Wednesday, March 13, 2013

T-Mobile Tethering w/ Google Chrome...or what the hack?

I've been tethering my rooted T-Mobile Android phones for over 2 years now. First I used the myTouch 4g, and more recently a Samsung Galaxy S3.

Recently, however, when connected to my T-Mobile Wifi Hotspot on my laptop, and browsing in Google Chrome my url requests are trapped and I'm redirected to a page like this:

This only seems to happened when browsing non-SSL (http) sites in Chrome and not when using SSL (https), as you can see from a similar request made immediately before this one to Github's SSL address:
Also, this doesn't seem to be happening in Firefox, Safari, or Opera when browsing via a T-Mobile tethered connection. So it begs the question? What is this voodoo? Is T-Mobile reading my Http requests and examining the user agent of the browser and redirecting me?* 

If so why wouldn't they redirect other desktop browsers? 

Furthermore, while I'm tethered, I typically start receiving PUSH messages from T-Mobile badgering me to upgrade to a paid tethering subscription. Again, unless the phone is sending some notification that it is using a tether back to the provider, I'm not sure how they are aware I am tethering.

Speed/Continued connectivity: Anyways, as I am well short of my monthly cap on bandwidth usage at 4G I haven't had any connectivity problems other than when I'm traveling at high-speeds in a car or train. The speeds are "OK" given my signal and amount of movement. There doesn't seem to be any attempt by T-Mobile to punish this transgression, on my bill or with my connectivity.

Samsung Galaxy S3 + Android 4.1.1 ROM based AOKP, I've used various ROMs that have tethering available. The most recent of which seem to keep the T-Mobile Hotspot management app, but others don't, and I've had the same issue.

So what is going on here? 

*This was an idea suggested by a colleague of mine after describing the problem. It would make sense, as it would be hard for them to capture the user-agent of an SSL encrypted request. This still begs the question about the other desktop browser user agents!


  1. use wireshark. examine the differences in the raw traffic between the browsers.

  2. "Is T-Mobile reading my Http requests and examining the user agent of the browser and redirecting me?* "

    To verify this:

    Write a program (could be a script utilizing curl) that make the same request to the same site using different Request Headers (User-Agent part)

    1. This comment has been removed by the author.