I believe that anyone with the right information can cost a user on the Virgin Mobile cellular network around $575 an hour in excess usage charges. The unlucky user might not find out that this is happening for up to two days. That's almost $28000 in possible excess usage. This can be done using general purpose tools, available to anyone with a computer.
Although I have investigated this for Virgin, a similar statement is probably also true for Optus and may also be true for other mobile carriers in Australia.
The reason is a combination of the carrier's pricing policies, and the open nature of the internet.
$2097 worth of internet access for just $15 a month
I've been using my iPhone "tethered" for internet access. I'm waiting until ADSL2+ gets installed at our new flat, and I decided to use my Virgin Mobile "1 Gigabyte" data plan tethered to my computer.
1Gb of data with Virgin Mobile costs $15 a month. If you were to use 2Gb in a month, it will cost you $2097. That's right: the second gigabyte costs 140 times more than the first. The delay between using that data and finding out can be up to two days.
Virgin isn't at all alone in this, although their excess charges are the most expensive I could find. Here's a summary of some common carriers and sample data plans:
Carrier Data Plan Cost Allowance Excess Cost, 2x allowance Ratio Virgin Mobile $15/mo 1Gb $2.04 per Mb(^1^) $2097 140:1 Optus $19.99/mo 1Gb $0.35 / $0.50 per Mb^2^ $358 / $512 18:1 / 26:1 Three $20/mo 2Gb $0.10 per Mb $205 10:1 Vodafone $4.95/mo^3^ 200Mb $0.12 per Mb $24 4.8:1 Telstra $59/mo 1Gb $0.25 per Mb $256 4.4:1
^1^ On the Virgin Mobile web site this is written as 0.2c/kb, which sounds a lot smaller than the others but is actually substantially higher.
^2^ The excess rate is higher if you're a month-by-month customer instead of on a contract.
^3^ One year contract. Vodafone have larger data allowances built into some of their call plans. Same excess usage charge.
If you read online forums like whirlpool, you can find dozens of people reporting massive bills on various carriers, up to the thousands of dollars. In some cases, people claim that they cannot identify the cause of the excess data usage.
The Internet does not care about excess usage
Because of the nature of the internet, a third party can rack up thousands of dollars in charges on my phone. Right now.
If you're on a Virgin Mobile connection, you have a publicly accessible IP address on the internet. The same is probably true for Optus, as they share a network. By itself, this is a good thing. It enables full access to the internet. However, it also makes it very easy for people to send you unwanted data.
For instance, the command:
$ sudo ping -i0.01 -s 1024 -c 1000 114.72.XX.XX ... -- ping statistics --- 1000 packets transmitted, 431 received, 56% packet loss, time 11093ms rtt min/avg/max/mdev = 978.635/1369.705/2952.025/440.547 ms, pipe 288
(Translated, this means: Send 1000 "Are you there?" echo requests to the internet address of my phone. Send them 100 times a second, and attach 1 kilobyte of data to each request. Ask the other end to send the data back, to prove they got it OK.)
This caused at least 868kb (probably more) worth of data to be charged to my 3G iPhone, in 11 seconds. This was on a fairly poor link (2 bars out of 5.)
868kb is $1.74 in Virgin Mobile excess charges. Charged to me, remotely, without needing my knowledge or consent. Keep doing it repeatedly, and it adds up. You can burn an entire 1Gb quota in less than four hours. From then on it's around $575 for every hour you keep it running. Thanks to Virgin Mobile's monitoring policy, it could be two days before anyone even notices. By then, it could be pushing $28000.
The problem isn't the 'ping' command. There are dozens of other ways to send unsolicited data to an IP address: UDP packets, TCP SYN requests, not to mention any open ports on your smartphone that will actually receive data.
This kind of data usage can easily happen by accident. For instance, mistakes with tearing down data streams can easily happen. If a server keeps streaming data to you incorrectly, you'll still pay.
The real problem is Virgin Mobile's data charges. While they would be sensible with dial-up in 1996, they are excessive in 2010.
Virgin Mobile has some other practices which can make it easy for excess usage charges to rack up.
0.2c/kb can be a confusing term for non-technical people. No other Australian mobile carrier that I could find lists their excess data rate by the kilobyte.
Virgin Mobile's advertising material explains that 1Gb a month is good "for those who always use the web". I could not find an explanation of how 0.2c/kb compares to this quota, or an explanation of how "always using the web" too much could cost hundreds of dollars. My Mum understands "for those who always use the web." She does not understand 0.2c/kb.
Virgin Mobiles' broadband usage meter "may not include last 2 days usage [sic]". With 3G download rates, you could blow an entire quota in a few short hours. So you never know exactly where you stand.
Virgin Mobile's monitoring page also contains the following usage graph:
In the above graph, the download quota is exhausted one third of the way across. So it could also be shown like this, although it isn't:
It also shows up to a theoretical 2.6Gb of downloads. Here is the same graph, with my modifications showing what it would actually cost to download all that data:
That's $3,292 on the far right.
Virgin has a per-customer credit limit. On a current $50 plan it would be $600 . Phone access will be cut off if the customer exceeds their limit, for their own protection.
However, because of the two day delay, tens of thousands of dollars in usage can be accrued before the credit limit even kicks in. Users posting on Whirlpool suggest that, in this case, the credit limit is not the limit of a customer's liability.
What could be done?
I have some suggestions, that would mitigate this problem.
Limit the ratio of excess charges. 140:1 seems unjustifiable to me. If necessary, the ACMA should regulate that excess charges cannot exceed 10x the base charge rate for the same service.
Better monitoring. Most ISPs have their usage meter update in a matter of hours. I would like to see a reasoned, technically informed, explanation of why a usage meter must take two days to update.
Better alerts. Internode notify me if I have used 70% of my monthly usage quota, and again if I have used 95%. I see no reason why mobile carriers should not be able to do the same.
Capped data plans. Excess usage charges were the norm for Australian ISPs in the 1990s. To compete, innovative ISPs offered "unlimited" data plans, which shaped you when you exceeded your quota. Those are now the norm. I think a mobile carrier that introduced a similar policy, even if the base data allowance was substantially less than 1Gb, could that find it was a "game changer" in the Australian market.
Ironically, Virgin already do this with their mobile broadband plan, which offers 4Gb of capped data and unlimited phone calls, over the 3G network from home, for just $80 a month.
What can I do?
If you're concerned about this situation, or have been affected by it, you can contact Virgin Mobile directly. If that doesn't get you anywhere, file a complaint online with the TIO (Telecommunications Industry Ombudsman.)