A Teenage Hacker Figured Out How To Get Free Data On His Phone

An anonymous reader quotes a report from Motherboard: Jacob Ajit is 17 and he just hacked his way to getting free phone data, presumably so that he can do whatever it is that teens do online these days without alerting his parents with overage fees. According to a Medium post Ajit posted on Wednesday, he made his discovery while playing around with a prepaid T-Mobile phone with no service. The phone was still able to connect to the network, although it would only take him to a T-Mobile portal asking him to renew the prepaid phone plan. For some reason, though, Ajit wrote that his internet speed test app still worked, albeit through a T-Mobile server. Ajit figured out that he was able to access media sent from any folder labelled "/speedtest," possibly because T-Mobile whitelists media files from speed tests regardless of the host. He tested his theory by setting up a "/speedtest" folder on his own site and filled it with media, including a Taylor Swift music video, which he was able to access. Ajit writes that he then created a proxy server that allows users to access any site with this method. All a T-Mobile user has to do is go to this page and input any URL they want to visit. "Just like that, I now had access to data throughout the T-Mobile network without maintaining any sort of formal payments or contract," Ajit wrote on Medium. "Just my phone's radios talking to the network's radios, free of any artificial shackles."

Not anymore!

[WolphFang]

Not anymore! You can't tell everyone about your free access and expect it to stay that way!

/speedtest

[invictusvoyd]

That pretty much proves that T-mobile employs 15 year old Taylor swift fans to handle their networks.

Re:

[msauve]

"whatever it is that teens do online these days without alerting his parents with overage fees."

So, free porn.

Re: Not anymore!

[dilvish_the_damned]

Stuck with BluRay forever.

Re:Not anymore!

[meerling]

A long time ago when dialup and AOL were viable options, you could use their free software they gave out to get an account with to get online. You'd run it and wait for it to connect to their server, but instead of filling it out and getting an account, you'd tab to your own browser without closing the AOL one, and you were on the internet without any restrictions.

Re:Not anymore!

[Anonymous Coward]

So you're saying Ajit is an ijit?

Re:

[Anonymous Coward]

That's racist! check your privilege!

Re:Not anymore!

[Ol Olsoc]

That's racist! check your privilege!

I checked it - it's still there - like always.

Re:Not anymore!

[stealth_finger]

How the fuck is that racist?

Because apparently everything is, but only if you're white. Didn't you get the memo?

Re:

[geekmux]

The summary pretty much spoiled it: "For some reason, though, Ajit wrote ..."

The "reason" being that he's an idiot. I'd expect nothing less (more?), however, from a Taylor Swift fan.

T-Mobile relied upon security by obscurity with this ridiculous "hack".

Who's the idiot again?

Re:

[JackieBrown]

Why do you assume there can be only one idiot?

Re:

[tomhath]

"For some reason, though, Ajit wrote that his internet speed test app still worked"

When I read that in the summary I assumed the "some reason" was because someone told him it would work.

Re:

[WaffleMonster]

There's additional bypass methods in the T-Mobile network. I won't discuss them here.

There's also a bypass method in the Verizon Wireless network, which can be used if you can get their paywall. It involves using a certain low-numbered TCP port, which will pass through the paywall to any server, without any modification, and without any data limit.

https://www.youtube.com/watch?... [youtube.com]

Arrest warrent is being drawn up now

[Anonymous Coward]

Note to teenage idiots: Writing online about your criminal exploits is a bad idea.

What his kid did is called theft of communications services.

T-Mobile probably won't press a criminal charges, but they could, and the kid would be convicted.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Arrest warrent is being drawn up now

[postbigbang]

Hate to be a killjoy, but I think they implemented for their *paying* customers. The young man, genius that he was, found a backdoor.

In front of a judge, finding a backdoor looks really novel, perhaps fun, and yes, criminally illegal. I wish that T-Mobile and a prosecutor could just laugh it all off, but in this nutzo world, they won't, and the result is likely to be draconian, sad as that may be.

Bargain

[freeze128]

"Eh, well, Mr. Prosecutor, it looks like you have me over a barrel. Tell you what though: If you drop those charges against me, I'll promise not to tell Sprint, Verizon, and AT&T about what I did...."

Re:

[RivenAleem]

Or they could thank him, reward him, and generate mountains of good will. But what are the odds of that happening?

Re:

[postbigbang]

It might be.

In criminal law, that's not the issue that would be brought in front of the judge. And if you're not paying for it, you have no expectation of ANY service, let alone that as the role of a whistleblower.

Summary answer: No, and no. Sorry. Much as I like his flaw-finding, they could still throw the book at him, although as a juvenile, it's unlikely the punishment would be really tough.

Re:

[sjames]

Sure, but do they really want to make their cheating a matter of public record and so hand a class action lawyer a win on a gold platter?

Re:

[Obfuscant]

OMG, allowing people to access a speedtest site without prepaying on an account is somehow cheating now? That's all you have evidence of, you know. All this malarky about "cheating" on speedtests is just hypothesis. (And nobody has yet to explain how the speed of data sent to the client can be modified by routers that don't know what the data is or what the URL of the request was.)

Re:

[sjames]

It's very simple. Your stateful firewall sees the /speedtest in the URL and tags the stream. Then it bypasses the throttling and presumably checking for a paid account.

That is, they DO know what the URL was (or enough of it to meet their heuristic determination that it's a speed test).

In other words, a non-network neutral handling of the data based on a good guess that it's a speed test.

Re:

[agm]

If I send a request to a server and it sends a response back, how can that be illegal? Their server was configured to do this. If I ask a server for a file and it provides it to me then I can't see how that makes me a criminal.

Re:Arrest warrent is being drawn up now

[Actually, I do RTFA]

If I send a request to a server and it sends a response back, how can that be illegal?

It's illegal to rob a house, even if the door is unlocked.

I can send millions of requests to a poorly secured bank server, until I find a username password that gets a "logged in" response back. I can send a request after that to move money, and the server sends a response back with a reciept.

These are all things the server was configured to do. But I think most people would recognize that as theft.

Re:

[agm]

If I send a request to a server and it sends a response back, how can that be illegal?

It's illegal to rob a house, even if the door is unlocked.

That analogy is a poor one. It's like someone left their back door open and when asked "can I come in" they say "yes".

I can send millions of requests to a poorly secured bank server, until I find a username password that gets a "logged in" response back. I can send a request after that to move money, and the server sends a response back with a reciept.

These are all things the server was configured to do. But I think most people would recognize that as theft.

It would be a poorly configured server. Again, the situation is different. Nothing is taken in the case of a server sending you files. It's not like taking money at all.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[bws111]

Theft of services is basically defined as knowingly using a service that is being sold without paying for it. It doesn't matter if your method of access is some extremely clever and complicated hack, a mis-configured server, a backdoor, or getting your buddy who works there to authorize your device.

As with most laws, it is YOUR actions that matter, NOT your targets actions.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Bohnanza]

But he's free of any artificial shackles!

Re:

[JoeMerchant]

Waking up and going about your normal daily activities is a violation of several laws, some with potential for serious punishment.

Bragging about beating the system and attaching your name to it - that's more likely to attract attention and get one or more of those many laws enforced.

Even when there are no written laws against the action in question, "the system" has its ways of punishing the irritating.

Re: Arrest warrent is being drawn up now

[bws111]

Where did you get that idea? For instance, here is an excerpt from NY law explaining when a person is guilty of theft of services

With intent to avoid payment by himself or another person of the lawful charge for any telephone service which is provided for a charge or compensation he (a) sells, offers for sale or otherwise makes available, without consent, an existing, canceled or revoked access device; or (b) uses, without consent, an existing, canceled or revoked access device; or (c) knowingly obtains any telecommunications service with fraudulent intent by use of an unauthorized, false, or fictitious name, identification, telephone number, or access device. For purposes of this subdivision access device means any telephone calling card number, credit card number, account number, mobile identification number, electronic serial number or personal identification number that can be used to obtain telephone service.

See anything in there about TOS?

Re: Arrest warrent is being drawn up now

[ArmoredDragon]

Well, let's see:

(a) sells, offers for sale or otherwise makes available, without consent, an existing, canceled or revoked access device

He just bought it, and has the consent of the carrier to use it, and it isn't canceled or revoked.

(b) uses, without consent, an existing, canceled or revoked access device;

Neither canceled nor revoked, nor was it used without consent. He might have used it in a manner that the carrier didn't intend, but if that was the case, then rooting would be a crime, wouldn't it?

(c) knowingly obtains any telecommunications service with fraudulent intent by use of an unauthorized, false, or fictitious name, identification, telephone number, or access device. For purposes of this subdivision access device means any telephone calling card number, credit card number, account number, mobile identification number, electronic serial number or personal identification number that can be used to obtain telephone service.

This one almost has it, except it specifically says by use of, quote: "an unauthorized, false, or fictitious name, identification, telephone number, or access device" and lo and behold, not a single one of those conditions applies here. And given that he didn't do any of that, the second sentence is notwithstanding.

So no, you'll need to reach harder if you want to claim theft here.

unauthorized access device

[raymorris]

> > (b) uses, without consent, an existing, canceled or revoked access device;

> Neither canceled nor revoked

It sounds like service was cancelled when the bill wasn't paid, but in any event it's certainly an EXISTING access device. The law says "existing, cancelled, or revoked", and it is certainly existing.

> "an unauthorized, false, or fictitious name, identification, telephone number, or access device"

And that device is not authorized to be using their network. It's an unauthorized access device.

More to the point, judges are not in fact robots, nor are they dictionaries. Any human, including a judge, can see that there is a law against taking services without permission and without paying for them, and can see that he took services without permission and without paying for them. Trying to play word games will only annoy the judge, not persuade them.

Re:

[geekmux]

Judges aren't morons like you seem to think they are, and nobody would buy into your argument except for other millennials who think they're entitled to do anything they want.

Bug bounty programs are but one way to play "word games" with this particular "hack", or what a lawyer would also call an "identified vulnerability". And if T-Mobile were smart about this and take a slice of humble pie, they would pay the kid instead of pressing charges.

On top of that, T-Mobile may want to think twice about pushing this legally, as they've also inadvertently revealed how they are manipulating traffic bound for specifically speedtest validations. THAT in itself could pose an even bigger is

Re:

[geekmux]

"T-Mobile may want to think twice about pushing this legally, as they've also inadvertently revealed how they are manipulating traffic bound for specifically speedtest validations"

You can keep repeating that, without proof you are just as bad as the chemtrail psychos.

Yes, it's a question for T-Mobile to answer and validate, but it certainly draws suspicion when the hack was specific to traffic destined for a validation portal that is often used to prove that an SLA is being met. One can hardly argue against that, and comparing this to chemtrail bullshit is hardly an intelligent comparison. We know damn well what speedtests are designed and used for.

Re: Arrest warrent is being drawn up now

[Xest]

As much as all this might have sounded good in your head, when you wrote it, I outright guarantee you that a judge, and jury would trivially be persuaded that your attempt to twist the language has absolutely no legal validity.

This is why we have lawyers, to advise on reality of such things, unfortunately you're clearly not one, so you should probably stop pretending you are in case you give someone completely misguided advice and get them into trouble.

You obviously haven't been keeping track of trends in law relating to digital issues, if you had you'd know that there is no get out clause in the law that allows for wishful thinking posted on the internet by a random non-lawyer.

Like it or not, theft of services is a thing, and this kid would be guaranteed to have been found guilty of it regardless of how desperately you may wish to try and mis-read the law in your favour.

I know this because such cases have been brought and won succesfully since at least the time of the widespread use of phreaking in the 80s. If you want to argue this guy wouldn't be caught you'd need to explain why this guy's bypass of the security measures in place is somehow different to anyone elses. I think you'll struggle though, simply because it's really not.

Re:

[c]

If you want to argue this guy wouldn't be caught you'd need to explain why this guy's bypass of the security measures in place is somehow different to anyone elses.

The simplest argument is that it's because T-Mobile intentionally engineered their network so requests to speedtest URLs bypass all their security measures.

He's probably still breaking the law given how the laws are tilted toward the carriers, but whether T-Mobile wants all the details and history of their speed test hacking to be dug up in disco

Re:

[Xest]

But that's really the point isn't it? They engineered their network for speedtest URLs to bypass all their security measures.

The very act therefore of dressing something up as something it isn't - i.e. masquerading non-speedtest URLs as speedtest URLs is in itself clear an attempt to bypass the purpose of their engineering efforts. No one can rationally put forward a "How could he have known he wasn't allowed to do it argument" not least because the kid has fucking admitted that he recognises this wasn't th

Re:

[geekmux]

Like it or not, theft of services is a thing, and this kid would be guaranteed to have been found guilty of it regardless of how desperately you may wish to try and mis-read the law in your favour.

Guaranteed, eh?

Speaking of services, let's see how well T-Mobile fares when they are asked about blatant prioritization of traffic specifically destined for speedtest validations.

Like it or not, there is the other side of the coin that has been inadvertently revealed here. T-Mobile may want to think twice about pushing this, especially if they already know they've manipulated traffic to make it appear that speedtest results are faster than they actually are.

Re:

[Xest]

Hey I'm not defending T-Mobile's practices, no need to conflate the argument with that as I absolutely wouldn't dispute that with you, I'm just saying that the guy I responded too's "analysis" of the law was, at best, frankly completely and utterly retarded and would be laughed at in a court of law. It was classic internet forum lawyer drivel.

Re:

[JoeMerchant]

Looks like a duck, walks like a duck, smells like a duck - it's a duck.

Re:

[Joe_Dragon]

what if you do the MK2 / 3MK / UMK3 code to get the hidden menu and use the trick to set it to free play?

Re:

[Actually, I do RTFA]

Cool, so instead of theft of service, you can plea that you were merely operating an unlicensed transmitter. FCC loves that.

I suppose you may prefer federal to state prison.

Re:

[Anonymous Coward]

go into your bathroom in the dark and flip the light on. See the idiot in the mirror? now turn the light off. POOF the idiot disappears.

idiot.

I just tried this and it did not work. Please advice.

Re:

[ArmoredDragon]

So, it's OK if I steal your car? I have no contract with you, and never agreed to your terms of service.

Oh, hi there Chris Dodd, it seems you accidentally taped this to a wall:

https://www.youtube.com/watch?... [youtube.com]

There's case law on this related to theft of cable TV service. If you find a way to watch HBO without paying for HBO, you're guilty.

That's fine, just let me know when there's any law at all that says that hopping on an open wifi without the owners permission is a crime.

Re:

[91degrees]

That's fine, just let me know when there's any law at all that says that hopping on an open wifi without the owners permission is a crime.

Tends to be based on state laws that cover "unauthorised access to a computer network", and it's a bit vague as to whether wi-fi piggybacking really counts, but people have been arrested for this.

Re:

[ArmoredDragon]

Exactly, and for anything to be a crime, there has to be a law against it. Is there a law against joining an open wifi network without permission from the owner?

Re:

[bws111]

There certainly are laws that say you can't get access you didn't pay for. I cited New York's law above. Basically, if someone is selling a service and you find a way to use their service without paying for it, no matter how clever you think you are, it is theft of services.

Re:

[tlhIngan]

He did no such thing. He only accessed a proxy server at a certain address. T-Mobile happily permitted him to access it. In fact they expressly white-listed it. It's like me giving you a donut and then complaining about theft after you ate it.

Unfortunately, it doesn't work that way for communications services. And even worse, there's a lot of precedent for this interpretation - if you found a way around a block, and exploit it, even if the system let you, you're still on the hook for it.

It's just like you h

They know now...

[Areyoukiddingme]

Jacob Ajit is 17 and he just hacked his way to getting free phone data, presumably so that he can do whatever it is that teens do online these days without alerting his parents with overage fees.

They know now. And now T-Mobile knows too. And he and his parents can expect a no-knock warrant to bust down their door and shoot their dog in 3...2...1....

T-Mobile may be marginally less evil than other phone companies, but they're still a phone company. And the Computer Fraud and Abuse Act is still the law of the land. This is not going to end well for Jacob Ajit.

I think you have them all wrong

[SuperKendall]

Look for T-Mobile to give the guy a bunch of free stuff, probably a few years of free service too...

That's just how T-Mobile roles.

Re:

[Anonymous Coward]

The only thing T-Mobile rolls is right over net neutrality....

Risky at 17

[shuz]

I remember back when I was 17, I drank some very good beer. Wait, that was a Simpsons reference. At 17 you don't think about consequences and largely you don't have much to lose. Still using commercial services in a way the company did not intend might have consequences. My hope is this kid will get a kudos for bringing the fault to light for T-mobile, a slap on the wrist to say be more careful about what you play around with, and later a fun and successful college career and productive life. The failure wa

Prioritizing Speed Test

[ninthbit]

Everyone always assumes the networks are filtering speed tests to make the results seem faster than normal traffic, but this pretty much confirms they are routing that data different.

Does anyone speak technical here anymore?

[Obfuscant]

Ajit figured out that he was able to access media sent from any folder labelled "/speedtest,"

What? How does the phone or system know what the folders on the server are named? Is this free data only available using scp or ftp? If it's web-based, then there are no "folders", only URLs.

Re:

[pauljlucas]

He wrote a proxy, so probably something like:

http://tmobileunlimited.herokuapp.com/http%3A%2F%2Fslashdot.org/whatever

The proxy fetches the content from the remote server to a local directory /speedtest and then serves the content to the phone from there (rewriting URLs in the process to be relative to /speedtest).

Re:

[Obfuscant]

Yeah, 'motherboard' is a technically oriented news service, and the kid is a student at a special school for science and technology. And /. is "news for nerds". How DARE I expect a bit of technical competence in describing a technical process, huh?

I didn't even ask how he's getting a / in a folder name. The comma is easy, but not even Windows (XP) allows a slant.

Re:

[skirmish666]

I'd assume in this context (web servers) that a folder with '/' prefix means it's a folder off the root, not that the folder has a '/' in the name. Possibly this is just a reference to it being a folder named speedtest thought.

Web servers do understand the concept of folders or directories, however you like to refer to the concept. The URL of this story is in the '/story' directory.

There are a few ways this could be implemented, I'd assume that the T-Mobile firewall blocks all content or redirects to th

Re:

[Obfuscant]

Web servers do understand the concept of folders or directories, however you like to refer to the concept. The URL of this story is in the '/story' directory.

Of course the web server knows about folders/directories. But you have no knowledge of what directory the information you are getting from a web server is stored in. There may be no directory at all for dynamically generated pages.

You've missed the point completely. The NETWORK has no knowledge of the folder structure a web service is using, and it is impossible for T-Mobile to prioritize or filter traffic to this guy's web server based on what folders he stored things in.

Of course the correct answer is t

Re:

[skirmish666]

I (and my browser) know exactly what directory (from the perspective of the end user) this story is in, it's story/16/09/14/2242216/ . It doesn't matter what physical directory the folder is in on the device serving the content, as long as from a logical perspective it's '/speedtest'.

What makes you think the network level requires this knowledge, and it can't be implemented at proxy / firewall level based on the logical directory in the URL?

A redirect to a captive portal for all but certain white-listed c

Re:

[Cederic]

"story/16/09/14/2242216/" is not an URL. It's a path. In common parlance, it can interpretably be described as a folder.

understand the difference between a folder and an URL

It's easy to berate people while posting as AC. But I can understand why you don't put your own pseudonym - see above.

Re:

[skirmish666]

Hi Obfuscant.

>> Web servers do understand the concept of folders or directories, however you like to refer to the concept

Would you like clarification on this? The part where I mention you're free to refer to the concept using different terms that is.

>> I would bet anything that this story is NOT in a folder "story/16/09/14/2242216/"

You sound fairly confident, good for you. I'm sure you have plenty of evidence if you're willing to risk it all? Please, if I'm wrong I'd love to learn from my m

Re:

[Cederic]

It''s almost as though he used a metaphor to translate something technical into straightforward English that most people can easily comprehend.

Ok, he probably did so lazily, using the same metaphor everybody else uses. Why are you so upset by this?

Holes in networks, video at 11

[CRC'99]

We did this years ago on GSM / PPP sessions (remember when you connected a laptop via IR and dialed a number to get internet access?).

Set up a VPN server to listen on port 53 UDP somewhere on the internet, then connect to it from your laptop via the phone.

Used to be able to buy a $2 sim card, and pass hundreds of MB per day (which was a lot at the time) with zero restrictions.

"free of any artificial shackles"

[ScentCone]

You know, artificial shackles getting in between you and the free natural resources, much like sunshine, that is internet-connected bandwidth, DNS services, and everything else that somebody has to pay for so this entitled little jerk can be "unshackled." You know, because he's owed free stuff. Stuff that only other chumps pay for. How dare T-Mobile put shackles on nature's freely available peering systems, routers, maintenance workers, technicians, tower installers, electricity, and all of that other not-a

Re:

[ScentCone]

This is incompetence by T-Mobile, sigh. They have an (obviously) poorly designed system that handles "un-activated/unpaid for" SIM cards.

No, no. Don't you understand? Any technical mistake or oversight by any service provider or vendor is clearly them encouraging and giving permission for people to ignore the terms under which they charge every other normal person for what they sell. For example, if a waiter brings a meal to the table next to you, and the person for whom it's intended has stepped off to the restroom, you should definitely feel free to take that meal without paying for it. Also, sometimes book stores put books on racks on th

The real reason it works:

[quenda]

Why would T-mblie want you to do speedtest on an inactivated SIM? They don't.

It is a side-effect of them cheating on the speed test. What happens is that speed-test traffic is given #1 priority over everything else.
The first thing the network checks is "is this a speed-test?" If so, it bypasses everything else non-essential, including the accounting system.

So this is not just a way to get free data, but to get faster data, if you have a decent proxy.
But surely a large corporation would never cheat on product performance tests? [cough]VW , Samsung, LG, ...[cough]. Can anyone test this?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[NotInHere]

I think this is the really ridiculous part of the story: that he used a system in a different way that was targeted against the customers to fake them a speed they don't actually have.

Re:

[m.alessandrini]

Tell the boy's lawyer, this could be his only chance of not being sued, threatening them with this accusation.

Re:

[segin]

Well, from a customer-facing perspective, speed tests on unactivated SIMs would be useful for determining what one can realistically expect for network speeds at a given location/time. A very minute "try before you buy".

Due to the way GSM/UMTS/LTE networks perform, there's no performance gains to be had in unconditional whitelisting of speedtests, since the air interface (wireless last mile) will ALWAYS be the primary bottleneck.

Re:

[quenda]

the accounting flow should have zero impact on the performance of the data

Sure. I'm not saying otherwise. I have no idea how T-mobile implement their network (I've worked on small ones) but am speculating that the loss off accounting checks is a *side-effect* of how they are routing speedtest data to improve test scores.

In this particular example, the URL is triggering the special treatment, so deep packet inspection is happening. Does T-mobile use an HTTP proxy?

Lots of additional benefits

[burtosis]

It comes with free room and board, the orange suits are free too.

Here comes a bill

[RubberDogBone]

Since every KB is tracked and recorded, what he REALLY hacked is T-Mobile's latent power to bill his sorry butt for the data he used. And I am sure they will do just that.

And if he refuses to pay, it becomes theft of service just like stealing electricity or cable TV and his sorry butt will end up in jail.

Smart move there Einstein.

Re:

[thegarbz]

Since every KB is tracked and recorded,

ASSumption.

Re:

[segin]

Not a bad assumption. I have a postpaid tablet and data used for "Binge On" is still tracked in "total on-network data", but not against billing data. The 26GB deprioritisation limit applies to the former, not the latter.

Re:

[thegarbz]

Except for the literally countless services that use data but are not tracked towards your data usage.

Also given the numbers the ISPs sometimes come up with I bet they don't so much track users but rather take a rough look at how old you are, apply a typical usage profile, then double it and screw you for going over their limit. :-)

Proxy server already down.

[ElectricHellKnight]

The website mentioned in the summary, https://tmobileunlimited.herokuapp.com/ [herokuapp.com], is still up but simply says "No such app". Seems he already took the proxy down.

Free AOL

[Dusthead Jr.]

Back in 2000 I had one of those AOL CD's that they liked to shove into everyone's mailbox. The would give you so many free hours, but you still needed a credit card. I remember going through the motions of signing up but stopping short of inputting my CC info, as I didn't have one at the time. There was a part of the sign up that searched for a list of local phone numbers. During that time you were connected to the net.I would switch to a real browser, Netscape at the time, and sure enough I was surfing a 56k. The connection would usually time out a about 20 to 30 minutes and I would have to try again, but it still worked.

Re:

[dbIII]

Around that time I met a spammer who used that trick and wanted someone to set up a dozen modems for them.
Since he said a few things that indicated he was unlikely to pay (at all) I didn't even have to think about the morality of working for a spammer. There was some shit about seeing how good I was for a few months and then cash in hand after that time. Later I heard he skipped town owing three months rent on his office.
So much for government assisted "job matching".

Re:

[Anonymous Coward]

At that time, there also used to be "warez" call "credit master 4" which would generate an algorithmically correct (but not actual) CC info. Since AOL CDs of the time only checked the algorithm, and not the validity, of input CC info, you were off to the races for weeks until the fictitious CC info was billed.

Re:

[Anonymous Coward]

Except for making you use that stupid app and spamming the shit out of you with ads, but yeah no tricks...

Re:

[freeze128]

Then, a few years later, it became $10 per month. Not really Zero anymore, is it?

Well that loophole will be closed in 5,4,3,...

[AbRASiON]

I dunno I'd be tempted to have not told anyone about that. It'll be closed off in no time now.

One website I know to be whitelisted...

[segin]

...is xhtml.weather.com [weather.com]. A long time ago I had a 30MB data plan and this was one of a few websites that continued to work after running out of data and getting paywalled, although most of the graphical assets were stored on a different domain and thus didn't load post-data bucket depletion. m.us.yahoo.com also used to work, but that was plugged in 2014.

TCP port 53 used to also be wide open, but from what I gathered on various forums, that was patched during the last major VoLTE outage. Two other users comm

Did this on Verizon Airphones

[cliffjumper222]

Years ago (1995 to be precise), I had a modem plugged into the airphone that used to be in the headrest of the middle seat on Delta and other airplane seats. I had the phone clicked into the holder, but there was a gap that allowed the cable to snake out to the laptop. As we were waiting for take off, I idly pushed the buttons on the handset and after hitting the # key the screen displayed "dial your number" - this only showed if the modem cable was plugged in and the handset was clicked into the headrest.

pingtunnel, someone?

[Herve5]

Looks like an ISP-specific, less elaborate trick than PingTunnel, which OTOH has no wrapper on android/iOS AFAIK...
But quite brilliant from a single person!

Virgin on flip years ago...

[Frederic54]

...was about the same trick. You could access google for free (from Opera browser on my flip) but everything else was like $1/10MB, but just by clicking the "see cached version" that was hosted by google, it worked for free.

Re:Now that this has attracted media coverage...

[Anonymous Coward]

Don't expect this to be fixed anytime soon. Ookla Speedtest has been exempt from data caps since 2014, and free speedtests are an official feature of T-Mobile data plans.

Confirmed: T-Mobile exempting speed-testing data from monthly data allotments [fiercewireless.com]

Speedtest servers are hosted by volunteers, and as can been seen from the installation instructions, Ookla Speedtest is fairly hard to exempt without exempting everything under /speedtest

Installing HTTP Legacy Fallback [ookla.com]

Speedtest servers are located everywhere. T-Mobile could conceivably limit exemptions to only servers on the Speedtest.net server list, but the exemption list would require continual synchronization to keep it up to date.

Speedtest.net server list [speedtest.net]

The trouble is if the exemption list ever becomes out of date, then T-Mobile customers would complain bitterly about being charged for speedtests until the exemption list is updated, and presumably T-Mobile would prefer to avoid complaints about speedtests using data.

Re: Now that this has attracted media coverage...

[karnal]

This sounds like something that a computer could be programmed to do.

Re: Won't be fixed anytime soon

[whyloginwhysubscribe]

I don't see why not. Why can't they just be more clever about their whitelist? Presumably this isn't an issue for other networks?

Re: Now that this has attracted media coverage...

[bestweasel]

Dunno. T-Mobile tried to game the system and Ajit gamed them back. If there was any cheating it was by T-Mobile, white-listing speed test servers.

Re: Now that this has attracted media coverage...

[Puff_Of_Hot_Air]

Many years ago, back in the days of very small quota's but the exciting new prospect of mp3's, your author did something very similar via his University and its habit of allowing all requests that contained the university URL as part of the address. This was very nearly the end for our young adventurer, as the university in question had plans for expulsion, civil, and possibly even criminal charges! (There may have been one or two other indiscretions of a network related nature). Fortunately in this story, the Dean of Engineering saved the day with a general "boy's will be boy's" attitude and a stern warning, so the hero was not thrown to the legal wolves. The point of this is to say that you should never ever assume that your "one cool trick" won't land you in serious hot water.

Re:Now that this has attracted media coverage...

[Ol Olsoc]

Well, no one would go to the forbes links.

Re:

[flopsquad]

Well, no one would go to the forbes links.

+1 Best Internet Trend of the Year

Re:

[ITRambo]

I tried Freedom Pop a couple of years ago. It isn't free. The phone was $119 for a used low end Samsung that was worth about $10. Calls, nearly all of them, sounded like the person I was speaking with was under water way too often. Until I read, from trustworthy sources, that Freedom Pop has indeed turned the corner and has a quality service, I'll not recommend it to anyone. The customer support was absolutely horrible, and could not solve any of the problems I had. In fact, my last call to support, the ser

Re:

[segin]

That's because they initially launched on the Sprint network. Guess what, if you've ever used Verizon Wireless, the calls sound just as bad because they're using the exact same codecs and network protocols (3GPP2 CDMA2000 1xRTT). FreedomPop has partnered with a GSM operator as of late (I think T-Mobile), which provides a far superior quality of service.

Re:Or he could just use one of the free cell servi

[Obfuscant]

And as to "free", they used to have a "500MB/month" data service that was "totally free". Unless you actually used 400MB in a month, and then they charged you $10 just in case you went past the 500MB limit and need to pay for the overage. Nonrefundable $10. If you used 401MB in one month you got charged, even if you never used another byte.

They're big on selling off hardware through Daily Steals, too, without telling the buyer that the service the hardware depends on is going to be shut off in just a few months. I have a WiFi router with cell data service from them through Sprint that lasted six months and then just stopped when Sprint turned off the data service.

Re:Unauthorized access

[segin]

That whitelisting for speedtests also applies to unactivated SIMs and prepaid SIMs without active service (e.g. due to nonpayment or zero balance.)

I used to keep a spare phone lying about with an unactivated SIM while I had a prepaid SIM, and discovered the speedtest whitelisting was unconditional. I never thought to dig any deeper into it, although I suspected this type of thing was possible all along.

Glad to have my suspicions confirmed without having to risk my ass.

Re:

[segin]

They may not plug this if it proves to be too awkward to use in real-world usage.