As we returned from Supercon 2022, we noticed many airlines offer free in-flight messaging. While the messages are handy for complaining about the seat size, it isn’t quite as exciting as access to the internet. In the air, we wondered how hard it would be to tunnel an internet connection over messaging. Funny enough, [Aleix Rodríguez Alameda] has a project that does exactly that by tunneling traffic over Whatsapp.
In [Aleix]’s case, cell carriers are pretty stingy with internet data when traveling in South America but often give unlimited WhatsApp data. So, ahead of time, two accounts are set up. A server is on one account and acts as a proxy to the broader internet and listens to messages to the server account. Then when in a restricted access setting, the client connects with a WebSocket and sends messages. The real trick for turning the WhatsApp messages into an internet connection the client can use is exposing a port from a local nodeJS web server. It connects to the WhatsApp API through a WebSocket and then acts as a proxy. Then, you set up traffic to be redirected through that port with curl or Firefox.
Packets are split to prevent you from sending too many messages, as in their testing, [Aleix]’s accounts were banned quickly. You shouldn’t expect massively fast speeds, as 300kbps was pretty typical during testing, which according to Wikipedia, is about what dial-up got with V.44 compression.
Which is around the same speed as TCP/IP tunneled over NRF23L01 radios.
While in New Zealand I would occasionally bypass paid WiFi using TCP over DNS service. It was painfully slow but to just check an email while not paying $20 it’s done it job well.
WTH is paid wifi?
My guess WiFi that redirects you on a webpage where you have to add a code.
Seriously? In many places acess to Wi-Fi in a Airport/ Trainstation or hospital costs $$for Time and Data. In those places cellcoverage is either spotty/nonexistent/expensive and not in your plan. So paid Wifi is a thing!
Captive portal. Like on airplanes, for example. Have to pay, to use the wifi. Common also at hotels, coffee shops, etc.
Or in my case trailer parks where we spent the nights.
🤔
Not sure i’d trust sending my email login credentials over an untrusted TCP over DNS service. Only do that, if you are hosting your own DNS-to-TCP proxy.
Presumably the email itself is E2E somehow, or webmail over https
How do you still do anything that isn’t encrypted?
Glad that paid wifi vanished from almost all countries.
Not in the US it’s on every plane.
I would say plane is the exception, those are also commonly still paid here. I think it’s also a slightly defensible case: It requires a cellular connection over land or an even more expensive satellite connection when over water. I can understand wanting to recoup those costs from those using the service instead of making tickets more expensive for all passengers.
Then again, our local buses also have free wifi (which has started working a lot better over the years, 10 years ago it was unusable because everyone was using it. Now most people just use their cellular data, so there is usually enough bandwidth available if you actually need it.) and that also uses some cellular connection the bus company undoubtedly pays a pretty penny for.
Lucky you. I’d be more careful with most, might be most where you’ve been but not most in Europe. Think outside of capital cities those are not representative.
Great hack spirit! :-)
Cool hack!! Too bad so many sites have become data intensive, sites were built more data conscious when speed was expensive. text only works… University thinks they need a 10mb landing photo on the homepage…
is that a 10 millibyte photo? They must have a fantastic compression algorithm!
yeah, super fast even over dialup, not sure what all the fuss about high speed is..
That would be 10 millibit actually
Editor’s note: There was a missing part of a sentence and it was tweaked to make more sense grammatically.
Hey Matthew, thanks a lot for the article, it made my day :)
Very clever work, could be very valuable for defeating censorship in all manner of evil regimes too. Although only for evil regimes that haven’t blocked whatsap traffic. Maybe there could be an encrypted protocol more innocuous looking than whatsapp over which to send traffic?
Cool story! Years ago, I’ve done something different, but similar. Used a DSL router’s VOIP connection for a dial-up connection through an ISP that didn’t ask for a contract/monthly fee. I did that because a Macintosh needed an update from Apple website. Otherwise, upgrading the OS wasn’t possible. The 56k modem was the only connection to the outer world. USB pen drives weren’t properly recognized in the state it was, the OS was just too old (v8). But even if they were, the OS required to know the application type. A file extension wasn’t enough. The browsers on PC weren’t able to retrieve the application type via MIME and then create an entry in resource fork. So the only solution in reach was to let the computer/its web browser download the file itself properly from the internet. It worked.
I hate this. Every time I have an idea, it ends up on hackaday within 3 months. Really cool project!
Well then have an idea about practical fusion power stations.
It’ll always be 3 months away
In the 50s and 60s, they thought fusion reactors would be linear, before the tokomak craze. However, considering how many things have advanced, the problems of the linear solution may now be more soluble than those of the tokomak. But they’re probably into too many Gigadollars of financial inertia and sunk cost fallacy on those to turn around even if it’s true.
At some point I used the apn of the multimedia messages for the internet and it worked for a long time at a low speed too but for free
Reminds me of something similar I did when I was younger. O2 network in the UK. If I recall, simply changing the APN to literally anything else seemingly bypassed the billing system. Of course this wasn’t as big a deal back when WAP and GPRS was all that mobile internet had to offer, but it was fun.
Something, something, net neutrality.
Reminds me of before smartphone when you could text Google to get an answer to a question or search result.
Around 2016 I was on a transatlantic Lufthansa flight. Onboard WiFi offered local stuff only apart from one peculiar service — sending a Lufthansa postcard to your friends on Facebook, if I recall correctly. They actually opened access to some mobile version of Facebook Chat and/or Messenger on a non-standard URL, so by simply removing the path part of the URL, one could communicate with the outside world for free, yay!
Some mobile carriers in Thailand allow that basic Facebook (no pictures, no voice or video calls), when your data package runs out.
Axiata group ?
Am I only one disappointed with the lack of actual dial-up internet here?
I was expecting something like: https://youtu.be/SpjWLUaosj4
I feel that pain yet do not think anyone seriosly misses the actual sounds of data-in-voice encapsulation. The principle is the same though as with many V. protocols are portable to other media apart from voice. Thus the dial-up reference in the heading.
Dial-up here is far stretched. I was also expecting some wizardry with a Whatsapp voice calls / messages ;). BTW There is no problem with modem speeds like 33.3k or more over VOIP. Look no further:
https://dogemicrosystems.ca/wiki/Dial_up_server
https://dogemicrosystems.ca/wiki/Dial-up_pool
https://shadowram.co.uk/dokuwiki/dialup56k
Dumb question. What’s a WebSocket again? I’m having one of those days where I CRST (Can’t remember [expletive removed] today.
Google twas not much help.
https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API
they let you keep an open connection to a server, removing the need to start a new one every time, or do hacky things like long-polling when waiting for an answer.
I wish providers would just sharply limit speed rather than making us resort to tricks. Provide 56k speeds, for example, for free and charge for higher speed data. Then sending an email or even an ssh connection would work without hacks but people wouldn’t be streaming Netflix.
IMNSHO providers should provide unlimited data at dialup or ISDN speeds – 56kbs maybe up to 256kbs.
A second tier would offer full web access that supports pictures with reasonable download times but is too slow for streaming video. 1mbs to 2.5mbs sounds about right.
The highest tier would be fast enough for streaming video, including two way streams like Zoom meetings. 10mbs and up sounds right. I usually budget about 5mbs for every video stream.
The higher tiers could be limited. Uses could purchase buckets of data at those tiers. Some config would allow certain packets based off source/destination and time of day, for example, to go against certain buckets of data. Netflix and YouTube traffic goes against the highest speed data bucket. Facebook goes against the middle tier. Messaging apps go against the lowest tier. Overnight everything goes against the lowest tier so your app updates don’t suck up paid data.
I once wanted to use the virtual serial connection of a leased server to handle constant DB replication traffic, so as to reduce the official transfer usage.
Gave up on that in the end as it became clear it would be 3Mbit even with TLS compression, too much for serial. Eventually we got a server with triple the transfer allocation, so it wasn’t such a pressing concern. It could still be useful as a kind of backend channel, though.
I have been using this service that works via whatsapp and it keeps me busy and entertained while in the flight – ai buddy for whatsapp