Is there some automagic at the imode gateway that makes a phone's uid
available, or is the the UID spoofable? From a browser, for example,
or some ad hoc script I cook up to hit a site with....
I take the point about stealing sessions, I am just curious as to how
much extra "real" security the UID gives...
Nick
On Jul 31, 2004, at 4:59 PM, Manish Prabhune wrote:
The better solution is (only for registered sites)
is to match the session ID and UID (which is unique
for a mobile)
Received on Sat Jul 31 19:03:32 2004