Skip to main content

Posts

Showing posts from April, 2016

Vodafone India privacy problem: exposes phone numbers

Vodafone India is exposing website surfer/user's phone number to the partner website when using mobile data plan. It might be offering hidden API to those partner websites to uniquely identify users. I have noticed it around 1-year before, thought about blogging, but forgot it at that time. Now, I have got some time and so thought of explaining the issue. How I noticed the issue? Sometime ago, I've bought SanDisk microSD card. In the wrapper, they've mentioned about some offer about hungama (Still available in SanDisk website at www.sandisk.in/campaign/landing/hungama/offer_three). The URL mentioned was offers.hungama.com/sandisk3/ and when I opened that in my mobile browser, it was prompting with Welcome, 91-98XXXXXXXX.

I was shocked as I never seen anything like that before. So, I immediately opened the same URL in my desktop browser and got completely different page:

And, again I tried to open the same page in mobile browser with Wi-Fi alone (by disabling Mobile Data)…