Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verizon Cracks Down On Jailbreak Tethering

Posted by timothy on from the nickels-and-dimes-and-dollars-oh-my dept.

tekgoblin writes "Verizon, like AT&T has now started blocking jailbroken phones from using un-sanctioned tethering apps. Verizon will now require users to be subscribed to a mobile tethering plan to be able to use tethering at all." So which mobile company's actually any good for 3G tethering, voice service aside? My Virgin Mobile MiFi (bought under a plan no longer available) is theoretically unlimited and "only" $40/month, but has had too much downtime for my taste, and atrocious customer service.

4 of 286 comments (clear)

  1. How do they tell? by jsnipy · · Score: 4, Insightful

    How do they even tell tethered traffic from non?

    --
    -- if you mod me down, I will become more powerful than you can possibly imagine
    1. Re:How do they tell? by mlts · · Score: 4, Insightful

      I use VPNs all the time on my cell phone, and never for tethering. I don't really trust most wireless networks out there, so having my traffic going through an encrypted tunnel out is something I do as a matter of routine. A lot of "free" Wi-Fi places also have ad injectors (a la Phorm) so having an encrypted link gets rid of third party meddling in what I am doing.

    2. Re:How do they tell? by tlhIngan · · Score: 5, Informative

      How do they even tell tethered traffic from non?

      Easy.

      First, a little background.

      A cellphone data connection goes through a gateway. It's not a traditional TCP/IP link, but it sure looks like one from the mobile side. What happens is the TCP/IP packets are encapsulated by the modem, forwarded to the base station, and the base station determines which gateway to use.

      In GSM, the gateway is chosen by the APN you enter (or your phone automatically uses). CDMA is different, but it effectively looks up the gateway for you.

      The gateway does things depending on the plan you buy. Consider the entirety of data plans available - unlimited "social networking" for feature phones, unlimited data for blackberries, gigs and gigs for smartphones, 1-2GB for laptop, each of which is increasing in price. The reason for this is service differentiation. The lowest and cheapest plan probably uses well defined proxy servers that only forward to specific hosts. The blackberry plans go to specific blackberry networks. The smartphone plans often have stuff like transparent proxying (caching plus stuff like recompression), firewalling (HTTP/HTTPS/SMTP/POP/IMAP only is typical), NAT (multiple layers).

      Laptop data plans (MiFi's and the like) often stick you behind a simple NAT, but are otherwise free from other firewalling. And if you pony up $$$, you can often get VPN plans that give you a real life IP address and no firewalling.

      Guess what? These firewalls also note what traffic isn't making it thorugh. Various ping probes, odd port traffic, stuff like that gets logged. Use a Windows machine and it's easy from traffic that no smartphone will ever generate.

      Those who use their phone as a modem (PC does TCP/IP) are the first to trigger the alerts, those who use SSH-SOCKS (phone does TCP/IP) are harder to tell (all packets originate from phone, traffic not using proxy isn't seen), in which case they have to see if connections are made to odd ports and the like (e.g., if you try to ssh to a host).

      Other techniques are a bit of packet identification and link utilization - you can easily tell a smartphone from a PC just by the way the browsers create network traffic, for example (especially with smartphone plan transparent proxies)

      You think carriers are stupid for selling 2GB laptop plans when you can get 5GB smartphone plans for half the price?

    3. Re:How do they tell? by Tuxedo+Jack · · Score: 4, Informative

      It depends on the device you're using.

      In Android and Windows Mobile 6.5/6.1/5, your NAI (network access identifier) changes based upon the type of traffic you're pushing. Tethered traffic and DUN changes your NAI to yournumber@dun.vzw3g.com. Traffic from the phone itself is simply yournumber@vzw3g.com.

      Verizon has poisoned EVERY phone with Gingerbread - they have modified the OS so that activating any hotspot app, even if the phone is rooted, to trigger the NAI change and show the phrase "Tethering or Hotspot Active." The only SAFE way to tether on a Verizon phone is to run Froyo, then use free-wifi-tether's 3.x version. Alternatively, install CyanogenMod and then you can tether.

      For iOS? Hell, you're screwed any way you turn.

      --

      Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!