Hacker News new | past | comments | ask | show | jobs | submit login
AT&T Cracking Down on Free Tethering via Jailbroken iPhones (modmyi.com)
38 points by pak on March 18, 2011 | hide | past | favorite | 42 comments



I'm always surprised that phone companies in America can get away with charging extra for how you use your mobile's internet access as opposed to how much or what you use it for.

Seems like such a false boundary to segment the market on.


What a land of contradictions - on the one hand you have world's best companies like Apple and Google and on the other, these awful, badly run, penny wise pound foolish crapfests like AT&T.

I actually just got back from a month in the US, mostly in LA, staying around west hollywood. The phone coverage was just bullshit and I'm not exaggerating. I was constantly amazed how I'd be standing outside, on Sunset Blvd, with 1 bar of coverage or nothing at all - I'd have to be deep in a basement or in an obscure train tunnel to get that in Sydney. I'm amazed that anyone can use this tethering at all, I was lucky to be able to check my e-mail.

Just one of those crazy things ..


That really depends on the provider. Verizon seems to have pretty comprehensive coverage. There were some very public horror stories about their customer service a few years ago, though, which could turn out to be a downside.


It makes it easier to offer unlimited data if you can ban all the ways of using lots of bandwidth.


It might be worst in the USA. I don't know. But telecom companies all over the world seem to be in love with arbitrary restrictions on how you use their infrastructure.

All so that they can sell zillions of different plans for slightly different services, overcomplicating the market.

I really hope that some time in the future, an internet giant such as Google will step into the mobile internet space and simply regard all bandwidth as bandwidth. Without caring whether it's used for voice, short messages, long messages, video etc. It would make life so much simpler.


Huh. Mobile operators in Russia are trying to battle with VoIP. There were even news on lawsuits against Skype, and attempts to block its protocol (reportedly, sometimes succesfull, sometimes not).

Old link, but that's the best I could find for now: http://forum.skype.com/index.php?showtopic=393471


Ironic that many of the folks here (myself included) are in the business of charging extra for packets of data by building SaaS. Our goal is to "commoditize our complements:" We want to extract all the value from the chain and have the hardware vendor, the OS vendor, the browser vendor, and the carriers all become commodities surviving on a tiny margin on top of their costs and slitting each other's throats.

It seems AT&T want to charge more for packets that have more value. Or putting it in another way, they're performing a kind of price discrimination. All things we like to do, we just don't want them done to us :-)


I agree - phone companies must intercept your phone calls and your internet traffic and charge extra money when you use it for business. Excellent suggestion, thank you!


Hahaha. If only you knew... In Canada at least, they charge more for a business landline with unlimited local calls than they charge for a residential landline with unlimited local calls.

Sounds exactly like what you suggest :-)


In Russia we do the same, but the important distinction is that generally SLAs differ too. Companies require (and expect) better level of service and tech support, so they pay more. Also, from what I've heard — comparing to natural persons — companies cause a bit more work for accounting departments.

Note: I don't know about telephony (they do charge more, but I don't know about their SLAs), but it is true for ISPs (I work for one as a programmer).


It is same in many other countries too, just because business phones are used much more often. It also hard to reuse such phone number, which is listed in many places: it will be "hot" for years.

Now, it is time to validate your home landline phone. Are you really doing no business over it? ;-)


I suggest that the cost to provide the service is either exactly the same thanks to amortization of equipment or only marginally higher for a small business with a single line.

Everything else is just the way they create price discrimination and exploit the customers' perception of value, much the same way that Microsoft have sixty-three jillion versions of Windows.


It's a shame that they are finally cracking down on MyWii and the other jail broken tethering applications. Those applications, at least for me, helped to make the iPhone usable while AT&T dragged their feet on enabling proper tethering for several years. Now that Verizon is finally putting pressure on their (lack of) business model, we get stuck with an overpriced official solution instead.

Hopefully Verizon won't pull a similar move: they seem to be largely ignoring the unofficial tethering solutions for Android phones.


How do we suspect AT&T are able to determine when a device is being used to tether?


From the comments in the original thread:

"I helped my boss through this one... I had him call AT&T and explain that he received a message about something called "tethering" and to act dumb and explain that he is a heavy pandora and Netflix user and doesn't understand why he's going to be billed more for it. _Bottom line they couldn't prove it so they apologized and removed issue from his account with no changes._

Good luck to everyone. (my boss was on 4.2.1 and he is using about 25gb per month)

AT&T is hoping people will either ignore the message or call to apologize (Don't act guilty and you'll be fine)"


One reddit user suspects that they are looking for TTL's on packets that do not match what iOS uses. I would love for somebody more knowledgeable about TCP/IP on HN to evaluate the likelihood of this...

http://www.reddit.com/r/technology/comments/g62wv/i_woke_up_...

If this is the case, user agent spoofing will not work, and it would be quite a bit of hackery to trick iOS' IP stack into spoofing TTL's for packets from tethered devices.


hmm, apart from ttl, you can use other tcp fields e.g. windows, tcp-options, packet-length etc. then, from a captured trace run passive os fingerprinting to find out with reasonable certainty the device generating the traffic.

these can/may be manipulated via ip-tables, but then you still have a huge data-volume to account for...


Can iPhone just route all your traffic through some encrypted VPN? I've heard there's a port of OpenVPN for iOS — that should be sufficient.

At least you'll be sure telco guys are not inspecting your packets by any means, be it "teethering detection", blocking some kind of traffic, or something more malicious, like profiling your Google searches. (Timing analysis may still apply.)


Not to mention things like adobe checking for updates


Yeah, it is trivial to analyze traffic of somebody else when you are working in FBI with court order...


> [from Reddit link]> well there's no way you can set it to 256.

With GNU/Linux iptables it's just one rule in the "mangle" table with TTL target.

On *BSD with pf "packet normalization" can be done with pf's "scrub" directive with min-ttl option.

Unfortunately, I've never used iOS and/or OS X/Darwin, so I don't know what are possibilities are there. But I believe there should be some.


It can't be set to 256 because it's only 8 bits.

(Edit: on reflection, if you know enough to know about the forwarding chains, I'm sure you know that TTL is 8 bits. Sorry.)


My bad, I probably didn't explain myself correctly.

I was talking about modifying TTL of the forwarded packets on the phone, to make the packets look like they were originated from the phone itself.


OK, yeah. I don't know how MyWi works; if it forwards everything by hand, then it can definitely do that. If not, yeah, it's dependent on what the kernel can do.


I would guess they're only looking at bandwidth usage. For one thing, that would be the easiest (and least creepy) thing for them to monitor. Additionally, it should be the only thing they really care about regarding tethering (why should they care if you're using the same bandwidth as a non-tetherer?).


"Should" is, I guess, depending on your perspective here.

As a bandwidth user (=carrier customer), I don't think it should matter.

As a bandwidth provider (=carrier), I would probably think that different use cases provide different levels of value to the customer, and thus can motivate different prices.

You might argue that bandwidth to a computer is "more worth" than bandwidth to a smart phone, since the computer has more power do to things with that bandwidth. That also means that, to a first approximation, customers can just plain use more bandwidth from a computer, which of course also makes it interesting to charge more for the ability to do that. And so on.


On the reddit thread there is speculation that they are observing the TTL of the packets. All iphones will send them out with the value of 'x'. When packets start leaving with 'x-1' then the person is obviously tethering.


I'd watch for a spike in bandwidth use and connections to Windows or Apple update servers -- at least to start hunting down suspects.


I'm guessing web browsing on browsers that are clearly PC/Mac desktop versions.


So you think they are parsing user agent strings out of HTTP requests? Seems unlikely.


Most mobile web access systems run through an explicit or transparent web proxy to downgrade image quality (=> reduce size) at least. Filtering on user agent would be trivial, though easy to work around.


Just periodically run a log scanner for requests for SWFs, etc. Lots of simple non-constant log scans will reveal this information.


I will use VPN or HTTPS proxy and will sue you if you will use that information for non-technical purposes.


If you're using a VPN, that ALSO is a dead giveaway protocol wise.

Good luck suing them. They offer tethering for a price, you're not paying it. I think the chance you'll get away with invasion of privacy on something that they technically should only see from flagged account is about 0.


I wonder if they can also detect proxies (e.g., http://code.google.com/p/iphone-socks-proxy/ )


Bleh. I wish the system wasn't so broken. A straight up metered usage billing system would be fine, as long as the pricing was fair (which for some reason no company can get it in their head to try). With that sort of system there's then no reason to charge extra or to try to inhibit tethering.


The interesting part of the email was where they said they would enroll you automatically into the DataPro plan. Can they really change your contract without your permission? Would this be grounds of canceling your contract for free? I know that when the iPhone first came out, I was on Sprint, and people would watch for when they would change their contracts and you were allowed to cancel your contract free of charge.


This is covered in section 1.3 of AT&T's Wireless Customer Agreement: http://www.wireless.att.com/cell-phone-service/legal/index.j...

Basically, being able to get out of your contract without paying an ETF is only possible if they change the price of services to which you subscribe. Since tethering would not be a part of the data plans of the affected iPhone users, this would not apply.


Also, after being enrolled you'd be able to call and/or log in to your account and simply have the tethering option removed without invoking the ETF...


... but by then, you'd be forever bumped off the unlimited data plan.


T-Mobile (http://forum.xda-developers.com/showthread.php?t=845532&...) and Orange/SFR in France (though it never happened to me yet) have been sending the same type of messages after User Agent detection...

User Agent spoofing should be added to MyWi/PDANet to avoid this!


Got tired of AT&T's BS with iPhone plans, bought a Samsung Captivate, flashed it with Phoenix ROM and now have free tethering.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: