---------------------------------------------------------------------- Message-ID: <20161108232922.18467.qmail@ary.lan> Date: 8 Nov 2016 23:29:22 -0000 From: John Levine <johnl@iecc.com> Subject: Re: A 10-Digit Key Code to Your Private Life: Your Cellphone Number >I find it hard to believe that numbers that come and go as you buy and toss >burner phones, or take out and let lapse MVNO activations, can be deemed >such a valuable "link to private info ..." :-) . When your mobile number is your only number, you treat it somewhat more carefully. We've ported my 20 year old daughter's number from phone to phone for years, since if her number changed, none of her friends could find her. R's, John ------------------------------ Message-ID: <E032AEAF-D7B9-4F66-B4FB-CF22400E463E@roscom.com> Date: Mon, 14 Nov 2016 09:51:09 -0500 From: Monty Solomon <monty@roscom.com> Subject: iOS WebView Problem Allows Attackers to Initiate Phone Calls iOS WebView Problem Allows Attackers to Initiate Phone Calls by Michael Mimoso iOS developers who have embedded Apple's WebView into mobile apps need to be aware of an exploitable issue that could allow phone calls to a number of the attacker's choosing. Researcher Collin Mulliner said the vulnerability is trivial to exploit, requiring at a minimum one line of HTML code. The risks to the user include ramped up charges to premium numbers, or worse, denial-of-service attacks similar to one last week that landed an Arizona man in jail for an exploit he shared on YouTube that allowed users to flood 911 call centers with calls just with one click. See more at: iOS WebView Problem Allows Attackers to Initiate Phone Calls https://threatpost.com/ios-webview-problem-allows-attackers-to-initiate-phone-calls/121865/ ------------------------------ ********************************************* End of telecom Digest Wed, 16 Nov 2016