Skip to Content
Uncategorized

How Carriers Hamstring Your Smart Phone

“Middlebox” study reveals slow downloads, battery drains, and security flaws.

A team at the University of Michigan and Microsoft Research has uncovered, for the first time, the frequently suboptimal network practices of more than 100 cellular carriers.

By recruiting almost 400 volunteers to run an app on their phones that probes a carrier’s networks, the team discovered, for example, that one of the four major U.S. carriers is slowing its network performance by up to 50 percent. They also found carrier policies that drained users’ phone batteries at an accelerated rate, and security vulnerabilities that could leave devices open to complete takeover by hackers.

For decades, researchers have studied “middleboxes”—the network hardware that Internet service providers (ISPs) use to ferry packets of data from one endpoint to another. But the current work, by Zhaoguang Wang of the University of Michigan and colleagues, titled An Untold Story of Middleboxes in Cellular Networks, is the first significant attempt to apply this kind of research to cellular networks worldwide.

To gather data on so many networks, the researchers released their testing tool, NetPiculet, on the Android app marketplace. Volunteers downloaded the app, which ran a series of tests and sent the results back to the engineers who created it. It’s not the first time researchers have relied on everyday users to help gather data, but it’s one of the most elaborate testing suites ever used in an experiment of this kind. “We released NetPiculet on the Android Market in January 2011 and attracted 393 unique mobile users within merely two weeks,” says Z. Morley Mao, one of the University of Michigan researchers who participated in the work.

One of the first things the researchers discovered was the apparent handicap on network speed imposed by a major U.S. carrier. (For legal reasons, the team anonymized its data.) Surprisingly, packets of data sent across this network are buffered by the carrier itself. This means that when a packet of data fails to make it to its destination—a common occurrence on noisy wireless networks—it cannot be instantly retransmitted, as it would normally be on the Internet. Instead, the sending device must wait a long time—on the order of seconds—for a time-out to alert it to the failure.

On a one-megabyte download, this slows transmission rates by up to 50 percent, the researchers report. The team suspects that the carrier is doing this buffering so it can perform deep packet inspection on the data sent through its network, says Microsoft Research engineer Ming Zhang, who contributed to the paper. This would mean that the carrier is actually reconstructing the data it transmits, possibly for examination for malicious code. Zhang cautions, however, that the team found no direct evidence that the carrier is doing this inspection; it’s merely the most logical explanation.

Other carriers, all of them outside the U.S., proved to have significant security vulnerabilities in their networks. The most insecure network allowed “IP spoofing,” in which an attacker disguises his own device’s network address as the address of another device. This allows the attacker to both send illicit data to a user’s mobile device and to download data under that IP address.

A second, less severe vulnerability on some networks allows malicious websites to entrap users. Normally, a user can simply close a browser that appears to have landed on a piece of malware, but in some networks a time lag between when a TCP connection is closed on a device (instantly) and on the network (a delay of 20 to 30 seconds) could allow an attacker to keep that connection open indefinitely. This could enable battery-draining attacks in which, for example, a hacker continually streams data to a device.

Eleven of the carriers tested had implemented policies that could drain the batteries of a user’s phone up to 10 percent faster than usual. Many devices must keep TCP (network) connections open for long periods of time to make e-mail and other “push notifications” work. Mobile ISPs that time out these connections too quickly—say, every 10 minutes versus every half-hour—force devices to power up their radios more often, to reestablish a connection.

Ratul Mahajan, a Microsoft Research researcher who was not involved with the paper, contends that this network behavior might be deliberate. Long time-outs, although good for phone batteries, can exhaust the network address translation table that a network middlebox uses to keep all those connections active, he says.

Hossein Falaki, a doctoral student at UCLA, says some of the findings in the paper are probably going to be new even to cellular carriers. This could result in carriers changing their network policies, and the implications of such changes aren’t always clear until they have been tested in the wild.

Keep Reading

Most Popular

Workers disinfect the street outside Shijiazhuang Railway Station
Workers disinfect the street outside Shijiazhuang Railway Station

Why China is still obsessed with disinfecting everything

Most public health bodies dealing with covid have long since moved on from the idea of surface transmission. China’s didn’t—and that helps it control the narrative about the disease’s origins and danger.

individual aging affects covid outcomes concept
individual aging affects covid outcomes concept

Anti-aging drugs are being tested as a way to treat covid

Drugs that rejuvenate our immune systems and make us biologically younger could help protect us from the disease’s worst effects.

Europe's AI Act concept
Europe's AI Act concept

A quick guide to the most important AI law you’ve never heard of

The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.