Join Date: 10 Dec 2004
Some networks reveal phone number to browsed websites - 25-01-2012, 14:59
There has been a bit of furore in the UK very recently, when it was discovered that O2 UK and mvno brands on it, such as giffgaff and Tesco, have been including the phone number in headers sent to websites visited using the mobile browser via the mobile network (not via wi-fi)
Browsers using proxies, such as Blackberry and Opera Mini, don't do this.
It seems that O2 has switched this off in the last couple of hours, though it's not clear yet whether that is for absolutely all users, or in batches.
It came to light yesterday, discovered by a system admin for a gaming company, and he put a script on a web page which other people could use to test.
During today, the number of news articles has been increasing all the time, for example
O2 leaks 3G users' mobile numbers to every website visited ? The Register and
BBC News - O2 revealing users' mobile phone numbers, tests suggest
Someone found an article written in Germany (in English) a couple of years ago, which explained and reviewed such behaviour from networks all over the world, and has its own test site
http://www.mulliner.org/collin/acade...0_mulliner.pdf [the article, not the test itself]
So that's why I'm posting here, to see if anyone is interested in checking whether their network does this, and maybe we'll get a small picture of how much this is still happening
These sites only use a couple of kilobytes of data, and obviously won't be passing on the information.
MNO Privacy Checker
n.b. O2 UK fixed this a few days after this post
I forgot to add this comment at the time
| || |