What prevents me from writing a simple app and issuing a http request with a User-Agent header value set to another IMEI nos?
On Thu, Oct 20, 2011 at 3:01 AM, Noriaki TAKEMOTO < [email protected]> wrote: > follow myself. > > > NTT Docomo's Android phones send IMEI always by pre-installed video/ > > audio player in HTTP User-Agent header > > and custom header named "x-dcmstore-imei". > (cut) > > See also: > > "Music, Video | Service, Function | NTT Docomo" HTTP header > > information (written in Japanese language) > > > http://www.nttdocomo.co.jp/service/developer/smart_phone/service_lineup/music_movie/index.html > > NTT Docomo revised information. > Pre-installed video/audio player send IMEI only when user get a > license PlayReady. > > I think security risk is low in revised information. > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
