Develop Bugs

will tmobile ends "free" tethering policy affects us SGN owners?

I just read the article here: http://www.androidpolice.com/2012/0...e-tethering-if-you-ever-had-it-to-begin-with/
I am on tmobile prepaid plan and use the tether once in a while. But I absolutely would not pay extra to pay for tethering my own data that I already paid for.

it shouldn't unless you decide to install their version of ics

I'm going to quote my own G+ post on these one:
All phones that T-Mobile has released since the Amaze 4G and the Galaxy S II have had a separate APN built in to their tethering that automatically flags your device as tethering. This includes the new LG MyTouch devices, the HTC Radar, etc. ALL phones released for the last 6 months. This has been the status quo for a long time, and for some reason everyone is throwing a fit now that the new software for the Sensation is doing exactly the same thing that all of these other phones have been doing since they were released.
Also, several of these articles state that T-Mobile is using some kind of sinister monitoring methods on your data traffic in order to determine that you are tethering. This is not true. It is being done in a very similar way to how I understand the iPhone has reported tethering to carriers for a long time, by using a completely separate tethering APN instead of the customary data APN typically used for T-Mobile handsets. This is why on some newer devices if you enabled tethering and then tried to browse on your handset it would either fail or send you to a upsell that would ask you to purchase tethering, because it is flagged as completely different traffic.
Click to expand...
Click to collapse
This is a software change handled on each device. It has little to do with the network outside of the network authorizing the tethering APN from the newer handsets when the tethering option has been enabled. It is possible that T-Mobile may be passively monitoring user agent strings to 'detect' tethering, however, this is a very unreliable method for them to use as using the desktop user agent option in your browser would trigger that. AT&T appears to do this, but to my knowledge, T-Mobile does not. At least not presently. However, some users have reported they are being given the tethering upsell when using desktop user agents, so I could easily be wrong.
Personally, I don't believe that this is the correct thing for carriers to do, as long as you aren't going over you data limit. I believe that you should be able to use your data limit how you see fit, whether the traffic is coming from your phone or through tethering. For me, this kind of nonsense is exactly the same as ISPs using QOS to throttle bandwidth for competing services, such as, theoretically, if Comcast were to throttle Netflix traffic. Unfortunately, my voice alone isn't going to change the status quo, and carriers in the US have decided that charging for tethering is the new way to make a profit.
TL;DR
No. This will not affect the GN in any way, nor is this a new development. This policy for new devices / software for T-Mobile phones has been in place for around for 6 months and is a software 'feature'. Also, that article is poorly written and researched in general, as well as the horde of other bad articles in the past couple of days over this so-called 'revelation'.

lettcco said:
I just read the article here: http://www.androidpolice.com/2012/0...e-tethering-if-you-ever-had-it-to-begin-with/
I am on tmobile prepaid plan and use the tether once in a while. But I absolutely would not pay extra to pay for tethering my own data that I already paid for.
Click to expand...
Click to collapse
The only reason they can block it on their own devices is because they control the final software. T-Mobile doesn't control the software on the Galaxy Nexus.
That being said, T-Mobile attempts to "block" tethering on unlocked/unbranded devices by sniffing UAstring of your browser and redirecting you to their tethering upsell page if they notice you're on a desktop browser (they're assuming you're tethered to a desktop). I'm going to save myself some time and not elaborate on this. It's how they do it and it's all over the internet in XDA and other places.
Its a horrible policy that many people have been fighting with for a long time now. Not only does it not work stopping any moderately sophisticated user on their desktop (because spoofing is SO easy), but it inadvertently "blocks" anyone trying to request desktop sites on their phones. Many browsers (especially Chrome Beta for Android) by default browse in desktop mode (or let you easily request desktop sites), and get redirected inadvertently.
Long story short, the UAstring sniffing method is starting to redirect Chrome Beta for Android users (including myself), as it has nearly an identical UAstring to desktop Chrome. They're currently "working to resolve this issue" which may mean a change in the way they try to detect tethering. More than likely they'll keep doing it they way they are and will come up with a workaround for Chrome for Android. Either way they have to figure it out, as they're selling ICS 4.0 devices that use Chrome for Android now.
---------- Post added at 09:28 PM ---------- Previous post was at 09:27 PM ----------
cade80 said:
it shouldn't unless you decide to install their version of ics
Click to expand...
Click to collapse
T-Mobile doesn't have a "version" of ICS. Especially not for the GNex

Thanks all for the insightful comments.

Same of custom GB breads, or any custom on phones in general. Tethered on my G2x all the time on CM7 with no problems at all.
Sent from my Galaxy Nexus running AOKP+Franco on Tapatalk 2

http://code.google.com/p/android-wifi-tether/

martonikaj said:
The only reason they can block it on their own devices is because they control the final software. T-Mobile doesn't control the software on the Galaxy Nexus.
That being said, T-Mobile attempts to "block" tethering on unlocked/unbranded devices by sniffing UAstring of your browser and redirecting you to their tethering upsell page if they notice you're on a desktop browser (they're assuming you're tethered to a desktop). I'm going to save myself some time and not elaborate on this. It's how they do it and it's all over the internet in XDA and other places.
Its a horrible policy that many people have been fighting with for a long time now. Not only does it not work stopping any moderately sophisticated user on their desktop (because spoofing is SO easy), but it inadvertently "blocks" anyone trying to request desktop sites on their phones. Many browsers (especially Chrome Beta for Android) by default browse in desktop mode (or let you easily request desktop sites), and get redirected inadvertently.
Long story short, the UAstring sniffing method is starting to redirect Chrome Beta for Android users (including myself), as it has nearly an identical UAstring to desktop Chrome. They're currently "working to resolve this issue" which may mean a change in the way they try to detect tethering. More than likely they'll keep doing it they way they are and will come up with a workaround for Chrome for Android. Either way they have to figure it out, as they're selling ICS 4.0 devices that use Chrome for Android now.
---------- Post added at 09:28 PM ---------- Previous post was at 09:27 PM ----------
T-Mobile doesn't have a "version" of ICS. Especially not for the GNex
Click to expand...
Click to collapse
overriding the user agent in chrome doesn't seem to help. strange.
i was tethering for about an hour just now and the redirect page just popped up.

I ran into the same problem today. After coming really close to paying the $12/month to use the data I'm already paying for, I decided to come here and ask for help. I got 2 solutions.
1. Change the user agent for my browser. Once I did this it was surfing as usual with the built in tethering app. Only problem is Netflix isn't supported by android2.2 browser.
2. PDA net, I read somewhere that a it hides what type of traffic. It seems to work. No restrictions, no redirects.
I'm going to stick with the second alternative because it behaves the way I'm used to.

turbosix said:
overriding the user agent in chrome doesn't seem to help. strange.
i was tethering for about an hour just now and the redirect page just popped up.
Click to expand...
Click to collapse
yeah once they've flagged you it's hard to get around it on the phone.
Ironzey said:
I ran into the same problem today. After coming really close to paying the $12/month to use the data I'm already paying for, I decided to come here and ask for help. I got 2 solutions.
1. Change the user agent for my browser. Once I did this it was surfing as usual with the built in tethering app. Only problem is Netflix isn't supported by android2.2 browser.
2. PDA net, I read somewhere that a it hides what type of traffic. It seems to work. No restrictions, no redirects.
I'm going to stick with the second alternative because it behaves the way I'm used to.
Click to expand...
Click to collapse
PDAnet should work, but T-Mobile filtering and checking for UAstring can potentially get around this. Depending on how PDAnet tries to "hide" or change your final connection you may be successful.

It happened to me as well. I was using Chrome on OSX but after the redirect page started manifesting itself, I wondered if it would be the same with all browsers. I tested Safari and no redirect page
Sent from my Galaxy Nexus using Tapatalk 2

[TUT] [APP] Hacking Facebook, Yahoo etc. over wifi

DroidSheep is an Android application that demonstrates security weaknesses (not using https) and is capturing facebook, twitter, linkedin , yahoo, and other accounts.
PS> this is NOT my work, nor do i intend it to be taken as my work, I just wanted to share with the community!
NOTE FROM THE GERMAN DEVELOPER:
DroidSheep was developed as a tool for testing the security of your accounts.
This software is neither made for using it in public networks, nor for hijacking any other persons account.
It should only demonstrate the poor security properties network connections without encryption have.
So do not get DroidSheep to harm anybody or use it in order to gain unauthorized access to any account you do not own! Use this software only for analyzing your own security!
So do not get DroidSheep to harm anybody or use it in order to gain unauthorized access to any account you do not own! Use this software only for analyzing your own security!
Now>
WHAT DO YOU NEED?
1. A rooted phone (no, it will for sure not work without root)
2. The App installed on the phone (latest build attached to the present post)
3. A WIFI network to test it on
How do you use it?
DroidSheeps main intention is to demonstrate how EASY it can be, to take over nearly any internet account. Using DroidSheep any user – even without technical experience – can check if his websession can be attacked or not. For these users it is hard to determine, if the data is sent using HTTPS or not, specially in case of using apps. DroidSheep makes it easy to check this.
This video demonstrates what DroidSheep can do:
http://droidsheep.de/?page_id=14
How does it work?
As already announced DroidsSheep supports almost every website – also “big” webservices like facebook and Yahoo.
How does that work this simple?
There are many users that do not known that air is the transmission medium when using WiFi. Therefore information is not only transfered to its receiver but also to any other party in the network within the range of the radio waves.
Usually nothing special happens because the WiFi users discard packets that are not destined to themselves. DroidSheep does not do this. It reads all the packets looking at their contents.
Is a website sending a clear recognition feature within a message’s content, which can identify a user (“SessionID”), then DroidSheep is able to read it although it is not intended to external users. Moreover DroidSheep can use this token to use it as its own. The server can’t decide whether the authorized user or DroidSheep has sent the request.
http://droidsheep.de/?page_id=424
How can I protect myself?
The only satisfying answer is: SSL respectively HTTPS.
Many providers already offer HTTPS, even facebook, however it must often be enabled in the settings first.
When using HTTPS the data are still sent to alle participants in the WiFi-network, too, but because the data has been encrypted it is impossible for DroidSheep to decrypt the contect of a message - remaining only a complete mess of letters, with which an attacker can’t do anything.
The real problem is that not every website provides SSL. What to do when you are in a public network (hotel, airport, etc.), you also want to use this and the site does not offer HTTPS though?
You can use a VPN-connection
For this the computer sets up an encrypted channel to a confidential computer which again transfers the data to the website.
You can also install DroidSheep Guard from the Market:
https://play.google.com/store/apps/details?id=de.trier.infsec.koch.droidsheep.guard.free&hl=en
A very interesting feature is the possibility to save cookies!!
Source> http://droidsheep.de
Imagine the possibilities....

This isn't good dude.
And 'air' isn't the 'transmission medium' for WiFi. We figured that out when we discarded the ether hypothesis around a century ago.

backfromthestorm said:
This isn't good dude.
And 'air' isn't the 'transmission medium' for WiFi. We figured that out when we discarded the ether hypothesis around a century ago.
Click to expand...
Click to collapse
-what exactly "isn´t good" ?
Ok you are correct, yes, WIFI (as any other electromagnetic wave) can also be transmitted through vacuum, so yes there is no need of "air"

Re-ported to a MOD I don't think this should be shown or talked about on XDA this isn't an hacking site like you might think for taking advantage of other peoples accounts.
XDA is a hacking community for the good like Rooting.

This app has been on XDA for quite a while http://forum.xda-developers.com/showthread.php?t=1593990
Even a portal article about it http://www.xda-developers.com/android/droidsheep-undresses-network-security-and-shows-how-its-done/
Please use the main thread to discuss this app, not this one.
@ shankly1985, we appreciate your concern, but people need to know how insecure important accounts can be. Thus enabling them to make the changes to fix them.
Thread Closed.

T-Mobile Hotspot false positive: Can only browse offers.t-mobile.com.

At Midnight EST, Morning of 17 December 2012, Web browsing on my phone stopped working. When I tried to access Web pages not already in my cache, I was redirected to:
http://offers.t-mobile.com/tethering/upsell.do?source=redirect
A new Website set up by T-Mobile to sell tethering service. I don't want to purchase this service, but the Web page kept coming up, no matter where I tried to browse. Of course, rebooting did NOT fix the problem.
After debugging a handful of possibilities, I realized the likely culprit was an interaction between Google Chrome, T-Mobile, and Chrome UA Switcher. Opening Chrome UA Switcher and resetting to defaults mitigates the problem, temporarily returning Web browsing functionality.
In particular, I was using Chrome UA Switcher to tweak the user agent string that Chrome was sending to websites for each page request. I hate when websites try to push their limited "mobile" HTML versions on me, and I really hate when they try to push their "apps" on me--I just want to browse the Internet like an ordinary desktop user. So I was using Chrome UA Switcher to tweak a Chrome setting to force websites to offer their normal desktop HTML versions.
That's where T-Mobile comes in. Apparently, too many T-Mobile users are tethering their phones to their computers without purchasing the T-Mobile tethering service, because T-Mobile decided to block all HTTP requests that use a desktop-like user agent string. When a T-Mobile user tries to visit a website with either a legitimate phone with a desktop user agent string, or an illegitimate computer tethered to the phone, T-Mobile's overeager police system detects both as an illigitimate user, resulting in false positives that effectively disable 100% of Web browsing for hapless customers. Good job with QA there.
I motion to roll back this overeager police system. Find a more accurate way to detect tether-stealers, because the current system classifies normal users as thieves, and doesn't even have the guts to say so.
Specs:
* Chrome 18.0.1025469
* Chrome UA Switcher 1.20
* Samsung Galaxy SIII SGH-T999
* T-Mobile Unlimited Plan

mcandr said:
At Midnight EST, Morning of 17 December 2012, Web browsing on my phone stopped working. When I tried to access Web pages not already in my cache, I was redirected to:
http://offers.t-mobile.com/tethering/upsell.do?source=redirect
A new Website set up by T-Mobile to sell tethering service. I don't want to purchase this service, but the Web page kept coming up, no matter where I tried to browse. Of course, rebooting did NOT fix the problem.
After debugging a handful of possibilities, I realized the likely culprit was an interaction between Google Chrome, T-Mobile, and Chrome UA Switcher. Opening Chrome UA Switcher and resetting to defaults mitigates the problem, temporarily returning Web browsing functionality.
In particular, I was using Chrome UA Switcher to tweak the user agent string that Chrome was sending to websites for each page request. I hate when websites try to push their limited "mobile" HTML versions on me, and I really hate when they try to push their "apps" on me--I just want to browse the Internet like an ordinary desktop user. So I was using Chrome UA Switcher to tweak a Chrome setting to force websites to offer their normal desktop HTML versions.
That's where T-Mobile comes in. Apparently, too many T-Mobile users are tethering their phones to their computers without purchasing the T-Mobile tethering service, because T-Mobile decided to block all HTTP requests that use a desktop-like user agent string. When a T-Mobile user tries to visit a website with either a legitimate phone with a desktop user agent string, or an illegitimate computer tethered to the phone, T-Mobile's overeager police system detects both as an illigitimate user, resulting in false positives that effectively disable 100% of Web browsing for hapless customers. Good job with QA there.
I motion to roll back this overeager police system. Find a more accurate way to detect tether-stealers, because the current system classifies normal users as thieves, and doesn't even have the guts to say so.
Specs:
* Chrome 18.0.1025469
* Chrome UA Switcher 1.20
* Samsung Galaxy SIII SGH-T999
* T-Mobile Unlimited Plan
Click to expand...
Click to collapse
Well T-Mobile is ridiculous and we who tether are not thieves. We can't steal date we have already played for so o that note T-Mobile can choke on one. Its my data I pay for monthly and I should be able to use how ever when ever.
Sent from my SGH-T999 using xda premium

yeislak said:
Well T-Mobile is ridiculous and we who tether are not thieves. We can't steal date we have already played for so o that note T-Mobile can choke on one. Its my data I pay for monthly and I should be able to use how ever when ever.
Sent from my SGH-T999 using xda premium
Click to expand...
Click to collapse
That may be, but it helps to be agnostic on this issue. Even IF we consider unpaid tethering to be stealing, it still doesn't make sense to hurt phone users who aren't tethering at all but simply using a tweaked user agent string. We can't control T-Mobile's policy on paid vs nonpaid tethering, but we can request that T-Mobile not falsely block users who are fully abiding by the stated payment plans.

mcandr said:
At Midnight EST, Morning of 17 December 2012, Web browsing on my phone stopped working. When I tried to access Web pages not already in my cache, I was redirected to:
http://offers.t-mobile.com/tethering/upsell.do?source=redirect
A new Website set up by T-Mobile to sell tethering service. I don't want to purchase this service, but the Web page kept coming up, no matter where I tried to browse. Of course, rebooting did NOT fix the problem.
After debugging a handful of possibilities, I realized the likely culprit was an interaction between Google Chrome, T-Mobile, and Chrome UA Switcher. Opening Chrome UA Switcher and resetting to defaults mitigates the problem, temporarily returning Web browsing functionality.
In particular, I was using Chrome UA Switcher to tweak the user agent string that Chrome was sending to websites for each page request. I hate when websites try to push their limited "mobile" HTML versions on me, and I really hate when they try to push their "apps" on me--I just want to browse the Internet like an ordinary desktop user. So I was using Chrome UA Switcher to tweak a Chrome setting to force websites to offer their normal desktop HTML versions.
That's where T-Mobile comes in. Apparently, too many T-Mobile users are tethering their phones to their computers without purchasing the T-Mobile tethering service, because T-Mobile decided to block all HTTP requests that use a desktop-like user agent string. When a T-Mobile user tries to visit a website with either a legitimate phone with a desktop user agent string, or an illegitimate computer tethered to the phone, T-Mobile's overeager police system detects both as an illigitimate user, resulting in false positives that effectively disable 100% of Web browsing for hapless customers. Good job with QA there.
I motion to roll back this overeager police system. Find a more accurate way to detect tether-stealers, because the current system classifies normal users as thieves, and doesn't even have the guts to say so.
Specs:
* Chrome 18.0.1025469
* Chrome UA Switcher 1.20
* Samsung Galaxy SIII SGH-T999
* T-Mobile Unlimited Plan
Click to expand...
Click to collapse
Well said. Can you tell me what you have done since you posted this? Have you just accepted the fact that you cannot use the desktop versions of sites? This is killing me on my Nexus 4.
I'm probably going to call them and talk to someone just to see if there's anything they can do, I fully expect to waste my time. I am going to file a complaint with the FCC if they don't fix this. I mean c'mon, it's defective by design. They only give you 5 GB, so even if I was tethering, I'd only be able to use up to 5 GB. Why would t-mo care how I use the 5 GB they give me? And that point is moot: I'm not even trying to tether, I just want to view desktop sites and they are filtering that. Are there any laws in place that prohibits carriers from filtering content that I can reference in my complaint?

I just started getting this annoying redirect and I've not been tethering on my phone- I don't think I've ever actually tethered from my phone since being on t-mobile, though I am running a custom rom and it does have an option to do this I've not actually ever set it up or run it once.... ?
I do have an unlimited unthrottled plan, and will use it do get torrents from time to time, but I'm not being a data hog and racking up any huge monthly data use rates.
I really can't figure out how I was browsing normally on my phone and then did a google search for something I was interested in and boom... now every websearch or link I want to open automatically is redirecting me to this stupid notification!?
anyone figure it out?

[Q] Safe surfing over open wifi spots?

When your out traveling you often connect to different wifi spots(restaurants, hotel,...) and you never know how what happens behind.
Is there a way to use your phone on Internet in a safe way? Like a switch on your home screen you can turn the it on/off easly? I guess you need an app, a vpn or a server of some sort??

What do you mean with "in a safe way" ?
For example gmail uses a cripted (SSL) channel to read/send email. Is SSL "enough" safe for you ?
Using a "public" hotspot is not less "safe" than acecss your online backing form a pc at office. Is it possible for the "neworking guy" to see that you are accessing an online bank? Yes, for sure. Could he read your PIN/passwd and steal your money ? If your bank has a decent website (HTTPS) probably not (or not so easily..).
Do you wnat to be "safe" to read an online newspaper for last headnews?

Tor, private VPN
Sent from my i9250

kliw said:
For example gmail uses a cripted (SSL) channel to read/send email. Is SSL "enough" safe for you ?
Click to expand...
Click to collapse
With the easy availability of Jasager routers and how simple SSL-stripping is, no, SSL isn't safe enough on a public wifi.
As bk said, either use Orbot (TOR's Android implimentation) or a private VPN that provides endpoint-to-endpoint encryption.

I usually tend not to do any super personal stuff over public wifi - that means access gmail, google drive, etc.
I tend to stick to browsing websites for reading and that's it.
Chances are, if it's in a known location of a big business you probably have nothing to worry about.
A mom-and-pop coffee shop, or a crummy hotel wifi access point I'd be skeptical of the security enforced.

Here you go..
http://forum.xda-developers.com/showthread.php?t=1350941

akira02rex said:
Chances are, if it's in a known location of a big business you probably have nothing to worry about.
Click to expand...
Click to collapse
Actually, a big business's wifi is probably less safe. Anyone who wants a large number of targets at once just needs a Jasager router, the ability to launch a de-auth attack (not difficult at all), and a local Starbucks.

[Q] AT&T Detected Tether Apps?

So today I got the letter in the mail from AT&T telling me that I need to stop tethering or that I'll lose my old grandfathered in unlimited data plan and be moved to plan that supports tethering and a data cap.
I called the number they gave me to get some info on what they were going to say they told me very generally that they have detected tethering and that if I don't stop by the end of the month, they will bump my plan. She gave me a laundry list of things that are considered tethering, from wifi hotspots to getting internet access for a gaming console.
I pressed very hard to find out what exactly I have done that they register as tethering more than anything I wanted specifics. She told me several times that they couldn't give out specifics as that is proprietary information. When I suggested that this might just them trying to force me onto a more expensive plan since they were unable to give me any proof that I had been tethering, she paused and said that she's wait while I look in my phone for tethering apps. I told her I don't have any tethering apps and she told me to look again. After some back and forth, she told me that the mere existence of a tethering app on the phone was considered tethering.
Beyond the issue of tethering at the moment I'm bothered that they even know what apps are on my phone and that they might use the existence of an app as justification to alter my service.
Has anyone heard of the carrier looking at apps like this before? From a privacy standpoint, I'd like to see if there is some way to keep their nose out of my business. Anyone know of a way to keep AT&T out of my phone?

If you were to have a tethering app on your phone (and of course, you don't), what would it be? i.e., if AT&T can detect certain apps, what, do you suppose (without admitting anything incriminating), are the apps they're talking about?
I can't imagine they'd be crazy enough to surreptitiously audit the content of a subscriber's phone, and then tacitly admit to it with this sort of inquiry. But I could imagine that they can detect tethering "signatures" via snooping network traffic. For example, if you tether to a PC and use that to browse the internet, the user agent will look different than when the phone's browser is being used. Or if you left a tethering session running and they saw your phone pulling down updates for Microsoft Windows, that'd sure be a dead giveaway. There's little if any reason to pull anything off Windows Update with a phone. They could maybe get away with detecting that sort of thing since they wouldn't be looking at data content, just whether or not the data source was consistent with a smartphone or not...

willp2 said:
So today I got the letter in the mail from AT&T telling me that I need to stop tethering or that I'll lose my old grandfathered in unlimited data plan and be moved to plan that supports tethering and a data cap.
I called the number they gave me to get some info on what they were going to say they told me very generally that they have detected tethering and that if I don't stop by the end of the month, they will bump my plan. She gave me a laundry list of things that are considered tethering, from wifi hotspots to getting internet access for a gaming console.
I pressed very hard to find out what exactly I have done that they register as tethering more than anything I wanted specifics. She told me several times that they couldn't give out specifics as that is proprietary information. When I suggested that this might just them trying to force me onto a more expensive plan since they were unable to give me any proof that I had been tethering, she paused and said that she's wait while I look in my phone for tethering apps. I told her I don't have any tethering apps and she told me to look again. After some back and forth, she told me that the mere existence of a tethering app on the phone was considered tethering.
Beyond the issue of tethering at the moment I'm bothered that they even know what apps are on my phone and that they might use the existence of an app as justification to alter my service.
Has anyone heard of the carrier looking at apps like this before? From a privacy standpoint, I'd like to see if there is some way to keep their nose out of my business. Anyone know of a way to keep AT&T out of my phone?
Click to expand...
Click to collapse
Are you on stock AT&T rom?
Sent from my SAMSUNG-SGH-I317 using XDA Premium HD app

While I hope for their own sake that they aren't auditing software on the devices, I suppose they could be watching what people download. For instance, some tethering apps are just not available in the Play store if you are coming from AT&T or Sprint. I could see that perhaps in one of the many TOS agreements I clicked OK on without reading there was something that said they could sniff around my phone.
I assumed they would be looking at traffic, but after being quite vague over and over again, she was very specific about a tethering app. Agreed that as soon as a PC goes online it creates all kinds of traffic that wouldn't look like a smart phone.
I am using the stock / not rooted AT&T ROM at this point. I normally root right away, but I haven't really had a need on this one.
I would root and use a different ROM if I felt like it would keep their noses out of my junk. Even if I was tethering, I'm not using a crazy amount of data so I find the whole thing pretty silly.
Now I am thinking that if they do change my tethering plan without my permission, I have to assume that I can break my contract if I want and move elsewhere. Just not sure where I could get another Note II with unlimited data at a decent price.

willp2 said:
While I hope for their own sake that they aren't auditing software on the devices, I suppose they could be watching what people download. For instance, some tethering apps are just not available in the Play store if you are coming from AT&T or Sprint. I could see that perhaps in one of the many TOS agreements I clicked OK on without reading there was something that said they could sniff around my phone.
I assumed they would be looking at traffic, but after being quite vague over and over again, she was very specific about a tethering app. Agreed that as soon as a PC goes online it creates all kinds of traffic that wouldn't look like a smart phone.
I am using the stock / not rooted AT&T ROM at this point. I normally root right away, but I haven't really had a need on this one.
I would root and use a different ROM if I felt like it would keep their noses out of my junk. Even if I was tethering, I'm not using a crazy amount of data so I find the whole thing pretty silly.
Now I am thinking that if they do change my tethering plan without my permission, I have to assume that I can break my contract if I want and move elsewhere. Just not sure where I could get another Note II with unlimited data at a decent price.
Click to expand...
Click to collapse
Also make sure you DONT use internet explorer that is a NO NO for tethering with AT&T they see the browser agent and KNOW that`s not possible without tethering.

hyelton said:
Also make sure you DONT use internet explorer that is a NO NO for tethering with AT&T they see the browser agent and KNOW that`s not possible without tethering.
Click to expand...
Click to collapse
Prove I haven't just changed my agent string to make the stupid app server think I'm on a windows desktop and using IE.
One of my friends pinged me 2 days ago. He got the friendly text stating tethering isn't allowed without a tether plan. No tethering on his part, just a lot of vevo traffic.
-----
I would love to help you, but help yourself first: ask a better question
http://www.catb.org/~esr/faqs/smart-questions.html

You could setup a linux machine at home and keep that running. Setup an SSH tunnel from your phone to your home linux box and tunnel all the tethering traffic through that. To AT&T that would just look like an encrypted ssh connection.

You could also run a Windows virtual machine on your phone. It's already been done.

Darkshado said:
You could also run a Windows virtual machine on your phone. It's already been done.
Click to expand...
Click to collapse
That wouldn't help. FIrst, I don't think there are any hardware network drivers for windows for the Note II, so it wouldn't be able to get internet. Second, If he did have internet, he would still run into the same issue of unencrypted traffic being sniffed by at&t. Sure he could setup an ssh tunnel from windows, but at that point it's just silly to run windows on the note just to encrypt traffic.

I assume one could use any VPN like the SSH tunnel or something like hotspot shield or similar as long as all traffic is forced through the tunnel and there really would be no way for anyone to tell what you are doing.

willp2 said:
I assume one could use any VPN like the SSH tunnel or something like hotspot shield or similar as long as all traffic is forced through the tunnel and there really would be no way for anyone to tell what you are doing.
Click to expand...
Click to collapse
YA, thats the idea. As long as traffic is encrypted somehow there is little that AT&T can sniff.

DeMiNe0 said:
That wouldn't help. FIrst, I don't think there are any hardware network drivers for windows for the Note II, so it wouldn't be able to get internet. Second, If he did have internet, he would still run into the same issue of unencrypted traffic being sniffed by at&t. Sure he could setup an ssh tunnel from windows, but at that point it's just silly to run windows on the note just to encrypt traffic.
Click to expand...
Click to collapse
I think he was perhaps referring to why there was traffic that looks like it originated from a PC coming from my phone. So if someone was running a VM on the phone itself it would produce some PC looking traffic. If that was the idea there, I assume tethering to a VM is still tethering?

Yeah: Provided you can run Qemu or Virtualbox you can run Windows in it, and it will have network access just like any VM would from a full sized computer. My point is that you can make a non-tethered phone generate the very same sort of IP traffic a computer would.
Heck, if the Fujitsu LOOX F-07C can run on AT&T, you don't even need a VM to generate connections to Windows Update and a desktop IE user agent!

I got the same message last week. I don't tether at all. I'm on cleanrom 4.5. Tried to request what apps they suspect me of using but wouldn't tell me either. I know all the apps I have on my phone as I keep things very simple. I will admit I do use a lot of data (4-4.5 gigs in 2 weeks lol)
I use Pandora and tunein app to stream music all the time. Only thing that I recently did out of the normal routine was use the desktop view on Google chrome. Would that give a different browser signature?

pyo said:
I got the same message last week. I don't tether at all. I'm on cleanrom 4.5. Tried to request what apps they suspect me of using but wouldn't tell me either. I know all the apps I have on my phone as I keep things very simple. I will admit I do use a lot of data (4-4.5 gigs in 2 weeks lol)
I use Pandora and tunein app to stream music all the time. Only thing that I recently did out of the normal routine was use the desktop view on Google chrome. Would that give a different browser signature?
Click to expand...
Click to collapse
Yes, it would show a user-agent string without indicating mobile. But not likely something to trigger a tether notice, as I use desktop view all the time. It's likely the high data usage that makes them think tether.
-----
I would love to help you, but help yourself first: ask a better question
http://www.catb.org/~esr/faqs/smart-questions.html

willp2 said:
So today I got the letter in the mail from AT&T telling me that I need to stop tethering or that I'll lose my old grandfathered in unlimited data plan and be moved to plan that supports tethering and a data cap.
I called the number they gave me to get some info on what they were going to say they told me very generally that they have detected tethering and that if I don't stop by the end of the month, they will bump my plan. She gave me a laundry list of things that are considered tethering, from wifi hotspots to getting internet access for a gaming console.
I pressed very hard to find out what exactly I have done that they register as tethering more than anything I wanted specifics. She told me several times that they couldn't give out specifics as that is proprietary information. When I suggested that this might just them trying to force me onto a more expensive plan since they were unable to give me any proof that I had been tethering, she paused and said that she's wait while I look in my phone for tethering apps. I told her I don't have any tethering apps and she told me to look again. After some back and forth, she told me that the mere existence of a tethering app on the phone was considered tethering.
Beyond the issue of tethering at the moment I'm bothered that they even know what apps are on my phone and that they might use the existence of an app as justification to alter my service.
Has anyone heard of the carrier looking at apps like this before? From a privacy standpoint, I'd like to see if there is some way to keep their nose out of my business. Anyone know of a way to keep AT&T out of my phone?
Click to expand...
Click to collapse
To the OP, did you tether ever?
I am worried that innocent people will lose their unlmtd plan? We need to find out if their detection system is wrong?

Wait, I signed up for 2 lines around 3 or 4 months sgo and they said because I got the max 6gigs of data a month I could tether all I want. I haven't for more than 10 minutes but I have noticed that AT&T sales reps speak in half truths. I was told if I paid the 10 a month for insurance I could break it by throwing it at someone" Well I added my 2nd line 10 days later and only then found out about a $200 deductible. I was definitely never told about a high deductible upon signing with them. I dont hold back though. I had all prorated charges waived.
Sent from my SAMSUNG-SGH-I317 using Xparent Skyblue Tapatalk 2

DeMiNe0 said:
You could setup a linux machine at home and keep that running. Setup an SSH tunnel from your phone to your home linux box and tunnel all the tethering traffic through that. To AT&T that would just look like an encrypted ssh connection.
Click to expand...
Click to collapse
That's exactly what I do and no problems thus far

Tethering detection has been discussed many times. The consensus is that they detect tethering by examining the TTL (Time-To-Live) value in the packet. When you tether a device, it shows a different TTL value than the one used in data packets sent by the phone and that's what they look for. There are other tricky things they can examine in the packet headers that can be used to detect tethering, but those are more complicated and take more effort on the part of the the wireless provider.
From what I read, it looks like SSH tunneling over a VPN would allow you to tether without detection, but I haven't heard of any definitive test on this. The biggest problem I see with that approach is that it really slows down your connection.
Here's a very technical paper that discusses tethering and methods to defeat it: Tethering Camouflage
These guys created a test app that rewrites packet data to hide tethering. In the article, they compare their method to using a VPN, which they imply will do the trick. Their opinion is that wireless providers will eventually give up on trying to enforce tethering restrictions because people will find ways to defeat it and it will cost them more than it's worth.

cyrano821 said:
That's exactly what I do and no problems thus far
Click to expand...
Click to collapse
Same here got an ipcop firewall with open VPN Created certs for my mac and Android devices and no issues as of yet.