Embedded Files
by Ryan Vagabundo
So you signed up for one of those nice "unlimited" data plans from a phone carrier. Sure, they give you 30 or 50 GB per month before it's throttled, but that's still quite a bit. Certainly more than adequate for a secure connection you can rely on to do work and personal financial stuff on the road.
Ah, but wait. If you check the fine print, you can't apply all that data to your hotspot tethering ... no, you might be restricted to as little as just 5 GB of it per month!
It's a ridiculous situation, but there are ways to take power back into your own hands. People have been getting around tethering restrictions for over a decade now, since the telcos started offering data plans for phones. In some cases, techniques have had to update with the times. In other cases, old tricks still work. But there are ways around this restriction.
A SIMPLE FIX TO TRY FIRST
Let's start with one of those old tricks that still work (in some cases).
If you're just trying to tether to get your Windows laptop or computer connected to phone data, first make sure you're on an "administrator" account (should be the default if you only have one). Then go to Windows System > Command Prompt and enter the following two lines, one at a time, with the "run as admin" option:
netsh int ipv4 set glob defaultcurhoplimit=65
netsh int ipv6 set glob defaultcurhoplimit=65
(if you want a laptop or computer to be able to repeat WiFi to other devices, switch the 65 for 64)
The original and simplest method for phone companies to tell what kind of internet traffic you're using is to count what is called "Time To Live" (TTL) packets. This is basically a timestamp that tells networks how long to hold onto packets before dropping them, to prevent them from circulating endlessly. To keep this as simple as possible, if this "stamp" value exceeds 65 (which it will with the default settings of computers), the carrier knows the data is being passed to a computer. If it doesn't exceed this limit, it is assumed to be passed to a phone.
So with these commands, you're telling the computer to basically emulate the phone's timestamp to trick the carrier into thinking the data request is continuing to go to a phone. Changing this setting shouldn't hurt other operations of the computer, but if you ever want to restore it you simply enter these same commands again but with "128" as the number at the end (the standard default value for Windows computers, this may be different for Linux and Mac).
TTL can be changed with Mac and Linux computers as well, but you'll need to look up the commands as they are different and entered differently. The value of 65 should be the same, however.
This is the oldest and simplest trick that carriers used to tell if data was being used by a computer or by the phone, and some still use it. Some have developed more advanced inspection methods that won't be fooled by this, which we'll move onto in the rest of this article. But this is worth trying first as it's very simple, easy, quick and has virtually no possibility of breaking anything.
Use a measurable amount of data while tethered/on hotspot with these settings changed, and see if it's reflected in your allotment. If it is, you can try enabling a VPN (see the very end of this article if you're unfamiliar with them) and try again - sometimes this makes it work. If not, you'll need to move on to more advanced techniques.
DEEPER INSPECTION REQUIRED
If simply playing with the TTL as described above doesn't work, your phone carrier could be scrutinizing this traffic more carefully through a couple of likely methods:
* Components of the operating system (ie Android) that interface between you and the carrier are snitching to the carrier via information embedded in each packet
* The carrier checks to see if you connect to things that only a computer would connect to, like Windows Update
It's hard to tell exactly what any given carrier is doing, as they go out of their way to keep it a secret (to discourage people from doing exactly these sorts of workarounds). These methods have some downsides for the carrier, though, such that they don't necessarily deploy them all the time - primarily, they're likely to cause a lot of false positives.
Regardless of what they're doing, there is probably a way around it. It's just a matter of identifying methods that fit your circumstances and trying things until they work.
ANDROID USERS: ALTER DUN SETTINGS
If your phone is running Android, you might be able to attack from that end with a settings switch instead of from the Windows end.
Android has a special protocol called "dial up networking" (DUN) that is invoked whenever you're tethering. It seems to serve no real purpose other than to snitch on you to the carriers. However, as with TTL settings, it's also relatively easy to alter, though takes a couple more steps than altering Windows settings.
This post describes the process, which is basically to download a (free) Android debugger for Windows, enable USB debugging on your Android phone, connect phone to computer by USB, then enter a similar command through Command Prompt to alter the phone's DUN settings.
This isn't surefire as your carrier may still detect you by inspecting your traffic, but it's another relatively simple thing to try that stands a very low chance of breaking anything.
PDANET (AND POSSIBLY FOX-FI) FOR ANDROID
There are two popular apps that automate a lot of these processes and also help to evade "deep packet inspection" if your carrier uses that: PDANet and Fox-Fi. However, note that they are currently only available for Android phones and one costs a little money to use.
It used to be you needed one app for each type of tether: Fox-Fi if you wanted a WiFi hotspot, and PDANet exclusively for tethering with a physical USB cable. PDANet has since been updated to include a WiFi hotspot feature, but legacy Fox-Fi remains available as it doesn't work for absolutely everyone.
Let's look at PDANet first since that may well be an all-in-one solution, and will be if you just want to USB tether the phone to the computer. The latest version is PDANet+ and it's on the Play Store. It has a very good reputation for working across a wide range of devices (and has been around in some form for nearly two decades now). However, the big limitation is that the free version only allows you to transfer 50 MB of data per day (which kinda defeats the whole purpose). The paid version is normally a one-time fee of $15 but it seems to go on sale a lot for $8.
Installation of PDANet is pretty straightforward, once the app is installed you basically need to just toggle on a "enable tethering" setting in it before you plug the phone up to the computer, then just plug it in via USB cable and it should work. It also has a button to enable the WiFi hotspot. The new version does require either installation of a Windows client on the computer or special configuring of proxy settings (both provided on the PDANet website) if you want to use the WiFi feature however.
If the WiFi hotspot doesn't work, you might try the older version of Fox-Fi (by the same company). This is also on the Play Store but as with PDANet you'll also need to install a Windows client or configure proxy settings to make it work.
If PDANet's USB tether option doesn't work, you might try running it in conjunction with a VPN, but it's probably time to move on to another method. The big advantage of these apps is that you don't need to root your phone to use them, but that also means they won't work with every possible type of hardware and setup (though they seem to work with the majority).
EasyTether is another possible Android-only option of this type, but it has a few issues. One is that it doesn't seem to have been updated since 2018 (so may not be able to evade modern carrier detection methods), the other is that it's basically unusuable without paying a one-time $10 fee.
PROXY APPS / SOCKS5 PROXY
One reliable way to get access to your full data is to create a SOCKS proxy tunnel between your phone and computer (specifically, SOCKS5 as that is the version that is the most modern and secure). Basically, the phone company sees data going into the phone, but will not see it once it goes into / out of the tunnel to your computer, so it looks like all the data is starting and stopping at the phone.
If you're a coder, this is actually something you can whip up on your own. If you're not, you'll need an app someone else made, but fortunately there are a few of these.
The simplest no-root place to start looking is probably Every Proxy, at least for Android. I can't personally vouch for it but I saw mentions of Hotspot VPN for iOS working for the same purpose, though it requires a monthly subscription fee ($5 per month or $49 if you prepay 12 months).
Another free iOS option I happened to run across is a simple amateur proxy made in Python. You're on your own for trying this one out and setting it up.
One last possibility for Android is to install Termux, a Linux / terminal emulator. This option is a bit technically over my head right now, but apparently you need to find a SOCKS5 proxy to work with it. Some possible answers (I have no insight into any of these): Stunnel, ProxyChains or Privoxy.
TRAVEL ROUTERS & MODEM DONGLES
This is a bit more costly solution, but very likely to work for any setup.
The main purpose of a travel router is to convert a wired internet connection to WiFi, but there is a certain limited grouping with a feature called "RNDIS" that can also be used to hide tethering.
The main ones that people use are from a company called GL-iNet. The cheapest one available is the Mango, which at this writing is about $30. The downside is that it only uses the 2.4ghz WiFi standard, which was meant to be better at penetrating walls and solid objects but is somewhat more limited for speed. The other option from them is the Slate, which runs more like $70 but supports 5G speeds. If you're traveling by vehicle and/or can afford to carry larger objects, there is a range of additional full-size home routers that work for this purpose (for example the Merlin series by Asus, these start at closer to $100 in price).
So how exactly does this work? Basically you're plugging the phone into the router, then using WiFi from the router rather than the phone. GL-iNet has an article at their site that breaks down the basics of how this works. The unspoken trick here is to use a VPN that the travel router directly supports and integrates with. For example, the Mango has a list of 30 common services that can be used (see the VPN section below for more info on how they work and selecting one).
As mentioned this method has some added cost, probably at least $30 up front for the travel router, and then at least $2 or $3 monthly subscription to a VPN that provides good speeds and doesn't restrict what you can do with it. Still likely well worth it for the amount of data that you can access, however (and VPNs have added benefits).
A twist on this option is the modem dongle. This is a device that you actually place the SIM card from your phone into. A bit of a pain swapping them if you want to continue using the phone for phone purposes, but it's an option. You need to find a model designed for your carrier's network, however. For example, the ZTE MF820B is designed for this purpose for the T-Mobile network. Also keep in mind you'll likely be kept to 4G speeds with these devices, no 5G.
VPN SERVICES
VPNs have been mentioned above as a necessary component of some of these methods. If you regularly have access to good hotel / coffee shop WiFi or something like that, and your only concern is making it secure from prying eyes and interceptors, a VPN might solve your data issues all by itself without having to mess with your phone plan.
There are free VPNs in the world, but you want to ignore the vast majority of them. Even the (very) short list of free VPNs you can trust have similar limitations: will tend to be on the slow side sometimes, and will probably block at least some types of streaming video and gaming services (if not all of them).
All that said, there are a couple free VPNs that are alright to use in a pinch (and don't hurt anything to have around as an emergency backup even if you pay for another one). The king of them all is ProtonVPN, by the same company that provides Proton secure email. It provides unlimited data (though blocks streaming services and can be a little slow even for regular web browsing once in a while) and is based in Switzerland, meaning other nations governments have serious trouble legally getting at them. Another Swiss-based free service worth looking at is PrivadoVPN, though that one restricts you to 10 GB per month. Malaysia-based Hide.me is similar and also offers 10 GB per month.
As far as paid VPN services, if you want to save money yet get great speeds / features SurfShark is probably the best overall option (about $2 per month if you prepay two years, or about $50 altogether). Similarly priced and worth looking at are NordVPN and ExpressVPN, as well as the paid upgrade version of ProtonVPN.
CAN YOU GET IN TROUBLE WITH YOUR CARRIER?
Possibly, but not much. If your data usage doesn't go into the terabytes each month, very likely they won't notice or care about anything you're doing.
If the phone company does anything, the most likely result is simply blocking whatever method you're using at that end and saying nothing about it. Some people report getting a warning email or two allowing them to voluntarily stop before being forcibly cut off. The worst thing that could probably happen is having your current contract terminated early. The absolute worst would be being blacklisted from that carrier's "unlimited" plans, or from their service entirely, but that seems like it would take some real serious abuse to prompt.
The carrier doesn't really care if you use like a few dozen GB more of hotspot than you're supposed to each month, it's no lost money to them other than the opportunity of making you pay more. If it's clear you weren't going to do that anyway, it's better to continue to have you as a paying customer than spend a lot of effort and grief harassing and booting you.
GENERAL LINKS
* Some technical methods for addressing Android's "deep packet" sniffing and snitching
* Possible idea for using a home router / modem
* Some additional ideas for iPhone users
Page updated
Google Sites
Report abuse