This time we will have a look at how Mobile operators in Italy deal with the HTTP Header enrichment. If you have not read the previous post have a loot at Mobile operators header enrichment assessment: 1/6 - Introduction and France to understand the methodology used.
As in the case of France we use a script that sends the following HTTP headers and compares them with the ones that reach the server:
=== Original Headers ===
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept: text/html,text/vnd.wap.wml,application/vnd.wap.html+xml,application/xhtml+xml,application/vnd.wap.xhtml+xml,text/x-wap.wml,text/x-hdml,text/vnd.sun.j2me.app-descriptor,application/java-archive,application/octet-stream,,image/png,image/gif,image/jpg,image/jpeg,*/*
Accept-Charset: iso-8859-1,utf-8
Accept-Language: en-us,en;q=0.5
User-Agent: HeaderValidator/1.1
This time we are assessing the following Italian network operators: TIM, Vodafone Italy and 3 Italy (Tre Italia).
I copy below the results and in red I highlight the unexpected changes, while in orange I mark the ones that were understandable for a proxied connection.
=== TIM through WAPGW/Proxy ===
pragma: no-cache
proxy-connection: Keep-Alive
accept-language: en-us, en;q=0.5
user-agent: HeaderValidator/1.1
x-up-subno: B01-XXXXXX-XXXX820394-mic08up01_waphsp.tim.it
accept: text/html,text/vnd.wap.wml,application/vnd.wap.html+xml,application/xhtml+xml,application/vnd.wap.xhtml+xml,text/x-wap.wml,text/x-hdml,text/vnd.sun.j2me.app-descriptor,application/java-archive,application/octet-stream,,image/png,image/gif,image/jpg,image/jpeg,*/*;q=0.001
accept-charset: iso-8859-1,utf-8,*;q=0.001
accept-encoding: *;q=0.001
Connection: close
X-Adit-Lpcnt: 1
It´s interesting to see that TIM GW is modifying all the HTTP headers. First of all it is changing the case to lower case and also "q=0,001" at the end of all Accept headers and changing the order. This means that when a new HTTP request comes in, the GW will read all the HTTP headers, parse them, change the case, reorder them and add the new sufix when relevant and create the new request. That seams to me a lot of work for a little or no gain.
Also notice the conflicting HTTP Headers:
proxy-connection: Keep-Alive
Connection: close
It´s fair for a proxy to add the "Keep-Alive" one but it should have removed the client "Connection: close". Also I don´t understand the purpose of adding q=0.001. If the client did not want to receive some kind of content, that header might confuse the servers and make them assume that, with a really low preference, the device will accept any content.
Last but not least, check the header:
x-up-subno: B01-XXXXXX-XXXX820394-mic08up01_waphsp.tim.it
which is a constant ID that is present in all the user connections, identifying all the HTTP Requests. Although there is no direct way to relate that ID to the real identity, there is also no way for the user to erase or reset it.
=== TIM direct INTERNET connection===
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept: text/html,text/vnd.wap.wml,application/vnd.wap.html+xml,application/xhtml+xml,application/vnd.wap.xhtml+xml,text/x-wap.wml,text/x-hdml,text/vnd.sun.j2me.app-descriptor,application/java-archive,application/octet-stream,,image/png,image/gif,image/jpg,image/jpeg,*/*
Accept-Charset: iso-8859-1,utf-8
Accept-Language: en-us,en;q=0.5
User-Agent: HeaderValidator/1.1-dir
Looking at the headers it seems that TIM does not apply any transparent proxy on their Internet connection.
=== Vodafone Italy through WAP GW/Proxy ===
Accept: text/html,text/vnd.wap.wml,application/vnd.wap.html+xml,application/xhtml+xml,application/vnd.wap.xhtml+xml,text/x-wap.wml,text/x-hdml,text/vnd.sun.j2me.app-descriptor,application/java-archive,application/octet-stream,,image/png,image/gif,image/jpg,image/jpeg,*/*
Accept-Charset: iso-8859-1,utf-8
Accept-Encoding: deflate, gzip, identity
Accept-Language: en-us,en;q=0.5
User-Agent: HeaderValidator/1.1
x-forwarded-for: 10.148.17.52
x-up-forwarded-for: 10.148.17.52
x-up-subno: g00gf1a3ffv4cfXXXXXXXXXXXXXXXXX
Via: HTTP/1.1 gmigmsp104 (XMS 724Solutions HTG XFW_002_M00_B247 20100413.142643)
Connection: keep-alive
Vodafone Italy is adding some unnecessary headers but not to the level of some of the French operators. Also, like TIM, Vodafone Italy is adding a fixed ID per user. An ID which will track the user always and that can`t be disabled.
=== 3 Italy direct INTERNET connection===
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept: text/html,text/vnd.wap.wml,application/vnd.wap.html+xml,application/xhtml+xml,application/vnd.wap.xhtml+xml,text/x-wap.wml,text/x-hdml,text/vnd.sun.j2me.app-descriptor,application/java-archive,application/octet-stream,,image/png,image/gif,image/jpg,image/jpeg,*/*
Accept-Charset: iso-8859-1,utf-8
Accept-Language: en-us,en;q=0.5
User-Agent: HeaderValidator/1.1-dir
3 Italy is not adding any change on the HTTP headers. Note that 3 Italy does not use any GW and thus the only way to modify the headers would need to be using a transparent proxy.
And that is all for Italy, next time we´ll have a look at the German mobile operators.
Let's Kerberos
7 months ago
No comments:
Post a Comment