A Teenage Hacker Figured Out How To Get Free Data On His Phone

An anonymous reader quotes a report from Motherboard: Jacob Ajit is 17 and he just hacked his way to getting free phone data, presumably so that he can do whatever it is that teens do online these days without alerting his parents with overage fees. According to a Medium post Ajit posted on Wednesday, he made his discovery while playing around with a prepaid T-Mobile phone with no service. The phone was still able to connect to the network, although it would only take him to a T-Mobile portal asking him to renew the prepaid phone plan. For some reason, though, Ajit wrote that his internet speed test app still worked, albeit through a T-Mobile server. Ajit figured out that he was able to access media sent from any folder labelled "/speedtest," possibly because T-Mobile whitelists media files from speed tests regardless of the host. He tested his theory by setting up a "/speedtest" folder on his own site and filled it with media, including a Taylor Swift music video, which he was able to access. Ajit writes that he then created a proxy server that allows users to access any site with this method. All a T-Mobile user has to do is go to this page and input any URL they want to visit. "Just like that, I now had access to data throughout the T-Mobile network without maintaining any sort of formal payments or contract," Ajit wrote on Medium. "Just my phone's radios talking to the network's radios, free of any artificial shackles."

Holes in networks, video at 11

[CRC'99]

We did this years ago on GSM / PPP sessions (remember when you connected a laptop via IR and dialed a number to get internet access?).

Set up a VPN server to listen on port 53 UDP somewhere on the internet, then connect to it from your laptop via the phone.

Used to be able to buy a $2 sim card, and pass hundreds of MB per day (which was a lot at the time) with zero restrictions.

"free of any artificial shackles"

[ScentCone]

You know, artificial shackles getting in between you and the free natural resources, much like sunshine, that is internet-connected bandwidth, DNS services, and everything else that somebody has to pay for so this entitled little jerk can be "unshackled." You know, because he's owed free stuff. Stuff that only other chumps pay for. How dare T-Mobile put shackles on nature's freely available peering systems, routers, maintenance workers, technicians, tower installers, electricity, and all of that other not-at-all-artificial stuff that they're cruelly shackling!

Interesting choice of word, "shackles." This idiot may want to consider how they're used in the real world. You know, like when you're being moved from the county lockup over to the courthouse for your arraignment.

Re: Arrest warrent is being drawn up now

[ArmoredDragon]

Well, let's see:

(a) sells, offers for sale or otherwise makes available, without consent, an existing, canceled or revoked access device

He just bought it, and has the consent of the carrier to use it, and it isn't canceled or revoked.

(b) uses, without consent, an existing, canceled or revoked access device;

Neither canceled nor revoked, nor was it used without consent. He might have used it in a manner that the carrier didn't intend, but if that was the case, then rooting would be a crime, wouldn't it?

(c) knowingly obtains any telecommunications service with fraudulent intent by use of an unauthorized, false, or fictitious name, identification, telephone number, or access device. For purposes of this subdivision access device means any telephone calling card number, credit card number, account number, mobile identification number, electronic serial number or personal identification number that can be used to obtain telephone service.

This one almost has it, except it specifically says by use of, quote: "an unauthorized, false, or fictitious name, identification, telephone number, or access device" and lo and behold, not a single one of those conditions applies here. And given that he didn't do any of that, the second sentence is notwithstanding.

So no, you'll need to reach harder if you want to claim theft here.

Re:Unauthorized access

[segin]

That whitelisting for speedtests also applies to unactivated SIMs and prepaid SIMs without active service (e.g. due to nonpayment or zero balance.)

I used to keep a spare phone lying about with an unactivated SIM while I had a prepaid SIM, and discovered the speedtest whitelisting was unconditional. I never thought to dig any deeper into it, although I suspected this type of thing was possible all along.

Glad to have my suspicions confirmed without having to risk my ass.

Free AOL

[Dusthead+Jr.]

Back in 2000 I had one of those AOL CD's that they liked to shove into everyone's mailbox. The would give you so many free hours, but you still needed a credit card. I remember going through the motions of signing up but stopping short of inputting my CC info, as I didn't have one at the time. There was a part of the sign up that searched for a list of local phone numbers. During that time you were connected to the net.I would switch to a real browser, Netscape at the time, and sure enough I was surfing a 56k. The connection would usually time out a about 20 to 30 minutes and I would have to try again, but it still worked.

Re:Free AOL

At that time, there also used to be "warez" call "credit master 4" which would generate an algorithmically correct (but not actual) CC info. Since AOL CDs of the time only checked the algorithm, and not the validity, of input CC info, you were off to the races for weeks until the fictitious CC info was billed.