as ISPs that installed iMarker's
>>> equipment.
>>>
>>>
>>> How to check if this affects you?
>>>
>>> If you are a client of Russian ISP, you can check it here
>>> http://imarker.valdikss.org.ru If you own a webserver, grep the logs for
>>> connections from 92.242.35.54.
>>>
>>>
>>> How do check script works?
>>>
>>> It generate a random link and wait for 3 seconds for connection from
>>> iMarker's IP address.
>>>
>>>
>>> How long iMarker works?
>>>
>>> Company start work on January 2010, commercial sells started on August
>>> 2011.
>>>
>>>
>>>
>>> http://imarker.valdikss.org.ru/ — script that checks if your ISP use
>>> iMarker
>>> http://www.vedomosti.ru/tech/news/15669231/bolshoj-reklamnyj-brat>>> report on iMarker from 2013, says they are ready to provide free DPI to
>>> ISPs in exchange of user's data (Russian)
>>> http://sporaw.livejournal.com/347832.html — blog post quoting private
>>> mails from iMarker's crew (Russian)
>>> http://www.imrk.net/privacy — TOS (Russian)
>>> http://habrahabr.ru/post/247465/ — blog post about iMarker (Russian)
>>> http://www.imarker.ru/ — iMarker website (Russian)
>>> http://www.imrk.net/status — opt-out page (Russian)
>>> http://minsvyaz.ru/ru/news/index.php?id_4=44571 — Nikiforov's statement
>>> on number of Russian Internet users (Russian)
>>>
>>> --
>>> https://nesterov.pw
>>> GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4
>>> https://keybase.io/komachi/key.asc
>>
>>
>> ----- End message from Anton Nesterov <komachi at openmailbox.org> -----
>>
>>
>>
>>
>>
>
>
> --
> https://nesterov.pw
> GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4
> https://keybase.io/komachi/key.asc


----- End message from Anton Nesterov <komachi at openmailbox.org> -----

More information about the cypherpunks mailing list