Knowledge Base
Community

Mobile Number Information Issue [25/01/12] [Resolved]

Started by: craig_t
On: 25/01/2012 | 12:26
Replies: 295
Reply

by: rshuffle
on: 25/01/2012 | 13:20

Yup, someone here screwed up, possibly for 3 years. Ho Hum, I'm not that worried tbh, my phone number is on my business cards anyway. Though I do agree, random websites shouldn't have it. O2 will not doubt get screwed over by the govt on this.

Get a free Giffgaff Sim
Message 154 of 296
by: tonyyeb
on: 25/01/2012 | 13:21
Yep, no longer seems to be sending the number. Now let's talk compensation...
Message 155 of 296
by: andy0
on: 25/01/2012 | 13:22 edited: 25/01/2012 | 13:31

@pinkcalculator wrote:
I'm a bit lost I don't have 3G here but my number is showing up, or has done twice and I'm not going to try again as I'm on pay as go and you can't get your balance on gg at the monent.

I don't think it was about 3g, as I also don't have 3g here and had the number showing

 

I confirm statement(s) above that it seems to have been recently switched off though

 

I did a whois check of the IP address to make sure I hadn't connected via wi-fi by mistake, and it's definitely O2online 

 

And by the way, using the Opera Mini browser not only avoided this issue, but also their compression means less data used anyway, typically only a third or a quarter though obviously a bit variable depending on the type of content, and one's personal settings about images

 

and p.s. the website is only about 2 to 3 kb anyway (depending on the size of the header it's quoting)

Message 156 of 296
by: j_lowey
on: 25/01/2012 | 13:22

@dteg wrote:
Standard server logs simply do not record this information - even though they can, it's hardly worth it for one carrier in the world.


Take a look at this: http://www.mulliner.org/collin/academic/publications/icin2010_mulliner.pdf

 

It's definitely not just one carrier in the world. The difference is that a lot of them seem to have fixed it since that security researcher published papers and did talks about it in 2009 and 2010.

Message 157 of 296
by: b0fh
on: 25/01/2012 | 13:23

The UK government has such a good track record when it comes to personal data and it's security....

 

My number is on my business cards, ebsite etc. But that means I am advertising it to people who are interested in me or my products. What I don't want is my number given to any and all websites I visit (despite knowing that most servers will not log this information normally) - it is a simple breach of trust and data security by O2, however as GG are our supplier they are ultimately responsible.

Message 158 of 296
by: dteg
on: 25/01/2012 | 13:23 edited: 25/01/2012 | 13:24

@rshuffle wrote:

Yup, someone here screwed up, possibly for 3 years. Ho Hum, I'm not that worried tbh, my phone number is on my business cards anyway. Though I do agree, random websites shouldn't have it. O2 will not doubt get screwed over by the govt on this.


Don't worry, random websites won't have it. Only websites specifically set to record all the information about visitors would, and there's so much garbage in a web request it would probably make the servers explode to retain it all Smiley Happy

 

As standard, the visitor information collected by websites does not include this field - usually just IP address, page linked from, and the make of web browser.

OP: please click the Accept as Solution button below if this advice best solved your problem!

Message 159 of 296
by: andy0
on: 25/01/2012 | 13:25 edited: 25/01/2012 | 13:32

@tonyyeb wrote:
Yep, no longer seems to be sending the number. Now let's talk compensation...

Let's not.

 

Compensation is intended as recompense for losses caused.

 

So far there is no evidence of any damage caused to anyone, and if any does emerge in future, it's much too soon to evaluate the cost, which would be specific per case, and possibly contentious and resolved using legal action.

Message 160 of 296
by: turkeyphant
on: 25/01/2012 | 13:25
Seems to be fixed here now - good job.

Can anyone from GG confirm?
Message 161 of 296
by: dteg
on: 25/01/2012 | 13:26

@j_lowey wrote:

@dteg wrote:
Standard server logs simply do not record this information - even though they can, it's hardly worth it for one carrier in the world.


Take a look at this: http://www.mulliner.org/collin/academic/publications/icin2010_mulliner.pdf

 

It's definitely not just one carrier in the world. The difference is that a lot of them seem to have fixed it since that security researcher published papers and did talks about it in 2009 and 2010.


Thanks for the heads-up there, though I still suspect the issue here (like most security/privacy ones) is more theoretical than practical. It still takes someone to intentionally harvest this data for it to exist anything more than fleetingly.

OP: please click the Accept as Solution button below if this advice best solved your problem!

Message 162 of 296
by: turkeyphant
on: 25/01/2012 | 13:27

@dteg wrote:

@rshuffle wrote:

Yup, someone here screwed up, possibly for 3 years. Ho Hum, I'm not that worried tbh, my phone number is on my business cards anyway. Though I do agree, random websites shouldn't have it. O2 will not doubt get screwed over by the govt on this.


Don't worry, random websites won't have it. Only websites specifically set to record all the information about visitors would, and there's so much garbage in a web request it would probably make the servers explode to retain it all Smiley Happy

 

As standard, the visitor information collected by websites does not include this field - usually just IP address, page linked from, and the make of web browser.


Wrong - lots of random websites log this information.

Message 163 of 296