Wednesday, March 13, 2013

T-Mobile Tethering w/ Google Chrome...or what the hack?

I've been tethering my rooted T-Mobile Android phones for over 2 years now. First I used the myTouch 4g, and more recently a Samsung Galaxy S3.

Recently, however, when connected to my T-Mobile Wifi Hotspot on my laptop, and browsing in Google Chrome my url requests are trapped and I'm redirected to a page like this:

This only seems to happened when browsing non-SSL (http) sites in Chrome and not when using SSL (https), as you can see from a similar request made immediately before this one to Github's SSL address:
Also, this doesn't seem to be happening in Firefox, Safari, or Opera when browsing via a T-Mobile tethered connection. So it begs the question? What is this voodoo? Is T-Mobile reading my Http requests and examining the user agent of the browser and redirecting me?* 

If so why wouldn't they redirect other desktop browsers? 

Furthermore, while I'm tethered, I typically start receiving PUSH messages from T-Mobile badgering me to upgrade to a paid tethering subscription. Again, unless the phone is sending some notification that it is using a tether back to the provider, I'm not sure how they are aware I am tethering.

Background:
Speed/Continued connectivity: Anyways, as I am well short of my monthly cap on bandwidth usage at 4G I haven't had any connectivity problems other than when I'm traveling at high-speeds in a car or train. The speeds are "OK" given my signal and amount of movement. There doesn't seem to be any attempt by T-Mobile to punish this transgression, on my bill or with my connectivity.

Device:
Samsung Galaxy S3 + Android 4.1.1 ROM based AOKP, I've used various ROMs that have tethering available. The most recent of which seem to keep the T-Mobile Hotspot management app, but others don't, and I've had the same issue.

So what is going on here? 

*This was an idea suggested by a colleague of mine after describing the problem. It would make sense, as it would be hard for them to capture the user-agent of an SSL encrypted request. This still begs the question about the other desktop browser user agents!

3 comments:

  1. use wireshark. examine the differences in the raw traffic between the browsers.

    ReplyDelete
  2. "Is T-Mobile reading my Http requests and examining the user agent of the browser and redirecting me?* "

    To verify this:

    Write a program (could be a script utilizing curl) that make the same request to the same site using different Request Headers (User-Agent part)

    ReplyDelete
    Replies
    1. This comment has been removed by the author.

      Delete