NoWayOut GrapheneOS does bypass these restrictions. Adding back dun would undo that. Raise TTL by 1 on the computer you're tethering and it won't be detected. The issue is that the TTL is 1 lower. This would also break container and VM setups within the OS with their own private networks unless they increased TTL by 1.
Tethering is being detected by T-Mobile...
- Edited
GrapheneOS
Thanks, but I had in mind more than a computer - basically wanted to use my phone as a portable router for multiple items.
However, if this is not possible, just the computer would be fine, but I have no idea how to raise TTL on a Mac. This is what tried:
sudo sysctl -w net.inet.ip.ttl=65
sudo sysctl net.inet6.ip6.hlim=65
But now the Mac now refuses to connect to the hotspot.
a month later
- Edited
TTL was raised on my Mac using the following commands:
sudo sysctl net.inet.ip.ttl=65
sudo sysctl net.inet6.ip6.hlim=65
Nothing changed, T-Mobile still detected hotspot usage. Super frustrating!!
If you added dun to the APN configuration, you need to undo that.
GrapheneOS
No, I have not touched the APN. It is the default one.
GrapheneOS Adding back dun would undo that. Raise TTL by 1 on the computer you're tethering and it won't be detected.
This worked for me, also on T-Mobile.
- Edited
ivicaivica
Did you raise the TTL on a Mac by any chance?
NoWayOut I tried it couple of months ago on my laptop running Linux (openSUSE) and it worked. However, I never had to use it again.
I also did try it on Windows but that did not work.
ivicaivica
Thanks, my gut tells me that the carriers have closed this loophole for the "mass" operating systems. The CEO's of these carries belong behind bars, IMHO.
- Edited
nrt
I only see the default APN. Not sure about the IP address, it never occurred to me to check, since I expected the damn thing to be plug and play. I am away from home now, but will check later.
The developers will do well to look at this. I know it is a low priority, but... it is not working as expected.
cgro0550 If you have a more plausible suggestion for it, say it.
https://en.wikipedia.org/wiki/TCP/IP_stack_fingerprinting
https://android.stackexchange.com/questions/47819/how-can-phone-companies-detect-tethering-incl-wifi-hotspot (note that the part about MAC addresses is arguably sort-of correct for IPv6 but probably wrong for IPv4)
https://ieeexplore.ieee.org/document/8958772
https://www.jitbit.com/alexblog/310-how-to-hide-tethering-from-your-mobile-operator/
- Edited
What seems to have been established so far is that increasing the TTL value by 1 does not
work on Windows and MacOS. It appears to be working on Linux.
NoWayOut What seems to have been established so far is that increasing the TTL value by 1 does not work on Windows and MacOS. It appears to be working on Linux.
Two Linux kernels (Android and another one on a laptop) may well fingerprint the same way. If there is no TTL jitter then the tethering may go unnoticed. Windows, macOS, Plan 9, etc., may fingerprint very differently, in which case TTL tweaking by itself won't work.
Meanwhile, I don't think my carrier has a "tethering quota", though I admit I haven't checked recently. Maybe switching carriers is an option?
In the US, all the three big carriers do it.
- Edited
NoWayOut pdanet+ or pairvpn, and you have to be doing something different be it an app, setting, configuration. I've never gotten notices even before I used GoS, although I was using apps mentioned above to mask it. Since GoS I don't bother with em.
Using a Verizon MVNO Visible & UsMobile I've hit and blown past my cap on both plans with nothing more than GoS guilt in hotspotting. No issues.
NoWayOut In the US, all the three big carriers do it.
My carrier is Verizon. They write:
Many of our monthly phone plans and certain prepaid plans let you use 5G Ultra Wideband, 5G and 4G LTE Mobile Hotspot on capable devices for no additional monthly charge.
I looked at my "plan features" page and it says only:
Personal Hotspot
Use your shared data to turn your smartphone into a Wi-Fi connection for your other devices.
So it's not clear to me that I have a tethering quota. They may have some plans with tethering limits, but that may be avoidable - on Verizon and maybe also on other carriers.
NoWayOut Are you running a full system VPN on Windows? If you aren't, they can see you're connecting to Windows services and therefore must be running Windows. Raising the TTL by 1 and running a VPN should be adequate. You should verify that the TTL is being raised with the way you're configuring it.
a month later
- Edited
Hi, this cannot raise the TTL, and macOS' PF does not support TTL mangling unlike iptables.
I have an alternative way of bypassing this detection here: https://github.com/felikcat/unlimited-hotspot/#3-moving-past-a-dpi-firewalls-throttle-triggers
I mention it since I want more people rather than myself to test, I also use T-Mobile, as seen here.
- Edited
NoWayOut That's due to TCP fingerprinting methods, other people say use a VPN but if you can get away with not using one as I currently do, that's faster.
Linux's TCP/IP stack is very similar to Android, so it's easy to look like an Android phone.
macOS you can make look like iOS easily. For Windows I am not sure, but it is very different compared to both macOS and Linux.
There is anti-DPI programs for Windows that are more comprehensive than the macOS and Linux alternatives, so you might not have to worry about it.
N3rdTek
PDANet+ or PairVPN needlessly slow down your internet. They're either outdated, or over-complex methods.