Database Users

[Q] Android Security

Is Android really secure enough to bank on?
What security precautions do you all take?

I would not suggest to do any banking on any mobile device not just android specially with hacked roms. The risk is too much for instance losing ur device and if ur device is rooted then it data is exposed.
Sent from my PC36100 using XDA App

I use Mint just to view my bank account, if i ever lose my device, they still need my pin number to get into the app(not your bank pin, any pin you set) and i can always change the password of the account online.
Over a cell network is probably THE safest way to bank. I trust that Cyanogen hasnt done anything that will steal my bank info.

Unlock screen password + BoA app doesn't have my password saved, AND has most of the username censored. 3G is also fairly secure, compared to cable or a WiFi connection.

No matter how you bank online it will be insecure IMO, using an unrooted android phone is probably a little bit more secure then using a PC or mac though. Just don't set it up so anyone can get in there without using a password or something.
I say unrooted because once you root it's a whole new ballgame. Using any custom ROM or giving any 3rd party app SU permissions means they have a free for all to any and everything your phone has and does.

I use the web on the phone to check my accounts, but I do not use an app for it.
I also make sure to never save passwords on the browser as well.

Just don't save your usernames/passwords if you bank on the browser, and make sure to tell any banking app to log out when you leave the program (you might not even be ABLE to stay logged in).
All data through CDMA cell networks is encrypted by default, not to mention the additional encryption that any reputable bank's website/app will have. As was mentioned above, online banking with your phone truly is the safest way to bank online.
In regards to rooting, it is only as dangerous as you make it. If you root and then grant SU permissions to "Swe3T fREE BaBEs 4 U" app, you're probably asking for trouble. But I only grant SU to Quick Boot and SetCPU, and other legitimate applications that don't ask for more permissions than they require. Just don't be an idiot and you'll be fine!

So is there a near consensus now that it can be secure?
Any naysayers remain?

It's really your choice to use it or not all it comes down to. I am in the Information Security field and when you learned about how things work and how to get around them. It's scary!

vboyz103 said:
It's really your choice to use it or not all it comes down to. I am in the Information Security field and when you learned about how things work and how to get around them. It's scary!
Click to expand...
Click to collapse
Taking field bias in consideration, I'm looking for your insight on how to make it most secure or if it's really necessary to wait for further security measures.
There are ways to practice safe sex afterall..

i'm still not quite sure how sending data over a CDMA network is any more secure than any other means. i mean sure CDMA is encrypted to begin with; yes. on top of that, any banking you do should be encrypted with SSL at least. great. now you've got two layers of encryption/security there. the fact is though regardless if it's CDMA or SSL, you're still transmitting data out thru the open air where anything with an antenna can grab it. it doesn't really matter how encrypted the data is at this point, it's unsecure in that is is freely available with only an antenna. security is not really how secure the data is at the presentation layer, but how secure it is at the physical layer as well.

vboyz103 said:
It's really your choice to use it or not all it comes down to. I am in the Information Security field and when you learned about how things work and how to get around them. It's scary!
Click to expand...
Click to collapse
I have a very similar job to you. I used to think the same.
Thing is, getting around those things is possible, but less likely that most other ways. Getting a wallet or purse stolen is common. Handing your CC to a server at a restaurant or bar and not seeing what they do with it is pretty trusting, no? Bet we've all done that.
Do the best you can, and be watchful of your accounts. I bank on my phone with more confidence than I would have at Starbucks on wifi.

[Q] T-mobile Tethering fee

With the announcement that T-mobile will start charging $15 per month for tethering this month, does anyone know how this affects the HD2? I have installed the wifi tethering app that was in the European ROM and it works fine, but I was curious how T-mobile is going to detect/impose the tethering fee. Does anyone have any info on this?

I do not know of any technology that can detect a tether other than offiical carrier tether application. I doubt they could detect it because you are using a 3rd party app, so all cumulative data usage would be viewed as if it was just normal browsing/download etc. EDIT* : Normal browsing/downloading on the phones browser that is...just to clarify.

From what I understand, the tethering package is going to be just for people that tether, IE, if your device isn't tethered, then you won't be able to use data...only if it is psyically tethered to a PC will you be able to actually access data.

The HD2 should not be affected by this as it had tethering before this plan came in and it is intergrated into the OS. Tmobile typically grandfathers users in so since we all signed up for this data plan before this change came about, we should not have any issues.

m4a1a2 said:
I do not know of any technology that can detect a tether other than offiical carrier tether application. I doubt they could detect it because you are using a 3rd party app, so all cumulative data usage would be viewed as if it was just normal browsing/download etc.
Click to expand...
Click to collapse
They can easily detect that you are tethering because of where the data is coming from.
When you use your phone's browser, most sites default to the mobile version because your phone is reporting what it is and what browser you are running. (although with IE for example you can tell it to preset desktop pages).
When you tether, you get the desktop versions of the site because your browswer is reporting a desktop OS and browswer and is presented with the proper page.
Just something to think about........

anhyeuemmaimai said:
They can easily detect that you are tethering because of where the data is coming from.
When you use your phone's browser, most sites default to the mobile version because your phone is reporting what it is and what browser you are running. (although with IE for example you can tell it to preset desktop pages).
When you tether, you get the desktop versions of the site because your browswer is reporting a desktop OS and browswer and is presented with the proper page.
Just something to think about........
Click to expand...
Click to collapse
For t-mobile to sniff your packets to detect that is likely against the law and there's nothing stopping you from editing the user agent string in your browser to make it look like a mobile browser
Its one thing for a customer to break TOS by tethering, at most you are breaking civil contract law, all TMO could do is terminate your contract or maybe sue you in civil court for breech of contract, they likely would not go that route.
However for them to start sniffing customers packets would be breaking CRIMINAL law
There is also nothing to stop a mobile browser from reporting itself as a desktop browser by user agent string to make a site load a "desktop experience" In no way is editing your user agent string against any kind of law!
The user agent string is really about the only way tmobile could detect tethering other than having a rigged tethering app, like it sounds like the android platform has. There is no kind of special flag set on TCP/IP packets that signify that they came from the phone or a tethered laptop, tablet, etc!

it is not against the law for t-mobile to packet sniff what goes on on their network. when you sign up for service, you agree to their terms........

I could be way off but I don't think there plan is to charge for just using tethering. The data cap on the current plans are 5gbs and after that you are slowed to edge speeds. I think with the tethering plan it is for a much higher if not unlimited data cap.
Sent from my T-Mobile G2 using XDA App

I can confirm the tethering restriction is in place for me constantly now.
I have a hd2, tmobile usa, custom rom, using usb w/the Internet Sharing app.
i was just kicked off tethering tonight and all my desktop browser requests went to the tmobile 'you must buy a tether plan' page.
I disconnected, reconnected, same thing. I am nowhere near even 1GB in data usage this month.
Only way that's fixed it so far is changing my t-mobile data connection to use internet2.voicestream.com instead of epc.tmobile.com
-Tony

t-mobile tethering
It seems they are regulating the user agents allowed to access their network.
One can change the user agent in Firefox with the plugin "user agent switcher"
Changing to a mobile browser assures access, but limits the browsing experience on some pages.
Lets see how long it takes them to ban this nice hybird useragent.
" Mozilla/5.0 (SCH-F859/F859DG12;U;NUCLEUS/2.1; en-US; rv:1.9.2.9) Gecko/20100915 Firefox/3.6.9 "

subtle1 said:
It seems they are regulating the user agents allowed to access their network.
One can change the user agent in Firefox with the plugin "user agent switcher"
Changing to a mobile browser assures access, but limits the browsing experience on some pages.
Lets see how long it takes them to ban this nice hybird useragent.
" Mozilla/5.0 (SCH-F859/F859DG12;U;NUCLEUS/2.1; en-US; rv:1.9.2.9) Gecko/20100915 Firefox/3.6.9 "
Click to expand...
Click to collapse
+1 Good job, I'm impressed! BTW, here's a rock solid UA from Opera Mobile 10, but you get mobile pages where applicable.
"Opera/9.80 (Windows Mobile; WCE; Opera Mobi/WMD-50433; U; en) Presto/2.4.13 Version/10.00"

ncohafmuta said:
I can confirm the tethering restriction is in place for me constantly now.
I have a hd2, tmobile usa, custom rom, using usb w/the Internet Sharing app.
i was just kicked off tethering tonight and all my desktop browser requests went to the tmobile 'you must buy a tether plan' page.
I disconnected, reconnected, same thing. I am nowhere near even 1GB in data usage this month.
Only way that's fixed it so far is changing my t-mobile data connection to use internet2.voicestream.com instead of epc.tmobile.com
-Tony
Click to expand...
Click to collapse
have you tried a tether app off the marketplace such as WMVrouter? The internet sharing app included with the software was offiically included.

Thanks subtle1 and joeray! Worked for my wife's on Nokia Nuron- Is our only internet connection so you saved our bacon... Did not get cut off from my HD2 yet...

looks bad.. will keep following this thread

m4a1a2 said:
have you tried a tether app off the marketplace such as WMVrouter? The internet sharing app included with the software was offiically included.
Click to expand...
Click to collapse
nope. haven't been able to get any wifi router stuff to work in the last couple rom revisions.
remember, i'm on custom Energy rom, not tmobile official.
-Tony

Tom Codon wifi router cab still works perfectly for me. No messages from T Mobile. Just tried it.

crisisinthecity said:
Tom Codon wifi router cab still works perfectly for me. No messages from T Mobile. Just tried it.
Click to expand...
Click to collapse
Works for me, too, and I'm using a custom Rom.

Same here...been tethering for the last 20 minutes no problem. WiFi and USB both work.

Mine works..built in internet sharing app, energy rom.

Tom Codon wifi router cab is the "Ticket"
Tom Codon wifi router cab seems to be the working app, and not the HTC Wifi Router App for WinMo. They may have block used of HTC's app. What do you guys think?

1 Method to Circumvent T-Mobile Tether/Hotspot

Time for me to update this thread!
For all of the T-Mobile users who are still trying to find a way to circumvent the user agent checking that T-Mobile does while using a third party hotspot app and don't feel like decompiling, editing XMLs, and recompiling, or messing with editing APNs, or ETC... A simple solution that I'm using; use a VPN.
Search the market for: Hotspot Shield
▼ ▼
https://play.google.com/store/apps/details?id=hotspotshield.android.vpn&feature=nav_result
▲ ▲
Also DO NOT use the native hotspot, I state this because of all the edits I've tried, the native hotspot still connects to the APN: pcwebs.tmobile.com instead of epc.tmobile.com - Which sniffs out the user agent of your browser and sends you to the upsell page.
If you're on the Galaxy S3 and JB use this app by TrevE
▼ ▼
http://forum.xda-developers.com/showthread.php?t=1988735
▲ ▲
All others that are capable use Wifi Tether for root users.
▼ ▼
https://play.google.com/store/apps/...S5nb29nbGVjb2RlLmFuZHJvaWQud2lmaS50ZXRoZXIiXQ
▲ ▲
-----------------------------------------------------------------------------------------------------------------------
1 - Start Hotspot Shield. (As of 10/18/2013 If you select to "Restore Purchase" Redeem code is "FREE" it'l give you 30 days of elite service for free!)
2 - Wait for connection to establish and a "key icon" to show up in your statusbar.
3 - Start Wifi Tether for Root Users or TrevE Mod which ever you're using.
4 - Configure wifi tether settings.
[For SGS3 users on JB using WifiTether_TrevE_Mod Version 3.2-Beta2-041713, I've found the best setting to use is as follows:
Device Profile: Generic ICS/JB (wlan0)
Setup Method: Auto
Wifi Encryption: Your Preference
SsID: (whatever you wanna use)
Don't disable bluetooth: Checked
Wifi driver reload 2: Checked
Enable Access-Control: Checked
MMS Clamping: Checked
Routing fix: Checked
---------------------------------------------------------------------------------------------------------------------
5 - Tap icon to start tethering.
Once all of the messages stop popping up... Enjoy!
----------------------------------------------------------------------------------------
Optionally:
If you wanna setup your own personal VPN - G.I.Y.F. (Google is your friend) Search for OpenVPN methods. PPTP also works.
Im just a little too lazy to type the instructions. ლ(ಠ益ಠ)ლ
-------------------------------------------------------------------------------------
Also I'm using the following setup:
Device: SGH-T999
ROM: Synergy (R484) ► http://forum.xda-developers.com/showthread.php?t=2113452◄
Kernel: Faux (OC'd 1.62 GHz) ► http://forum.xda-developers.com/showthread.php?t=2089801◄
Modem: UVLI8 ► http://forum.xda-developers.com/showthread.php?t=1880987◄
Data Plan: Unlimited Nationwide 4G
*UVLI8 happens to be the best modem for the areas that I frequent, which ranges from Waukegan all the way to downtown Chicago; it keeps me on HSPA+ 85-90% of the time. So experiment and find out which modem works best for you in your area.
►http://forum.xda-developers.com/showthread.php?p=31409271#post31409271 ◄ Here's a map to help you guys get started on finding the right modem for you.
-----------------------------------------------------------------------------------------------------------------------
If anyone has an issue where Hotspot Shield is not working on their device and giving you the error message:
-------------------------------------------------------------------------------------------------------------
Critical Error |
VPN API is not available on your device. |
Unable to find explicit activity class |
{com.android.vpndialogs/com.android.vpndialogs.ConfirmDialog}, Have you |
declared this activity in your AndroidManifest.xml?" |
-------------------------------------------------------------------------------------------------------------
It, in my case, is caused by having Xposed Framework installed. The only fix I've found for it was to Titanium Backup my apps, then uninstall the Xposed Framework - requires you to boot into recovery and flash the zip file "Xposed-Disabler-CWM.zip" then you have to Wipe Data/Cache/Dalvik/Fix Permissions, flash your rom again, and restore from TB.
Sent from my SGH-T999 using xda premium

Vee63b said:
For all of the T-Mobile users who are still trying to find a way to circumvent the user agent checking that T Mobile while using the native hotspot app and don't feel like decompiling, editing XMLs, and recompiling, or messing with editing APNs, or ETC... A simple solution that I'm using; use a VPN.
Search the market for: VPN One Click
Also don't use the native hotspot, if you're on the Galaxy S3 and JB use this app by TrevE
All others capable use wifi tether for root users.
Enjoy! I'll post later to help you guys setup your own personal VPN. I'm currently in a moving truck moving to Chicago. ლ(ಠ益ಠ)ლ
Sent from my SGH-T999 using xda premium
Click to expand...
Click to collapse
Sounds nice! i'll check it out when you post your setup

imilleson said:
Sounds nice! i'll check it out when you post your setup
Click to expand...
Click to collapse
Did you have a chance to try this bypass method? And did it work for you?
Sent from my SGH-T999 using xda premium

Vee63b said:
Did you have a chance to try this bypass method? And did it work for you?
Sent from my SGH-T999 using xda premium
Click to expand...
Click to collapse
it worked for me after a lot of screwing around on my note 2.

Working so far, I'll give it some time just to make sure it doesn't pop up again or if it just stops working. I'll report back later :thumbup:
Sent from my SGH-T999 using xda app-developers app

GREAT! Now is everyone using the vpn one click app or has anyone attempted to set their own vpn server yet?
Sent from my SGH-T999 using xda premium

Vee63b said:
GREAT! Now is everyone using the vpn one click app or has anyone attempted to set their own vpn server yet?
Sent from my SGH-T999 using xda premium
Click to expand...
Click to collapse
i read about it but not quite sure how it works, does the server go on the phone or the computer? isn't there more to it then just setting up a server, otherwise why would companies make you pay for this?

robl45 said:
i read about it but not quite sure how it works, does the server go on the phone or the computer? isn't there more to it then just setting up a server, otherwise why would companies make you pay for this?
Click to expand...
Click to collapse
The way a VPN (Virtual Private Network) works is by anonymously masking ALL network traffic to it's destination. I hope my explaination can help those who doesn't understand how a VPN connection work. Here we go:
Normally -
A mobile device connects to service provider monitored internet. In T-Mobile's case, packets are sniffed out that contain any form of user-agent strings, and if the strings report anything other than a mobile device, internet connection is denied and you are redirected to the dreaded "upsell page".
Think of it as water with particles in it passing through sand before reaching the well of water below the sand.
If the water is your network traffic the particles in the water would represent your user agent and the sand is your service provider's filters; not all of the particles will make it through the sand and into the well if they arent small enough to pass through the grains of sand.
Using a VPN is kinda like shoving a tube through the sand and sending your water & particle mixture through the tube directly into the well below. Everything makes it through whether the particles are big or small.
Sorry its late and I probably used a bad analogy. Anywho I hope it made a bit of sense. Lol
I can help you set up your own private VPN. The problem is there's some many different types of routers available for everyone to use. The PPTP type VPN is actually set up through your router. For most people there will be an option to utilize the PPTP port within your router setup screen. Open a web browser, type in 192.168.0.1 or 192.168.1.1 or "routerlogin", the webpage will ask for a username and password. If you changes it, whatever your username and password is. If you didn't, the default username is "admin or administrator" and the default password is usually, "password" dig through the available settings you have and let me know if you have the option to enable anything labeled "PPTP" also let me know which router you have.
Sent from my SGH-T999 using xda premium

yea, so basically, you'd have to setup and only use at one place? is there a solution that will let you tether to any computer anywhere? like is there something you can just setup on the phone? I mean something we can setup as opposed to this 1click vpn which my guess is won't stay free for long.

robl45 said:
yea, so basically, you'd have to setup and only use at one place? is there a solution that will let you tether to any computer anywhere? like is there something you can just setup on the phone? I mean something we can setup as opposed to this 1click vpn which my guess is won't stay free for long.
Click to expand...
Click to collapse
You actually set up your home network to host you own personal VPN. So no matter where you are, your phone would always use your home network.
Your phone will still use the service provider's data service, however, it would use it only to connect to your VPN at home and then securely reroute that data back to your device. So as all of the data is moved along T-Mobile's servers the data in your VPN cannot be read by tmobile's filtering process.
So one personal vpn server would be all you need. There's an option if you check your "settings -> more settings -> VPN" that will let you use a VPN for all connections on your device. Let me know if there's anything I can clarify.
Sent from my SGH-T999 using xda premium

Just remember the hit on network performance. Your home network is downloading from the net, encrypting it, and uploading it to your device. This assumes you're outside your home network.
Still Charged Up

thanks for sharing !!

Reilly1812 said:
Just remember the hit on network performance. Your home network is downloading from the net, encrypting it, and uploading it to your device. This assumes you're outside your home network.
Still Charged Up
Click to expand...
Click to collapse
This is true, its not that bad of a lag for me here in Chicago however, normally my download speeds are between 5-7 Mbps on 4G, with the VPn running I drop to 3-5 Mbps, but I've kinda tweaked the tether apk to start OpenVPN when tethering starts and to disconnect when I turn off tethering. So for the most part I never notice the hit on my speed, I've configured packet compression on my personal VPN server. I'm using a Linksys E4200 on AT&T U-Verse. Thanks for pointing that out for me by the way Reilly, I know I've forgot to list the pros and cons of a vpn, I have a few minutes in my hectic life to hop on xda and make a few quick posts but never enough time to go into detail and proof-read my own posts.
Sent from my SGH-T999 using xda premium

giffy89 said:
thanks for sharing !!
Click to expand...
Click to collapse
No problem. I was just seeing alot of people asking for a surefire method to bypass the UA check to connect things that you can't simply use a plugin to spoof. So I decided to share how I get by it on the Nationwide Unlimited 4G plan.
Sent from my SGH-T999 using xda premium

Vee63b said:
GREAT! Now is everyone using the vpn one click app or has anyone attempted to set their own vpn server yet?
Sent from my SGH-T999 using xda premium
Click to expand...
Click to collapse
I just setup my own VPN server on my Windows Home Server 2011 box last night. I'm now tethering and haven't had any issues yet.
So far, so good. :good:
I have my UA set normally and am on the unlimited plan as well.
Reilly1812 said:
Just remember the hit on network performance. Your home network is downloading from the net, encrypting it, and uploading it to your device. This assumes you're outside your home network.
Still Charged Up
Click to expand...
Click to collapse
Yes, there is a hit but it's still MUCH faster than the slow wifi at Starbucks.

mark925 said:
I just setup my own VPN server on my Windows Home Server 2011 box last night. I'm now tethering and haven't had any issues yet.
So far, so good. :good:
I have my UA set normally and am on the unlimited plan as well.
Yes, there is a hit but it's still MUCH faster than the slow wifi at Starbucks.
Click to expand...
Click to collapse
Lol, originally I started looking for a way to bypass UA checks because I wanted to update my laptop which reports UAs as Internet Explorer through the Windows Update Center, and my Xbox 360 which also reports as IE when connected to Xbox Live. I didn't really need tethering until then. But its a pretty convenient function to have when I'm out and about.
Glad I could help out the other users on T-Mobile, lol I guess as the slogan says, "Stick Together"
Happy tethering everyone.
Sent from my SGH-T999 using xda premium

Hey, thanks for the info. If you're using a VPN it should work with most wifi tether apps though, shouldn't it? I'm on a N4 and CM10.1, which I guess should have about the same tethering app as the stock firmware. Also, it should work with BT tethering, shouldn't it?
Another question, is VPN One Click really free, or is there a catch? My router doesn't seem to have the VPN option you mentioned before, and my home internet appears to be 15mb down, but only 1mb up, which would limit considerably my speed even if I did a personal VPN.

andy o said:
Hey, thanks for the info. If you're using a VPN it should work with most wifi tether apps though, shouldn't it? I'm on a N4 and CM10.1, which I guess should have about the same tethering app as the stock firmware. Also, it should work with BT tethering, shouldn't it?
Click to expand...
Click to collapse
I use Wi-Fi Tether for Root Users and it works fine with VPN.

I tested with the native app, but it doesn't connect to the internet. So that's that.
With Wifi Tether for Root Users, it worked once but in a very flaky way. After that one time, couldn't get it working again. Tried many different profiles, and the one in which I don't get any log errors is forcing the generic one, forcing one of the setup methods. Apparently it doesn't work with the N4, there's another N4 user in the reviews that has problems too. Another very similar app is Open Garden's wifi tether, but it seems to be pretty much the same app as Wifi Tether for root users, has an almost identical interface and options. And of course, also doesn't work. Barnacle is another that doesn't work with the N4. By the way, this is all without even using VPN, so those aren't viable for us with the N4.

andy o said:
I tested with the native app, but it doesn't connect to the internet. So that's that.
With Wifi Tether for Root Users, it worked once but in a very flaky way. After that one time, couldn't get it working again. Tried many different profiles, and the one in which I don't get any log errors is forcing the generic one, forcing one of the setup methods. Apparently it doesn't work with the N4, there's another N4 user in the reviews that has problems too. Another very similar app is Open Garden's wifi tether, but it seems to be pretty much the same app as Wifi Tether for root users, has an almost identical interface and options. And of course, also doesn't work. Barnacle is another that doesn't work with the N4. By the way, this is all without even using VPN, so those aren't viable for us with the N4.
Click to expand...
Click to collapse
Possibly it's because the app hasn't been updated in months and is not playing well with 4.2.1 or having encryption issues with the device
Sent from my SGH-T999 using xda app-developers app

How does the Carrier tracks Data Usage?

I had a question regarding how a persons network provider, whoever it may be, tracks a subscribers Data usage as in what apps are using data...
To explain more about the question, my Carrier offers a data package for ** amount in which you are allowed to use all the whatsapp you want. Unlimited whatsapp usage for a month to be more specific.
So my question is, how will the carrier know exactly that the data being used on the phone is specifically only being used for whatsapp, considering on a smartphone almost every other app uses data when it has a connection...?
Secondly... Provided there is a way for the carrier to track the apps specific data usage, is there a way to hide that/route the entire phones data usage along that path so as to make the carrier think its being used by whatsapp only...??
Looking forward to some helpful info as I'm a generous thanker
Sent from my Nexus⁴

You can block out data usage with a vpn.
Sent from my SGH-M919 using xda app-developers app

rp56 said:
You can block out data usage with a vpn.
Sent from my SGH-M919 using xda app-developers app
Click to expand...
Click to collapse
Care to elaborate...??
As far as I know a VPN is to hide your location and IP... Wouldn't really mask or make it seem as everything running on one program...
Or am I wrong...?
Sent from my Nexus⁴

DrunkFuX666 said:
Care to elaborate...??
As far as I know a VPN is to hide your location and IP... Wouldn't really mask or make it seem as everything running on one program...
Or am I wrong...?
Sent from my Nexus⁴
Click to expand...
Click to collapse
Well if I could take a guess (I'm not an expert on this though) the carrier draws references from traces of evidence that you used the Whatsapp service, and uses that for it's info. It's most likely that when you connect to Whatsapp servers it'll send the necessary information off to the carrier. That's just a guess, though, I don't know much on that.
If you block that out (ex. with a VPN) then it'll (probably) skew it, because VPNs run on top of your connection and make all your information inaccessible to others.
Hopefully that clears it up?

Surpass said:
Well if I could take a guess (I'm not an expert on this though) the carrier draws references from traces of evidence that you used the Whatsapp service, and uses that for it's info. It's most likely that when you connect to Whatsapp servers it'll send the necessary information off to the carrier. That's just a guess, though, I don't know much on that.
If you block that out (ex. with a VPN) then it'll (probably) skew it, because VPNs run on top of your connection and make all your information inaccessible to others.
Hopefully that clears it up?
Click to expand...
Click to collapse
Kindof makes sense... But... That would have the flipside as to make the carrier think you used everything EXCEPT whatsapp since they got no specific server info of it being used...??
Because according to their policy, whatsapp is free to use... While using any other data app you will be charged... So if they don't know what your using they could charge you for everything including whatsapp...??
Sent from my Nexus⁴

DrunkFuX666 said:
Kindof makes sense... But... That would have the flipside as to make the carrier think you used everything EXCEPT whatsapp since they got no specific server info of it being used...??
Because according to their policy, whatsapp is free to use... While using any other data app you will be charged... So if they don't know what your using they could charge you for everything including whatsapp...??
Sent from my Nexus⁴
Click to expand...
Click to collapse
Yes they'd charge you for everything, even Whatsapp.
That is, if that's how to collect their info. The VPN might not do anything at all, depending on how they find out if you're using it.

VPN will still count data traffic, there is no reason it should help with anything.
1 thing that i have noticed is that my carrier just counts download, the uploaded data does not matter.

Hmmmm... So then there is no work around as such...?
Sent from my Nexus 4 using Tapatalk 4 Beta

Your carrier knows what IP addresses and ports the WhatsApp service uses. What they then do is monitor the amount of data transferred to those IP addresses/across those ports and remove that number from the total amount of data you have transferred.
VPN's are normally counter-productive to trying to get free data usage because although the Carrier can't see what you're sending they can still see it's not destined for WhatsApp. Normally.
Now if their bandwidth usage monitoring equipment only checks the data usage through a port then you could configure your VPN to use the same ports as WhatsApp. Then as far as the Carrier knows that's WhatsApp data going through there.

ferret141 said:
Your carrier knows what IP addresses and ports the WhatsApp service uses. What they then do is monitor the amount of data transferred to those IP addresses/across those ports and remove that number from the total amount of data you have transferred.
VPN's are normally counter-productive to trying to get free data usage because although the Carrier can't see what you're sending they can still see it's not destined for WhatsApp. Normally.
Now if their bandwidth usage monitoring equipment only checks the data usage through a port then you could configure your VPN to use the same ports as WhatsApp. Then as far as the Carrier knows that's WhatsApp data going through there.
Click to expand...
Click to collapse
Would you know how to configure these ports...?
Sent from my Nexus⁴

No idea for android. Sorry.

T-Mobile Hotspot "Upsell" - TOTAL Workaround

If you're like me, then you have a data plan with T-Mobile that includes only 2.5GB of data for tethering. After you 2.5GB is up,T-Mobile begins redirecting all of your tethered traffic to a webpage prompting you to buy more tethering data.
T-Mobile does this by reading all of the headers on every HTTP request. It analyzes each one and reads the User-Agent string. This is what tells websites how to deliver their content for you and is why you only get mobile versions of webpages on your phone and not on your laptop. So, many people got around this by spoofing the user agent with a browser plugin to make it look like your laptop was requesting the mobile version of websites (so T-Mobile would think that it's a phone requesting the data, not a tethered laptop.) However this solution only works for that specific browser. Other browsers, applications, and devices that do not support User-Agent spoofing were left without a solution. Was I really the only one trying to tether my PS3 for Netflix and gaming?
So some people turned to VPNs which basically act as a secure proxy so that T-Mobile could not read the traffic and tell what the User-Agent was. But this often costs money and/or slows down your network speed. Seeing as how people who are looking for a tether workaround are trying to not spend money, and are trying to use T-Mobile's lightning fast LTE, this isn't really a practical solution.
So after spending hours and hours looking for a solution, I came to the conclusion that there was none yet.
I deduced that the obvious solution would be to modify the packets on the fly and change the user-agent string of every HTTP request as it came to the phone before forwarding it on to T-Mobile. Luckily for us, all HTTP requests that have no User-Agent string or a string of "null/null" etc. are automatically accepted! So all that needed to be done was to strip the user-agent string of all of the outgoing HTTP requests - on the fly.
My first thought was that hopefully there was an android app that could do this.
There isn't.
And I am not capable of making one but if you find one or can make one, please tell me and I will adjust this explanation because that would make things a bit simpler. However, since we don't live in a perfect world, we have to run a program on a computer and route all traffic through that program. This wonderful little program that I came across called "Fiddler" (it won't let me post the link but it's www[dot]fiddler2[dot]com) is just what we need. It's a completely free program.
Go download and install fiddler. This program will allow us to monitor and 'fiddle' with the network traffic on the fly!
First, fire up your tethering app on your phone and connect your computer. I personally use android WiFi tether but I suppose it probably doesn't matter which one you use. Once you've connected your computer. Open up fiddler, go to "Rules," "User-Agents," and select "Custom..." A window will pop up. Leave this blank and click okay. Now, all of the network traffic from that computer with have its user-agent string modified to "User-Agent:[blank]" Test this out on any browser on your computer and you should not be redirected to the upsell page.
Now for all of your other devices! I was particularly concerned with my PS3 but any device that supports proxy use will work. That's a hell of a lot more devices than the number that support UA spoofing haha. Go to "Connection Settings" on your PS3 and select "Manual"
Go through your setup as usual and connect to your phone's wifi hotspot. When you come to the page that says "Proxy Settings" select "Use"
For the IP address go back to your computer and look at Fiddler. In the top-right corner there is an image of two computers and it says "Online" next to it. Hover over that icon and it will have an IP address listed. This is the virtual proxy that Fiddler has set up for auxillary incoming traffic on the local network. Type that IP address into the PS3's proxy settings and use port 8888 (you may have to configure your computer firewall to allow incoming traffic on that address/port)
Also, in Fiddler go to the AutoResponder tab and check the box that says "Unmatched requests passthrough." This is so that HTTP requests that come in without a User-agent already defined will just be passed on. If this box is not checked you may get frequent 404 errors.
Finish up the connection settings on the PS3 and let it fly! You can watch the traffic on Fiddler in real time!
This is my first post on XDA and this workaround is brand new as far as I can tell so there may be some kinks that need to be worked out.
Let me know if you have any questions or problems!
Respectfully,
Hunter.

TexasState said:
If you're like me, then you have a data plan with T-Mobile that includes only 2.5GB of data for tethering. After you 2.5GB is up,T-Mobile begins redirecting all of your tethered traffic to a webpage prompting you to buy more tethering data.
T-Mobile does this by reading all of the headers on every HTTP request. It analyzes each one and reads the User-Agent string. This is what tells websites how to deliver their content for you and is why you only get mobile versions of webpages on your phone and not on your laptop. So, many people got around this by spoofing the user agent with a browser plugin to make it look like your laptop was requesting the mobile version of websites (so T-Mobile would think that it's a phone requesting the data, not a tethered laptop.) However this solution only works for that specific browser. Other browsers, applications, and devices that do not support User-Agent spoofing were left without a solution. Was I really the only one trying to tether my PS3 for Netflix and gaming?
So some people turned to VPNs which basically act as a secure proxy so that T-Mobile could not read the traffic and tell what the User-Agent was. But this often costs money and/or slows down your network speed. Seeing as how people who are looking for a tether workaround are trying to not spend money, and are trying to use T-Mobile's lightning fast LTE, this isn't really a practical solution.
So after spending hours and hours looking for a solution, I came to the conclusion that there was none yet.
I deduced that the obvious solution would be to modify the packets on the fly and change the user-agent string of every HTTP request as it came to the phone before forwarding it on to T-Mobile. Luckily for us, all HTTP requests that have no User-Agent string or a string of "null/null" etc. are automatically accepted! So all that needed to be done was to strip the user-agent string of all of the outgoing HTTP requests - on the fly.
My first thought was that hopefully there was an android app that could do this.
There isn't.
And I am not capable of making one but if you find one or can make one, please tell me and I will adjust this explanation because that would make things a bit simpler. However, since we don't live in a perfect world, we have to run a program on a computer and route all traffic through that program. This wonderful little program that I came across called "Fiddler" (it won't let me post the link but it's www[dot]fiddler2[dot]com) is just what we need. It's a completely free program.
Go download and install fiddler. This program will allow us to monitor and 'fiddle' with the network traffic on the fly!
First, fire up your tethering app on your phone and connect your computer. I personally use android WiFi tether but I suppose it probably doesn't matter which one you use. Once you've connected your computer. Open up fiddler, go to "Rules," "User-Agents," and select "Custom..." A window will pop up. Leave this blank and click okay. Now, all of the network traffic from that computer with have its user-agent string modified to "User-Agent:[blank]" Test this out on any browser on your computer and you should not be redirected to the upsell page.
Now for all of your other devices! I was particularly concerned with my PS3 but any device that supports proxy use will work. That's a hell of a lot more devices than the number that support UA spoofing haha. Go to "Connection Settings" on your PS3 and select "Manual"
Go through your setup as usual and connect to your phone's wifi hotspot. When you come to the page that says "Proxy Settings" select "Use"
For the IP address go back to your computer and look at Fiddler. In the top-right corner there is an image of two computers and it says "Online" next to it. Hover over that icon and it will have an IP address listed. This is the virtual proxy that Fiddler has set up for auxillary incoming traffic on the local network. Type that IP address into the PS3's proxy settings and use port 8888 (you may have to configure your computer firewall to allow incoming traffic on that address/port)
Also, in Fiddler go to the AutoResponder tab and check the box that says "Unmatched requests passthrough." This is so that HTTP requests that come in without a User-agent already defined will just be passed on. If this box is not checked you may get frequent 404 errors.
Finish up the connection settings on the PS3 and let it fly! You can watch the traffic on Fiddler in real time!
This is my first post on XDA and this workaround is brand new as far as I can tell so there may be some kinks that need to be worked out.
Let me know if you have any questions or problems!
Respectfully,
Hunter.
Click to expand...
Click to collapse
Yeah, that's a workaround indeed, however the setup is long and extensive for anyone. We're still trying to find a QUICK solution that doesn't require a mass setup of every device. I only bounce to my tethering when there's an outage at home or I'm on the road, neither are the best solutions to be spending time switching everything over when I could have just as easily opened the browser on my phone to take care of everything. I found this post from the link you posted in the other thread where we weren't discussing hard solutions, just concepts and ideas, theoretical solutions (hence why there was never a post like this there). It's great to see that the one thing we know is the catalyst has been confirmed once again (HTTP USER-AGENT) as what T-Mo and every other carrier is doing, so this is a solution for not just T-Mo, but every provider. Again, it's a hell of a setup and requires that you keep at least one computer active during the ENTIRE tethering session, also, it appears T-Mo doesn't block Playstation 3 from what I can tell, at least we were able to watch like 3-4 hours of Netflix when we had the 500mb tethering cap without a problem.

This affect nat type? If I use this program? Ps3 online game though
Sent from my SGH-T889 using XDA Premium 4 mobile app

It seems T-Mobile has caught onto using different agents. I was trying to use mobile hotspot on my laptop yesterday. It didn't matter if my UA was android handset or Googlebot, it redirected me to a hotspot upsell page.

Dr. Hax said:
It seems T-Mobile has caught onto using different agents. I was trying to use mobile hotspot on my laptop yesterday. It didn't matter if my UA was android handset or Googlebot, it redirected me to a hotspot upsell page.
Click to expand...
Click to collapse
Go into your APNs and select the tethering APN, if you can edit the hostname from epc.tmobile.com to fast.t-mobile.com or whatever your normal APN is, there are a bunch of threads talking about how to get tethering working, this is just the LAST step, don't come here thinking this is the FIRST step, you're going at it backwards.

TexasState said:
If you're like me, then you have a data plan with T-Mobile that includes only 2.5GB of data for tethering. After you 2.5GB is up,T-Mobile begins redirecting all of your tethered traffic to a webpage prompting you to buy more tethering data.
T-Mobile does this by reading all of the headers on every HTTP request. It analyzes each one and reads the User-Agent string. This is what tells websites how to deliver their content for you and is why you only get mobile versions of webpages on your phone and not on your laptop. So, many people got around this by spoofing the user agent with a browser plugin to make it look like your laptop was requesting the mobile version of websites (so T-Mobile would think that it's a phone requesting the data, not a tethered laptop.) However this solution only works for that specific browser. Other browsers, applications, and devices that do not support User-Agent spoofing were left without a solution. Was I really the only one trying to tether my PS3 for Netflix and gaming?
So some people turned to VPNs which basically act as a secure proxy so that T-Mobile could not read the traffic and tell what the User-Agent was. But this often costs money and/or slows down your network speed. Seeing as how people who are looking for a tether workaround are trying to not spend money, and are trying to use T-Mobile's lightning fast LTE, this isn't really a practical solution.
So after spending hours and hours looking for a solution, I came to the conclusion that there was none yet.
I deduced that the obvious solution would be to modify the packets on the fly and change the user-agent string of every HTTP request as it came to the phone before forwarding it on to T-Mobile. Luckily for us, all HTTP requests that have no User-Agent string or a string of "null/null" etc. are automatically accepted! So all that needed to be done was to strip the user-agent string of all of the outgoing HTTP requests - on the fly.
My first thought was that hopefully there was an android app that could do this.
There isn't.
And I am not capable of making one but if you find one or can make one, please tell me and I will adjust this explanation because that would make things a bit simpler. However, since we don't live in a perfect world, we have to run a program on a computer and route all traffic through that program. This wonderful little program that I came across called "Fiddler" (it won't let me post the link but it's www[dot]fiddler2[dot]com) is just what we need. It's a completely free program.
Go download and install fiddler. This program will allow us to monitor and 'fiddle' with the network traffic on the fly!
First, fire up your tethering app on your phone and connect your computer. I personally use android WiFi tether but I suppose it probably doesn't matter which one you use. Once you've connected your computer. Open up fiddler, go to "Rules," "User-Agents," and select "Custom..." A window will pop up. Leave this blank and click okay. Now, all of the network traffic from that computer with have its user-agent string modified to "User-Agent:[blank]" Test this out on any browser on your computer and you should not be redirected to the upsell page.
Now for all of your other devices! I was particularly concerned with my PS3 but any device that supports proxy use will work. That's a hell of a lot more devices than the number that support UA spoofing haha. Go to "Connection Settings" on your PS3 and select "Manual"
Go through your setup as usual and connect to your phone's wifi hotspot. When you come to the page that says "Proxy Settings" select "Use"
For the IP address go back to your computer and look at Fiddler. In the top-right corner there is an image of two computers and it says "Online" next to it. Hover over that icon and it will have an IP address listed. This is the virtual proxy that Fiddler has set up for auxillary incoming traffic on the local network. Type that IP address into the PS3's proxy settings and use port 8888 (you may have to configure your computer firewall to allow incoming traffic on that address/port)
Also, in Fiddler go to the AutoResponder tab and check the box that says "Unmatched requests passthrough." This is so that HTTP requests that come in without a User-agent already defined will just be passed on. If this box is not checked you may get frequent 404 errors.
Finish up the connection settings on the PS3 and let it fly! You can watch the traffic on Fiddler in real time!
This is my first post on XDA and this workaround is brand new as far as I can tell so there may be some kinks that need to be worked out.
Let me know if you have any questions or problems!
Respectfully,
Hunter.
Click to expand...
Click to collapse
Doesn't work on ps3...obtaining ip address succeeds but internet connection fails..i added the ip and port 8888 to the fire wall and allowed connection. and when i hover over the two computers it shows two ip addresses i have tried both and same results

metro pcs upsell, lg optimus f3/JB 4.1.2
I'm on the Metro PCS network, i used to have the lg motion and that phone would hotspot my ps3 with no problems. I figured that I would upgrade my phone to the lg optimus F3 and keep hotspoting on the $60 unlimited plan. Much to my surprise I have ran into the same issue many have others have ran into, the tmobile upsell page. mine now says metro pcs upsell. so I have tried many Apps in the store with no possible way around the upsell page. After hours and days of research, its apperhant that tmobile and metro pcs are not restricting the tethering function. I can obtain an ip address but not gain internet access. As have many others. I've rooted my phone using motochopper, i installed titanium backup pro, and rom toolbox pro. I backed up all my apk's to the external and went root browsing for anything that has to do with wifi, hotspot or tether. I wasnt getting anywhere untill today. My LG Optimus F3 runs on JB 4.1.2, instead of finding tethering features i found the open source codes on sharing data and http rules. I dont have much experience with altering codes, but i do know this would be a great starting point for bypassing the upsell reroute. By using romtools pro, i finally found myself using the app manager, from there i clicked on the file networking apk, i scrolled the app display to the right to get to romtools special features, clicked on explore apk. Every rule was laid out in plain text using a notepad. Javax/servlets/resources. Every file in this folder can be read with notepad. There is tons of info regarding internet sharing, web browsing, and what runs and triggers the infamous upsell codes. I've read a few post where developers are trying to find the source of upsell, i hope this helps as a starting point. (Besides that) i was also able to enter the lg hidden menu and uninstall all metro pcs apps with one click

"(Besides that) i was also able to enter the lg hidden menu and uninstall all metro pcs apps with one click""" ????
i am in exact same boat , metropcs , rooted with all tricks tried , and still upsell page .
one interesting thing though is my lg motion can use the F3 wifi for ip camera apps . tried other apps but no go .
"IP camera viewer" has no issues accessing internet by way of a wifi tether on the F3 using my non active LG motion , strange .......the other apps report network errors or just fail to start ( netflix ) perhaps this will help in hunting a bypass on the UPsell crap

Thanks but...
Thanks for providing the most current news about this problem with Tmobile, I have been using HMA / foxfi since Aug 2013. Just a few hours ago it stopped working, couldn't even login to VPN. I lost my useragent switcher when I upgraded Chrome, and couldn't fall back on that either, so thanks for the tip about fiddler.
I am currently online because I caved to the upsell. So my question is, has Tmobile "improved" security on its upsell to the point that VPN's and UA spoofs dont work anymore, and do I have to learn the answer to this by community or by blowing my data limit again? Does anyone have a fresh strategy, or know what's going on in Tmobile business? Do they even care about people like us?
I live by this connection, since other ISP's around here are not worthwhile, and I maintain mobile business with my laptop, and I would prefer to process GB's without having to scavenge for someone else's wifi.

petedude2lu3 said:
Thanks for providing the most current news about this problem with Tmobile, I have been using HMA / foxfi since Aug 2013. Just a few hours ago it stopped working, couldn't even login to VPN. I lost my useragent switcher when I upgraded Chrome, and couldn't fall back on that either, so thanks for the tip about fiddler.
I am currently online because I caved to the upsell. So my question is, has Tmobile "improved" security on its upsell to the point that VPN's and UA spoofs dont work anymore, and do I have to learn the answer to this by community or by blowing my data limit again? Does anyone have a fresh strategy, or know what's going on in Tmobile business? Do they even care about people like us?
I live by this connection, since other ISP's around here are not worthwhile, and I maintain mobile business with my laptop, and I would prefer to process GB's without having to scavenge for someone else's wifi.
Click to expand...
Click to collapse
VPN's no longer work for me either. I'm not getting the upsell page just no internet access at all while tethering.

Thanks TexasState, this was very valuable information that got me completely through T-Mobile's "walled garden" on their unlimited high-speed plan (for phones only) in an area where we don't have any good land-line options. :good:
What are some proactive approaches to making sure T-Mobile doesn't block my line? I'm using a phone basically as a makeshift wifi-router and all our computers run Fiddler. Is there anything else that T-Mobile might do to sniff out cheaters in the future? Is user-agent the only thing they can look at to determine if you're cheating?

Greetings first post here on XDA I have been able to tether via usb on metro/tmobile in OKC ,I am on a rooted F3 (LGMS659) I have tried just about everything a little luck with open garden but too slow for me ,downloaded foxfi wifi ap point no go ,redirected to upsell , tried usb with level one settings ,it works . but I may have done something when I entered the hidden menu 3548#*659# in settings those last two are interesting to me Upsell Url and ATS Start Property On

Took me about 8-10 hours to figure it out but i did it so heres how you get your tether back.
1.Open up your hidden menu.
2.Open Wlan test.
3. Click on UpSell and turn it off.
And turn on your tether app and have fun.

JUN10R831 said:
Took me about 8-10 hours to figure it out but i did it so heres how you get your tether back.
1.Open up your hidden menu.
2.Open Wlan test.
3. Click on UpSell and turn it off.
And turn on your tether app and have fun.
Click to expand...
Click to collapse
After half a day on the unlimited plan with Tea Mobile, this seems to have worked for me. Had to reinstall hiddenmenu.apk on my LG phone because I removed it earlier as bloatware but even after a reinstall as a user (as opposed to system) app, it worked.
Procedure was slightly different due to different model of phone/hidden menu but same basic procedure. BTW, it's unlimited but with 2.5 gb cap for hotspot. Let's just say I'm over the cap.
EDIT: So I got to almost 6 gb in one day, but then I got the redirect of death. I will troubleshoot when I have time later.

dbozam said:
After half a day on the unlimited plan with Tea Mobile, this seems to have worked for me. Had to reinstall hiddenmenu.apk on my LG phone because I removed it earlier as bloatware but even after a reinstall as a user (as opposed to system) app, it worked.
Procedure was slightly different due to different model of phone/hidden menu but same basic procedure. BTW, it's unlimited but with 2.5 gb cap for hotspot. Let's just say I'm over the cap.
Click to expand...
Click to collapse
What model did you use? Mine was in the Hidden Menu --> Settings menu.. and i chose "Upsell Try Off" with no avail.
LG G2 for Tmobile.

S4 "Hidden" Menu
I'm having the same issues as presented above but I'm unable to get into the "hidden" menu using the key code mentioned. I'm running Wicked V10 (it's great). Would love to test this out if I could access the right menu. So far I've gotten into the service menu but that's it.

This is by far the best work around I have found. Everything works. And if you are clever you can edit your user agent rules so they are automatic. Then turn fiddler into a windows service so ya never have to see it again and it just works. Excellent tutorial. The only thing I wish I could do is figure out how to get my Xbox 360 to connect to fiddlers proxy. If anyone knows please post it.
Thanks again OP
-Polluti0n
Sent from my SAMSUNG-SGH-T879 using XDA Premium 4 mobile app

Blank UA causes 403s and ASP issues.
This method works fantastic overall. I have my phone tethered to a router and run fiddler on all needed devices - no upsell message thus far (40GB+ down)
The issue I've run into is that some websites user the User Agent string to serve different content - by using a blank UA many ASP.net websites fail (on _doPostBack, in particular) and several give 403 errors (docs.WooThemes com) so I switched to a mobile UA but then sites serve mobile versions of their content (Amazon com). The next option is a desktop UA, but then I may as well not even switch it at ll?
I'm wondering - does anyone know what specifically T-Mobile looks for in the UA field, or know of a valid UA string that avoids detection but doesn't register as mobile (or give 403's)?

brn2drv99 said:
This method works fantastic overall. I have my phone tethered to a router and run fiddler on all needed devices - no upsell message thus far (40GB+ down)
The issue I've run into is that some websites user the User Agent string to serve different content - by using a blank UA many ASP.net websites fail (on _doPostBack, in particular) and several give 403 errors (docs.WooThemes com) so I switched to a mobile UA but then sites serve mobile versions of their content (Amazon com). The next option is a desktop UA, but then I may as well not even switch it at ll?
I'm wondering - does anyone know what specifically T-Mobile looks for in the UA field, or know of a valid UA string that avoids detection but doesn't register as mobile (or give 403's)?
Click to expand...
Click to collapse
Googlebot and safari 5 for windows work great and are undetected by T-Mobile.
Sent from my SAMSUNG-SGH-T879 using XDA Premium 4 mobile app

Polluti0n said:
Googlebot and safari 5 for windows work great and are undetected by T-Mobile.
Click to expand...
Click to collapse
Seems to work perfectly. Thanks!
For anyone needing it, here's a bare-bones CustomRules js file for Fiddler.
Code:
import System;
import Fiddler;
class Handlers
{
static function OnBeforeRequest(oSession: Session) {
// User-Agent Overrides
oSession.oRequest["User-Agent"] = "Mozilla/5.0 (compatible; Googlebot/2.1; +tp://w.google.com/bot.html)";
// Add 'ht' after the + and make it 3 'w's instead of just one
}
}