O2 Giving out phone numbers?

RickST

RickST

RickST

Associate
Joined
5 Feb 2008
Posts
1,261
Hey peeps,
Just seen a tweet about this wondering if it affects you too. Apparently if you are on O2, when you browse the internet on your phone, they send a HTTP Header to the server which contains your mobile phone number. This means that any site you visit in theory could ring you up for a chat.

if you are on O2 can you try this, make sure you are on your 3g or mobile data rather than wifi as it won't work.

http://lew.io/headers.php

This is totally un-verified so might just affect one or two people, just look at that web page see if you can see your phone number.

Edit: the Opera mini browser will hide the number as it works through a proxy
 
Last edited:
Okay, so on your phone, if you are on O2, when you browse the internet, one of the bits of information that gets sent to the server is your mobile telephone number.
 
Robbo said:
So your mobile number is sent to the websites you mean?
Click to expand...

yes exactly. so any company's website you visit could quite happily give you a call without you ever giving them any information. That is the rumor anyway, I still don't know if it is true.
 
I agree it would make sense that is was phone level not operator but that doesn't seem to be the case. multiple os/phone combos but the same problem

It won't show in Opera as its a proxy browser so masks the issue.
 
J.B said:
Well if you navigate there with a normal browser it shows the header that you'd expect so Im assuming it is actually being put in the HTTP Header.

Will have to pipe this through my own proxy tomorrow and see what the headers look like
Click to expand...

Thats my point, there is nothing fancy going on here, he (the site owner) is just printing out the headers.
 
Spunkey said:
The headers sent are dependant on the browser used.
Click to expand...

Thats not entirely true. All mobile operators modify http traffic at a network level. things such as sending compressed images or minifying javascript. So it is possible and in the case seems likely that it is a network level issue not a phone software thing.

the reason the opera browser gets round the issue is that it sends all traffic through their own servers so that they can compress it to make their browser faster. part of this proxy process means that O2 can't modify the headers at a network level.
 
the guy who built the little lew.io/headers.php tool raised it with O2 on twitter, they are looking into it. But their initial response was "that's normal" however I think they might have not have understood the issue.
 
Last edited:
neil_g said:
If this was really an issue wouldn't we all be getting flooded with cold sales callers, because personally I'm not and I'm on o2
Click to expand...

depends:

it could be a new thing.

its possible that it just hasn't been spotted before, if it isn't documented then nobody bothered to look I suppose. It was only seen in this case by random chance.

edit: beaten like a ginger step-child
 
neil_g said:
My point is, people that want this sort of data aren't stupid and if this http header has been in use as far back as 2006 they'd be mining the data already.

As for the fact that if it's not being used as no one knows about it this thread is kinda ironic.. :D
Click to expand...

I agree, looking in google it certainly does appear to be documented quite a bit so its surprising it hasn't be raised much as issue publicly, however, if you did get a spam call and you didn't know about this issue you would just think it was random when in fact it was targeted.

Also, im not trying to witch hunt O2 it just felt like something that people would want to be aware of, thats all.
 
I agree its not the biggest issue in the world, I just wonder how many people would be unhappy if they knew.

p.s - Sonea, I totally just stole your sig.. sorry...
 
You must log in or register to reply here.
Back
Top Bottom