O2 Exposes Customer Phone Numbers To Websites

RossMc

macrumors 65816
Original poster
Apr 30, 2010
1,157
20
Newcastle, UK
O2, once Apple’s exclusive cell phone company reseller of iPhones in the UK, has been caught inserting user phone numbers into the headers sent to web servers its customers visit while using its 3G network.


London-based systems administrator Lewis Peckover discovered the issue yesterday, while researching ways of finding out if a website visitor is on a particular device or network. Turns out to be really easy if the visitors are on O2.


Peckover created a simple demo script that prints out the details of headers it receives. Everything looks normal if you visit his page from your computer – but when an O2 customer hits the page from the 3G network, an additional header appears:




That “x-up-calling-line-id” header, says Peckover, is being handed over to the webmaster of every website visited. Eeek.


Needless to say, people are rather troubled by this, and this morning swamped O2”s Twitter account with demands for an explanation. O2 responded quickly with a flood of @-replies to concerned users (pictured above) and said it had started an investigation. We’ll update this post as and when we hear anything more.


Although the header appears to be inserted irrespective of the mobile device used, this will affect a lot of UK iPhone owners because of O2”s former exclusivity as iPhone seller. A lot of people (myself included) have ongoing O2 contracts that were first opened back in the days when it wasn’t possible to get an iPhone from anyone else.


Source : http://www.cultofmac.com/142388/uk-...twitter&utm_medium=twitter&utm_source=twitter
 

afd

macrumors 65816
Apr 12, 2005
1,025
242
Scotland
I have just visited the site on my powerbook using iPhone tethering and sure enough my phone number is showing.
I've said it before, when contract is up, I'm switching to Three.
 

matttye

macrumors 601
Mar 25, 2009
4,956
30
Lincoln, England
I have just visited the site on my powerbook using iPhone tethering and sure enough my phone number is showing.
I've said it before, when contract is up, I'm switching to Three.
What are you on, 3G, hsdpa?

I've got a strong hsdpa signal and it's not showing up. Galaxy S2.
 

matttye

macrumors 601
Mar 25, 2009
4,956
30
Lincoln, England
This has helped me make a decision on my (nearly ended) contract. I din't really want to go with three as I've heard more bad than good, but if O2 are doing this then I'm going to change.
I've got a three sim for my iPad and get a brilliant signal everywhere. I'll probably switch to them when my contract is up with O2 on my phone.

They only have a 3G network so can spend more on maintaining a higher quality network rather than an older 2g one.
 

Macman45

macrumors G5
Jul 29, 2011
13,199
133
Somewhere Back In The Long Ago
I've got a three sim for my iPad and get a brilliant signal everywhere. I'll probably switch to them when my contract is up with O2 on my phone.

They only have a 3G network so can spend more on maintaining a higher quality network rather than an older 2g one.
Thanks for the tip....What kind of data plan are you on with them? Typically, I use a lot of text's, and need about 500 minutes of call time...Preferably a large data allowance too. One thing I would say about O2 is they never charged me for going slightly over my allocation.
 

RossMc

macrumors 65816
Original poster
Apr 30, 2010
1,157
20
Newcastle, UK
This has helped me make a decision on my (nearly ended) contract. I din't really want to go with three as I've heard more bad than good, but if O2 are doing this then I'm going to change.
I'm on Three and I'm happy with the service I get from them, With O2 I had terrible signal round my area even with 3G turned off. On Three I have near enough full signal all the time plus their The One Plan is awesome. £25 a month, 2000 minutes, 5000 texts and Unlimited Data plus you can use tethering with the Personal Hotspot feature on the iPhone for free (Something which O2 wanted to charge extra for)
 

Macman45

macrumors G5
Jul 29, 2011
13,199
133
Somewhere Back In The Long Ago
I'm on Three and I'm happy with the service I get from them, With O2 I had terrible signal round my area even with 3G turned off. On Three I have near enough full signal all the time plus their The One Plan is awesome. £25 a month, 2000 minutes, 5000 texts and Unlimited Data plus you can use tethering with the Personal Hotspot feature on the iPhone for free (Something which O2 wanted to charge extra for)
That's the one for me...Now all I have to do is get a code for my number from O2! 19th of February is my due date, so I will tell them today. Thanks for the info. I'm paying a lot more for a lot less with O2!
 

afd

macrumors 65816
Apr 12, 2005
1,025
242
Scotland
What are you on, 3G, hsdpa?

I've got a strong hsdpa signal and it's not showing up. Galaxy S2.
3G, just, coverage here rubbish for o2.
Does seem to be fixed now. All they need to do now is give reliable indoor 3G coverage, get rid of the proxy server that seems to break websites and stop compressing jpegs. Sort that by June and I might stay. Though if they sort the 3G coverage I'll actually using data and and use up the GB that o2 charge a tenner for, so might change to 3 anyway.
 

matttye

macrumors 601
Mar 25, 2009
4,956
30
Lincoln, England
Thanks for the tip....What kind of data plan are you on with them? Typically, I use a lot of text's, and need about 500 minutes of call time...Preferably a large data allowance too. One thing I would say about O2 is they never charged me for going slightly over my allocation.
I get 10GB of data for £15 a month.

If I agreed to sign up for a 12-month contract they would increase that to 15GB.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.