Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Famous company VERIZON was using Supercookies! Will give fine of $1.35 Million!

 

Verizon is a famous wireless telecommunication provider in United States. Verizon will give 1.35 Million US Dollars as fine to FCC (Federal Communications Commission). Verizon will give this because the company was using “Supercookies” in a illegal way without the consent of his customers. Customers of Verizon don't know about the fact that company is using Supercookies.

 

What are Supercookies?

The work of supercookies is same as normal cookies, but these are special type of cookies which could be permanently stored in the browser of user's system. It is very difficult for normal users to detect Supercookies in their systems and delete all of them. The deleting process for Supercookies is different as compared to normal cookies. Supercookies can store authentication details, ad targeting data and all the browser history.

Verizon was using a UIDH (Unique Identifier Header) as a tracker. Company was installing this tracker into all unencrypted web traffic, which was going through their wireless devices. After that they were using this information in their advertising program. It was a illegal task, because Verizon was doing this without the consent of their customers. In a report FCC said that his tracked information was not only used by Verizon, many other third party companies were using it as well. It was clear that Verizon was sharing user's information with third party companies.

Enforcement Bureau chief of FCC Travis LeBlanc said that every customer care about his privacy. Every customer have right to know that how companies are using their personal information. Verizon was tracking information of their customers without informing them and they have to pay for it.

 

Statement of Verizon

In defend Verizon said that we are very clear about our policies and services. We are doing good efforts to tell our customers that how we are using their information. We are making policies in such a way that every customer could clearly know and understand about our services. From the past year we have done a number of changes in our advertising policies, just to gave more options to our customers. We are suggesting  our customers about the right services as per their requirement. We are also providing right information for each service they want.

Nate Cardozo is the staff Attorney of EFF (Electronic Frontier Foundation) and he said that as per our knowledge, Verizon is using UIDH from a long time. First we detected it in 2014 and we have told Verizon a number of times about it. It is totally a violation of online security and customer's information security policies. Nate also said that, UIDH used by Verizon is vulnerable to a number of dangerous attacks and hackers can exploit these security issues to steal sensitive data of users.

 

Also read: INDIAN Researcher found a new way to Hack Facebook! Got $15,000 from FB as reward!

 

FCC came to know about, when they launched an investigation against Verizon in 2014. During that  investigation they came to know about that Verizon is using this UIDH from 2012. FCC warned Verizon a number of times about it, but the company was using it regularly.

Finally FCC fined Verizon with 1.35 Million US Dollars. Hope in future Verizon will not do this without informing his customers.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.