How one teen gained access to T-Mobile’s network for free – without any data plan or contract

Student admits it would be easy to fix. The issue might have already been plugged.

David Bisson

Teen gains access to T-Mobile network for free - without any data plan or contract

A teenager recently found a way to gain access to T-Mobile’s mobile network for free – that is, without any data plan or contracts.

Jacob Ajit, a 17-year-old student at Thomas Jefferson High School for Science and Technology, was recently alone with nothing to do on a Friday night when he got to playing with his T-Mobile phone.

His device had a prepaid SIM, meaning he could use a basic LTE connection to upgrade his phone’s plan.

Sign up to our newsletter
Security news, advice, and tips.

After some fiddling, Ajit discovered his Speedtest app could achieve a 20 mbps LTE connection.

That’s when a question sprang into his mind. As he explains in a blog post:

“What if TMobile was simply checking for similarly formatted /speedtest folders without any real verification?”

Curious, Ajit set his own /speedtest folder and loaded it up with various files, including a Taylor Swift music video.

Now he could access any pre-loaded files from wherever he wanted!

But that wasn’t enough. The student wanted the internet at his fingertips, so he created a proxy server on Heroku using Glype.

To his delight, it worked!

“Just like that, I now had access to data throughout the TMobile network without maintaining any sort of formal payments or contract. Just my phone’s radios talking to the network’s radios, free of any artificial shackles. Mmm, the taste of liberty.”

Overall, it wouldn’t be hard for T-Mobile to fix this issue. Ajit admits the mobile service provider would simply need to make its allow-list check against Speedtest’s server list found here.

It might have even already done that. One of Motherboard’s journalists who is a T-Mobile customer tried to replicate Ajit’s procedure on his device, but to no success. That could be because the journalist’s phone didn’t use a prepaid SIM card. Or it could be because the issue has since been resolved.

T-Mobile has yet to acknowledge the issue, however, so we can only assume the gates to “Free Data Land” are still open.

But like the most wonderful things in life, it’ll be that way for a limited time only.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

36 comments on “How one teen gained access to T-Mobile’s network for free – without any data plan or contract”

    1. if he was a "crook" ( Who uses that term anymore….) he probably wouldn't have gone public with the discovery,and wouldn't have talked about how to fix it…

      1. In a technical sense, Ajit almost certainly violated the Computer Fraud and Abuse act, and could be charged with a federal felony. I do not thing that would be appropriate, or that the act is what we should consider good law. However, the law is what it is, and an ambitious US Attorney might view the act, and Ajit's action, quite differently, as some have done in the past. Announcing it publicly probably was a bit unwise.

    2. If he was a "crook" he wouldn't have made it public he would have saved that info to sell to people on the street so that they had unlimited data for a pretty penny in his pocket. Also if he was a real crooked crook he would be street rich, he would be a street runner, and a con artist like Hitlery (had to).

    3. Frank is just burger flipper the low end of American Sewage, and he knows all about being crook when he gulps those burger down his throat, when nobody is looking.

    4. Frank… Frank! The young genius found the problem, tested it, verified it, then reported it to T-Mobile, and shut-down his test. He was a curious young engineer that ended-up doing T-Mobile a favor while showing both integrity and ingenuity.

    1. You're quite right! Even if they're not deliberately throttling it, anything under "speedtest" was set up to bypass checks that slow ordinary activity down.

      1. This brings up an interesting point, if that's the case with T-Mobile, I wonder if other internet data providers might be doing this with Speedtest. So even if you're paying for the service and you complain that your speeds are too low and they ask you to run a speed test to verify. After running the tests the speeds come up normal because their servers are rigged to throttle up when when they "see" a speed test but in reality you're stuck a lower speeds everywhere else.

    1. @fredjohson…It is wrong for you to publicly announce your "low life Profession". Go to sleep this is not your cup of tea.

  1. Hats off to this young man for having the intelligence of finding a hole in T-Mobile's network and the scruples to come forward so that it can be corrected. I hope T-Mobile recognize him with an award and a summer internship.

  2. Who thinks like that?…""What if TMobile was simply checking for similarly formatted /speedtest folders without any real verification?"…."created a proxy server on Heroku using Glype" Im like what? I'm in IT and have no idea what Heroku and Glype is.

    Someone give this kid something to do. Go to the mall and hang out with your friends. Are you sure Ajit isn't a robot?

  3. tmobile cheats and has been rigging the speedtest website and app. If you setup what this kid did you will get high speed data all the time not 3g and 2g once your data cap is finished. T mobile does not believe in net neutrality.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.