

Verizon, AT&T tracking their users with ‘super-cookies’ - declan
http://www.washingtonpost.com/business/technology/verizon-atandt-tracking-their-users-with-super-cookies/2014/11/03/7bbbf382-6395-11e4-bb14-4cfea1e742d5_story.html

======
lstamour
Previously:
[https://news.ycombinator.com/item?id=8500131](https://news.ycombinator.com/item?id=8500131)

See also, EFF:

> To compound the problem, the header also affects more than just web
> browsers. Mobile apps that send HTTP requests will also have the header
> inserted. This means that users' behavior in apps can be correlated with
> their behavior on the web, which would be difficult or impossible without
> the header. Verizon describes this as a key benefit of using their system.
> But Verizon bypasses the 'Limit Ad Tracking' settings in iOS and Android
> that are specifically intended to limit abuse of unique identifiers by
> mobile apps.

> Because the header is injected at the network level, Verizon can add it to
> anyone using their towers, even those who aren't Verizon customers. Notably,
> Verizon appears to inject the X-UIDH header even for customers of Straight
> Talk, a mobile network reseller (known as a MVNO) that uses Verizon's
> network. Customers of Straight Talk don't necessarily have a relationship
> with Verizon.

More at [https://www.eff.org/deeplinks/2014/11/verizon-x-
uidh](https://www.eff.org/deeplinks/2014/11/verizon-x-uidh)

------
gcb0
to everyone making a request to their cohost and not seeing the header there,
you're not free from it.

remember: only paying "customers" have access to that tracking. all the open
request showing it are probably tests

