This is a tutorial I just wrote. Please let me know what you think and Digg it (http://digg.com/software/HOWTO_Unlimited_Nationwide_Wireless_Internet_for_6 ) if you like it.

Don’t get suckered into paying $20, $30, or even $70 per month for nationwide wireless internet. If you’re a T-Mobile customer, you can do it with their $6 T-zones plan just by making a minor change on your laptop. Here’s how:

Instructions for Mac OS X, Linux, or *BSD

1. Add T-Zones to your calling plan, if you haven’t already.
2. Sign up for a free shell account at http://silenceisdefeat.org (instant activation is a one-time fee of $1)
3. http://wiki.howardforums.com/index.php/GSM_Tethering , if you haven’t already.
4. From a terminal, issue the following command:
ssh -p 143 -D localhost:1080 [email protected]
Of course, you need to replace “username” with the username you picked in Step 2. The password to use was emailed to you when you completed Step 2. If there are any problems, check the support channel (http://www.mibbit.com/?server=irc.oftc.net&nick=&channel=%23sd) .
5. You can change your default password by using the psswd command once you’ve logged in. You now have a local SOCKS5 proxy with no restrictions. Just configure your browser to use it. For Firefox, (Click Edit > Preference > Advanced > Network > Settings > Manual proxy configuration; At SOCKS Host put in localhost and for the port, use 1080.)

Instructions for Windows

1. Add T-Zones to your calling plan, if you haven’t already.
2. Sign up for a free shell account at SilenceisDefeat.org (instant activation is a one-time fee of $1)
3. Setup tethering, if you haven’t already.
4. Download and run PuTTY
5. For hostname, enter ssh.silenceisdefeat.org. For Port, enter 143, like this (http://silenceisdefeat.org/%7Echris/blog/images/putty/step1.gif).
6. On the left site, in the Category box, click over to Connection > SSH > Tunnels. Click the second check box, enter 1080 for the Source Port, click the Dynamic radio button, and click Add. Make sure it looks like this (http://silenceisdefeat.org/%7Echris/blog/images/putty/step2.gif) before you click Add.
7. Now go back to the Session screen (at the very top in the Category box), under Saved Sessions, type “Silence is Defeat” without quotes, and click Save. This will allow you to re-use these settings in the future without having to enter them again.
8. Now click “Open” to start the session. You’ll be prompted for a password, which should have been emailed to you when you completed Step 2. If there are any problems, check the support channel.
9. You can change your default password by using the psswd command once you’ve logged in.
You now have a local SOCKS5 proxy with no restrictions! Just configure
your browser to use it. For Firefox, (Click Tools > Options >
Advanced > Network > Settings > Manual proxy configuration; At
SOCKS Host put in localhost and for the port, use 1080.)

How it Works

The T-Zones APN, wap.voicestream.com, has a proxy available at 216.155.165.50 on port 8080 that used to allow most HTTP traffic to any server, but as of late it blocks normal websites. However, the APN still allows unrestricted traffic on ports 25, 110, 143, 465, 587, 993, 995, and 8080 for various reasons. ssh.silenceisdefeat.org accepts SSH connections on ports 80, 143, 465, 443, and 587. So, we’re just connecting to Silence is Defeat on port 143 and then tunneling all of the traffic from our local SOCKS proxy to Silence is Defeat, where there are no traffic restrictions. This can be used for the web, IRC, instant messaging, and just about anything else.

If you like this trick, please consider donating to http://silenceisdefeat.org via paypal at [email protected], as they are footing the bill for the bandwidth required to do this. Also, check out their chat room. Enjoy!

Thanks for the ad, errrh, I mean information!!!

This is one of those little tricks that once it becomes a problem for T-Mobile, they will find a way to close it.

gmjustme, how is this an ad?

DRNewcomb, I've been doing this for about six years now. It works great, has always worked great, and they won't be able to "close it" unless they want to prevent people from checking their email.

gmjustme, how is this an ad?

DRNewcomb, I've been doing this for about six years now. It works great, has always worked great, and they won't be able to "close it" unless they want to prevent people from checking their email.

This means that same thing like with the T-Zones proxy. People started abusing it, and then T-Mo caught on and started plugging the holes in the system.

The T-Zones proxy is something that T-Mobile provided. This is using a port they allow outbound traffic on to reach a server outside of T-Mobile's control.

Again, they're not going to be able to "plug the holes" without preventing their entire customer base from checking their email.

if people were to start doing this on a noticable scale, i can promise you that it would be cut off, just because it's not a tmobile proxy does not in any way mean tmobile can't prevent devices on its network from accessing it.

For now, based on the OP, this works. That may not always be the case.

Jeff

Again, they're not going to be able to "plug the holes" without preventing their entire customer base from checking their email. It would be fairly easy to block connections to specific domains. It would be harder if individual users were to set up their own ssh servers on their personal machines. Since most folks these days seem to have some sort of full-time, high-speed connection this would not be hard for the users to implement. Then it would look just like a secure e-mail connection back to your home computer.

BTW, a few months ago I upgraded from my $4.99 T-Zones to the $19.99 VPN. I find it worth the extra $15/mo just to be able to access Google Maps on my Nokia S60 phone. I'm one of the most frugal folks around and was "getting my money's worth" out of T-Zones for some time. At $19.99 I still think that I'm "getting my money's worth.

It would be fairly easy to block connections to specific domains. It would be harder if individual users were to set up their own ssh servers on their personal machines. Since most folks these days seem to have some sort of full-time, high-speed connection this would not be hard for the users to implement. Then it would look just like a secure e-mail connection back to your home computer.

BTW, a few months ago I upgraded from my $4.99 T-Zones to the $19.99 VPN. I find it worth the extra $15/mo just to be able to access Google Maps on my Nokia S60 phone. I'm one of the most frugal folks around and was "getting my money's worth" out of T-Zones for some time. At $19.99 I still think that I'm "getting my money's worth.
i used to do about 2-3gb on my vpn with proxy ;) i got my moneys worth.. now with cingular i think i need to max out all 5 but i;ll stop around 4 to get my moneys worth.. its faster so maybe more easyer to do

It would be fairly easy to block connections to specific domains. It would be harder if individual users were to set up their own ssh servers on their personal machines. Since most folks these days seem to have some sort of full-time, high-speed connection this would not be hard for the users to implement. Then it would look just like a secure e-mail connection back to your home computer.

Sure, it would be possible to block connections to this specific service, but:
1) As I say, I've been doing exactly this for about six years now, along with hundreds of others, and it hasn't been blocked yet
2) You can bet we'll have a new hostname on a new IP in less than 24-hours after this one is blocked, if it ever does get blocked (which frankly seems doubtful after six years)

You have a valid point, of course, I'm just trying to point out that it's just as easy for us to move to a new IP and/or hostname.

I'm betting that this is technically against the TOS. They could probably cancel your service on you and you wouldn't have a leg to stand on.

Additionally, changing the host, server, ip, etc is useless if they simply block SSH.

Keep encouraging more people to do this. You're only going to make it harder for you to do it also. After all, the more people that use SSH over a non-standard port, the more people T-mobile is going to notice.

Edit: Oh, and how much did you donate to this third-party SSH provider? Do you donate that amount every month? You do realize that it's T-Mobile's bandwidth you're paying somebody else to use - maybe you should just cut out the middleman?

I'm betting that this is technically against the TOS. They could probably cancel your service on you and you wouldn't have a leg to stand on.
Well, I've looked for something it might violate and haven't been able to find anything. Please let me know if you can find something in the TOS that this violates.


Additionally, changing the host, server, ip, etc is useless if they simply block SSH.
Uhh, easier said than done. To block a particular protocol, independent of port or host, would require Deep Packet Inspection, which consumes many, many, many times more resources at the firewall level. Additionally, their equipment would have to support it. What you're suggesting could cost them hundreds of thousands, or more, depending how their network is setup.


Keep encouraging more people to do this. You're only going to make it harder for you to do it also. After all, the more people that use SSH over a non-standard port, the more people T-mobile is going to notice.
Whatever you say. Even if they notice, it would be more than a huge headache for them to put a stop to it... As far as I can tell it's not even a violation of the TOS.


Edit: Oh, and how much did you donate to this third-party SSH provider? Do you donate that amount every month?
It's completely free, unless you want instant activation, which is a one-time fee of $1. There's no monthly fee.


You do realize that it's T-Mobile's bandwidth you're paying somebody else to use - maybe you should just cut out the middleman?
I think you may be misunderstand how this works. It's like this:
<laptop>
|
(usb)
|
<phone>
|
(EDGE)
|
<tower>
|
(fiber? backhaul)
|
<APN>
|
(internet via port 143)
|
<Silenceisdefeat.org>
|
(internet (unrestricted))


You're not paying someone else to use T-Mobile's bandwidth. In fact, they don't use it at all. You're using T-Mobile's bandwidth to connect to silenceisdefeat.org, and then their bandwidth to connect to other internet servers *through* silenceisdefeat.org. So, you're using a little bit of their bandwidth as well as T-Mobile's, although they have stated they allow this intentionally. At current bandwidth costs, $1 would probably cover most of what you'll use over an EDGE connection anyway.

What kind of bandwidth does this setup get? Or t-zones in general, I guess. Also-- I'm at college right now, but when I go home for the summer, there's no t-mobile service where I live. My phone roams on cellular1 (now att I think?)-- will the internet service still work?

There's nothing wrong with this. It's similar on the hacked AIM 2.0 program where you change the port to 110 (intended for email) to connect when you're having problems.

Anybody try regularly tethering, and entering the proxy in the browser except something other than 8080? 216.155.165.50:143 directly? (for quick and easy connect)

This tunnel enables your whole computer's networking to apply itself on the proxy.

I'm betting that this is technically against the TOS. They could probably cancel your service on you and you wouldn't have a leg to stand on.

Additionally, changing the host, server, ip, etc is useless if they simply block SSH.

Keep encouraging more people to do this. You're only going to make it harder for you to do it also. After all, the more people that use SSH over a non-standard port, the more people T-mobile is going to notice.

Edit: Oh, and how much did you donate to this third-party SSH provider? Do you donate that amount every month? You do realize that it's T-Mobile's bandwidth you're paying somebody else to use - maybe you should just cut out the middleman?

Eh. Ports were created to stop interference by separating application's connection to the network. Yeah, T-Mobile will notice more people are checking their email :lol:

<laptop>
|
(usb)
|
<phone>
|
(EDGE)
|
<tower>
|
(fiber? backhaul)
|
<APN>
|
(internet via port 143) <T-Zones Proxy>
|
<Silenceisdefeat.org> < Tunneling to a 3rd party Proxy >
|
(internet (unrestricted))

I believe this has been referred to before, many users create their *at home* proxy to <tunnel> packets through *unrestricted* home connection.

I posted a comment on the blog page, but now I see it's been posted to HoFo, too. My blog comment got redacted by the OP, but I doubt that'll happen here. Since T-Mo allows unproxied connections on port 1080, you can use this method without any proxying software anywhere. You can create a virtual network interface that will appear to have unrestricted Internet access locally on your *nix/OSX machine. The process is described here (http://wiki.buici.com/wiki/Slirp_Tunneled_over_SSH). However, the script linked on that page will not work out-of-the-box for this purpose. You'll want to use my modified version (http://homepage.mac.com/danielg4/slirplink). If you have a 3G router running OpenWRT/X-WRT, you'll be able to make this connection appear transparent even to Windows. Set it up in the middle of the park, and invite a bunch of friends to an outdoor LAN party, with T-Mobile as your last-mile provider!

I posted a comment on the blog page, but now I see it's been posted to HoFo, too. My blog comment got redacted by the OP, but I doubt that'll happen here. Since T-Mo allows unproxied connections on port 1080, you can use this method without any proxying software anywhere. You can create a virtual network interface that will appear to have unrestricted Internet access locally on your *nix/OSX machine. The process is described here (http://wiki.buici.com/wiki/Slirp_Tunneled_over_SSH). However, the script linked on that page will not work out-of-the-box for this purpose. You'll want to use my modified version (http://homepage.mac.com/danielg4/slirplink). If you have a 3G router running OpenWRT/X-WRT, you'll be able to make this connection appear transparent even to Windows. Set it up in the middle of the park, and invite a bunch of friends to an outdoor LAN party, with T-Mobile as your last-mile provider!

I took the link out of the comment you made on my blog because the file you linked to had no extension and a mime-type of application/octet-stream, which makes it look like a binary... obviously it's a bad idea for me as a webmaster to link people to some random binary for which the source isn't available.
Of course, it's actually just a shell script. You could avoid having your comments redacted in the future by giving it an extension that implies the nature of the file, like .sh.

Sure, I could have used a .sh extension, as I did in my previous attempt at this script, but this one is a slight modification of Marc Singer's script, which I originally intended to submit back upstream, and his doesn't have the extension. Personally, I find extensions on shell scripts annoying, but I often use them anyway. While a MIME-Type is a good indication of content, application/octet-stream is very specifically not an indication of anything at all. Examining the page at the link you didn't remove would have been a better indication.

Thanks for this yo XD

is this still working?

is this still working?


I never tried it, I use the proxy and use an unlocked Moto Q9h.

Can I get this going without a laptop? Could I tether my PC to my phone? I just want to hack my E90 on tzones to get unlimited internet anywhere, but I don't have a laptop. Is this possible?

Hi cbrunner,

I've read your tutorial on how to connect in this fashion. I got up to the part when I save the putty settings and try to click on "Open". I either get the error message "server unexpectedly closed network connection" OR the black putty prompt doesn't show anything (no login prompt or anything) and it seems like the connection hangs. Have you run into this problem?


Thanks in advance.

Hi Paul,

Sorry I didn't see your PM. I think this was because SD went down for maintenance earlier tonight. Please try again and let me know if you still have trouble.

Best regards,
Chris

Hi Paul,

Sorry I didn't see your PM. I think this was because SD went down for maintenance earlier tonight. Please try again and let me know if you still have trouble.

Best regards,
Chris

Hi Chris,

Thanks for the reply. Yes, it works now and I can log in. However, how do I change my password? I've tried typing "psswd" at the prompt with no luck.

Also, I can surf with firefox after changing the browser settings but cannot with IE6. And lastly and importantly, how would I get my Yahoo chat client to work? I went into Yahoo's connection settings, put in localhost/1080 but the Yahoo client refuses to log in. I've also tried using the default settings and obviously that does not wotk either.

Thanks,
Paul

Chris,

Now after tethering, I can not open the silenceisdefeat connection through putty anymore, since last night. When I click "Open", I get something to the effect of ssh.silenceisdefeat.org host does not exist. HOWEVER, when I try to connect with putty with my normal broadband connection, I can login to my silenceisdefeat account.

Do you think TMo may be blocking something? I know that my laptop is talking to my phone since the bluetooth says it is connected.

Given my other concerns in the above post as well, and overlooking the $19.99/month for completely open ports, do you think the total internet is the best way to go? I don't mind paying the extra $15/month (I already pay $4.99 for the T-Zones).

Thanks.

T-Mobile has been blocking port 1080 for quite some time. A couple of months ago, I put a list of the ports they don't block onto the OP's blog page:
http://www.chrisbrunner.com/2008/03/23/howto-use-t-zones-to-get-unlimited-nationwide-wireless-internet-on-your-laptop-for-6mo/

T-Mobile has been blocking port 1080 for quite some time. A couple of months ago, I put a list of the ports they don't block onto the OP's blog page:
http://www.chrisbrunner.com/2008/03/23/howto-use-t-zones-to-get-unlimited-nationwide-wireless-internet-on-your-laptop-for-6mo/

How do we know if the host isn't sniffing my packets? :lol: jk thanks for contributing :2thumbs:

>How do we know if the host isn't sniffing my packets?

You don't. If you don't don't trust your SSH host, run your own SSH server (easy to do with Ubuntu).

>...how would I get my Yahoo chat client to work? I went into Yahoo's
>connection settings...

Yahoo IM is finicky about proxies (and connections generally) in my experience. If all else fails, there is the browser-based webmessenger.yahoo.com.

How fast is this connection? How does it compare to the $20/$30 plan?

As far as speed goes, it depends greatly on signal strength. T-mo's coverage isn't as good as AT&T's. Nonetheless, I find it faster than dial-up most of the time, but never as fast as DSL. (This is not 3G.) It is fast enough for mobile Google Maps. I use bluetooth to my TX so I can position my phone for best signal. A smartphone user may have to contort for best signal.

T-mobile Total Internet includes WiFi hotspots, if you are hard up for speed.

For a list of more free shells without as many restrictions visit http://on-net.info/shell-accounts/. I am using mine for resizing of videos downloaded from net so I can watch them on my PDA when I am on the train.

For a list of more free shells without as many restrictions visit http://on-net.info/shell-accounts/. I am using mine for resizing of videos downloaded from net so I can watch them on my PDA when I am on the train.

How is a shell account good for that? Are there some free apps on the server?

yah but for that you must be at home. This way I can download videos while on train. For example xvid format of daily TV shows with which my pda have problems playing. So I download them to my shell rezise there and download to my pda where I can then watch with no problem.

No more $6 T-Zones, no more silenceisdefeat.org . Just a message about being gifted to the public or something.

Now what?

Guys, the address just changed to http://silenceisdefeat.com because someone hijacked the domain. Same great service, though.

And what about the T-Zones?

How much is that silenceisdefeat?

Guys, the address just changed to http://silenceisdefeat.com because someone hijacked the domain. Same great service, though.
Do we change all references in your instructions from silenceisdefeat.org to silenceisdefeat.com?

Do we change all references in your instructions from silenceisdefeat.org to silenceisdefeat.com?Ok, that was a dumb question. OF COURSE you change the name. Your guide was great. Only thing I saw was the change password command. You had psswd which didn't work so a quick GOOGLE dearch revealed passwd.

Thanks for showing me how to do this!

Ok, that was a dumb question. OF COURSE you change the name. Your guide was great. Only thing I saw was the change password command. You had psswd which didn't work so a quick GOOGLE dearch revealed passwd.

Thanks for showing me how to do this!

My pleasure, and thanks for telling me about this error.

Still unanswered, pardon my lack of understanding, are my two questions above:

1. Since the $6 T-Zones no longer exists, now what? The $10?

2. What is the charge for the silenceisdefeat service? The home page mentions needing a PayPal account.

Does anyone know if silenceisdefeat.com is legit? It looks like they copied the silenceisdefeat.org page lock stock & barrel, and didn't use relative links (tsk tsk), so for example the TOS link takes you to silenceisdefeat.org/tos.

Something doesn't feel right (I'm probably being paranoid). The terse wording on silenceisdefeat.org isn't helping.

Mike

Does anyone know if silenceisdefeat.com is legit? It looks like they copied the silenceisdefeat.org page lock stock & barrel, and didn't use relative links (tsk tsk), so for example the TOS link takes you to silenceisdefeat.org/tos.

Something doesn't feel right (I'm probably being paranoid). The terse wording on silenceisdefeat.org isn't helping.

Mike

Silenceisdefeat.org has been sold by a former admin. Please use either silenceisdefeat.com or silenceisdefeat.net for ssh, http and mail.

This is the topic on there IRC channel #sd on OFTC. So I'd say it's OK.

Does anyone know if silenceisdefeat.com is legit? It looks like they copied the silenceisdefeat.org page lock stock & barrel, and didn't use relative links (tsk tsk), so for example the TOS link takes you to silenceisdefeat.org/tos.

Something doesn't feel right (I'm probably being paranoid). The terse wording on silenceisdefeat.org isn't helping.

Mike

Mike, I am the original founder of SD. The domain silenceisdefeat.org was registered to a guy who co-founded the organization with me ten years ago. He resigned several years back, but we never bothered to transfer the domain because there didn't seem to be any reason. That is, we never imagined he would do what he recently did.

Apparently, he decided that he would violate his agreement with us and auction the domain off on eBay. This has forced us to make use of silenceisdefeat.com and silencesisdefeat.net.

In any case, the servers that the two new domains point to are the exact same servers that silenceisdefeat.org used to point to, and the services we offer are the same as we have been offering for the last ten years.

If this doesn't answer your questions, please don't hesitate to contact me via any method listed on the contact page of my website.

Thanks cbrunner, I appreciate the explanation.

Mike

from silenceisdefeat.com:


"Sorry, we are not accepting new members at this time."

what's up Chris?

Sorry. Our login script is broken, and I don't have time to fix it right now.