Hacker News new | past | comments | ask | show | jobs | submit login
How can phone companies detect tethering? (stackexchange.com)
458 points by antouank 35 days ago | hide | past | web | favorite | 223 comments



Android connects to the phone network using a different type of connection (DUN) to send tethered data.

The code to do that is in android here:

https://github.com/aosp-mirror/platform_frameworks_base/blob...

There is a setting you can set to disable it and make the provider treat all traffic as if it is non-tethered.

    adb shell settings put global tether_dun_required 0

Considering how knowledgeable the HN crowd is on all things networking, it surprises me to see so much uncertainty on something so easy to check in the code!


On AOSP master I believe the new setting is:

net.tethering.noprovisioning

consumed here:

https://android.googlesource.com/platform/frameworks/opt/tel...


Feels good that since I use LineageOS, I can disallow cell providers from blocking me if I tether.


The provider can see all your traffic. It’s not hard to tell the traffic isn’t coming from a phone, even if you try to be clever.


It's not hard to tell, but it's hard to prove.

"Hey, your service doesn't work even though I'm sending those packets from my phone. Give me my money back".


They don't really need to prove it though. You've got a contract with them, and they have reasonable evidence that you're doing something disallowed which would be a defense against claims that they're breaking the contract.


Agreed with the comment below, the ball is firmly in your mobile provider's court. The contract will almost certainly state that service can be withdrawn at any time on their sole discretion for any suspected breaches; if you're tethering on a contract that doesn't allow it, they're well within their rights (which you've agreed to by accepting the contract) to block your service until you comply or close your account completely. You have no recourse in this situation according to their T&Cs.

They don't need to prove it and they have no obligation to give you your money back, either. Be careful.


They don’t have to prove it. If they detect it you are a customer they don’t want so they can just tell you to take it or leave it.


How much would something like Wireguard mitigate this?


All the traffic would be tunneled, so unless they're using heuristics or ML to determine "phoney" and "desktop/laptopy" timing in the packets, they can't really tell what's going on.


Just about entirely. They could block the VPN or try to say that it's got to be teathered but it's much more difficult for them to say that or back without causing serious issues for customers.


Who knows? It’s still obvious if you look at the traffic patterns, a VPN can’t hide that. But as long as you stay under the radar they might never know. Or you might be booted and blacklisted from the network.


I think that's only half of the picture. You also need to disable the dun provisioning. If you are building AOSP, it ends up being two patches. And that still leaves TTL or any other deeper inspection methods.


I did something similar to bypass Verizons $5 per month surcharge to tether. I think it was a different variable I set though, not tether_dun_required. I think it was something like don't check if the tether enable bit is 1. I haven't tethered in several years and several Verizon plan types though.


Verizon allows don't they?


Iirc they did until they got in a bidding war with Google for the RF spectrum. Google bid Pi billion dollars, which pushed the government contract into a net neutrality clause that forced tethering to be free.


Reading the related https://danielpocock.com/android-betrays-tethering-data/

I am a little confused, this creates a new interface named `rndis0` how does the carrier know it's tethered? Because of the new MAC address?


There's also a separate APN for dun. So tethering traffic goes through the dun APN. And that's just the most basic form of classification that Android does voluntarily. Carriers can additionally do more tricks like the TTL one mentioned.


And why does Android have that enabled by default when in 90% cases it's better for the user to have it disabled?


I imagine it's because the cell providers asked for it.

The first 2 or 3 google phones I had let me turn on tethering with no problems despite it not being in my contract and somewhere around the pixel 2 it stopped working. So it seems like an intentional change on their part, and likely one that Apple also enforces. To change the flags mentioned previously you also need root, so it provides quite a speed bump for folks trying to use tethering despite it not being in their contracts.


Not sure if you realize this but google doesn’t build android for you, it builds it for the carriers so what is in your best interest is not really considered. You aren’t the client.


I don’t think it’s quite that simple. Google builds Androids for users, but the primary retail space is owned by the carriers. There are occasionally a few lines the carrier could tell manufactures (including anyone selling android) not to cross or they won’t sell that phone.


Google builds in interest of Google profits.

Phone manufacturers alter from there per carrier demands. Phone manufacturers us Android because it's free.

It's brilliant on Google's end.

Perfect example, is WiFi calling. That was available on Android forever, but only T-Mobile didn't restrict it. ATT and Verizon had it disabled because of how profits are calculated on cell sites. There's a whole per minute, text, and data calculation that shows money flow. T-Mobile allowed WiFi calling way back when because the network was a dwarf to the big carriers. And then apple caught up like normal and acted like they invented it, but don't even get me started on apple.


It would be nice of you to post this as an answer on the original question.


The question is locked and cannot be modified.


As with all useful StackOverflow questions.


It's my number one negative experience with the site. I might get an answer downvoted once a year. I see the mod cabal shut down proven useful content several times a week. It's like a politician who insists on doing highly publicized bank bailouts instead of backroom deals. It's not smart to rub it in people's face that you run things and their opinion doesn't matter.


Why does it do this?


Business relationships with carriers, and similarity to iOS which disables tethering by carrier settings. Carriers strongly objected to tethering and sometimes still do because they would prefer every device register individually with the carrier on a paying plan. This has changed in subsequent years but carriers did and still do lock down their networks to prevent devices from connecting or billing different devices at different rates. Generally though it’s a profit motive, followed by a network protection measure.


For the carriers it's not just about wanting to squeeze customers for more revenue (though it is also that).

Their networks are often provisioned under the assumption of super bursty traffic, where not all phones will be pulling at throughputs all the time. Laptop users will tend to use high throughput more consistently, and so be bad for their business model on the cost side.


But data caps will force users to be mindful or pay exorbitant fees.


> something so easy to check in the code!

Except it's Java ... too much bloat to go through.


Last year I called T-Mobile for some relatively minor reason and then got into a conversation about this "upgrade" I could get that would knock my bill down $20 a month, provide option X, Y and Z.

It sounded too good to be true so I just kept asking if I'd lose anything. I was assured, no, it's all benefit.

In the past if I had an internet outage at home I'd switch to to tethered phone and have no drop in speed. In fact, it was faster than work or home.

I recently moved and while waiting for internet installation suddenly found my tethered rate went down to .25/mpbs, whereas in the past it was up around 40mbps up and down. My phone itself reached these speeds via LTE. It became immediately apparent what I'd signed up for in my "upgrade" the year prior. I had been on some grandfathered plan that had no such restriction, and by "upgrading" sacrificed my ability to tether without moving to a One Plus plan.

Of course in the heat of all of this I asked myself that same question: "how does T-Mobile know?" Some of the suggestions here seem unlikely since I'm still able to get good speeds via the phone simultaneously while limited via computer. The MAC address thing seems compelling but I'm obviously not going to go around spoofing anything just because I got duped by my provider.

I've been a T-Mobile customer forever, but that kind of deception was really, really insulting.


I was on T-Mobile until recently (moved to Canada, where we _finally_ have unlimited plans too), and I worked around the throttling by running a SOCKS5 proxy on my phone and tunneling through that while connected to the tether. The packets appear to originate from my phone (iPhone) rather than the tethered device, and I got uncapped speeds.


Very nice! What iOS app are you using? I didn't realize this kind of functionality would be allowed.


I originally made my own app: compiled an OSS SOCKS proxy with a simple iOS wrapper, deployed with a free developer account. Later, I switched to using Pythonista (paid app available on the App Store) to run a SOCKS proxy written in Python. I should add - Pythonista is a pretty amazing app, given that it’s a proper App Store app that lets you write your own Python programs with full access to iOS APIs (including the ability to dlopen private frameworks via ctypes...).

The iOS app I “wrote” is up on GitHub: https://github.com/nneonneo/socks5-ios. It’s really barebones; I knocked it together in less than an hour since I rather desperately wanted a good internet connection at the time :)


Where’s the python code you’re running?


I didn't upload it anywhere because it's _shamefully_ hacked up - it's a quick bodge-job on top of some existing Python SOCKS proxy, where I added PAC support so my iPad can also use the hotspot (since you need PAC to convince iOS to use a SOCKS proxy).

But, hey, if you want to see some random person's SOCKS code bodged up with some extra hacky bits from me, here you go: https://gist.github.com/nneonneo/fc770965944a4640e2aef34e0f8...

If you want to use PAC, set the "automatic proxy URL" to http://172.20.10.1/wpad.dat when using this as a tethering proxy (yes, iOS lets you bind port 80 without root - your app just needs to be running).


No need to feel ashamed. If you share your code, people know what they run and can learn and improve from there. One of the awesome benefits of FOSS


Awesome solution, great hacking, well done!


Best guerilla marketing for Pythonista ever.


FWIW, I have zero affiliation with the app, I just happen to really like it :)


The suggestion that monitoring TTL would seem a pretty easy way to distinguish between mobile and laptop. It seems you'd want to set your laptop's TTL to phone+1, and match the phone's TTL.

Here's a random howto change ttl for Ubuntu and windows: https://askubuntu.com/questions/667096/how-to-change-the-def...

Btw, an interesting article on the effectiveness of TTL for fingerprinting: https://www.howtogeek.com/104337/hacker-geek-os-fingerprinti...


tmo is a combination of TTL and APN.

Stock android and iOS will use the tethering APN under the hood. LineageOS doesn't.

I'm presently tethered to a tmo phone on their cheapest unlimited data plan and see 20mbit+


Reminds me of the crazy phone plans when mobile started getting popular in my country. There was one super premium, quite expensive of course, which was pretty much unlimited everything.

It worked so well (for the heavy phone consumers) that the company tried its best to buy those contracts back / move those folks on a more profitable plan.


>I've been a T-Mobile customer forever, but that kind of deception was really, really insulting.

Did you try calling T-Mobile? I would be curious if they could confirm it was in fact throttling tethered devices and if they could explain and maybe correct the behavior?


Yes, on the T-Mobile "One" plan they did throttle tethering traffic. You had to pay an extra $15/mo or so for the "One Plus" plan to get LTE tethering speeds. I believe they may have lifted this throttling on the new "Magenta" plans they rolled out a few months ago.


Wouldn't this be a breach of some consumer law? They told you one thing and you signed up on that basis. It's misleading.


Yes. And I signed up for AT&T DSL when their ad said “cancel anytime; no penalties”. When I cancelled, I received a cancellation bill and a letter saying “come back, remember we’re the company that doesn’t have cancellation fees” in the same day.

I tried to dispute the bill and they sent it to collections. Also, during signup they ran a hard credit check explicitly against my permission. One person vs BigCo doesn’t always work out.


This very limitation kept me from upgrading my T-Mobile plan for years. I read about Mint on here the last time a plan-related discussion came up, and I switched to them because they don't throttle tethered traffic. They're a MVNO on tmo's network so you do risk getting deprioritized during congestion, but so far I've been pretty happy. (I hope this comment doesn't come off as shilling for Mint. I just happened to have the same problem as you and was fairly satisfied with this solution.)


I use StraightTalk. MVNOs are the way to go, whichever one anyone here chooses. They are prepaid, but you save a lot of money in the long run, and they usually have better data allowances.


That's super weird, T-Mobile is supposed to have simplified their plans to just the one like 65$ one with no restrictions. It's a big part of their pitch - "we're the no bullshit, no contract company," so I'm pretty disappointed to hear they're moving away from that.


They were when I joined as a customer around ~2012. But in more recent years they make weird distinctions between tethered and non-tethered. My SO's phone has T-Mo's version of Android, and enabling tethering causes a visible phone-home interstitial. My phone is unlocked/has vanilla Android, so it doesn't.

Our billing, IMO, is very not up-front about what our limits on tethered/not are. Generally, it hasn't mattered. Whatever our limits are, we're not hitting them.

And it's annoying AF; there is no reason for a carrier to give a crap about tethered/not. Limit my bandwidth, cap the amount I can send, sure — I completely understand not wanting a customer dragging down the network —, but what does it matter what device generated the bits?


> what does it matter what device generated the bits?

Most of the packages they sell are based not on the cost of your specific consumption (which is way more complex than peak bandwidth or total transfer), but the cost of typical consumption given some restrictions (e.g. the aforementioned bandwidth or total volume cap).

If you bunch tethered and non-tethered traffic together, the average non-tethered user will have to pay more, and the average tethered user will have to pay less, than with the two usages split (assuming the same total profit).

Thus, you would lose the "cheap" non-tethering customers to competitors who do differentiate, while the expensive tethering customers would come to you.


Or, if they limited bandwidth to the actual expected behavior, like the previous comment suggested, everyone would get the service they pay for regardless of device. The only ones who don't want that are the providers who want plans to be as confusing as possible.


> And it's annoying AF; there is no reason for a carrier to give a crap about tethered/not

Put yourself in their shoes, and you'll appreciate their reasons.

I was recently force to pay for a higher plan specifically to unlock tethering, which is important to us for backup, since we're in the hills on a crappy ADSL connection.

Their reason is that it allows them to increase revenue.


They're charging for literally nothing. I get that that allows them to make more money, but charging someone for nothing generally makes that customer unhappy. That doesn't mean I should like it, but I do think most people have no idea that tethering is completely a feature of their phone; I do take things like that into account when choosing carriers. (It was one of the reasons I chose them to begin with! But alas, the deal was altered.)


If they were “literally charging for nothing” then there would be nothing to discuss and no one would pay for it.

Just because they are both packets over the network, they are different use cases and present a feature which can be charged for.

If you don’t like it, switch to a different provider. If there isn’t one that meets this need, maybe there’s a market opening. If the market is anti-competitive and exploiting that and colluding to shut down this feature, complain to the FCC. If the FCC dismisses your valid complaint for political reasons, vote out the party which put them there. If you don’t have the votes to get the people in power to care about this issue and regulate against the monopoly which is colluding to overcharge for it, then deploy a few thousand bots to sow dissent on Twitter and... no wait, don’t do that last one.


> Just because they are both packets over the network, they are different use cases and present a feature which can be charged for.

Charging people for different use case while the product is literally the same is one the most anti consumer things I can think about it, no idea why you think it's okay.

Imagine a eletricity bill that had different prices if your vacumm cleaner was being used on the living room rather than say, a bedroom, I see it as simply absurd.


Except that electric utilities absolutely charge for the same electrons at different rates based on the type of usage, differentiated residential vs. commercial vs. industrial rates, differentiated by time of day, and even charging different rates for the same electrons delivered at the same time to two neighboring residential houses depending on if the residence is heated with electric versus gas!


I bet you even support net-neutrality. Commie.


does it matter too much if I use my 4g of bandwidth over 1 day vs 30 days? probably not...


It is a straightforward experience, having just bought a plan in May from T-Mobile, provided you are willing to accept that market-speak is the window dressing of Life in America and you are able to find a sales rep who is willing to switch from the corporate dialect to American English.

I bought a $75/month “unlimited” plan (soft cap is 50GB before throttling according to the sales rep) and that price tag includes any taxes or fees in my local jurisdiction. It is $70/month with autopay turned on, because you get a $5/month discount. The hotspot would suck if I used it, but I don’t, and FaceTime Audio works out of the box, no setup process, which was what I wanted to hear.


Its not throttling. It’s deprioritization. If you aren’t in a congested area, you will get full speed throughout the month.


That isn’t the explanation I received, but if true, that actually sounds slightly better than what I bought. In practice, I expect what the sales rep said to remain effectively accurate because I live in a densely populated city.


To be fair to wireless carriers, wireless is different than wired when it comes to bandwidth. Theoretically, if you throw enough money at infrastructure, you can allow everyone to have truly unlimited bandwidth at the advertised rates wired. Of course that would be cost prohibitive.

Wireless is different. There is only so much bandwidth that you can have over a given frequency, only certain frequencies are available to each carrier, and only certain frequencies are conducive to cellular transmissions. For instance for years T-mobile has horrible reception indoors because of the spectrum they had.

https://www.t-mobile.com/offers/mydatausage

It looks like you’ve used 48GB or more of data overall in this bill cycle. After 50GB, you still get unlimited LTE data but may at times notice reduced speeds in areas with network congestion.

In the vast majority of times and places, you will notice little if any difference. In the small number of times or locations where there’s network congestion, you may notice reduced data speeds. This experience is due to our data prioritization practice, which prioritizes customers who use more than 50GB of data in a single bill cycle after other customers. This practice helps to optimize overall network performance and maintain a quality service experience for as many customers as possible. Your data usage resets at the beginning of your next billing cycle, so this practice will only apply until that time.


Yeah no contract, but if you don't formally cancel your month-to-month service they will send you to collections for the next months bill.


Wait, like, formally cancel in what sense? I would expect if you wanted to cancel a service, you'd have to tell somebody about it?


I have to be missing something obvious, because without you letting them know, the only way I can figure for them to know not to bill you anymore is telepathy.


Other No Contract carriers bill up front so they can just stop service if you stop paying.


Change your APN in modem settings to be the same as one used for internet on the smartphone


I am not sure when they treated you right to make you surprised.


>MAC address inspection

AFAIK this wouldn't work because MAC addresses don't get forwarded to the next network segment. On android, the phone acts as a router (with its own DHCP server assigning devices a local IP address), so I doubt that information is getting passed on.

>Inspecting the network packets for their TTL (time to live)

>TCP/IP Stack Fingerprinting

>Looking at the Destination IP/URL

Probably works, but I'd imagine it's pretty easy to bypass by proxying your connection through the phone.


> AFAIK this wouldn't work because MAC addresses don't get forwarded to the next network segment

Finally! I was scrolling down the comments, starting to think nobody on HN knew networking enough to notice this.

MAC addresses never "leave" the local network segment, so can't be used for tracking tethering unless the phone has code to forward this info on. But, at that point, the MAC address isn't really needed anymore ;)


Does 4G even use the concept of a MAC address? I'm not familiar enough with the protocol to comment, but MAC addresses are usually an Ethernet conecpt.


I believe it does use MAC addresses, just obviously the link layer is different. I'm not 100% certain though as I haven't gone deep into 4G!


It is difficult for an average user to set up a proxy, and there is still a possibility to detect PC by analyzing unencrypted DNS queries to MS domains for telemetry servers.


>It is difficult for an average user to set up a proxy

I'm sure that if there's enough demand for it, someone would make an app. A simple SOCKS5/stunnel server with a few buttons shouldn't be hard to make.

>and there is still a possibility to detect PC by analyzing unencrypted DNS queries to MS domains for telemetry servers.

This would really only be an issue if you don't have VPN killswitch set up on the tethered devices. Even if this can't be prevented, disconnecting phones because they made a connection to MSFT telemetry servers can be easily turned into a DoS vector. Want to mess with someone's internet? Put a bunch of img/script tags to MSFT telemetry servers on your site.


Back around the time this SE question was asked (2013), I was using an awesome open-source app [1] to tether on my iPhone. It was very easy to use, though you had to be able to compile and run it yourself, as there's no way it would be allowed in the App Store. I would be surprised if something similar didn't exist for Android.

I needed to tether on train rides a few times a year, which was really not worth paying for the service. Nowadays I can do it without an exorbitant extra charge (aside from the extra data that tethering guzzles), so there's no need for it.

[1] https://github.com/tcurdt/iProxy


Isn't paying for tethering the digital version of buying apples, but I have to pay a premium if I want to use them in a recipe?


It's more like having a different price for a buffet if you're eating in vs. taking it home. The phone data rates are set with an understanding that phones use less data than laptops.


I get what you are saying, but that analogy fails as well. There is a physical limit to how much one person can eat, while there is no limit to how much someone might take home.

Whereas with data, there is no limit intrinsic to tethering vs in-phone.

More to the point, in practice, people can easily use as much data in-phone as on a laptop, due to streaming video. Think, for example, of someone streaming music via YouTube for hours on end.


Does it matter whether the limit is physical or practical? On average, people use much less data when it's confined to a single phone than when they can share it with laptops.

Here's a different analogy that might work better: I can shop at Costco as much as I want, and I can even buy things for other people, but I cannot literally give my Costco card to someone else and let them shop at the store on their own.


Not when they are also charging you by the bit transferred.

People also deal with various data caps when tethering, they just now also deal with an extra bill for a service provided by their phone not the phone company.


> More to the point, in practice, people can easily use as much data in-phone as on a laptop, due to streaming video. Think, for example, of someone streaming music via YouTube for hours on end.

There are actually several tricks to make video streaming efficient for phones. The top sites are aggressively throttled [1]. This is harder to do for laptops, where users are typically connecting to corporate VPNs and stuff.

[1] https://www.bloomberg.com/news/articles/2018-09-04/youtube-a...


I agree with you overall, but not this reasoning. Smartphones can connect to VPN's as well.


Sure.

And anyone who uses a VPN can get themselves limited, just like they were using a laptop, because the carrier thinks you're trying to hide something from them.


Have you ever heard of on-phone VPN use being detected as tethering? I'd expect the victims of this to be quite upset!


They can, but is it as common in practice? (I earnestly don't know.)


Every VPN provider I'm aware of offers either a mobile app or set up instructions for Android and iOS. So while that doesn't really answer your question, I suspect there's a non-insignificant number of mobile VPN users.


If you set up a hotspot so your friends can all (anti-socially) stream separate videos, that scales up beyond what one user would consume.


But you can never exceed the throughput of the phone.


There's the same limit on possible data usage as there as on possible food haulage: throughput.


Tethering automatically subjects you to exactly the same throughput limit the phone already had; the phone needs to personally make each request.


It's a usage pattern thing, not a physical capability thing.

It's why I like Google Fi. I don't have any of these arguments. I'm just fully metered and there aren't any restrictions.


Much more people are going to transfer a lot of data using a computer than using a phone. An hour of YouTube on a phone is only about a gigabyte, think of how quickly you download that on a laptop.


it's a reminder of the old days where ISPs limited your connection to one device and required to pay multiple times if you had more than one device at home. people got wise to it and found that by using a router they could hide multiple devices and the practice eventually stopped.

it was based on the same argument that multiple devices would be used by multiple people and hence create more traffic.

i don't know if this was common in the US, but it certainly was in some countries in europe.


This is an age-old trick humans like to play on each other that Economists have given the name "Price Discrimination"

https://en.wikipedia.org/wiki/Price_discrimination


It's a service offering issue for unlimited plans, and a customer experience issue for metered.

Tethering is problematic in many ways with devices that don't expect to be metered. A Windows PC or Mac will sop up data sitting idle at a prodigious rate.

For every informed consumer who understands that, there are 8 who are going to go crazy when they end up with a wacky bill.


> A Windows PC or Mac will sop up data sitting idle at a prodigious rate.

Thankfully, Windows finally offers a "This is a metered connection" option. Do you know how to get the equivalent functionality on a Mac? I've looked, but can't figure it out.


There’s an app called TripMode that does this. https://www.tripmode.ch/

The fine-grained control is nice but still seems like a glaring omission that the Mac still isn’t “tethering-aware” with regard to conserving data — especially since it’s so seamless to connect to an iPhone that shares the same iCloud account.


Thanks! Do you know if there's a free app? I don't need fine-grained control, just a metred/unmetred switch, and it feels excessive to pay $8 for that.


macOS's APIs and developer docs don't really encourage checking for cellular vs wifi the way iOS's do. So you probably do need relatively fine-grained control to get the same effect, as the vast majority of processes will assume the network connection is either fully up or fully down.


Sorry, I don’t know of a free alternative.


AFAIK it doesn't exist and is part of the reason we don't have a MacBook with built-in LTE (can't stand dongles myself).


Paying for tethering is the digital equivalent of Shell or BP saying, "unlimited diesel for your compact car for $X/month. Add your 4mpg Hummer for only $Y/month additional!"


that's a very bad analogy. Apps waste way more bandwidth. It's better if you turn it around: "unlimited gas for you 4mpg hummer. But we will nickel and dime you if you try to ever fill up the 1L reserve tank on your electric scooter"


absolutely not.

the tethered devices use the same "gas tank" and would have to be directly connected at all times for that to work.

so maybe

"you get unlimited diesel for this car, but you'll have to pay extra if you want to charge your phone or laptop from the electricity generated from our diesel"


I like this analogy but they should just give me the compact car rate of gas for my Hummer.


Not sure if this works as an analogy.

Its like if you subscribe to netflix .. but if you want to share it with 4 family members, then get a family plan. You can simultaneously consume multiple streams of content.

Tethering allows you to share the internet connection with other people, as well as your other devices - which is essentially you consuming multiple streams of internet data simultaneously.


That's creating artificial scarcity.

Paying for usage sort of makes sense, but paying for a license to share with other people? That's outrageous.

Imagine if you had to pay an extra license on your water bills for sharing water with your guests..

The cultural industry from your first example has been unjustly profiting from artists and the public alike for decades.

Now ISPs need to apply this model to survive because we don't pay for bandwidth usage or for guaranteed bandwidth. We pay for a mirage of advertised 28Mbit/s, 100Mbit/s, or even 1Gbit/s nowadays.. the cost of which bandwidth is actually shared among many clients.

So it's specifically because of their own marketing lies that ISPs now need to find ways to restrict users from sharing their access. Good luck with that!

In the meantime, we'll keep on building our own self-organized non-profit ISPs (such as NYCMesh or guifi.net) to overthrow their rule.


Come on man. Bandwidth is not that expensive. Also I believe that phones consume more bandwidth than laptops. You tether your laptop for work stuff. That’s close to nothing. Then you might watch a video, but it’s the same on your phone. Actually the resolution is higher than on non-retina laptops. It’s simply charging bc they think it’s of value to you. You need your laptop for work. So we charge, bc it’s work related.

Oh.. and I have an ad blocker that saves a ton of network


Paying for ACCESS makes sense. It costs the ISP to have the availability to connect you up.

Paying for USAGE is disgusting. The way a network works, is that besides upkeep which is a small percentage of TCO, upfront cost scales with total bandwidth, not total number of packets one needs to move across a set of links.

Meaning if the ISP buys enough network equipment for 100 users to each have 10mbps of available bandwidth, they no longer have costs besides upkeep (maintenance, support, and replacing broken hardware). This is a SMALL percentage of upfront buildout costs. This large lump sum in the beginning has the potential to deliver the same amount of bandwidth ad infinitum.

Charging users for USAGE is DISGUSTING and is literally not fair.

Price gouging.

Plain and simple.


> The way a network works, is that besides upkeep which is a small percentage of TCO, upfront cost scales with total bandwidth, not total number of packets one needs to move across a set of links.

This isn't really true for wired networks, and it's extremely untrue for wireless networks. There is only so much total aggregate bandwidth available in a given area's spectrum allocation. If every device at a given base station was downloading as fast as it could, performance for all users would collapse. Wireless ISPs need to get users to limit their usage. In the past they did this by charging the byte. This confused users, and got them angry, so now they've migrated to "unlimited" plans where you effectively pre-pay for (say) 30GB per month and then get slower downloads beyond that. They've also added tricks on top of that to make it harder to use a lot of bandwidth. This includes making it harder to tether, and throttling music/video streaming services.


> Paying for ACCESS makes sense.

In the context of a typical end-user paying a non-profit ISP, yes. We share infrastructure costs and that's about it.

The problem is commercial ISPs only follow the money so you have the recurring cost of greedy shareholders to take into account in your equation. And that usually leads to not respecting net neutrality (as was the original subject of this thread).

So if you are in control of your own infra, price for access should be in the range of 1-20€/month. If you do xDSL, it has to be (a lot) more expensive (+15-25€/line/month).. as long as you're small. When you're big enough you can do local-loop unbundling and be back on the first price-range.

> Charging users for USAGE is DISGUSTING and is literally not fair.

Depends. For typical end-users, it's not a good model (you want a fixed price). But for associations, hosting coops, companies.. That's the usual approach for guaranteed bandwidth billing: https://en.wikipedia.org/wiki/Percentile#Applications

That's a mechanism to make sure your friends and your small neighborhood association don't have bleed themselves to pay for the seedbox i want to setup in my garage :)


You are saying it's okay for ISPs to charge per packet rather than per pipe size. It is possible for ISPs to set up their network for guaranteed bandwidth (at least as far as the NOC you are connected to). But not doing so means they can continually squeeze more money out of their customers without added infrastructure costs.

Without firsthand experience, it's difficult to explain to someone that once I configure an access layer switch with 48 1gbps ports on it, and 4 10gbps SPF+ uplinks, it only costs me the price of electricity and physical storage to move 1 packet over it, or an infinite number of packets over it.

My problem with that is that once the pipe is installed and working, it only costs maintenance. I'm not sure what you are trying to say with your seedbox example.


> Without firsthand experience, it's difficult to explain to someone that once I configure an access layer switch with 48 1gbps ports on it, and 4 10gbps SPF+ uplinks, it only costs me the price of electricity and physical storage to move 1 packet over it, or an infinite number of packets over it.

This really isn't true, as you do have to pay someone to sit somewhere nearby the switch in case it goes down. And you have to maintain a space indoors for the switch so that it doesn't get wet. Such space has to be built on land that you own or lease, and you can't just buy a wiring closet-sized piece of land. You also will have to eventually replace the switch, as it will fail after a certain period of time.

There are recurring costs to all of these things, and it absolutely costs more to send an infinite number of packets over the switch. In fact, you can only send so many packets over the switch before it fails, because bandwidth and packet size are limited.

You'll also find that if you're selling bandwidth on this switch you'll need to pay people to administer and enforce contracts, and you'll need a building for those people, and you'll probably want to market your switching service so people know they can buy bandwidth on this switch from you.

It's pretty dismissive to call all that "maintenance" as if it's a paltry sum. In fact I would argue that paying the company to maintain the network is the bulk of what you're paying for here, and it's a lot more complicated than just plugging some wires in and calling it a day.


> You are saying it's okay for ISPs to charge per packet rather than per pipe size.

Not my intention, sorry. Per-packet pricing would be ridiculous indeed.

> not sure what you are trying to say with your seedbox example.

"Per pipe size" pricing doesn't mean you only have maintenance costs. Because it's technically unfeasible to guarantee "pipe size" bandwidth to all routes on the internet to all your clients. So if i keep "my" pipe filled, you may have to add new cables/switches or maybe upgrade some transit plan.

So i can understand that with a 10Gbit/s uplink you may never reach these limits because your network is already oversized for your needs. But many people (even actual ISPs) don't have 10Gbit/s uplinks. Or at least not 10Gbit/s of transit (although they may have 1-10Gbit/s peering links with other local entities).


>technically unfeasible to guarantee "pipe size" bandwidth to all routes on the internet to all your clients

Yes I agree. But if I pay an ISP for a 10mbps link, I should be able to get 10mbps to their NOC at all times, and then each ISP would be able to vary prices based on peer connectivity. This is where competition would strengthen the internet backbone.


This is a better analogy, but still not quite right.

This issue constantly comes up with keeping the internet free and open. Take the following:

The customer pays for their connection, say 10mbps over Verizon's network. Under a free and open internet, the customer is allowed to use that 10mbps that they PAID for in whatever damn way they please.

Why should I be subject to Verizon's idea of what my connection should be used for? Congestion happens, but a properly designed network means that the pipes are mostly free and available under normal circumstances to all customers for all the bandwidth they paid for. Doesn't matter how many devices I use on the other side of that connection, I bought 10mbps and I should be able to use that 10mbps the way I want.

This is price gouging. Plain and simple.


> The customer pays for their connection, say 10mbps over Verizon's network.

That's typically not what happens with commercial ISPs. You pay for access to some parts of the Internet with asymmetrical speeds (often 20Mbit to 1) and most times without even a publicly routable IP address ("for your security").

Even if you pay that commercial ISP for higher speeds, you can read in the contract that they're actually not guaranteed and that anyway people exceeding "reasonable limits" (usually not defined with actual numbers) will have access shut off.

So sure you can do that on a non-profit and/or professional ISP because those will be explicit in what service is brought to you for what prices (without surprises) and they will usually stay out of your way when it comes to how you use the network (public IP, no port blocking, no priority for Youtube traffic over important mail, etc).

So if you find this situation as revolting as i do, welcome to the fight against the telecoms industry! We can do better, cheaper, and more intimate Internet.


It's all still limited by the throughout of the phone though. You could just as well open 4 streaming apps on the phone and pull the same data.

To me, metering a "tethered" connection differently than the phone making the same requests is just as disgusting as an ISP charging you because you have a different number of computers connected to the internet on your residential connection. Or charging you more because you went to a streaming site. It's a blatant violation of net neutrality.

If a cell phone company can't fulfill their advertised service of x mbit down / y mbit up, they shouldn't be offering it. Anything else is false advertising.


The analogy doesn't work either.

You get a Netflix family plan if you want four people to simultaneously and independently connect to Netflix, each consuming their own stream. You don't need a family plan if you plug Netflix to your TV and invite three other people to watch a movie together with you.

Tethering is like the latter case. Your phone is still a single device consuming a single Internet connection. The concept of "multiple streams of internet data" you used exists only because phone companies violate net neutrality, refusing to become dumb data pipes they should be.


More like I subscribe to Netflix but want to watch 2 shows at once which is permitted by my subscription. The provider/Netflix could restrict me to one stream to prevent sharing but doesn't or pushes a family plan to allow many streams. My cell provider used to restrict tethering but no longer does so. I'd be looking for a rate decrease if either company reduced my service below my current contract.

The sharing with other people component may be specific to the service and with Netflix probably outweighs users actually watching 2 streams on 2 devices whereas with tethering I think it's more likely sharing a connection with another device the subscriber owns like work PC when traveling or a media device on the go like tablet or computer.


It is more like paying for a service where you can eat unlimited apples for a flat fee each month.

If you want the ability to give apples to friends to eat, then it will costs extra.


That totally sounds like a startup idea.

Maybe have an app or webpage where you push a button and some contracted delivery person brings you an apple.


Oh hell yeah, this is my topic. I really really really hate Comcast's poor reliability and cost in my area (seriously you can see me bitch on usenet today: https://groups.google.com/forum/#!topic/alt.online-service.c... ) so I rely on a stack of various LTE providers that are comparable in speed.

I'm tethered right now to Sprint which really doesn't appear to give a shit. Their network is encapsulated to all hell since it's ipv6-only so I recommend decreasing MTU's when connecting to it (something like 1320 seems to work or sites like duckduckgo get blackholed). Sprint sucks unless you're line of sight to a band 41 tower and/or have a HPUA device.

T-Mobile detects tethering a matter of ways. I use a Moto E LTE 2015 (surnia) as a dedicated modem phone for them. I modified lineageOS 14.1 for my specific use case (namely just to add TTL as a target in the kernel for iptables). I also use Network Signal Guru to lock it to the meatiest band in my area (band 4 broadcasts at 20mhz)

The magical iptables option to pass is: iptables -t mangle -A POSTROUTING -j TTL --ttl-set 65

They detect certain services like playstation network, so you have to VPN that so it isn't counted. I disable ipv6 on the t-mobile APN too as an added layer of protection. Average use is around 250-300gb/mo, this is rural so it's unlikely it causes any quality of service issues (and I don't end up subject to deprioritization issues after 50GB)

EDIT: Should also mention at least T-Mobile used to do DPI on the User Agent sent by browser years ago. They don't appear to do that anymore (widespread HTTPS made that pretty useless). Back then I used to just get around port blocking by ramming my traffic through SSH dynamic port forwarding on port 143, normally used for IMAP. This was for T-Zones service level in the early 2000's.

Oh and for AT&T in the later 2000's I used to buy import phones that weren't in their system and use them on the non-smartphone unlimited plan until they got wise to that.

EDIT2: If you find ethics of this questionable, can't be hassled to figure this stuff out, and/or still want to use LTE unlimited where money is not a concern there's plans for that: https://unlimitedville.com/


What part of your process gets you around deprioritization? I thought that there was no way to circumvent that. I had to tether for a month or two on tmo and as soon as I hit 22 or 25GB my entire account was throttled and I'd barely get 2MBps. I wound up going with an ATT ipad plan that also had deprio at a point (30gb? I forget). But everything about the ATT plan was so much better.

I tried a lot of ways to get around that (most of what you mentioned, tweaking my hops and what not) and never made any progress so I assumed it was at the network level and I'd have no control.


Deprioritization is handled at the cell site and is per-sector/per-band. It's handled on the radio layer and what usually appears to happen is the network will only allocate you a few physical resource blocks. So speeds will vary based on what modulation your device can get away with and how busy things are. The only 'official' post on the topic I can think of: https://newsroom.sprint.com/protecting-the-97.htm

If you live in a populated city or need to go through an airport with a phone subject to deprio you're going to have a bad time with speeds.

If you're like me and live on a mountain surrounded by trees with a line of sight to the tower down the hill, deprio isn't going to matter.


> Their network is encapsulated to all hell since it's ipv6-only so I recommend decreasing MTU's when connecting to it (something like 1320 seems to work or sites like duckduckgo get blackholed).

I will also point out that a lower WAN MTU will cause forwarded (and only forwarded) outgoing connections to fail if the phone's firewall rules aren't properly configured to adjust TCP MSS! Pings will work, sites will connect, but you'll get no data back. This can seem awfully like some kind of active interference, when it's just a passive network problem.


> Oh and for AT&T in the later 2000's I used to buy import phones that weren't in their system and use them on the non-smartphone unlimited plan until they got wise to that

These 22gb then deprioritized "tablet" plans are available for $35/mo. It requires generating an iPad or similar IMEI to register. I've tethered and used video chat/games/VPN and had no issues.


Unlimited, unthrottled, potentially ananymous 4G service is also available through https://www.calyxinstitute.org/civicrm/contribute/transact?r...


While the project seems to have neat goals the:

"unlimited 4G / LTE wifi data and a mobile hotspot from Sprint", is meh for $500.

Consider this: Buy a unlocked Fi moto X4 from best buy for like $200, do the Sprint BYOD deal with a Google Voice number ($3 to unlock number for porting), this will give you $4/mo 'unlimited' service for a year. Slickdeals has a long in-depth thread on the full details of this arrangement.


I personally use UbiFi.

https://www.ubifi.net/


How did you add TTL as an iptables target? Would you mind sharing your patch?


Just enable CONFIG_IP_NF_TARGET_TTL in your device's defconfig Kconfig file.


There is only one justified reason for phone companies to check if you are using your phone as a router, and that is when they provide unlimited data to your contract. Unlimited data is provided given that you are going to use it on your personal devices and not to act as an ISP to everyone around you. Other than that you generally pay for X GB of data and it is none of their business how you spend it.


I would argue from a "well regulated market" perspective that is not justified either. A byte's a byte.


I would not disagree :) and i think they came up with unlimited data plans just to label bytes in the future. And they are already doing that. You can already buy a plan with 10gb Facebook + 10gb whatever you want. Makes me sad.


A byte you will certainly use is much more expensive than a byte you are unlikely to use. If we mandated a single price it would get more expensive for non-tetherers.


A byte for your use is not the same as a byte for someone else's use. Setting up a hot spot for other people could be viewed as reselling the service (even if you don't charge for it).


It's still creating restrictions that go against the "natural" behavior of the medium. That's why they need sophisticated tech solutions to enforce it - it's not natural to label bytes, it's not natural to even talk about using the connection yourself vs. reselling the service.


Copyright laws are restrictions that go against the "natural" behavior of any digital medium. Yet we still imple,ent and enforce them. That's what restrictions are, a way to turn ugly reality into a situation that's more felicitous for everyone.


Yup. That's why copyright laws ended up being a total dumpster fire. They're a desperate attempt at making digital data behave as if it were Gutenberg-era books. Not only they fight uphill against the medium, but by refusing to be grounded in reality, they opened themselves to abuse - and thus became captured by the rent-seekers from various industries.


If you aren't profiting, you aren't reselling.

If they're going to offer "unlimited data", then they should give exactly that. If you want to share it with the whole neighborhood, that's your business. If that's a technical problem for them, then they shouldn't be offering "unlimited data" in the first place.


But this is cartel behavior. Apple and Google are acting against their customer's interest to appease a 3rd party. The DoJ should get on this ASAP. Let's hope enough people get on board with EW's plans to break these guys up and regulate them.


If someone advertises "unlimited data" I expect unlimited data. The way they usually avoid abuse is by capping high-speed (3G or more) transfer to only some amount (e.g. 10GB/month), after that you get a "slow" connection... but even that should be clearly stated in the advertisement.


Here in the UK Ofcom (governing body over communications) are pretty strict with what you can adversise. For home broadband, providers have to give realisic numbers to prospective customers - not just an "up-to". For mobile, they have to be transparent in what they provide. So unlimited data, is just that, unlimited. End of last year there was an investigation opened against two providers due to throttling and limiting tethering data (domestically, still have roaming restricitions) when under an unlimited plan. They both agreed to remove the limits as they would both likely have to change their advertised plans if they didnt.

https://www.ofcom.org.uk/about-ofcom/latest/bulletins/compet...


I used to do consulting for an international telecom....

One telco customer did not have tethering limitations in their customer contract agreements, so this one end users customer bought a number of devices, and then would resell internet service in local rural areas using his devices as backhaul. This one customer and his dozens of "ISP" devices were doing gigabytes and gigabytes of data per month, using approximately 80% of this whole carrier's data capacity.


That's not a tethering problem though, all ISPs have a no resale clause to prevent this. Unlimited (within the ToS) should be unlimited.


Very interesting! I'm on a budget mobile service provider (Cricket), and only recently discovered that they disable using my phone as a hotspot on my plan.

I called them up, because I wouldn't mind paying a small amount extra every month to have that ability. However, they told me that they actually couldn't provide it with my phone even if I paid, because they didn't support my phone (Pixel). Then they tried to upsell me on "compatible phones"...

I used this phone as a hotspot with my previous provider, so I know it can be a hotspot. But I don't know much about the technical side of this. Does anyone know if what they're saying is plausible? (Ie, they can't offer it for my specific phone)

I briefly tried a few apps for this purpose, but none of them worked.


Can't comment on Cricket, but I'm researching low-cost carriers at the moment and discovered a similarly curious situation regarding Republic Wireless. I found some strange restrictions in the plan regarding tethering, looked into it and found they don't support iPhones at all. Why? They won't admit to this on their website, but apparently their "cell service" actually uses some proprietary hybrid cell/wifi network, where they piggyback off public hotspots and route your traffic through them when available, so the "cell data" you are paying for is actually priced on the premise that the bulk of it will be utilized as wifi data, instead. They of course can only enforce this in Android devices by futzing with the network stack at a level Apple doesn't allow.


Interesting, I used Republic a few years ago during their beta period. Back then they were very upfront about routing calls/data over wifi whenever possible, even marketing it as a feature on their home page. Now I can't find any mention of routing over wifi on their main pages.

edit: Here's their page from 2012, they were marketing it as "Hybrid Calling" https://web.archive.org/web/20120103104716/http://republicwi...


It makes a lot of sense and I have several friends who use similar services. But if Tethering disables wifi (at least connecting to wifi as your phone is now acting as a router) then their hybrid component breaks and only uses cell which may be throttled, limited, or not available. It sounds like more a CYA against higher bills from whoever they are renting service from while keeping their Hybrid setup functional for better service. I'd be frustrated if my budget plan had terrible service when tethering because 80% of my traffic is normally over wifi and works fine but now is being funneled 100% into cellular.


"They won't admit to this on their website"? I think it's more that they won't shut up about it. Their entire business model and their marketing is all based on the idea that most people are around wifi most of the time.

The cell data you pay for is your cell data usage, you (of course) don't pay them for your wifi data usage.


Have a look at Ting. No worries with tethering (with my Pixel or any other device I've tried).

(Disclaimer: Happy customer and investor with Ting/Tucows since 2012)

https://help.ting.com/hc/en-us/articles/205422068-Tethering-...


What happens when you try? Does it pop up a message saying that your provider hasn't authorised it?

I used to use Vodafone NL, and apparently they used a SIM provider ID that matched Verizon or something in the US, so my phone (Pixel 1 at the time) would ask Verizon if this SIM was allowed to use tethering, and of course it said no. Part of the reason I moved carriers, also the new one has unlimited data which is better anyhow.

Vodafone had no idea what was going on, although they did try. Eventually they just said they couldn't help.

Anyway, maybe something similar going on for you.


When I try to turn it on, a dialog box pops up, telling me to go to some att website or dial 611. I think att because Cricket piggybacks off them.


So basically Google that made Pixel is betraying users by giving out that they want to use tethering?


My Google annoyance is that they don't build call recording into the phone. I know they probably do it to avoid their customers getting into trouble using it where they shouldn't but there are lots of illegal things I can do with my phone that they don't try to police.


The problem is that feature would constitute something made explicitly for illegal uses, much like drug paraphernalia, so would expose them to huge liability.

Of course, it's only in some states (like Maryland) where recording conversations without permission is illegal, but that's enough.


No.

Google already has this, with google voice, press 4 during a call to start recording it. (only on originally incoming calls.)

One: most laws do not require permission or consent per say, simply having the feature also pimp out a recording that says "Call is now being recorded" like the google voice feature already does is enough to keep it legal.

Two: "Made explicitly for illegal uses" is a wide stretch for a call recording feature.


I don't use Google Voice anymore but I was never able to get call recording to work. For one, I think it only worked on incoming calls which is pretty useless.


They could leave hooks in there and let third parties build out the apps that do the recording.


At least with android, i can install an app outside of the app store like foxfi [0] that will allow me to tether it. IOS also blocks users from tethering if their carrier doesn't allow it and you cannot get around that without jailbreaking. This is one of my favorite things about switching to android.

[0]: http://foxfi.com/


I know Cricket user who rooted their Pixel 3a to get around this problem. Seems to work fine for them.


Yeaaaahhhhh..I found that option while searching, but I don't want to risk messing up my phone


Magisk (Android rooted-phone modding platform) has a Tethering Enabler module, but it hasn't been updated to recent versions of Magisk (Magisk constantly breaks compatibility with older modules). There was an update not released on their official download channel, and it works for me.


I actually updated it for the latest Magisk here: https://forum.xda-developers.com/apps/magisk/magisk-tetherin...

Do be aware though that I haven't found a generic way to bypass TTL detection, as most solutions use the "mangle" table in iptables, which requires a kernel module on Android. Unfortunately, this is not generic and would be per-kernel.


They probably haven't developed the whitelisting for this particular phone.


TTL is a nice cheap trick. I figure you can bypass it by adjusting your TTL to be +1 on the computer, or by running a VPN client that acts as a proxy on the phone.

This is another excellent question from the earlier days of stackexchange that are all now "offtopic". Its sad to see it consistently lose informative questions. Stackexchange's policy shift toward marking any slightly general question as offtopic is a sad state of affairs.


On windows adjusting the TTL is simple. From my reading Android uses a TTL of 30

netsh int ipv4 set glob defaultcurhoplimit=29

netsh int ipv6 set glob defaultcurhoplimit=29

Alternative to a VPN as a proxy you can install Termux on Android to install and run a sockS5 proxy.


I am still annoyed (at Apple, to be clear) at the fact that my iPhone asks for carrier permission before functioning as a WWAN-to-WiFi NAT.

I have to carry two devices because of this. :(

Also in this list: Apple allowing video players to disable seeking in ads. It’s my hardware, fuckers.


Totally agree. It's a market failure that a company that makes a device that you buy is more interested in pleasing another company (the telcom) than you (the customer).

In a market with competition device manufacturers would be fighting over adding features like anonymous teathering for their customers, and phone companies would be charging for data use, and with enough competition that use-per-byte would become dirt cheap quickly.


If it's your hardware, you're free to install your own software which does not honor those checks. But apparently you can't do that, so it's not entirely your hardware, as you can't run any code on it.


This hasn't been true for a while. Anyone can build and install their own iPhone apps, the requirement to buy a developer license went away a while ago.


I'm talking about OS. iPhone apps are extremely limited. For example you can't alter your network stack with iPhone app, AFAIK. Apple has so much control that you can't even install their own OS without their explicit permission, so you can't rollback to a previous version.


Can't as in impossible to do, or aren't 'allowed' to? You can do a lot of things rolling your own local apss that would never pass App Store review.


Even with an android device (or any certified device) the radio portion is not your device: you can't modify its firmware.


The radio portion cannot stop you from using tethering though. Also, as far as I am aware, radio firmware on Android is often stored on an internal MMC card.


the radio portion is quite different as there are externalities tied to it. the phone portion doesn't


Is it not the very exact externality (interfacing with the carrier's network) that is being discussed here?


Not exactly. Radio chip firmware is responsible for controlling the physical layer, and restricting access to it is a practical compromise that ensures people don't generally cause RF interference for one another.

The problem discussed upthread is on the application layer - you not being able to run arbitrary code on your own device because companies prefer to please one another rather than their customers.


If it upsets you so much, why do you use an iPhone?


iMessage and OS-level security/malware-resistance, primarily.

The product can still be good and useful even if the product managers are carrier-bootlicking shitheads who place a third party’s interest above that of their actual paying customers.


Can't get iMessage, but the security side on pixels is quite good.


Lack of iMessage is a complete non-starter, sadly.


What a carrier-friendly product.


if you jailbreak, there's a tweak that allows you do set up a wifi or data sharing hotspot on any carrier, even if they don't allow it. it's called tetherme.


TBH carrying a second device, on which I have root, tcpdump, and iptables, is much better overall, as I can monitor/block all the app-based spyware that is endemic today on smartphones.


I miss TetherMe. Is JB even still possible (has anyone done it/which ver?) on modern iOS?


https://chimera.sh/ for old iOS 12 versions


as long as you're still at or below ios 12.2 you can use unc0ver.

note that it's a semi-untethered jailbreak so you have to re-jailbreak every time you restart, but that basically comes down to opening an app and pressing a button.


iProxy for iOS (FOSS) used to work over WiFi if you setup a peer network and manual IP on endpoints and phone.


> It’s my hardware, fuckers.

No, it's not. This has been shown time and again.


You have to make it your own.


Exactly. You usually gotta "color outside the lines" if you want anything cool, i.e., jailbreaking (jb) or hackintoshing. I'm surprised no one's tried hackiosing on custom hardware, although it would take a pile of enginerding and gnidrenigne.


It is not yours. Do you decide what it does? No, Apple does what it may do. Can you use as you see fit? No Apple decides what is fit. Can you modify as you see fit? No. Apple DRM decides what you may modify.

You do not own the device, Apple does. The device is Apple's slave. It obeys its master and not you.

The law even backs up this, the Digital Millennium Copyright Act forbids you from doing what you want with it. If you don't live in the US, don't worry your home is probably a party to WIPO and anti-circumvention is illegal there too.

It is not your hardware. Your "ownership" is abrogated by law.


Another note: just because you have a VPN running on your phone and have enabled Android's "always on VPN" and "block non-VPN traffic" options doesn't mean that devices connected to the phone hotspot will send their data over the VPN. You need to have it configured on the guest device as well.


>> This question exists because it has historical significance, but it is not considered a good, on-topic question for this site so please do not use it as evidence that you can ask similar questions here.

What reasoning would they have for that? It's an Android stackexchange after all.


It's my main caveat against the stackexchange network, many questions like this one are extremely useful and on-topic but the moderation has some weird standards of whats on-topic and what is not; one of the worst examples is when one particular question is the first result on Google about a common problem but due over-moderation is now closed and nobody can enter updated answers, such is the case for "Is there a tool to convert JavaScript to Typescript?" https://stackoverflow.com/questions/14412164/is-there-a-tool...


Many years ago, on a UK network (I think it was o2, but might have been GiffGaff) I couldn't and didn't tether.

However, one app would make calls out with a User Agent that looked like IE6 which caused the network to disconnect my data and require me to phone up to get it unblocked.


I put Cyanogenmod on a device and tethered for years without any carrier warnings. Then I accidentally got a device with a locked bootloader and tethered by rooting it to switch a flag; I got a warning from that one. Then I got another open device, put LineageOS on it and tethered uneventfully for another couple years.

I'm sure my custom ROMs played some games to disguise the traffic, but at least on AT&T it seemed to work without a hitch.


I used to have the old AT&T unlimited plan. A few years ago, they cancelled it due to tethering. I called in to complain, as I know how to tether “illegally”, but hadn’t been doing it. Eventually realized that I’d connected my phone to my mother in-laws new Jeep Grand Cherokee, and the Jeep must have been making IP connections through my phone. Just to spite AT&T, I switched to Verizon.


The actual answer nobody is giving:

Q: How can phone companies detect tethering?

A: by working with Google and Apple to inject code in android and IOS to serve that purpose.


I don't think it works anymore, but it used to be that you could get around tether-blocking in MetroPCS by simply setting your user-agent string to Chrome Android; they moved to something more clever because I guess enough dorks like me figured it out.


After several years of good service, I was accused by my telco (Cricket) of tethering without paying the special fee and my phone was disabled. Found this out in the middle of a trip.

The thing is, my plan did not require the extra fee when I signed up, and so that had been grandfathered in.

When the telco does this, you can switch to another one, but you cannot port your number. This would be like the postal service owning your street address. If they took a dislike to you, they could prevent you from using the address!


One thing others haven't mentioned is DNS. If your phone is trying to lookup Windows Update it's a surefire way of knowing this didn't originate in the phone.


Windows 10 Mobile is still receiving Windows updates for another five months!


I never had this issue in EU. Is there a common EU mandate that prohibits carriers to discriminate tethered or untethered traffic?


One of my previous providers was literally looking at the browser user-agent header. If I just connected as normal via my phone, I was blocked very quickly. If I used developer tools in Chrome to pretend to be an iPhone or Android, it worked without complaint.

I'm not sure there is much else with which the network can tell is there?


I don't necessarily understand it, but for my Samsung note 8, I used a settings/flag editor and added 'DUN' to my LTE settings and was able to turn on Tethering, whereas normally, it would turn itself off after enabling "mobile hotspot".


My carrier started blocking requests from my tethered computer if they are made through a VPN ... that doesn't seem like it obviously fits into any category? Any guesses as to how they can do that?


Time to start blocking their requests to your bank account.

As to why they’re doing that I have no idea, I guess they want to see your traffic in the clear and so block most VPN protocols (though you should be able to get a TLS-based VPN working over port 443 as it’ll look like standard HTTPS).


My VPN is definitely going over 443, so I'm not sure what's happening. It looks like the VPN handshake stuff completes successfully though.


At the turn of this year, my provider started blocking requests made through a VPN. Boo


Yeah, I recently had to change TTL on my laptop to 65 to avoid tethering fees.


Set your ttl lower than your phones or 1 higher


If mobile ISP is snooping on your traffic and violates net neutrality by forbidding tethering and the like, just use a VPN.


Despite the downvotes this is not an unreasonable suggestion. However this would only work if the tether/hotspot traffic were tunneled opaquely down the VPN. But I suspect that isn't the case (the phone vendor owns the VPN client and associated kernel networking, and arranges to not tunnel the proxied traffic).


Use a phone where you can install an open OS that you control. It's ridiculous, if the phone is actively preventing you from setting up networking the way you need it.

You can also use some simple ssh forwarding from the phone (like SOCKS5) even if VPN is not available. ISP won't be able to differentiate that from other traffic.


A VPN solves it.


Ttl




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: