|
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Présentation : I read this recent post by Dr. Neal Krawetz with some wonder and amazement. One Smart Cookie - The Hacker Factor Blog He followed that one up with another related post, Just Browsing. See also his Invasion of Privacy post for browser fingerprinting and some perspective on private incognito browsing session tracking. The identification that in some cases your cellphone carrier could be adding extra headers to your smart-device information requests is not shocking in this day and age. But that it could contain leak your personally identifiable cell phone number was quite a surprise From Dr. Krawetz s post Consumer Cellular has agreements to use T-Mobile and AT T networks. If my cellphone uses the T-Mobile network, then no extra headers are added to my HTTP requests. However, if my phone uses AT T's network, then AT T appends a lot of personal information to every HTTP request X-Att-Imsi This is my International Mobile Subscribed Identity and is unique to my phone. X-Att-Plmn-Id This contains my MCC MNC code that's the mobile country code MCC and mobile network code MNC . These values identify the country and carrier. For example, MCC 310 is the United States, and MNC 410 in the United States is Cingular Wireless now AT T . X-Up-Calling-Line-Id This contains my cellphone number. Seriously AT T sends my direct cellphone number to every website my phone visits. Looking over my web server logs, I see other people who have been through this same path. Thanks to AT T, I have direct phone numbers for people in Portland, Oregon and Cincinnati, Ohio and Roanoke, Virginia and... I'm actually surprised that my cellphone hasn't received more telemarketer calls. X-Up-Subno This very-disturbing field includes a timestamp that shows when down to the second I signed up with Consumer Cellular. That got me looking for more information and I didn t find much. This circa 2012 post goes into some additional details Why are websites getting your mobile-phone number TechRepublic It points to a test web page maintained by the interviewed researcher Collin Mulliner that can show some of your browser headers MNO Privacy Checker Colin Mulliner Running several tests with my cellular devices with Wi-Fi disabled to force the data cross AT T s network came back clean of any PII meta data at least as far as this particular test was able to detect. More information on the project and issue details here HTTP Header Privacy info page Is your mobile phone giving out your phone number Computerworld 2010 It was noted by the post author that the issue was with medium-price-ranged phones that needed a Web proxy to reformat Web content. And that iPhones and Androids do not do this. I do plan to hit this Choices and Controls AT T Privacy Policy site with my devices as well to then opt-out of several of their analytics services listed there. Finally, Martin Brinkmann at ghacks.net has an astounding roundup of links related to online privacy checkers. The ultimate Online Privacy Test Resource List - gHacks Tech News That one is a keeper in your bookmarks. Constant Vigilance --Claus Valca
Les mots clés de la revue de presse pour cet article : browser Les videos sur SecuObs pour les mots clés : browser Les éléments de la revue Twitter pour les mots clé : browser
Les derniers articles du site "grand stream dreams" :
- Browser MetaData Leakage - MXA Another specialized Windows Performance Tracing tool - Opening more than one Firefox bookmarks Library - Win 7 Task Image Corruption Errors In which A Quick Fix is found and Blame is to be Assigned - Fixing Glasswire Upgrade Issue failed to attach to service - Open Live Writer There are Nightlies - PowerShell one liner to get USB Flash Drive Serial Number - Only my own procrastination to blame - Universal Extractor and updated builds - Windows Update Agent Utility WUAUclt.exe
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|