Verizon’s ‘Perma-Cookie’ Is a Privacy-Killing Machine (My ATT phone doing it too!)

Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.

The company—one the country’s largest wireless carriers, providing cell phone service for about 123 million subscribers—calls this a Unique Identifier Header, or UIDH. It’s a kind of short-term serial number that advertisers can use to identify you on the web, and it’s the lynchpin of the company’s internet advertising program. But critics say that it’s also a reckless misuse of Verizon’s power as an internet service provider—something that could be used as a trump card to obviate established privacy tools such as private browsing sessions or “do not track” features.

Jacob Hoffman-Andrews, a technologist with the Electronic Frontier Foundation, wants Verizon to stop using the UIDH. “ISPs are trusted connectors of users and they shouldn’t be modifying our traffic on its way to the Internet,” he says. He calls the UIDH a “perma-cookie,” because it can be read by any web server that you visit and used to build a profile of your internet habits.

<snip>

http://www.wired.com/2014/10/verizons-perma-cookie/


Note: I used the "sniffer" test, found at this website:

http://lessonslearned.org/sniff

You have to log in with your phone -- with WiFi off (just using the cell signal)

It turns out my non-Verizon phone is doing the same thing...