back to article Windows 7 Phone glitch spews phantom data

Microsoft is investigating reports that smartphones running its Windows Phone 7 operating system are transmitting huge chunks of data over 3G networks that cause subscribers to exceed their monthly allotments. The phantom data can be as much as 50 MB and is often consumed at the same time on consecutive days, according to one …


This topic is closed for new posts.
  1. dssf

    Would be nice to know whether Android is doing the same thing...

    This is where an outbound data logger would be very handy. We have the RIGHT t oknow whether a miscreant or an ISP is pulling data off our handsets. We need to know and have the RIGHT to know real-time when large amounts or discrete/discreet movement of data that no external collector has any right to know is occurring. Unfortunately, that means the law enforcement community will b*tch about it. They'll use excuses that it would make it possible for a person of interest to know that their data is being pilfer... umm, lifted.

    Secondly, we need and have the right to a microsoft/google-created and god-like firewall and packet sniffer as well, not to SNOOP external sites, but to write to a data card or external device via cable or wirelessly over a meter or two the logs of data matching the footprint or fingerprint of our onboard data. If data is encrypted before transmission, we need phone behavior rules that command the phone to shut down if we are reasonably sure that that data movement was not instructed by own individual actions. If fingerprinted, non-caption onboard textual data is moving at the same time we upload pictures then we need to know that. If textual or other non-website data on our phones has been converted for external masking purposes to deny us an educated forensics capability, then we need to know that.

    Failing that, we need blackhats and whitehats who will provide trojans that are timebombs on our phones to make life hell for those who pillage our phones. Give them something to think about. We wouldn't TRANSMIT by our OWN control these virii and trojans, but just make them available to be collected along wth the data that might be stolen from our devices.

    What say ye?

    1. Charles Manning

      Nothing like as much

      I run an Android phone using a 10Mbyte/day data cap. The only time I exceed this is when I get over the air OS updates or make very heavy usage. ie. legit transfers.

      I think there's also an Android app that can give you a graph showing network usage over the last hours/days/whatever.

      1. lambchops

        Network graph app

        Yeah there's an app called Tokaplot on Android which shows a graph of data sent and recieved.

      2. bluesxman

        3G Watchdog for Android

        Will keep an eye on your data usage for you and warn when you reach a defined threshold (and even claims to auto-disable data, if the appropriate 3rd party apps are installed).

        In the tradition of the BBC: other data usage monitoring apps are available.

      3. Fred 24

        3g watchdog

        Is the free app for android to monitor data transfer amounts.

        My zte racer is on payg with 3, so the monthly internet add-on is £5 for 2 gig.

        Ive never seen 'random' data useage.

        Ive suspect ms will come up with a fix to stop those thongs from spying- sorry- send customer data back to them.

        There couldn't possible be any value in all that audio data as market research now could there?....

        1. ukbabz
          Thumb Up

          Data usage

          I use an app called PhoneUsage to monitor my daily usages, and provides some nice graphs. It has a free and a paid for version. The free version just gives the numbers, I believe the paid lets you put caps and alarms for when your going over (including minutes and SMS).

    2. Anonymous Coward

      Self root - Genius!

      Have it call you every week or so or e-mail you its current phone number and GPS location.

      Where can I buy one?

    3. Anonymous Coward


      If you want that, then you need open source

    4. David Simpson 1

      Tinfoil hats at the ready.

      What's really funny is you have obviously never used Android. Off the top of my head I can think of three apps that can measure data usage, Stats, Net Counter and Net Sentry and guess what there is no huge data uploads happening on Android. The problem in the article is a bug not a conspiracy theory.

      If you still think Google is trying to steal your soul then have a look over the Android source code. Something you might have trouble managing with Windows Phone 7 or iOS.

      1. dssf

        Obviously never used Android...

        If you're replying to me, then that's rather bold a statement to make considering you know not what phone I use. I'm on my second Android phone (HTC EVO 4G; my first was the Samsung Moment).

        I don't like having to install a 3rd party tool and playing "whack-a-mole" to kill crap like Nascar, NFL, and a few other things we users are not allowed to delete. Somewhere in that machine of the provider, it was deemed we must be made to face branding. I realize the phones are heavily subsidized, but, hey, if they want subscribers, there must be inducements.

        I don't think Google is trying to "steal" my soul. Hell, most of my private life FLOWS through Google to and from friends, so, once again, if you're replying to me, you know not what you say.

        As for others posting for or against me, and particularly to those who felt it necessary to shoot me down to -14 on this post... Why? Are some of you beholden to hackers/crackers, or to law enforcement, or to marketing teams, or all of those? Why cannot a user know WHAT information is snatched off his or her phone. It doesn't matter to me WHO is taking it. If i didn't command it nor give explicit, case-by-case permission, then any lifting of MY data from my phone is tantamount to theft. Plain and simple. I don't push a button and broadcast it. If your data is lifted, then aggregated, and stuffed into some databank you never knew existed, and it isn't between you, your contact, and your respective service providers, then why would you accept that some miscreant is sleuthing out data between routers and switches?

    5. SilverWave

      Android doesn't have this issue.


    6. It wasnt me
      Thumb Down


      1>. You're paranoid. If they (whoever 'they' might be) were snooping Im not sure they would be as un-subtle as to download 50 odd meg every day.

      2>. Its a bug. MS as good as admitted it.

      3>. You can't spell the plural of 'virus'.

      Are you a troll ?

    7. Anonymous Coward
      Big Brother

      Put the crack-pipe down...

      Step away from the computer.

    8. Ian K

      The "right" to...

      I do not think that word means what you think it means.

      Try "want".

    9. Vic

      It isn't.

      > This is where an outbound data logger would be very handy.

      Well, I'm only watching WiFi traffic, as the Android I've got doesn't have 3G.

      But the tool you're looking for is called "wireshark". I run it on my router box. And the Android unit isn't sending gobs of inexplicable data - just the SIP packets I've told it to send...

      > We have the RIGHT t oknow whether a miscreant or an ISP is pulling data off our handsets

      If the handset has been trojanned to the extent that it is snooping on you, any tool running on that same box must be considered compromised.

      > we need and have the right to a microsoft/google-created and god-like

      > firewall and packet sniffer as well

      $deity, no. If you want a packet sniffer, go and get one with a good reputation - Wireshark is my tool of choice. There is no way I would want such a tool written by either of the two companies most likely to snoop on me anyway...

      > Failing that, we need blackhats and whitehats who will provide trojans

      > that are timebombs on our phones to make life hell for those who pillage our phones.

      Nope. We do not want trojans, no matter who writes them.

      But running "ssh -R" on a regular basis with a suitable key-based login might be a good plan.


  2. Big-nosed Pengie
    Gates Halo


    A Windows system doing unexpected nasty things? Surely not!

    <-- Irony.

    1. Anonymous Coward
      Anonymous Coward


      Of course it does.

      And stop bloody calling me Shirley!

    2. Anonymous Coward

      RE: Really?

      Come off it. We all know that MS software is totally secure and bug free...

  3. Henry Wertz 1 Gold badge

    By design...

    @dssf, no problem. Run tcpdump on the phone, and then use wireshark on your desktop to analyze the dump to your heart's content.

    Anyway, I'm guessing this behavior is by design. What is the phone transmitting? Damned if I know. But, my guess is..

    The phone was probably designed with the assumption of non-restrictive data plans. Recall that Microsoft tends to be US-Centric. AT&T's pathetic $15 for 200MB and $25 for 2GB data plans are recent, they had $30 for unlimited phone data before that. Verizon has $30 for unlimited phone data. Sprint has unlimited data plans. T-Mobile's usual plan throttles at 1GB, but you'll never get some unexpected bill. Locally, IWireless has unlimited EVERYTHING (voice, text/picture, and data) for $50, and MetroPCS or Cricket or the like (if they have it in your area, I don't) are usually $40-50 for everything too. Verizon has almost 100% of their network upgraded to 3G (and is starting 4G rollouts). AT&T has like 30% or so upgraded, but a fairly high percentage of population, and Sprint and T-Mobile have pretty good percentage of population covered with 3G too (T-Mo is pretending they have 4G, but they're just calling 21mbps HSPA+ 4G even though it's not.)

    Consequently, my guess is the phone is actually sending like 100KB of data (maybe backing up contacts or the like?) but is using some horribly inefficent XML encoding over TCP (perhaps as a bonus, encoding binary data using the Base64-style encoding XML can use for this type of thing) instead of just opening up a TCP port and letting 'er rip, or at least gzip'ing the horrible XML to shrink it down a bunch.

    1. dssf


      @HW1: Thanks. I've heard of it and others. I try to avoid the high-grade tools since i want to not be in the potential crosshairs of those watching those who download powerful, multi-use tools. I do run Etherape and Firestarter on my lappy. I did in past years occasionally dabble with tools similar to wireshark, but only to try to figure out why the hell my laptop would bog down and act as if it was reporting to some remote site. Spurious things like that send me into a rage, suspecting that someones d*cking around with my machine but being powerless to find out who, and what they're taking, and having no resources nor any clout to get real-time, genuine help. So, my response is to just minimize my surfing, and yanking the wire and the card. Not that I'm PARANOID. More that I'm ANGRY about it. So, it makes me want the digital version of itching powder or digital bedbugs to screw with the fracks who screw with or poke around live or with bots into my computer. Not suggesting boobytraps like booby-trapping a home's door or windows, but the digital bedbugs should be legal...

      I suppose that part of the problem with my strenuous demand for knowing *what* is being looked at or lifted from our phones is that if the handphone is "part phone/part-packet-sniffer/part-data-logger", then the hardware specs will have to go up a few notches. Suddenly, too, anyone could in theory be a few tutorials away from severe misbehaving. In acknowledgement of that, I figure my demand should be met with restrictions on how the phone then transceives its reports, meaning, not over the air, since anyone could become victimized.

      I'd like to respond to more, but i'm bogged down in work and it's draining me too much to think more clearly about what I want to say here.

    2. Handle this!


      Being a windows phone, it might be patching itself...

  4. C 2

    LOL more MS antics

    As anyone may know MS stands for "Maybe Someday"; as in Maybe Someday they will stop screwing the pooch.

    MS has *never* gotten anything right and they are far to arrogant to admit or even realize they've ever screwed up. The only ones who don't know this are MS and the people who believe their 'marketing spin'.

    1. Anonymous Coward
      Anonymous Coward

      re: MS has *never* gotten anything right

      Presumably you're referring to their software products and business ethics - profits don't seem to have been a problem in the past.

    2. Anonymous Coward
      Anonymous Coward

      How many MS bashers does it take to change a light bulb

      They can't.

      They are too busy gloating that you should have used open source light bulbs that wouldn't cost anything to repair yourself and that the light wouldn't have gone off in the first place with their operating system.

      1. Anonymous Coward

        How many MS Developers does it take to change a lightbulb?

        None; they simply declare darkness to be the industry standard.

        How many Apple developers?

        None. But you can buy the latest iBulb, which is reassuringly overpriced, 30% thinner, 75% more gorgeous and works 150% better than the old iBulb (just don't hold it wrong...)

  5. jeffo

    Phone Home

    We know Microsoft systems love to phone home, so why's this a surprise?

  6. wsm

    MS phones home?

    When has their software done anything else? Now they are charging their users data plan for the privilege.

  7. JaitcH

    At least Microsoft responded. Perhaps these mystery transmissions are App makers ...

    back-channel communications that enable them to sell data and provide appropriate advertising.

    Or is it a 'cloud' back service?

    1. BorkedAgain


      Somehow you managed to work some Cloud-FUD into this story. Well done you!

  8. Robert A. Rosenberg

    Could it be billing data uploads?

    I seem to remember this issue coming up a few weeks ago and it being determined that it was the handset phoning home to tell the cell company what usage it had had in the past day. IOW: It collected the billing data and bust transmitted it once a day. This explanation would seem to fit the situation where after the phone was disconnected for a period of time, the next transmission was a large file (ie: Multiple days of [non]-usage).

  9. Richard 31
    Paris Hilton

    They are out to get us!

    Rather then go all conspiracy theory. Why not collect some evidence? Drop the phone onto WIFI data only and capture it off your own LAN. You could at least have a look at the data and see what is what.

    My guess would be some sort of debugging not turned off, or a spectacular piece of rootkitting.

  10. Anonymous Coward
    Anonymous Coward

    “One has to wonder when/if this trend is going to level out,”


    Haven't you ever used Windows? It makes your internet connection dance like a fucking hummingbird even if you turn off Windows updates and leave the machine idle.

  11. Lars Silver badge
    Gates Halo

    It's a plot

    Surely It's a plot, between Microsoft and AT&T to produce "automatic money", sending lots of data, automatically, to AT&T, that the customer has to pay for.

    MS will then have some of that money.

    Of course, it could also relate to the "phone home" religion of MS so that large chunks of data is sent home to confirm the OS is safe, secure, original and not pirated and that the mental state of the user and his use of the phone is acceptable.

    (to be honest this one is more Apple like), but then again, perhaps MS is learning.

    Of course it could also be a feature (a bug), or two.

  12. unicoletti

    Android has Netcounter

    Android has this great free utility called NetCounter that will count all traffic (both wireless and 2/3g) AND can be configured to alert you when a threshold has been exceeded.

    So glad I'm not running and Windowsware anymore!

  13. SilverWave

    Does it matter with the extremely low number of users?

    I mean you could just take it back and ask for a real smartphone that works...

  14. Anonymous Coward
    Anonymous Coward

    What's the betting

    it turns out to be Norton anti-virus or somesuch auto-updates?

    (repeatedly downloading owing to mobile-network proxies mangling the files)

  15. Pascal Monett Silver badge

    400MB of data ?

    From a bloody smartphone ? Where do they get all that data in the first place ?

    1. dssf

      400MB of data ?

      What if the phone is in some sharing mode? It might be being blitzed by random in-range phones that see it as a hotspot -- if that feature is on.

  16. adnim


    or undocumented feature implemented at the request of the telco's?

    On a serious note I don't trust Windows on a desktop where I can access all the files and install third party firewalls and packet sniffers; I was using computers before the OS and applications wanted Internet access every time they were launched.

    A locked down Windows device on which I can only do what MS allow me to do? I wouldn't have one if I was paid to use it.

  17. Anonymous Coward


    It was rushed out feature incomplete and now we see that it has all the robustness of alpha software.

    1. Anonymous Coward
      Anonymous Coward

      re: It was rushed out

      Standard practice, surely? Let the user pay to do the testing, give him lots of updates and make him feel grateful when you eventually deliver a product that does what it should have done in the first place, shortly before ending support and forcing an upgrade.

  18. swanny78
    IT Angle

    or maybe

    The effected muppet have downloaded some app that works under a locked screen and its raping their usage....."tell me every time my so called 500+ plus friends on facebook take a breath"

    1. Anonymous Coward
      Anonymous Coward

      It's likely...

      I'd say you've probably hit the nail on the head... I've got a windows 7 phone and I don't see this happening to me (I know that me <> everyone) however, my partner has a Samsung Galaxy Android phone and when she first got it, it was using about 4-5MB an hour according to a bandwidth tool that I got her to install. We traced the culprit to a google calendar app which, when we stopped it polling the net every few seconds, took the bandwidth useage down to a fair amount.

  19. Anonymous Coward

    A feature?

    Maybe its the option in settings->feedback on WP7 devices to "Send Feedback to help improve Windows Phone"? It does give the option of using the mobile data connection to send feedback.

    Its still rather a lot of data, but who knows what the users have installed. I'm using 4mb per day on mine which includes a bit of surfing. Incidentally i have the Send Feedback option enabled.

  20. Jacqui


    I have a winxp-pro box that tries to download/upload nightly (actually 3 hours after boot) via the helpsvc process. AV scans say the system is not infected - now helpsvc is just locked form net access and it goes haywire :-(


  21. kb9aln

    I'm betting...

    that it's something so non-nefarious as forgotten debugging code. Sloppy, yes. High-tech skullduggery? Probably not.

    Somewhere in the MS borg machine there is an engineer getting all of this data, and likely doesn't know what to do with it all.

    Which begs the questions: what is the nature of this data, who has it, have they done anything with it yet, and what plans do they have for it?

    Just fixing it is one thing, The data sent and the collection and purpose of it as well as its ultimate disposal are big issues here. And of course, compensating the data owners for the bandwidth costs. Good thing MS has deep pockets.

    But just to feed the conspiracy theorists among us, I'll add "Perhaps they'll just spin it as a leftover debugging code". :)

  22. Kubla Cant

    Nothing new

    Once upon a time, Microsoft used a horrid protocol called Netbeui (sp?), which was famous for saturating LANs and running up massive ISDN bills with its broadcasts.

    They've probably implemented it in WinPhone 7.

    1. Anonymous Coward
      Gates Halo


      Wasn't NetBEUI originally designed by IBM as it's PC LAN protocol? I don't believe Microsoft should take all the credit for that monstrosity.

  23. Trib

    Not everyone has seen this issue (if it is there)

    I've not seen this problem with my Samsung Focus WP7. I'll admint that doesn't mean it isn't there, but I've had my WP7 for a month an a half now with a 200mb plan. For the last month I've left 3G on all the time, and I've not had any 3G data use that I've not expected.

This topic is closed for new posts.

Other stories you might like