Read more.O2 users browsing via 3G find their phone numbers embedded into visited websites.
Read more.O2 users browsing via 3G find their phone numbers embedded into visited websites.
For what it's worth, I think they've stopped now.
https://twitter.com/#!/O2/status/161872584634408960
Originally Posted by O2
borandi (26-01-2012)
They've apologised now: http://www.bbc.co.uk/news/technology-16725531
Except it bloody isn't! O2 could easily have generated a UID for each user and transmitted that in the header to their own servers and "trusted partners" who have access to a list of UIDs for whatever purposes required.The company said this [number sharing] was needed to manage "age verification, premium content billing, such as for downloads, and O2's own services".
Then, if this kind of cockup ever did happen (like, erm... this month), user's phone numbers wouldn't have been disseminated across the Internet. Instead they'd have been uniquely identifiable... a privacy problem from a tracking point of view, but most of the other stuff your browser usually transmits to a web server is enough to make you almost uniquely identifiable anyway.
If you want to think about it another way, then it's a little bit like password hashing... because, y'know, we've known for quite some time that it's really really really stupid to store passwords plaintext, and even stupider to transmit them plaintext.
So, well done O2, for being monumentally stupid in your system implementation.
Big Brother is watching all the time.
There are currently 1 users browsing this thread. (0 members and 1 guests)