T-Mobile snafu inspires email interception claims

The operator comes in for some stick after an upgrade error leads to email over 3G being blocked.

T-Mobile

A T-Mobile gaffe has led to claims the company was intercepting customers' secure email correspondence.

Customers had complained of not being able to send TLS-secured SMTP email over T-Mobile 3G.

One user noted in a forum in November that when connected to Wi-Fi, emails were sent instantaneously. Despite T-Mobile support teams attempting to solve the issue, the affected user continued having issues.

Advertisement - Article continues below

We have worked with our supplier to fix this issue and it has now been resolved.

T-Mobile has revealed a botched firmware upgrade was to blame.

"We would like to reassure our customers that we do not use our network to access the content of their emails nor are we doing anything that would jeopardise their data security," a T-Mobile spokesperson said.

"Following a firmware upgrade we were made aware of a fault by a small number of our customers in December. This fault was mistakenly preventing certain SMTP traffic. We have worked with our supplier to fix this issue and it has now been resolved. A small number of customers will have been affected by this error and we apologise for any inconvenience caused to them."

A T-Mobile spokesperson said the firmware upgrade took place in September.

Advertisement
Advertisement - Article continues below

T-Mobile blocks certain traffic, such as spam and blacklisted websites typically coming through unauthenticated SMTP. The vendor claimed it was attempting to continue blocking such traffic.

Advertisement - Article continues below

Nevertheless, the mistake was not fixed for between three to four months.

VPN issues?

Web developer and security researcher Mike Cardwell complained about the SMTP traffic blocking earlier this month, but also claimed he was unable to access his VPN via his phone.

"With the new SIM, no matter which port I configure OpenVPN on, the RST [reset] packets appear. IMAP over SSL on port 993 works fine, but if I switch that off and configure OpenVPN to listen on port 993, it is blocked," Cardwell said in a blog post.

"So the blocks aren't even port based. They've got some really low level deep packet inspection technology going on here."

However, T-Mobile said it had not seen any issues with VPN access.

"The majority of our customers are able to access VPN's providing the proposition they have bought has been set up in this way," the spokesperson added.

"Customers requiring VPN access can check with us before making a purchase, all details will also be included in the terms and conditions."

All customers who breach the fair use policy will be blocked for VPN usage, T-Mobile said.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020
Visit/policy-legislation/data-protection/355835/nhs-yet-to-understand-the-risks-of-holding-test-and-trace
data protection

NHS yet to understand risks of holding Test and Trace data for 20 years

29 May 2020