Sprint Web Phones Leak Users' Phone Numbers 93
Anonymous Coward writes: "Tasty Bits From the Technology Front says that Sprint PCS phones leak your phone number when browsing the Web. The unique ID number each phone has to help assure privacy is ... your phone number." (And TBTF is a good read anyhow.)
More info... (Score:3)
-------------------
Good reason NOT to have a cell phone (Score:1)
No news (Score:5)
(If there is interest in the IMAP mail checking script for HDML phones, let me know.)
Ubiquity of web browsing phones? (Score:3)
Does anyone else wonder if the over-hyping of everything internet related will die down any time soon, and just become another information medium?
Does anyone else PRAY for it every day?
--
blue
SWEET JESUS! (Score:4)
LMAO!
-FluX
-------------------------
Your Ad Here!
-------------------------
Wireless Web - HAH (Score:5)
It costs a lot (at least when I used it) about 35 cents a minute, with a minute minimum. I would logon, schlep through the crappy four line text menus only to get to a 'this feature coming soon' message. 35 cents down the drain.
It is almost unusable. Do you want to order a book from Amazon after going 19 levels deep in a text menu, typing your credit card number and address on a numeric keypad? gimme a break.
The features you would want just aren't there. How about a user customizable 'home page'. Quick shortcuts to stock quotes, weather, news briefs, sports scores - nope, have to navigate the menu system to get anywhere. Usability testing - anyone, anyone?
Spring PCS service just sucks period. At least in Chicago. My phone dropped nearly half the calls I made, and failed to ring on incoming calls more times than I care to count.
Just avoid Sprint period. My terrible experience with them just makes me laugh at the irony of their TV adds. 'Crystal Clear'? Can't they be sued for outright lies?
-josh
Re:No news (Score:1)
---
Jedi-Bene Gesserit
Re:No news (Score:2)
Want to work at Transmeta? Hedgefund.net? Priceline?
Re:Good reason NOT to have a cell phone (Score:1)
Which I don't, thank God. I can't picture the web on my Palm, let alone the 4x12 character display on my cell phone. I don't surf the web with my land-line phone. Why would I with a cell phone? Let's leave data access to data devices.
Ahh. Glad to have that off my chest.
Every day we're standing in a wind tunnel
Facing down the future coming fast
wireless web good for one thing... (Score:2)
On the other hand, the damn thing doesn't work half the time, giving all kinds of arcane errors.
Sure, I once spent $3.50 browsing through amazon, but it would have taken me about $5.00 just to enter my address and credit card number. thanks but no thanks Sprint.
Want to work at Transmeta? Hedgefund.net? Priceline?
Re:Wireless Web - HAH (Score:2)
-jwb
Re:Good reason NOT to have a cell phone (Score:1)
Um.. is it just me, or is this extremely short-sighted reasoning? While this article might mean that it's a good thing that you don't have a Spring PCS phone that you use to access web pages, I don't see how this remotely changes the usefulness of cell phones in general, and even of non-Sprint PCS phones and/or of Sprint PCS phones that aren't used to access the web. Nothing I've read about this so far in any way makes me any less glad that I own a PCS phone that's capable of receiving email, SMS and pages.
Sprint's largest shareholder? Three guesses. (Score:3)
And the only one that counts is "Microsoft". Yeah, it's probably a coincidence, but it does seem odd that this would happen just when MS is gearing up their new web-phone strategy. Their Spring holdings will lose some value, but not much, and to MS the affect on consumer thinking will be worth a billion or so dollars more. In the coming weeks, you can expect to see a lot more "freak malfunctions" in the telecom industry, all tending to convince people that the old tech doesn't work.
If you ask me, it's a bit disgusting: Peoples' security is being compromised, just for the sake of helping somebody's marketing strategy. Oh, well, that's capitalism! Anything goes, as long as it makes a buck.
This could be a good thing! (Score:4)
JB
Re:Wireless Web - HAH (Score:2)
Am I the only one that ever purchased a book at amazon.com using a web phone?
Well, the only reason I did it was so that I can tell my kids later in life I was one of the first
Anyway, if you have an amazon account and you are stupid enough to have "one-click" ordering enabled, it actually works pretty easily.
Re:This could be a good thing! (Score:1)
JB
Bwaha! Gool ol' AMPS analog cellular. No mess ups! (Score:2)
Re:Wireless Web - HAH (Score:1)
There goes one of the last vestiges of privacy... (Score:1)
Paranoia (Score:1)
My paranoid conspiracy theory: Sprint purposely is doing this so that they can offer similar services on their cell phones.
Worthless PCS browser (Score:1)
No Complaints, Maybe Because Its Pretty New? (Score:1)
This is a small part of this article [sfgate.com], which went up Tuesday March 7, 2000. It's not an issue because they haven't recieved any complaints.
Hmmm...Maybe the reason for this could be that the telephone owners don't know that its going on!! I doubt the phone flashes a little message that says, "I'm about to send your phone number to this web site. Do you wish to continue?". Also, this is relatively new news to most people.
Re:Sprint's largest shareholder? Three guesses. (Score:1)
Unique IDs (Score:2)
1. If you can find someone else's unique ID (easy because they used the phone number), you can get them in trouble by impersonating them to websites.
2. Websites can track you without cookies - and this includes tracking across websites.
No, Sprint needs to set up a proxy that gives a number unique to each website by which Sprint can track abusers.
--
Follow-Up Article (Score:3)
In a nutshell:
They said that they have a agreement with websites that they won't use the phone number for telemarketing. I don't remember getting asked, do you?
Re:Good reason NOT to have a cell phone (Score:2)
The only thing that could possibly be worse (Score:2)
OTOH, I'm sure that will happen at some point soon anyway.
Fair is fair (Score:3)
The service can be extremely useful and useless at the same time. All depends on how you want to use the service because of the weakness of the software used to browse. I found it was awesome for 3 main uses. First is stock and news information. It was easy enough to use the phone get this information from CNN and Yahoo!. Second, I found that the Mapquest can be useful. Although it can be cumbersome to use, it could serve a purpose to get direction from zip code to zip code or from address to address. But what impressed me the most was Yahoo!'s personalized services. You can check your email from the phone and even get access to a web scheduler or something like that (didn't bother exploring it).
Overall, the service is cool, until you consider the alternatives. It's a pain the ass to even log in considering you have to punch the buttons 16 times for an 8 letter login. I've also seen those RIM two-way pagers in action, and got damn can it do so much more so much faster. As much as people are screaming about the need for better screens and speed, until there is a way to input with something over than keypad these things will remain only toys.
Re:Good reason NOT to have a cell phone (Score:3)
What most folks don't seem to realize is that no new legislation or technology is required for a cell phone provider to get a fix on your location: *they already have this ability*. All they need to do is triangulate based on the relative signal strength received from two or more nearby towers.
This happens all the time in "emergency" situations; the only reason it's not (yet) a big deal is because the technology is being used to rescue people in danger, rather than, say, to track down and silence thought-criminals.
So far as you know.
Because people have phones already (Score:2)
Re:SWEET JESUS! (Score:1)
Croupier: "Your winnings, sir."
Renault: "Oh. Thank you very much." turns to the crowd again "Everybody out at once!"
--Casablanca
script to test your wireless web phone (Score:2)
Re:Wireless Web - HAH (Score:1)
Re:Good reason NOT to have a cell phone (Score:2)
Re:Ubiquity of web browsing phones? (Score:1)
Trust me, its coming.....
Re:Wireless Web - HAH (Score:2)
Here is why: When Sprint set up they're network, they opted to go with CDMA. CDMA base stations can cost 2x to 5x what a typical GSM or D-AMPS base station does (albeit with a much better voice quality and a dubiously better capacity per cell).
Sprint in their effort to roll out their network real fast, skimped on the amount of base stations they bought, thus stretching their cells out to the maximum limit (i.e. bad coverage) which in turn led to more dropped calls, especially when driving.
If they would have gone GSM or good old D-AMPS they could have had far better coverage and more happier customers. So it was not the technology or engineers, but the marketers and operations folks.
Oxymoron? (Score:2)
Sprint seems to have a skewed idea of privacy...
Anonymity is privacy!
-An Anonymous CowHerd.
Re:wireless web good for one thing... (Score:1)
You should never, never doubt what nobody is sure about.
"silence thought-criminals"??? (Score:1)
Frankly, I don't give a crap what the gov't knows about me. Hell, if a team of spooks is working round the clock just to track everything I do, that's almost flattering. In any case, my life isn't interesting or dangerous enough to warrant investigation.
A better interface is probably on the way.... (Score:2)
Don't get all giddy yet. I have some concerns. Wireless carriers have a direct monitary incentive to compell you to use on-line services so they can get their 90 cents a minute. On-line services have an interest in having whatever personal information they can get through your patronage. I'm also sure there are several government agencies, commercial entities, etc, that would love to know where you are, where you're going, and who you're going to meet. The possibilities range from the most innocent (showing you a banner ad for someplace you're going to pass near, remember the Ericcson Banner Ad article a couple days ago?) to the most egregious (i.e., everything Big Brother wants to know, you give without even thinking about it). If I've thought about it, you can bet that smarter people with power and influence have thought about it too.
You're probably thinking to yourself how far fetched this is. Is it that far-fetched? If a phone is giving up your phone number to every web site it visits, all someone needs to do is connect that phone number to whoever the owner is. The comment I'm replying to mentioned that Yahoo has a personal scheduler service on-line and accessible from web-browsing phones. If you're asking a site for directions from Point A to Point B, chances are, you're either at Point A, or will soon be at Point B. What better way to keep tabs on people's activities then to have their phone number associated with personal information you deposit in centralized computer systems? As is it now, you can already be somewhat tracked down by carrying your cell phone when it's turned on.
I see two possibilities: A) Phones will become simply wireless phone that double as a decent portible web terminal with better displays and input options, or B) Phones will become a combination of a wireless phone and a powerful PDA as well as a great solution for mobile web browsing.
Of course, solution A offers more profit and more power then option B. So naturally, which option do you think we'll get offered?
AT&T is doing it right.. (Score:3)
AT&T is doing it right. We don't use phone numbers for subscriber IDs.
Thou I do tend to use phone numbers for my test phones.
Phones never talk to any web site directly, they use a proxy agent.
The IP that is logged shows the agent IP, not the cell phone.
Alot of posts bashing sprint. Just some quick information about Sprint vs. AT&T Wireless.
Sprint uses on their own network and charges per kilobyte of SMS traffic.
AT&T has roaming agreements with other cdpd carriers. (Larger coverage area)
AT&T also has an unlimited usage plan.
As for the phones being usable. They are not over hyped.
You can view html web sites, but hdml and wap/wml/wml+ sites are native to the phone. (No translation needed.)
Some of the interesting things you can use them for, Email, Info services (news, stocks, sports scores, phone book, fax, games), customized apps (Server status, ping, traceroute, circuit testing...), e-commerce (flowers, food, movie tickets), and on and on..
One of the hottest usages are for dispatch customers. Check your next delivery, pickup, work order, etc...
At work we can access our Exchange server to read our email and view our calendars. (This is priceless in a large company.)
Most configuration for phones are done with a personalized web site. You use your personal computers web browser too setup your Email, Bookmarks, Calendar (sync to your exchange, notes, schedule+, etc.)
Hookup a special cable to your internet phone and make your laptop wireless.
If you just want the one piece wireless solution, get a sierra wireless air card (pc card).
You need to think of the internet phone as a PDA. Extend your office, have quick access to your information. The biggest mistake I see people do is try to replace their laptop.
IMHO,
-Brook Harty
(All comments are my own and not the opinion of AT&T Wireless.)
PS. Whats the largest IPO ever? AT&T Wireless.
Re:Sprint's largest shareholder? Three guesses. (Score:1)
Something I forgot tio ask in my previous comment (Score:1)
any WAP developer knows, and it's a GREAT feature (Score:1)
First of all, this is like saying "SHOCKING!!! Oh my god, your computer gives away your IP address."
Your phone number is like your IP address people! Welcome to reality. You call me, I use callerID and nail you, or I refuse to return your packets.
On the wireless web, the phone number "airlink address" is your phone number.
Its also nice not to have to enter a username/password on your phone, but to have a website identify you via your phone, and store your preferences.
I hate this stOOOPID "shocking" privacy expose's. Some idiot learns how to print HTTP headers and thinks he's a friggin genius who discovered the New World.
Ghost View can read PDF's (Score:1)
Why suggest proprietary software when instead we could tout free software? gv/gs (what have you) has read any/all pdf's i've fed it. You can even get an addon to read encrypted pdfs.
Personally I have a gripe with adobe for "expanding" postscript and the forcing people to pay (for everything but the reader that is). Adobe, You make so many great software packages, but Acrobat sucks. It is just glorified postscript (which i don't have a problem with), but it 1. It is not terribly stable here at work or at home [if it works for one of you out there, please no flames... It doesn't concern me if it works on your hardware, unless you are planning on giving said hardware to me (Which would be greatly appreciated...)] 2. Reminds me of windows (Again, if you disagree, piss off) and 3. it is ugly, especially when compared to ghostview.
Dear God -- if they start spamming my cell phone (Score:1)
Even better... (Score:2)
You speak into the phone, it transmits to a processing center, does the appropriate action, and sends you back data.
Of course, this does nothing for privacy, but is loads faster when trying to, say, browse a map, or find a restaurant, etc.
Why put any processing power into a cell phone when it is already a wireless device?
-AS
Re:Good reason NOT to have a cell phone (Score:1)
Old News (Score:2)
Re:Unique IDs (Score:2)
1. If you can find someone else's unique ID (easy because they used the phone number), you can get them in trouble by impersonating them to websites.
Isn't this sort of a major problem now? ie: Hemos., Signal.11, .Jesser
2. Websites can track you without cookies - and this includes tracking across websites.
No, Sprint needs to set up a proxy that gives a number unique to each website by which Sprint can track abuser
True, but what would be Sprints motivation? They really don't care, there is not revenue impact either way, just more money thown into development. Sort of like all the rest of the bigger wireless and LD companies on the web. Coninuing to expand on legacy systems, with bad architecture because it's cheaper.
Re:This could be a good thing! (Score:1)
-----
Re:Good reason NOT to have a cell phone (Score:2)
The deal is that with TDMA there are several 'slots' in a given 'channel' for handsets to communicate. What is happening is that there are (IIRC) 4 slots of about 20ms, and each handset grabs one and transmits during this window only. Now for the signals from potentially four handsets on a given 'channel' speaking with a base station from different distances to arrive at the correct time (with no overlap) the protocol *has* to take into account the speed of light which is not infinite, compute the lag, and ensure that the handsets broadcast that little bit earlier for everything to work.
What this means is that the base station allready knows with great accuracy the distance of a handset from it. The rest is trivial I guess. They allready track cellphones that are switched on from cell to cell (so that they know how to route the calls), and while you are actually making a call they know your exact location - I wouldn't be surprised if there was a way for the base station to initiate a 'trace' without you having to make a call. That would simplify matters greatly for the powers that be
-W
Re:Wireless Web Ha haha (Score:2)
If you're looking for a way to comunicate with clients, family and friends while on the go, I think you'll have better "crystal clear digital clarity" if you put your message on a wadded up spit ball and did a 'drive-by straw-spit' on their house.
On a lighter side, I really had to laugh at the headline and it's use of the word "Leak": Sprint Web Phones Leak Users' Phone Numbers
As if to imply: "those pesky little phone numbers wouldn't leak out onto every server log on the net if it wasn't for that hole on the bottom of the router." Perhaps if we tried asking the little dutch boy to come along and put his finger in the leak, we could prevent this leaking travesty from befauling inosent Sprint and it's happy users.
It's a molicious attempt to make money from the tracking data on a conection that the user pays for at the expense of privacy, and it's wrong.
_________________________
Re: (Score:1)
WAP? (Score:1)
Furthermore, does WAP protocol enable giving out unique identifiers, or has this been surpassed at the wireless service provider level?? As much as I know, WAP services are always for a fee, so the WAP service provider has to be able to track customers usage. This is propably most relevant in a situation, where a third party WAP service provider provides its services directly to customers' phones.
Anyway, I'm guessing here. Does anyone know these issues? -mjpk
Re:Fair is fair (Score:2)
Re:This could be a good thing! (Score:1)
Re:Good reason NOT to have a cell phone (Score:1)
let's say that you are 5 km from a base station of a particular cell. It would take 1.66 *10^-5 seconds for the signal to travel that distance. At a data rate of 9600 baud (which I seem to remember is what GSM can do) this is ~ 16% of the transmit time for a single bit. I woulndn't think that correction would be neccessary for lightspeed errors in TDMA.
second, you would need very accurate timing equipment to get an accurate fix, and that would cost a lot of money which the companies don't really need to spend (unless you happen to be of a paranoid persuasion, and suspect govt involvement).
third, a more elegant solution would be to build in a gap between transmissions from each handset on the channel. This gap would be determined by the maximum lag possible within that cell. This would not affect call quality noticeably, and would save on the timing gear.
fourth, I don't know how accurately it is possible to get a directional fix on a cell phone from a single tower. Again, there is no need for the telco to engineer the ability to get a directional fix on the phone, so why spend the money.
lastly, the base transmitter polls all the phones in the cell every now and again, depending on traffic levels, to keep the master record of what phone is in what cell up to date. This is analogous to "initiating a trace", as you called it.
Re:WAP? (Score:1)
Luddites (Score:4)
However, that's just common sense and isn't the reason why I'm posting. What stikes me is that a lot of the posts here sound like they're written by people who just don't get it. Web phones are in their infancy - think back to the web in 1992, when every browser was incompatible with all the others and each new release broke pages which worked fine before. That's the way it is with web phones now.
This is new technology, and still has a lot of rough edges as site designers learn how to work within the limitations of the devices. The content designers are going to get better, and the phones themselves are going to improve. The keyboards are always going to be small, as are the displays (although the resolution will improve). Complaining that a phone keypad isn't good for entering lots of text. Well, duh! We'll just have to find a better way, like speech recognition or maybe setting up shortcuts using a full size keyboard and loading them into the phone.
The pricing model sucks right now, but remember the web at 2400bps with time metered usage. We didn't give up on it just because it wasn't perfect. In fact we loved it and the competition soon brought prices down. That's what's going to happen with web phones, and right now is the most fascinating part, seeing all the possibilities and being able to influence how it all turns out.
I guess I'm just surprised to see people on Slashdot slagging off these devices just because they're new, unfamiliar and still a bit clunky. To those people, all I can suggest is that they stick with their nice comfortable rotary dial phone and leave all this new fangled stuff to us nerds who like that sort of thing.
(No, I don't work for Sprint, but I do work with web phones, so maybe I'm biased.)
Re:Luddites <- worthy of moderation (Score:1)
Saw this one coming (Score:2)
Re:Luddites <- worthy of moderation (Score:2)
Re:Fair is fair (Score:2)
- Checking how many minutes I have left in the month
- Using MapQuest occasionally (just from zip code to zip code, so it's easy to enter)
- Using a CGI script I wrote to put
/. headlines in HDML (let me know if anyone's interested in the location)
That's it, and all of those can be used without logging in or extensive data entry. I think I sent an email from my yahoo account just once to say I did it. Summary: There is plenty of stuff you can use, and the sites are all coming on line now (still wish I could define a home page, though).They fixed this (Score:1)
These phones can handle cookies (Score:1)
Pink slip in the mail! (Score:1)
Phone ID *essential* to m-commerce (Score:1)
Because Sprint is a non-GSM service that, like most American cellphone companies, focuses on contract accounts, any transactions generated by m-commerce on a Sprint handset are billed either to the contract or to a credit card entered on the handset.
This will not be the model used in the future in the US nor indeed the rest of the world. The world's dominant cellphone standard is GSM, and a large portion of the world's GSM users (the quickest-growing segment) are pre-paid cards.
There is *no* way to identify these customers other than their GSM number. Any m-commerce transactions generated from such a handset will have to be billed directly to the pre-paid SIM card; that's they way it's expected to work, and the only assurance vendors will have of being paid. That means identifying customers by phone number.
There are two kinds of fool... (Score:1)
and one who says: This is new, and therefore better."
I have found a happy middle ground - I'm a furious "early adopter", but only for things that aren't mission critical. (e.g. I never run a
I am often surprised at the degree of xenophobia and Luddite-esque commentary on
Does anyone else think after years of decentralization and PC "freedom", the a web browser looks an awful lot like a 3279G block mode terminal with a server sitting in a closet somewhere that's not next to your desk?
If you think _that's_ bad... (Score:1)
(See "RIP Iridium" elsewhere for more on one.) have provisions for squirting user location from either embedded GPS receivers or satellite triangulation up to the gateway in order to effectively accommodate country-specific access requirements or tariff structures.
We know that people want to sell location-based services. (They're already threatening to with my SprintPCS Neopoint phone, which apparently has a GPS pod one can clip onto the side.)
I can't imagine the satellite phone companies won't want to shovel this data around too.
And just wait, ALL U.S. cellphone subscribers will eventually have user location information gathered on a per-call basis, because the U.S. gov't wants it for Enhanced cellular 911 services. My take is that the carrot for deployment of 911 location services is the ability to make money by selling you door-to-door routing on your cellphone.
Re:Ghost View can read PDF's (Score:1)
I'm not going to argue with any of this, but I have some comments to add.
1. I have had very little in the way of stability problems in Windows, but I have seen some stability problems with the Linux reader; in particular, if I ran it from the command line with the name of an encrypted PDF file, it crashed every time, while if I started it without naming a file, then loaded the encrypted PDF, it worked fine. (Incidentally, this was the only reason I loaded the Acrobat Reader on my Linux box; at the time, 9 months or so ago, I had no other way to read the PDF under Linux.
2. It does remind me of Windows, or at least, the Windows version of Acrobat.
3. I've made this comment about Acrobat looking ugly on screen as well, in particular, in comparison with Microsoft Word. Acrobat uses anti-aliasing on the display of text, which is why all the text looks fuzzy in Acrobat. Time has shown that anti-aliasing on text, at normal text sizes (like you might use in the body of some sort of document), simply doesn't look good; it makes the text too hard to read. On the other hand, Acrobat doesn't use anti-aliasing on bitmaps that are displayed at anything other than their natural size (which is almost unavoidable, if you're using Acrobat in the most common way, to produce electronically-deliverable documents whose main target is print). As a result, such bitmaps tend to have missing or duplicated rows/columns of pixels that make them look quite irregular. MS Word, for all its shortcomings, gets this correct - it uses anti-aliasing for scaled graphics, but not for text.
E911 (Score:1)
> new legislation or technology is required for a
> cell phone provider to get a fix on your
> location: *they already have this ability*. All
> they need to do is triangulate based on the
> relative signal strength received from two or
> more nearby towers.
Uhhm, *cough* not true *cough*.
The legislation is under a modification to the FCC
E911 regulations, requiring cellular network operators
to provide the location of a caller to the
emergency services in case of an emergency call.
The reason for this is that the percentage of
E911 calls coming in via cell phones is on the
up-and-up and since the landline telco provides
location info during E911 calls, the logic follows
that the cellular operators should too.
There are several competing technologies for
locating cellular users, and while your statement
about signal strenght is true-ish, that sort of
system is not very accurate, and is too complex
to be used in the mass market, i.e. the cell ops
are not tracking you right now, but are actively
looking at technological solutions to be able to
do so.
No doubt the network ops will look for commercial
opportunites for the data they will be able to
collect, I certainly would not spend upwards of
UKP100M on a UK-sized network w/o having some
possibility of getting a return on it, and there
will probably be a can-o-worms about who gets
access to the data, and under what circumstances,
but I'm still in favour of it since it will bring
a shed load of useful location-based services.
Re:Ghost View can read PDF's (Score:1)
o PDF, IIRC, is royalty-free, which IIARC is why Apple is using it (display PDF) instead of display postscript for OSX
o The acroread for linux is actually pretty good for viewing and printing PDFs, and I think it has a superior interface to GhostView/PDF (when bookmarks and thumbnails are encoded, particularly). It also feels faster.
Shit, I'd have more of a problem with PostScript, as Adobe still charges royalties/license fees for it (where it can)...
Your Working Boy,