Orange leaks mobile numbers, says researcher

Using HTTP headers in operator proxies to reformat websites for smaller screens can cause leaks of confidential data, according to a PhD student

A mobile device security researcher, who recently announced a privacy loophole in the way data is transmitted during mobile web surfing sessions, has indicated that the problem is widespread.

At the CanSecWest security conference last month, Collin Mulliner, a PhD student at Technical University Berlin in Germany, said confidential data can be leaked due to the addition of HTTP headers at the operator's HTTP proxy or gateway. Proxies are used to reformat web pages to suit a smaller screen size.

Several of the operators cited in his presentation include Orange from the United Kingdom, Bharat Sanchar Nigam of India and Rogers Wireless in Canada.

For more on this story, see Researcher: Mobile number leaks common but inappropriate on ZDNet Asia.