In a recent article on PCWorld.com, a graduate student at the Technische Universitat Berlin found actual cell phone numbers in his web server logs. That is, when a user visited his site from their cell phone, sometimes the phone would leave an identifier. This identifier ranged from their cellular customer account number to their actual phone number. The student, Collin Mulliner, is a self-proclaimed cell phone hacker, but in his recent presentation at the CanSecWest Conference in Vancouver, Mulliner said jokingly “It’s a pretty nice way to track mobile phone numbers.”

This is a tremendous security risk for cellular users and the cellular providers themselves. Only two specific carriers were mentioned in the article, but, just in case, Mr. Mulliner has put together a Privacy Checker. Visit http://www.mulliner.org/pc.cgi on your web-enabled phone to see if your phone leaks any personally identifying information.

For more on this article, make sure to check out the original story on PCWorld.com.

Leave a Comment