In nerd circles, NetOne is known for two things: it’s ever-popular One-Fi bundles and never-ending boardroom squabbles and coups. In underground nerd circles, NetOne is also known for something else “free internet” via Droid and OpenVPN exploits. Thanks to these tricks a lot of Zimbabweans now have a warped idea of how VPN works.
The crazy world of “free internet”
A lot of people are going to call me a traitor for writing this but someone has to. Over the past few months, I have had occasion to interact with people from various Telegram groups that are ostensibly set up to discuss the issues related to VPN. By far the largest group is the official DroidVPN group set up by the folks from DroidVPN to support their service.
The first thing that immediately strikes you as soon as you are a member of this group is not the “free internet” tricks that are freely shared by all. It’s instead the unusual fact that most of the messages in this group are posted in urban Shona lingo. I had to recheck the group information multiple times just to assure myself that this was indeed the DroidVPN official group.
The second thing that strikes you, is how members freely share free internet tricks without a care in the world. The third thing is how most members seem to genuinely believe they are doing nothing wrong as they are “not stealing” data from their network provider! Apparently VPN allows you to bypass NetOne without using “their” data. That’s the reason why you are able to go online for free. It’s all legitimate claimed one prolific member of the group.
A popular alternative to DroidVPN when one wants free internet is to use OpenVPN.When one opts for this route a crucial tool of the trade is the http-injector app which allows users to modify HTTP headers in pretty much the same way DroidVPN does. The app also comes with an interesting feature that allows you to connect to the internet while your phone is in “aeroplane mode.”
According to those who shared this trick, connecting to the internet whilst your phone is in aeroplane mode allows you to “hide” from NetOne. Others used the fact that you were able to surf the internet without the NetOne signal showing on your phone as further proof that you were not doing anything wrong as you were not using Network Resources.
The truth about VPN hacks
My colleagues have already touched on the issue of free internet but the purpose of this article is to counter some of the myths that are prevalent among the “free internet” community in Zimbabwe or the VPN community as they prefer to be known.
No hackers, just script kiddies
The most prevalent myth fostered by those who share “free internet” settings is that they are prominent hackers who obtained these settings after committing acts of hacking jujitsu. Just Google for “free internet Netone” online and you will come across various YouTube videos, blogs and Facebook groups made by people claiming to be great hackers who can do all sorts of things.
The truth is rather disappointing, most of these people are just script kiddies. They just repurposed internet settings shared by other more technically gifted people from countries such as Brazil, the Philippines and Indonesia. All these people know is how to install an APK, edit settings and tap a button. Most don’t even understand networking basics as betrayed by their inane assertions of how VPN works.
Using VPN this way is almost certainly illegal
When you are using VPN this way you are actually using NetOne’s (or whoever your ISP is) resources. To get a VPN connection you need an internet connection which you are actually stealing from NetOne in this case. If you are wondering why you are able to connect using VPN even when you have no data let me explain.
Under normal circumstances, you need data to connect to the internet. Whenever you attempt to go online using your NetOne line, the company’s special software called a captive portal/firewall/gateway first checks to see if you have data before allowing your connection to go through to the internet. If you don’t have any data, your connection is dropped and you see an error in your browser.
What free internet tricks do, is try to trick this captive portal to allow your connection to go through even though you have no data. Think of it like getting a fake ID so that you can buy beer even if you are under the age of 18. Obviously, if you walk into a bar without an ID while you look suspiciously young you will be turned away. The same would happen if you walked in with an ID that looked obviously fake. A very good fake ID might fool the bartender if you looked old enough and were carrying it.
Usually illegal connections make use of proxy tricks to prick a hole in the captive portal. Once the connection goes through a TCP VPN connection is then made to maintain access. Usually these connections do not survive a phone call or a switch to another base station.
A stupid counter-argument that proponents of “free internet” VPN like to make is to tell those using these tricks to Google “What is my IP.” If you do that while connected to VPN you will get the IP address of your VPN provider. Those who know how VPN works are not surprised by this at all because that’s what you should see. If you were able to check your VPN provider’s proxy logs you would see a NetOne IP address in there.
For the avoidance of doubt, if you are using “free VPN” you are using NetOne’s internet backhaul. It’s just that your connection is being relayed to appear as if it’s from your VPN provider. You are technically stealing data from NetOne.
You cannot hide from NetOne
The fact that free riders have been using NetOne’s network to get free internet for over a year does not paint a very positive picture about the company’s system admins but make no mistake about it, if they really wanted to find you they could. There is no hiding away from them by browsing in aeroplane mode as some people in these groups claim.
Aeroplane mode is just a quick way for you to switch off your phone’s radios. Its named aeroplane mode because passengers were often asked to switch off their phones when boarding planes, something that passengers hated. Aeroplane mode offers a compromise, it allows passengers to switch off their device’s radios (WiFi and LTE) while allowing them to still use their phone’s other functions.
What apps like http-injector do is, they allow you to surreptitiously turn on your phone’s LTE/3G radio and connect to your provider’s cell tower. You might not be seeing network bars in the usual portion of the screen but make no mistake, your phone is still connected to NetOne’s cell tower and making use of the company’s infrastructure to connect to the internet.
Again, if you were able to check your VPN provider’s proxy logs you would still see a NetOne IP somewhere in there because you are indeed using NetOne’s internet backhaul to connect to the internet. A NetOne systems admin can, if they wanted to, see a connection from your phone to that proxy server. They might not be able to see what websites you are visiting but they can see you are connected.
Using free internet harms no one?
The popular justification peddled is that using free internet is a victimless crime. Far from it, using free internet not only harms the company providing the infrastructure which will have a hard time recouping costs expended to buy things like base stations, fibre and pay support staff it also harms legitimate customers who actually pay to use services.
When done excessively, free riding this way actually degrades the overall experience enjoyed by those who are paying for the service. Imagine buying a loaf of bread and only getting to eat half because somebody is stealing the other half. No one would countenance that, how should it be any different when it comes to digital goods? You get degraded speed because some free rider is torrenting for free! How is that victimless?
Why are VPN companies providing tools that can provide free internet?
The internet is a very Libertarian invention that was made by people who believed in the idea of unfettered access to the internet. Unfortunately politicians and thuggish regimes have been curtailing this freedom using increasingly advanced filtering tools. Take for example Russia, Australia,China, UK, Spain and Iran. All these countries have ISPs who implement various blocking techniques that range from rudimentary DNS blocks to the fine-tuned purring filtering machine that is the Great Wall of China.
VPN companies have risen to provide last mile tools that allow people to find ways to bypass these blocks. Tools such as http-injector, Shadowsocks, DroidVPN and Stunnel are often employed. This is all for a noble cause. Unfortunately these tools can also be used to circumvent legitimate blocks such as those used by ISPs to make sure people pay for usage.
The companies providing these tools have a noble cause in mind. Unfortunately some users are not so noble.
What’s your take? Cancel reply