Originally Posted by
G0ULI
ExGrunt
How would the service provider know when data is encrypted end to end by many phone systems?
1. By seeing the differing originating IP addresses of packets from the two different devices
2. By inspecting the originating MAC addresses (which will be different)
3. By observing that the TTL ("time to live") values of packets apparently from the same device differ by one or two, indicating an additional downstream TCP/IP transaction has taken place
4. By being told that the device is teathering by the device itself (depends on device - some do and some don't; some actually ask permission before they do)
5. By other methods which they don't generally talk about top make spoofing them harder.
Be advised that whilst the data within the packets are "encrypted end-to-end" the packets are just TCP/IP packets.
PDR