

O2 (UK) sending mobile numbers with every HTTP request - kolektiv
https://twitter.com/#!/O2/status/161872584634408960

======
kolektiv
A little more information - they're sending an X- HTTP header containing the
originating mobile phone number. No obfuscation, anything, just a mobile
number. I'm on O2 and just verified this from my own mobile.

This is an appalling privacy hole, one which O2 have not publicised at all and
from the contents of the tweet discussing, seem to see no issue with.

EDIT: a direct link to a checker by Lewis Peckover which shows this in action
if you're on O2 - more verification wouldn't hurt of course.
<http://lew.io/headers.php>

------
otoburb
<http://news.ycombinator.com/item?id=3508857>

