AT&T Cracking Down on Unauthorized Tethering

[ET007]

The TOS is a contract. The contents of a contract are not law, but the fact you signed the contract and agreed to abide by that contract is law. And by tethering without the tethering plan, you are in breach of contract which is illegal.

People should be lucky that AT&T is just warning you then moving you to a tethering plan if you continue tethering, they probably do have grounds to take you to court for theft of service.

I would disagree with having "to abide by that contract is law." The courts/judges/legal system would have to decide on this part (ie, whether the TOS are fair and justified and whether violating them is against the law), just like when Apple thought that jailbreaking their iPhone was against the TOS and thus against the law. As we know, the courts decided otherwise. So it is not clear-cut as some people like to think.

Hence, consumers should not willingly accept every TOS that is put in front of them as a holy grail law. If all people accepted Apple's TOS, jailbreaking your iphone would still be illegal according to Apple. Consumers need to actively protect their rights because business will not do it.

 

[Howdr]

Well even doing that they could tell. All they have took look at is see if final ip address it is going to is different than what AT&T has assigned your phone dead giveaway you on tethering as the phone is working a router sending the data to other devices.

And where is this recorded? From what the reps tell me they can't see.

Data is not recorded in this way.

as for IP address you know that can be easily faked right?

Bah, of course you can. When you have "unlimited" it does not affect you as much by sharing it. Thus people would be more willing to setup private networks at work or wherever with several people on it all sucking down whatever they want. But if you cap that, suddenly people become frugal........

There is a Cap 5GB........ been known for years now.

My point is Grandfathered in Unlimited does not mean you have no rights compared to a 2gb plan.

People like to make crap up, you have no "Special status" because your on a 2gb plan, at&t will come after you for tethering just like the 90GB guy.

 

[QuarterSwede]

Bah, of course you can. When you have "unlimited" it does not affect you as much by sharing it. Thus people would be more willing to setup private networks at work or wherever with several people on it all sucking down whatever they want. But if you cap that, suddenly people become frugal.

+1 Dead on.

There is a Cap 5GB........ been known for years now.

My point is Grandfathered in Unlimited does not mean you have no rights compared to a 2gb plan.

People like to make crap up, you have no "Special status" because your on a 2gb plan, at&t will come after you for tethering just like the 90GB guy.

That 5GB cap, as far as I can tell, is a soft cap. They would send letters in the past but never did anything about it. Now that's changed. They're assuming you're tethering now.

 

[CylonGlitch]

And where is this recorded? From what the reps tell me they can't see.

Data is not recorded in this way.

as for IP address you know that can be easily faked right?

Yes, yes they can. Spoofing an IP address is fine, but it cannot be the same IP address within the same domain as another device otherwise it will cause contention / conflict. Every packet has a lot of information stored in the header and options flags; including what type of data is enclosed within the packet. Realtime packet processors can rip apart a packet and extract all types of information from it. As he said, your phone has to act as a router, thus there has to be some routing information within the packet (such as port number, and ip address) so that any incoming packets can be routed to the correct destination. Secondly, every jump that a packet makes, the TTL value is decremented; if it hits zero it is dropped. But all packets from an iPhone to the telco should have fixed TTL's (ie iPhone originates data, it may make 2 hops to get to their servers, at this point it should have, say, FD as it's TTL [FF -2]). If the TTL is less then that value, it obviously had to go through additional hops to get out. Meaning it did not originate on the iPhone itself.

These are just TWO pieces of information they can collect, easily, to prove you're tethering. There are many other things that they can do as well. Data usage is just another flag. Put enough flags up, and you're going to get attention. I bet they could easily convince a judge / jury that you were tethering if they wanted to go after you.

Remember, most service reps don't understand what it takes to do packet processing and network snooping; thus they don't know themselves. But it is obvious that some people here know their ****; listen to them.

BTW I have designed many network routers, and network processors (at the chip level), so I might know something about it. Then again, maybe I'm just full of **** too, right?

 

[phpmaven]

Big Thumbs up AT&T. I am glad they are just taking it to enroll people into the 2gig plan and add tethering, saves people the trouble of having to do it themselves!

Plus I won't have to subsidize their data usage from their stealing bandwidth and access from AT&T.

I can't wait though, in a few weeks / months, though, when we start seeing people complaining how AT&T screwed them and changed their dataplan even though they did nothing wrong and weren't using MyFi and AT&T is horrible and a crook.

It is coming...

By the way the supposition as to how they are detecting this is likely way off base. It is probably pretty easy for them to determine it. I suspect Apple has included some kind of method for them to determine it. People who think it is not detectable just don't understand how it works/what it is doing at the device level.

It is child's play to detect tethering. Any time you browse the Internet it's going to send a "User Agent" string in the HTTP header that is a dead giveaway that you are on a iPad or laptop. You could spoof the user agent on some browsers on a Mac or PC but not on the iPad. Also, they could also see that you not getting mobile formatted versions of sites you go to. Perhaps higher quality videos back from Youtube.

There are quite a few ways they could detect it. They probably have other flags embedded in the data packets that are being sent that ID your device as well.

I find it interesting that so many MyWi users were adamant that AT&T would never crack down on "illegal" tethering. I felt pretty certain that when they finally introduced "official" tethering that they would start cracking down.

And where is this recorded? From what the reps tell me they can't see.

Data is not recorded in this way.

as for IP address you know that can be easily faked right?

It's virtually impossible to fake or spoof an IP address.

Well even doing that they could tell. All they have took look at is see if final ip address it is going to is different than what AT&T has assigned your phone dead giveaway you on tethering as the phone is working a router sending the data to other devices.

That's not how it works. The outside word can only see the IP addresses that are actually connected to the Internet. Any devices that are on the other side of a router, which is essentially what you phone is acting as when it tethering, are not visible. Of course that are ninja networking tools that can try and probe connected devices and get that kind of info, but AT&T is not going to that extreme. They are certainly just logging the data packets going to and from your device. Those logs would not contain any data about devices behind routers.

Yes, yes they can. Spoofing an IP address is fine, but it cannot be the same IP address within the same domain as another device otherwise it will cause contention / conflict. Every packet has a lot of information stored in the header and options flags; including what type of data is enclosed within the packet. Realtime packet processors can rip apart a packet and extract all types of information from it. As he said, your phone has to act as a router, thus there has to be some routing information within the packet (such as port number, and ip address) so that any incoming packets can be routed to the correct destination.

Actually, that's not quite accurate. The incoming packets don't have final IP routing data in them. That's the job of the router receiving the packets. It will determine what to do with data being received with a specific port number and decide what IP to route it to. The only IP numbers that would be in the incoming packets would be the router's IP.

 

[snakelda]

How did you put Brandon instead of the AT&T?

 

[tkambitsch]

$100 for 1GB of data usage?

AT&T needs a more equitable pricing policy. Does their pricing really reflect their costs to offer the service? I think not. If they did right by customers we wouldn't be tethering.

I have an unlimited plan that I paid $45 per month for almost two years solely because AT&T told me I needed their Enterprise data plan in order to connect to my employer's Exchange Server. The $15 per month surcharge was bogus and I got screwed because I didn't ask the right questions.

Now I dropped the Enterprise data plan and went to the $30 per month unlimited plan even though the AT&T rep tried to stop me. He hinted that I might lose my email service if I did. Well of course that was bunk too.

So I bought my IPad last summer and did not get a data plan. I did get the 3G model because i knew AT&T or Apple would do something to stop tethering some day. I have not felt guilty for using MyWi because of AT&T and it's bogus marketing schemes.

Their pricing doesn't reflect their costs, but does reflect their ability to take money away from customers. They cannot jusify the costs of charging only $0.0125 per megabyte per month for the 2GB plan and charging $0.075 per megabyte per month for the 200 MB plan. The 3G iPad plan is no bargain either at $0.06 per megabyte per month.

The real appeal for tethering is that they really hit you hard for multiple plans at data levels I don't use.

Here is my household data plans ( and I won't even go into the voice charges and the additional MMS charges:

My own iPhone: $30.00 month unlimited plan. I used less than 750MB even with Myfi tethering of my IPad w/3G
Wife's IPhone: $25.00 monthly 2 GB plan. She used only about 50MB

What AT&T would want:

My iPhone: $25 month for a 2 GB plan
My iPad: $25 month for a 2GB Plan
Wife's iPhone: $25 month for a 2GB Plan

Of course when my I get my IPad 3 next fall and I give my wife my original iPad, that means another $25 per month for her plan. Total: $100 month for was is likely to be only about 1GB of data.

Now some might suggest that I drop those 2GB plans down to 250MB plans.

So next summer I end up paying $25 for my iPhone's plan and $15 each for my wife's iPhone, and both of our iPads. So I am still paying $70 per month for about 1 GB of data per month. But then if things heat up slightly with video apps, and I have to buy a second 250MB block to upgrade each of those minimal plans and then I end up paying about $115 for a month but using as little as 1.3 GB of data over four plans.

These prices are based upon assumptions that am not tethering but buying 3G plans for each device.

I can now jump on the DataPro plan for both my wife and myself for a cool $90 per month. We then can both tether our iPads and offer hot spots to our friends with a total of 8GB of data to use. The problem is that we are still likely to use around 1GB per month.

AT&T should charge a more reasonable amount for the minimal plan and not lure people into plans that are too expensive for data plans that few people need.

AT&T needs, family data plans. Do right by us and we won't resort to illegal tethering.

 

[DrDomVonDoom]

Yes, yes they can. Spoofing an IP address is fine, but it cannot be the same IP address within the same domain as another device otherwise it will cause contention / conflict. Every packet has a lot of information stored in the header and options flags; including what type of data is enclosed within the packet. Realtime packet processors can rip apart a packet and extract all types of information from it. As he said, your phone has to act as a router, thus there has to be some routing information within the packet (such as port number, and ip address) so that any incoming packets can be routed to the correct destination. Secondly, every jump that a packet makes, the TTL value is decremented; if it hits zero it is dropped. But all packets from an iPhone to the telco should have fixed TTL's (ie iPhone originates data, it may make 2 hops to get to their servers, at this point it should have, say, FD as it's TTL [FF -2]). If the TTL is less then that value, it obviously had to go through additional hops to get out. Meaning it did not originate on the iPhone itself.

These are just TWO pieces of information they can collect, easily, to prove you're tethering. There are many other things that they can do as well. Data usage is just another flag. Put enough flags up, and you're going to get attention. I bet they could easily convince a judge / jury that you were tethering if they wanted to go after you.

Remember, most service reps don't understand what it takes to do packet processing and network snooping; thus they don't know themselves. But it is obvious that some people here know their ****; listen to them.

BTW I have designed many network routers, and network processors (at the chip level), so I might know something about it. Then again, maybe I'm just full of **** too, right?

I think the board just got served....

Anyhow, I just got a message on my iPhone saying that AT&T was discontinuing its Video Share service, methinks this has something to do with unregistered tethering? Hmmmmm?

 

[QuarterSwede]

at&t needs a more equitable pricing policy. Does their pricing really reflect their costs to offer the service? I think not. If they did right by customers we wouldn't be tethering.

[snipped for length]

i can now jump on the datapro plan for both my wife and myself for a cool $90 per month. We then can both tether our ipads and offer hot spots to our friends with a total of 8gb of data to use. The problem is that we are still likely to use around 1gb per month.

At&t should charge a more reasonable amount for the minimal plan and not lure people into plans that are too expensive for data plans that few people need.

At&t needs, family data plans. Do right by us and we won't resort to illegal tethering.

amen!

*That's supposed to be in caps. Does MR have a filter on caps now? Gah!

 

[markparker]

Yes, yes they can. Spoofing an IP address is fine, but it cannot be the same IP address within the same domain as another device otherwise it will cause contention / conflict. Every packet has a lot of information stored in the header and options flags; including what type of data is enclosed within the packet. Realtime packet processors can rip apart a packet and extract all types of information from it. As he said, your phone has to act as a router, thus there has to be some routing information within the packet (such as port number, and ip address) so that any incoming packets can be routed to the correct destination. Secondly, every jump that a packet makes, the TTL value is decremented; if it hits zero it is dropped. But all packets from an iPhone to the telco should have fixed TTL's (ie iPhone originates data, it may make 2 hops to get to their servers, at this point it should have, say, FD as it's TTL [FF -2]). If the TTL is less then that value, it obviously had to go through additional hops to get out. Meaning it did not originate on the iPhone itself.

These are just TWO pieces of information they can collect, easily, to prove you're tethering. There are many other things that they can do as well. Data usage is just another flag. Put enough flags up, and you're going to get attention. I bet they could easily convince a judge / jury that you were tethering if they wanted to go after you.

Remember, most service reps don't understand what it takes to do packet processing and network snooping; thus they don't know themselves. But it is obvious that some people here know their ****; listen to them.

BTW I have designed many network routers, and network processors (at the chip level), so I might know something about it. Then again, maybe I'm just full of **** too, right?

Isn't it illegal to do this type of packet extraction/snooping without consent? It seems that if they are gaining the data from the packets that I am sending, it would violate information privacy.

On a different note, ATT is probably using a algorithm to detect "tethering" devices, taking into account data usage with respect to time and other metrics that would allow them to flag a device with some certainty. Of course, you might tether and never be detected, but if your a heavy user, i doubt you would slip through.

 

[Kwill]

This may seem like an intrusion...

Some users received the above SMS message with a followup email explaining tethering

Next, a representative will pop up on your iPhone screen using FaceTime.

"Pardon the interruption. Please stop breastfeeding your child. We want to talk to you about another kind of tethering."​

 

[cmwade77]

I don't think it is a bad thing for AT+T to prevent people from tethering to a laptop on an unlimited cell phone plan. Those people are just taking advantage of the system, and wasting bandwidth that the rest of us could use.


As far as I'm concerned it is the same as going to an all you can eat restaurant and sharing your food between two people, while only paying for one. It isn't a serious crime, but it is stealing, and you know that if you get caught you will have to stop. I'm not going to feel bad for these people that are using 5+GB per month.

It is extremely easy to use 5+GB on your phone without tethering...Downloading iBooks, Music, Apps, Movies (Including Netflix Streaming), it is not hard to do at all.

 

[Howdr]

It's virtually impossible to fake or spoof an IP address.

Wait a minute, I work in IT and use several tools at times, one is Hide my IP and it works sooooooo well.

I have been able to go places where the US is blocked ( at least my IP address was blocked) if its not spoofed then what?

http://www.real-hide-ip.com/

this works I have tested it.

Abuse

there is a thread on here that tells people "I have used 90GB a month for awhile, its safe on unlimited"

Another post is "120gb a month"

these are the people causing the problem.

At&t claimed years ago if Iphone users were allowed to tether they would abuse the data.

When I read the posts

I use "30, 50, 60, 90 and 120GB a month" over and over on MMI and Mac rumors My GOD!

At&t could be right!

because of these abusers I have to worry about the 1 or 2gb of tethering I may need to do now.

thank you for not giving a crap about anyone else............

 

[manman]

Tell this right now any one who understand tcp and deep packet sniffing will tell you that it is not hard to figure it out. It just cost cpu time and network resources. They are not going to do it to everyone because it cost way to much cpu time.
So what they do is look for usage paterns and times to see it happen. Other dead giveaways is large uploads is a dead giveaway since nothing on the iPhone or other smart phone has large streaming uploads (bit torrent for example)
Or someone with large amount of downloads per month are going to get nailed because they are likely tethers so you start deep packet sniffing those people. Log what browser they are reporting certain ones are going to be flag as desktop browsers.

I just gave you a list of things they can looks for to see who is a canidate for the deep packet sniffing to see who is tethers. I would like to point out deep packet sniffing is legal.

Posted from my backberry 8900

Maybe my point here wasn't clear (I probably should have qualified that first statement, my fault). I didn't mean whether or not they theoretically can prove it. I've done my share of network development, and although I can't claim to understand it as well as people that do this stuff for a living, I'm positive they CAN figure out if someone is doing this or not. My comment was more directed at whether or not they have the data already in a state to prove this for the people who are currently getting this message.

I just meant that it may not necessarily be the case that we're just lucky they aren't taking us to court, because it sounds by their reaction to peoples calls that they are doing a very broad estimation at this point of who is tethering and who isn't. So the question to me isn't whether or not they can theoretically prove if you're doing it, but- have they yet and if not, will they deem it worth the cost to do a deep dive on every single 'flagged' case to get the data in a state that does (and would hole up in court).

That's something you need more than a technical understanding of network protocols etc to understand... It's dependent on business factors unique to AT&T.

 

[CylonGlitch]

Isn't it illegal to do this type of packet extraction/snooping without consent? It seems that if they are gaining the data from the packets that I am sending, it would violate information privacy.

On a different note, ATT is probably using a algorithm to detect "tethering" devices, taking into account data usage with respect to time and other metrics that would allow them to flag a device with some certainty. Of course, you might tether and never be detected, but if your a heavy user, i doubt you would slip through.

Nope, not illegal. It is a very common practice even in companies to watch to see what type of traffic is flowing across their data lines. This way they can shape traffic, adjust bandwidth dynamically, or detect things that they don't want people doing.

And yes, your note is valid. They may very well flag you for one small time use, or never flag you for an excessive use. It all depends on where they are looking and when. I would think that if you're excessive, you'll get nailed eventually. But I guess they are going to do the following.

1) Watch for high bandwidth users, this is easy and cheap. Then send them notices and flag their accounts.
2) Those who complain or whatever will not automatically be switched, but will most likely come under scrutiny by doing deeper packet processing. Thus they can legally claim that they had evidence to indicate you might be "stealing" from them.
3) Those who continue to do so will either be switched, dropped, or potentially sued. I'm guess the latter would only happen once they have 100% evidence and want to make a point.

 

[phpmaven]

Wait a minute, I work in IT and use several tools at times, one is Hide my IP and it works sooooooo well.

I have been able to go places where the US is blocked ( at least my IP address was blocked) if its not spoofed then what?

http://www.real-hide-ip.com/

this works I have tested it.

You are talking about using a proxy server. Spoofing would mean that your router is presenting a faked IP address to the outside world.

 

[manman]

Wait a minute, I work in IT and use several tools at times, one is Hide my IP and it works sooooooo well.

I have been able to go places where the US is blocked ( at least my IP address was blocked) if its not spoofed then what?

http://www.real-hide-ip.com/

this works I have tested it.

dude, anybody can use a basic proxy server to view sites blocked or altered for the U.S.... I think what he means to say is that with enough resources at your fingertips (in a company, in government etc), there's always a way to trace back to the source. It's a cat and mouse game when you get to the most sophisticated ways of trying to hide/uncover your source but for anyone out there just using the basic everyday methods it's easy for them to figure it out.

 

[Howdr]

dude, anybody can use a basic proxy server to view sites blocked or altered for the U.S.... I think what he means to say is that with enough resources at your fingertips (in a company, in government etc), there's always a way to trace back to the source. It's a cat and mouse game when you get to the most sophisticated ways of trying to hide/uncover your source but for anyone out there just using the basic everyday methods it's easy for them to figure it out.

We are also arguing that At&t will monitor Millions of users and compare IP addresses in all the states and cities in the US, pretty ambitious and intrusive.

 

[wpotere]

We are also arguing that At&t will monitor Millions of users and compare IP addresses in all the states and cities in the US, pretty ambitious and intrusive.

You don't think that they already monitor their network? Clearly they do as they are sending messages out. It isn't intrusive or hard at all to get and determine a location of an IP.

 

[mosx]

"You signed a contact blah blah blah whine whine whine"

A stipulation in a contract doesn't mean its fair or enforceable.

Want some examples? Look no further than Apple's EULA. It states you can't modify iOS to do what you want with it. EFF challenged it and, guess what? Now modifying (jailbreaking) is perfectly legal.

Look at some things that have happened with cellphone companies.

ETFs were challenged in court. The carriers lost, but settled in a way so they keep doing it.

AT&T's mandatory binding arbitration clause has been thrown out of court multiple times (still making its way through appeals and such), yet AT&T continues to put it into their contract.

Just because something is stipulated in contract, again, doesn't mean it is enforceable.

When you buy a car you sign a contract. Imagine if the contract said you could only use Costco gas and you had to park in a garage every time the engine was off, and if you didn't. your monthly payment essentially doubles. Do you honestly believe that would stand up as enforceable in court? Absolutely not.

Just about every major ISP in the US now has some sort of dedicated traditional video service, like cable TV or U-Verse or FiOS TV. Imagine if those services put a stipulation in the contract that stated your monthly fee would double if you used 3rd party video services like iTunes, Netflix, Xbox Live's Zune video services, or even streamed CNN from the website instead of watching the channel. Do you think that would be ruled as enforceable in court? Of course not.

AT&T is attempting to do exactly what I stated above. Theres a reason AT&T was broken up a few decades ago. These major wireless companies as well as the wireline companies need to be broken up again.

 

[CylonGlitch]

Actually, that's not quite accurate. The incoming packets don't have final IP routing data in them. That's the job of the router receiving the packets. It will determine what to do with data being received with a specific port number and decide what IP to route it to. The only IP numbers that would be in the incoming packets would be the router's IP.

Of course, but as I was trying to imply, that no matter what you do to spoof something, it can be detected. Didn't want to get into too much detail, most people understand IP address but quite a few don't understand ports.

 

[Rodimus Prime]

And where is this recorded? From what the reps tell me they can't see.

Data is not recorded in this way.

as for IP address you know that can be easily faked right?

Umm that is faking you ip to website threw proxy but sure as hell is not going to fake you IP address to you ISP because all you data goes threw them to get to that proxy so they still have you IP.

Isn't it illegal to do this type of packet extraction/snooping without consent? It seems that if they are gaining the data from the packets that I am sending, it would violate information privacy.

On a different note, ATT is probably using a algorithm to detect "tethering" devices, taking into account data usage with respect to time and other metrics that would allow them to flag a device with some certainty. Of course, you might tether and never be detected, but if your a heavy user, i doubt you would slip through.

It is not against the law and they are not looking at the data but more looking at the flags and some other bits that go on the out side of the data inside the package. Short answer they are looking at all the over head stuff and not paying ANY attention to the data part. you can encrypt the the data to high heaven but you flags and what not on the data packets are still going to be the same so they could still rip those apart.

Wait a minute, I work in IT and use several tools at times, one is Hide my IP and it works sooooooo well.

I have been able to go places where the US is blocked ( at least my IP address was blocked) if its not spoofed then what?

http://www.real-hide-ip.com/

this works I have tested it.

Umm see above. That does not hide you IP address from you ISP as you still going threw them for your internet.

Post from my backberry 8900

 

[phpmaven]

Of course, but as I was trying to imply, that no matter what you do to spoof something, it can be detected. Didn't want to get into too much detail, most people understand IP address but quite a few don't understand ports.

Agreed. It would be ridiculously easy for any decent programmer to throw together a program that monitors the log files for certain tell-tale items and identify tethering. You can bet they know who's doing it and will follow through on charging them.

 

[chakraj]

This is all BS, they are just guessing and emailing heavy users.

If they could realy tell exactly how much you tether then why not sell a $20.00 2 gig teather plus plan on top of your unlimited plan. SO you have unlimited data on your iphone, and you can tether 2 gigs a month also. I would go for that.

 

[Jett0516]

ok somebody explain to me this....

so at&t says only 2% of their customers go over 2gb of data which is the reason why they went away with the unlimited data. well if it only 2% of people doing it....then why is at&t even bother cracking down on this?

it doesn't make sense to me.