Teenager uncovers route to free Web surfing on T-Mobile network
Jacob Ajit, a 17-year-old student at the Thomas Jefferson High School for Science and Technology in Fairfax, Virginia, was bored and screwing around with a smartphone that had service and a SIM for T-Mobile’s prepaid phone service. He soon discovered it was possible to still gain access to the Internet without paying for an account; all he had to do was route everything through a proxy application running on a server with “/speedtest” in its Web address.
The T-Mobile prepaid SIM makes it possible to pay for new service from the phone itself. This requires the phone to be able to connect to T-Mobile’s network to do so, essentially blocking access to the rest of the Internet through a capture portal until the account is activated. But Ajit found that the Speedtest mobile app worked even when the phone’s data plan hadn’t been activated—likely as a marketing tool to demonstrate the speed of T-Mobile’s 4G network.
By capturing some of the data sent to Speedtest when connected to a shared network connection through his Mac (he used mitmproxy to do so), Ajit discovered the graphics used in the Speedtest app to measure download speed were hosted on a number of different sites. The only similarity in them was their Web addresses all included “/speedtest” in the URL. He manually entered the URLs into a browser on the phone and was able to reach them despite the T-Mobile block.
Continued here –