For a bit of fun, I have just looked at the data counters on my phone, for March:
UK data: 66MB
Roaming data: 533MB
The imbalance is of course because at home or work one uses the ADSL on one’s PC.
And I am not even a heavy data user. No movies, no browsing of bloated websites (e.g. sony.com), etc. Occassionally I let somebody bottom-feed off my phone’s wifi 
Now try to come up with a package which gives you value on the above usage, for roaming in any European country. I repeatedly look at this and find that Vodafone plus Euro Traveller is the best one. My bill for March is under £30, comprising of £17 for the basic contract (1GB, 100 international texts) and the rest is the £2.50/day for ET (all plus VAT).
This really shows the huge value of being able to use one’s phone for the internet connection. And why the cellular companies hate people doing it 
A few points:
HTTP headers don’t contain information about screen size. Servers can ask a browser to run Javascript which will report it.
HTTPS isn’t slow these days. There are various reasons to use it, but one is perhaps more compelling than most.
But on the other hand, the only time in over 15 years that our websites have been compromised was because they were using HTTPS.
Capturing someone else’s HTTP traffic is trivial if you can insert a device into the chain between client and server, but it’s pretty hard otherwise. Installing key logging software on the targets computer is usually easier. That’s why I like two-factor authentication.
Do those techniques mean anything nowadays?
Sure it has. Every good compression will leave you with very little structure, otherwise it wouldn’t be good compression. And certainly known plaintext still helps breaking ciphers, even today, the PKZIP stream cipher is susceptible to it. AES apparently not yet, known plaintext only reduces effort by a factor of 4 or so.
If everything is TLS encrypted as it should be, then it becomes much much harder for any attacker (government or private) to wade through the “garbage” because it takes a lot of effort to notice what is garbage.
TLS is not slow. Google requires it for every search request and they do not offer anything non TLS encrypted anymore. A bit embarrassing though that SSL v1/2 was completely insecure from day #1…
Do those techniques mean anything nowadays? Enigma had many silly weaknesses. Compression just gives you other stuff to work on e.g. predictable headers and other structures. Encrypting a ZIP file just gives you a giveaway “PK” at the start of every message – a 65536x reduction in workload. I don’t think a known plaintext attack has any meaning in the context of modern crypto. IMHO the low hanging fruit for somebody wanting to collect low grade (e.g. email account) passwords is hooking into the ethernet link to the WIFI access point (or setting up syslog on the router) and then wading through the GB of garbage. Trivial to do in a cafe with free wifi which every customer will hook into, but what will they get for their effort? Reading thousands of mostly banal emails. Intercepting cellular is much harder, for the casual hacker.
Is compression still available?
Sure, any reasonable cryptography implementation will want to take any redundancy out of the plaintext before encryption. After all, the Germans helped the Brits in decoding enigma a lot by starting every message with “Heil…”
I am no expert either but one example of a possible false positive would be Safari on the Iphone and Safari on the Ipad.
Bad example because the Iphone uses a different APN when tethering, but you get the idea – Firefox on Android?
Maybe one can tell them apart but on Android you can hack the browser agent strings and if this was the whole story everybody would be doing it (there would be apps for it; in fact there would be tablet/laptop browser apps which look like a phone browser). And 6 months from now it will be something else, and there is a massive pool of people out there with old gear, old apps… Also some people don’t www browse and just collect emails…
One telecomms person told me that there are many cases of such ambiguities which make the detection of tethering using app signatures too dodgy. These firms already struggle with using script monkey staffed call centres in India which every one of their customers really hates.
I thought they can detect tethering by looking at the screen size of requests through from the http header?
I’m no web protocol expert, but it seems to me that there is no http header field giving screen size info? On the other hand there is info about the web browser.
You would have to decrypt WPA; I don’t think there is a publicly known non-exhaustive attack on that (WEP can be cracked with about 1GB of intercepted data). Or, on a wired connection, connect to the telephone line between the house and the exchange. Or, on GSM/3G, have some fancy gear for interception.
And what would you achieve?
I consider a cellular connection pretty good for the intended usage, and any “banking” uses https anyway. I would use a VPN for anything that needs it. WIFI is far less secure than cellular because anybody with access to the wifi router’s ethernet connection can potentially see all the packets, but all that anybody doing that would achieve is reading zillions of boring emails and maybe picking up some email passwords.
HTTPS sites mostly run very slowly. Is compression still available? That makes a huge difference to how fast a site runs but it would need to be done before the encryption.
HTTPS would make all that stuff invisible anyway, and a lot of sites use that for no real reason – it’s just trendy nowadays.
All sites should use it because HTTP is insecure. I could easily post under your name on EuroGA, all I need is to be in a network close to you (next fly-in!) and intercept the traffic. The step to gaining admin privileges shouldn’t require much more effort.
