Apple iPhone users can access the Internet free of charge through AT&T hotspots, that’s what Macrumors is reporting. That’s a great additional feature for iPhone users and apparently for everyone else as well. The way of determining if a device is eligible for free access is by checking the User Agent of the device. We all know what it is very easy to spoof the User Agent of any browser. All that needs to be done now is to change the User Agent of the browser to the User Agent of the iPhone’s browser.
The User Agent of the iPhone browser is Mobile Safari 1.1.3 – iPhone. A user with Firefox or Opera could now easily change his User Agent to the one used by the iPhone to access the Internet without costs at every AT&T hotspot. One possible add-on that can be used for Firefox would be the User Agent Switcher.
User Agents are definitely not a secure way to protect a network or website from unauthorized access. The same can be said for referrer checks which are as insecure. It probably will only be a matter of time when AT&T decided to change the way the free access is granted to the iPhones only. Probably through a small application that is run on the iPhone instead.
Related posts:
Texterity Magazines offering free iPhone magazinesRead 20 Digital Magazines for Free
Apple iPhone Nano
Megaupload bypass country limit
Windows XP: Default Internet Browser Per User Profile
2 Responses to “Apple and AT&T Will Learn that User Agents are no good for access control”
Trackbacks/Pingbacks
-
[...] Iphone owners get more. They get free Wireless access at AT&T Hotspots, which no longer is that easy to defeat and now they also get [...]
Now, THIS, I have to try. Might even set up a man-in-da-middle hack to see what the mactards out there are doing :)