Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Iphone Wireless Networking Apple

AT&T Cracking Down On Unofficial iPhone Tethering 513

An anonymous reader writes "AT&T is sending warning notifications to jailbroken iPhone users who use unofficial tethering methods like MyWi and PDANet. 'Customers are being notified that their service plans need updating to subscribe to a tethering plan, and that they will be automatically subscribed to a DataPro 4GB package that costs an additional $45 per month if they continue to tether.'"
This discussion has been archived. No new comments can be posted.

AT&T Cracking Down On Unofficial iPhone Tethering

Comments Filter:
  • USA #1 (Score:2, Informative)

    by viablos ( 2018696 ) on Friday March 18, 2011 @12:28PM (#35531578)
    Do Americans know that no one else in the world does this? Not in Europe, not in Asia. They sell you the service and you use it how you want.

    But this is Apple's fault too. If you go with Windows phones you can tether how you want, as they only care about iPhone users and can't detect Windows traffic from other Windows traffic.
  • Re:USA #1 (Score:5, Informative)

    by crossword.bob ( 918209 ) on Friday March 18, 2011 @12:35PM (#35531674)

    Do Americans know that no one else in the world does this? Not in Europe, not in Asia. They sell you the service and you use it how you want.

    O2 in the UK charge £7.50/mo for a tethering + 500MB bolt-on for consumer tariffs (you can't buy the tethering without the additional data). I believe 3 offer it free, but not sure about others.

  • Re:Detection (Score:5, Informative)

    by bleh-of-the-huns ( 17740 ) on Friday March 18, 2011 @12:42PM (#35531848)

    If you look at your bill, it shows how much data per day and when the sessions started and stopped. Short sessions are not counted separately, rather grouped into the previous or next major session. I tether, and I just checked my bill, currently about 2.5 g per month is what I am running on the high side.

    here is a sample from a few days of use last month..

    336 MON 01/31/2011 9:23AM Data Transfer Data 222,366 KB DPPB AT GPRR Out 0.00
    337 MON 01/31/2011 11:30AM Data Transfer Data 75,889 KB DPPB AT GPRR Out 0.00
    338 MON 01/31/2011 11:02PM Data Transfer Data 513 KB DPPB AT GPRR Out 0.00
    339 TUE 02/01/2011 12:02AM Data Transfer Data 4,323 KB DPPB AT GPRR Out 0.00
    340 WED 02/02/2011 8:27AM Data Transfer Data 38,168 KB DPPB AT GPRR Out 0.00
    341 WED 02/02/2011 11:32AM Data Transfer Data 107,778 KB DPPB AT GPRR Out 0.00
    342 WED 02/02/2011 2:50PM Data Transfer Data 38,417 KB DPPB AT GPRR Out 0.00

    Even if I was streaming pandara all day, and surfing the internet, and using various network aware apps and youtube (which would conflict with pandora from an audio standpoint), it would still be hard to hit 220 meg between say 930am and 1130am on lines 336 and 337.

    That would be a dead giveaway. They would not even have to use deep packet inspection to pull agent strings, or anything.

    But like someone else said, they are probably just going to hit people that use exorbitant amounts of bandwidth, although as a security person, I could easily develop something automated to find the majority of those tethering without any human interaction required..

  • Re:USA #1 (Score:5, Informative)

    by andrea.sartori ( 1603543 ) on Friday March 18, 2011 @01:01PM (#35532226) Journal

    Indeed, how do Americans fall for this stuff while people in other nations seem to be able to get better deals? Are we really just that dumb?

    Not that much. The "will happily pay thousands of dollars because they're giving me a free phone now" is possible thanks to a logical fallacy called "hyperbolic discounting" [rochester.edu] -- the article in the link refers to lab animals, but it's proven that it works on humans, too. Simpler descriptions here [damninteresting.com] and here [wikimedia.org]. Of course it's being exploited and used as a marketing method since years.
    And: not only Americans fall for this, and endless businesses all around the world use this trick to, well, screw us. We Europeans just like to think we are smarter than the yanks ;) but this marketing technique is so widespread we don't even notice anymore.

  • Re:Legality? (Score:5, Informative)

    by jambarama ( 784670 ) <jambarama.gmail@com> on Friday March 18, 2011 @01:02PM (#35532232) Homepage Journal
    Yep, you're missing the incredibly 1-sided contracts users sign to access any cell networks. Here are some relevant gems from the AT&T contract:

    We may, at our discretion, suspend your account if we believe your data usage is excessive, unusual or is better suited to another rate plan.

    Furthermore, plans (unless specifically designated for tethering usage) cannot be used for any applications that tether the device (through use of, including without limitation, connection kits, other phone/smartphone to computer accessories, BLUETOOTH\® or any other wireless technology) to Personal Computers (including without limitation, laptops), or other equipment for any purpose.

    Accordingly, AT&T reserves the right to (i) deny, disconnect, modify and/or terminate Service, without notice, to anyone it believes is using the Service in any manner prohibited or whose usage adversely impacts its wireless network or service levels or hinders access to its wireless network...

    Tethering without a tethering plan breaches your contract, so they can refuse to provide service, request you pay more for your plan, or do about anything.

  • Re:Detection (Score:4, Informative)

    by BassMan449 ( 1356143 ) on Friday March 18, 2011 @01:31PM (#35532858)

    The tethering app makes the network level requests look like they are coming from the phone because they are, but the application level packet data can easily enough be looked at to determine what type of traffic it actually is.

  • T-Mobile offers the SIM-only "Even More Plus" plan, a cheaper plan designed for people who have bought a phone separately. Last time I checked, the discount was 10 USD off voice or 20 USD off voice and data. So do I understand correctly that you can't get T-Mobile where you live?
  • by Anonymous Coward on Friday March 18, 2011 @02:29PM (#35533938)

    Probably not - most likely this is just using NAT or whatever which isn't easily detected.

    Ha! I wrote a paper on NAT detection and NAT client-counting in grad school. It's really easy.

    1) Looks for IP packets with weird TTLs. If any packet originating from a "normal" phone has a TTL of 128 or 64 or whatever, and you see a bunch of packets hitting your gateway with 127 or 63 TTL values, that means there's a network device (your phone's NAT software) between the packet-originator (computer that's tethered) and the network. It's *especially* glaring if you have a mix of TTL values, like 63 & 127, which means there are probably multiple machines behind the NAT (I think Linux/UNIX IP stack uses 128, and Windows uses 64, or maybe the reverse. But they're different).

    2) IP packets have a header field called "IP ID" that is optional and the OS can do pretty much whatever it wants with it, *and* most NAT routers leave the field untouched (don't rewrite it). A lot of OSes use is as a universal packet-counter (every time a packet goes out, it increments the field by one), or some OSes increment the field every time a new source port is used to send a packet (which makes it much harder to count clients). If you see a pattern like this in the IP ID field of packets inbound to your network:


    it's pretty obvious there are 2 computers talking through the NAT, one numbering 465-471, the other 128-132.

    So yeah, it can be done, REALLY easily. Of course, you could easily write a stealth NAT routing algorithm that replaces all TTL values with 128 or 64, or re-writes the IP ID field to make it look like one machine, but as far as I know normal commercial products don't do that. Maybe the PDANet authors were smart enough to do that. But the things I outlined let you do it without deep packet inspection, you can just check the headers.

    http://www.springerlink.com/content/u055738wk18835l0/ [springerlink.com]

    Posting anon so you can't link my real identity (Kenneth Straka) to my Slashdot ID. :)

Logic is a pretty flower that smells bad.