O2 accused of sharing customer phone numbers with every visited website

[xxMATTGxx]

British cellphone carrier O2 appears to be sending customers' cellphone numbers in HTTP header traffic, inserting the info in data sent to websites over O2's connection. Lewis Peckover discovered the problem this week and setup a website to document it. The site allows O2 users in the UK to check to see whether their number is being sent along with HTTP traffic. We have confirmed the issue on two O2 numbers in the UK, and our testing with other networks indicates it is isolated to O2. Orange, Three and Vodafone were unaffected in our tests.

Source: http://mobile.theverge.com/mobile/20...ebsite-traffic

[Recursion]

One has to wonder, how the hell they managed to do that by accident... assuming it was by accident of course.

[GommeInc]

One has to wonder, how the hell they managed to do that by accident... assuming it was by accident of course.

It seems like something they may of thought was clever to document where people are going when browsing the web or to tailor the internet to the needs of that specific number. It was probably done in good faith, but they didn't realise the websites could log the numbers

---------- Post added 25-01-2012 at 12:28 PM ----------

One has to wonder, how the hell they managed to do that by accident... assuming it was by accident of course.

It seems like something they may of thought was clever to document where people are going when browsing the web or to tailor the internet to the needs of that specific number. It was probably done in good faith, but they didn't realise the websites could log the numbers

[Recursion]

It seems like something they may of thought was clever to document where people are going when browsing the web or to tailor the internet to the needs of that specific number. It was probably done in good faith, but they didn't realise the websites could log the numbers

Can't be either of those, the network knows who you are regardless of the number

[N!ck]

Set your APN username to "bypass" and password to "password". I've been using this anyway as otherwise their transparent proxies compress images to save on bandwidth and insert javascript into every webpage.

[Recursion]

Set your APN username to "bypass" and password to "password". I've been using this anyway as otherwise their transparent proxies compress images to save on bandwidth and insert javascript into every webpage.

They still do this? I know carriers used to do it but I haven't noticed it on T-Mo for ~2 years now.

[N!ck]

They still do this? I know carriers used to do it but I haven't noticed it on T-Mo for ~2 years now.

They did back in June when I got my Galaxy S II.

[xxMATTGxx]

O2 has confirmed it fixed the problem at 14:00 today. The issue affected customers accessing the internet via their mobile phone on 3G or WAP services, between January 10th and 1400 on Wednesday January 25th, and occurred as a result of technical changes in routine maintenance.

Source: http://www.theverge.com/mobile/2012/...ebsite-traffic