A system developed by the popular Israeli cellular phone company Orange and left unsecured can be exploited to ferret out haredim who are using smartphones in defiance of the near-universal rabbinic ban against them.
Cellphone Company’s Security Breach Could Out Haredim Using Smartphones In Defiance Of Rabbinic Ban
Shmarya Rosenberg • FailedMessiah.com
A system developed by the popular Israeli cellular phone company Orange and left unsecured can be exploited to ferret out haredim who are using smartphones in defiance of the near-universal rabbinic ban against them, Ha’aretz reported.
An expert on information security, Amitai Dan, the founder Cybermoon, discovered the systemwhich lets a user gather information on smartphones and on devices installed in vehicles.
Only after Dan outed the system did Orange restrict its usage to people who have a special user name and password.
The technology in question, says Dan, was developed as part of a customer service platform for Orange’s book-selling scheme, and can be used to identify the particular cellular device being used: The Orange – portalXml Web Service, as it is called, allows anyone with access to it to conduct searches according to phone numbers.
Spokesmen for Orange claimed the system was not accessible via its website and was not linked to there.
Dan says he found the system through a simple Google search and realized that anyone who knows someone else’s phone number can find out what type of phone they are really using.
Perhaps the most problematic aspect of Dan’s discovery involves haredim. Orange’s system can be used to identify haredim using smartphones, despite the strict rabbinic ban against them.
Owners of smartphones are banned by rabbinic ruling from serving as witnesses at weddings and from holding other positions of religious trust, including leading prayer services, and in some haredi communities the children of smartphone owners are expelled from their schools.
Partner Communications Company, which owns Orange, claimed the security breech Dan found is an “isolated incident.”
“This was an isolated incident that was handled immediately upon discovery, over two months ago. It must be stated that the link in question was not part of the company’s website, and that it can only be accessed with specific user-data. Partner makes extra efforts to follow all information-security protocols to secure customers’ data, and does everything possible to prevent exploitation of the network,” the company said in a statement.