Android, Gadgets, Hardware Systems, Internet, iPad, Mobil Phone, Networking, Peripheral, Personal Electronics, Security, Virtualization
Posted: January 25th, 2012 | Author: admin | Filed under: Android | Tags: blunder, customers, exposes, Network, numbers, phone, Security, Websites | No Comments »
If you're browsing the web on your phone or tablet on O2 UK, then the network could be exposing your phone number to every website you visit. O2 customer Lewis Peckover recently discovered that when you're browsing over 3G on O2, your handset's phone number is often included in the HTTP headers sent to each website you visit, in plain text.
HTTP headers are information exchanged between your browser and the web server before a page is loaded. In theory, the way O2 includes your phone number — alongside more mundane information like your IP address, browser and OS — means that any website you visit could easily find out your number. It's worth pointing out that the header used by O2 to send phone numbers — "x-up-calling-line-id" — isn't one that's routinely logged by web servers. However, just a couple of lines of code would allow a malicious site to find your phone number just by having you visit a website on 3G.
Lewis Peckover has set up a site to allow O2 customers to see whether they're affected. We've tried this with an O2 SIM in our Galaxy Nexus, and sure enough, there our phone number was in the list of "headers received". If you're on O2, make sure you've got Wifi disabled on your device, then click here and see if you spot your phone number among the HTTP headers.
This isn't an Android-specific problem, however due to the fact that it's a network-level issue, it'll affect Android phones just the same as any other device that's browsing over O2's data network. For this reason, just about anything that connects via HTTP over O2's network could potentially access this information. For its part, O2 says it's "investigating" the issue, and while this is a big deal for O2 customers, the fact that this is a network-level problem should mean that a fix will be relatively quick and easy to deploy.
More: Lew.io; via: ThinkBroadband
View full post on Android Central – Android Forums, News, Reviews, Help and Android Wallpapers
Posted: January 21st, 2012 | Author: admin | Filed under: Security | Tags: Anonymous, attacks, cyberconflict, escalates, IsraeliPalestinian, RIAA, Roundup, Security, sites | No Comments »
Angered by the move by federal authorities to shut down the popular website Megaupload on charges it illegally shared movies, TV shows and e-books, hackers said to be working on behalf of the hactivist group Anonymous late yesterday launched denial-of-service attacks against a number of websites, including that of the Department of Justice (DOJ) and the Recording Industry Association of America (RIAA).
View full post on Security
Posted: January 19th, 2012 | Author: admin | Filed under: Security | Tags: 2012, cloud, focus, mobile, says, Security | No Comments »
Beyond addressing details about its big breach of 2011, RSA Security executives this week outlined its 2012 product strategy that is centered on three areas, mobility, anti-threat and cloud security.
View full post on Security
Posted: January 15th, 2012 | Author: admin | Filed under: Security | Tags: Anonymous, fury, humiliation, Roundup, Security, Stratfor | No Comments »
The hactivist group Anonymous, or at least someone with the handle “FuryOfAnon” who claims to be part of the collective, last week published a list of Internet-facing Israeli SCADA (supervisory control and data acquisition) systems and purported log-in details. “Who wanna have some fun with Israeli scada systems?” the message said.
View full post on Security
Posted: January 3rd, 2012 | Author: admin | Filed under: Virtualization | Tags: 2012, bedevil, bring, device, minefield, Security | No Comments »
The rapid adoption of the newest mobile devices — especially the Apple iPhone and iPad and the Google Android-based equivalents — will be a huge disruptive force in enterprise security next year. Not only will there be pressure to decide how to protect and manage these devices, which are growing as malware targets, the complexity of this task is magnified many times over because companies are allowing employees to use their own personal smartphones and tablets for business purposes — what’s sometime called “bring your own device” (BYOD).
View full post on Virtualization
Posted: December 10th, 2011 | Author: admin | Filed under: Security | Tags: Adobe, Alarm, coming, Lockheed, Martin, Microsoft, patchfest, Reader, Roundup, Security, sounds, zeroday | No Comments »
When Adobe last week issued an advisory about a dangerous zero-day attack based on an unpatched Adobe Reader vulnerability that was being exploited in the wild to try and seize control of both PCs and Macs, it credited Lockheed Martin for sounding the alarm about it.
View full post on Security
Posted: December 4th, 2011 | Author: admin | Filed under: Security | Tags: about, device, flaws, latest, mobile, Security, Tips, users, Worried | No Comments »
Mobile device users worried their personal data may not be safe in light of recent reports of security flaws can download apps, monitor tell-tale signs and adjust settings to protect themselves.
View full post on Security
Posted: November 29th, 2011 | Author: admin | Filed under: iPad | Tags: 10.5.1, about, content, iTunes, Security | No Comments »
This document describes the security content of iTunes 10.5.1.
View full post on Apple – Support – Most Popular
Posted: November 21st, 2011 | Author: admin | Filed under: iPad | Tags: 7.7.1, about, content, QuickTime, Security | No Comments »
This document describes the security content of QuickTime 7.7.1.
View full post on Apple – Support – Most Popular
Posted: November 12th, 2011 | Author: admin | Filed under: Security | Tags: ending, Nov., Roundup, Security, week | No Comments »
Is there justice in cyberspace? The U.S. Department of Justice (DOJ) last week offered hope there is, charging seven individuals with 27 counts of wire fraud and other computer-related crimes in connection with a massive “clickfraud” scheme that was based in Estonia.
View full post on Security
Recent Comments