Another interesting smartphone application - tethering!

[The Gorn]

I found that if I run a free application called "PdaNet", I can connect the USB cord that came with the phone to a laptop and I can tether the laptop over the USB.

This means I can use my laptop even where there is no wi-fi, as long as the phone sees a usable 3G (internet carrier) signal. So I can use the laptop remotely tethered, with no available internet connection, as a backup option.

Most cell carriers sell "wireless hot spots" that pick up a 3G signal and also allow laptops and other PCs with wi-fi to connect to the hot spot (the hot spot is a router+modem of sorts as far as the laptop is concerned.) But those are "unitaskers", single use devices, and the data plan is only for the hot spot, not for voice also. For a heavy user in the field, this would be worthwhile. For me, it makes no sense to invest in a data plan and a device for wifi only.

The speed and latency is pretty decent. The 3G downstream speed I get is about 0.84 MB/sec, or 840 KBPS. This is about 1.5x what a service like ISDN provides.

Supposedly you can get your plan canceled by doing this abusively but I only need it very occasionally. At these data rates I am surely not going to download DVD torrents.

FYI.

[Richardk]

Wow. That's on your Virgin mobile phone? Maybe I need to upgrade my phone?

You're right about the abuse part with a laptop but a droid based phone can connect to something like netflix, right? So is streaming video to your phone considered abuse? I doubt it, so short of running a torrent, why is tethering so frowned upon by some carriers?

On a tangent, how are employers dealing with these phones? For years, employers blocked and / or tracked all network traffic for non-work activity. Now employees don't even need the employer's network. This is nice for consultants to check company email, reference online manuals, or even this forum but what if employees are playing games all day or watching movies? I wonder how they deal with that?

Or the policy of "can't put anything on our equipment", so you load up your device with PDF's, docs, etc and used that as your reference manual. I did that over 10 years ago with a PDA. I wonder what people do now?

Or lastly, one consultant put everything on his private website. Once again, he needed 'special permission' to get out but once out, he ran it like a proxy and had access to the rest of the Internet. I guess with a droid phone today, all that is history unless they stop allowing cell phones in work places.

[The Gorn]

This is not an officially sanctioned Virgin Mobile capability. No cell carrier wants any customer to do what I am doing unless the contract specifically authorizes it. They would much rather I buy a dedicated device and a data plan separately.

PCs in the workplace are still very locked down. For this I had to do a USB connection, and arbitrary USB peripherals can be locked out by admin policy. There are really no outs to this - if your Android device supports its own hot spot (that is actually possible with my phone but I would have to "root" it which risks bricking it so I'm not interested in that) then wi-fi probably also falls under most corporate governance.

So the "most" someone could do with this in a corporate environment is tether their own laptop. But they have no way to exchange that data with their corporate network.

PS: I don't own stock in Virgin or anything but the basic plan is 300 "anytime" minutes (you don't get nighttime or weekend free minutes) plus "unlimited" internet, for $35/mo. Even without the internet it's not a bad plan. With the internet it's outstanding.

[Richardk]

Yes, I think it's a good deal too.

OK, it's not sanctioned but people tether and like you said, if it's "lightly" used, would they notice or complain?

I guess my thought was using the phone as a standalone device or in the "consultant role", tethered to a laptop that you carried in. Or what's that phone that uses a 'dumb' notebook as a docking station? The point was, you no longer need the corporate network to 'get out'.

So the "most" someone could do with this in a corporate environment is tether their own laptop. But they have no way to exchange that data with their corporate network.

So maybe this is the key? If the two are kept separate then the risk is minimal and no one really cares.
 

[The Gorn]

^ That is how corporate IT security procedures are designed. They eliminate as many known "vectors" of "contamination" as possible. USB thumb drives, wi-fi, network connections, downloading attachments from unknown web sites, bla bla bla.

[Walter Mitty]

^ That is how corporate IT security procedures are designed. They eliminate as many known "vectors" of "contamination" as possible. USB thumb drives, wi-fi, network connections, downloading attachments from unknown web sites, bla bla bla.

First off, a dsiclaimer.  I don't know beans about corporate security.  I know a fair amount about restricting access to data in a database, even after an authenticated user has signed onto the database.  But that's only one layer.

But judging from the number of security holes that have been left in general purpose machines, like the IBM PC over thirty years,  I'm going to say that there's something systemically wrong with the way the industy treats information security. 

There are two kinds of security holes.  The first is an implementation with unintended consequences, where the unintended consequences permit subversion of the rules.  This like buffer overruns make me think of that.

The second kind is more diffcult to describe.  It's the design of an overarching system that fails to distinguish between benign and malicious operation.  Is the patching of the operating system on my PC benign or malicious?  It depends.  What would I think of a PC that is just like mine, but where MS couldn't download patches?  Sooner or later, I would regret that its flaws remain permanent until I do something about it.  But that capability opens a hole for malice that is different in kind from the first kind.