As RR said, packet sniffing and cross-referencing the data should be able to do the trick. As for enforcing their TOC... well, in my case there's nothing to enforce, they're supposed to bill me for it. It's not like I don't want to pay for my use, I'm OK with that, it's just that it never happened which means that whatever technology's at their disposal it's not hooked up to be run automatically for every data connection. It's sort of akin to them not charging someone for overages because it requires manual intervention to determine that you went over, or not billing for international text messaging when you only have a domestic messaging plan and so on.
Pretty much any GSM/UMTS phone can be used as a modem. Just get the drivers (from the installation CD or download from mfgs website), then connect your phone with a USB cable to your PC and check if your phone is shown as a modem on a COM port (Start -> Control Panel -> Phone and Modem Settings -> Modem). If the phone is there, then you can use it as a modem (ie: "tether"). I forgot how to open the data connection, maybe via the built-in windows Network Connection center, or maybe manually with AT Commands (see more here) Like I said in my previous post, it is possible, but it's kind of complicated due to taking info from different areas and cross-referencing. This type of detection is not something already existing in the network and all they do is need to do is flip a switch and turn it on. They need to go out of their way to make something like this. Well, this is assuming they are doing it on a packet-sniffing level accross their entire network. If they are just using software they installed onto iPhones and BB's to report, then it would be a simpler way, altho still something that they had to go out of their way to do. Either way, AT&T is going out of their way to nail you with tethering fees. I really never even saw or heard of any European operators doing anything like this (and I've worked on and used quite alot of them here ) Do it. Just ask your friend sitting next to you "Hey, can I borrow your SIM card for a minute?"
I too would be surprised if at&t has really implemented something as sophisticated as the packet sniffing and then cross-matching the information with the billing system, etc. Since the tethering notification seems to have only been reported with the iPhones so far, then I'd be inclined to believe it's iPhone specific software that is currently doing the reporting - which could be expanded to other manufacturers of at&t devices, certainly. But afterall, it was only about 18 months ago that at&t developed the sophistication to identify/do a billing cross-match for smartphone usage on their network. And even to date, they still don't seem to identify all smartphones - with non-branded phones, some seem to be being detected based on their browser (i.e. Android), but AFAIK non-branded S60 devices still aren't being identified and notified/auto-add for the smartphone data plan. (Of course, with at&t's definition of what constitutes a smartphone (S60 + keyboard), it may just be that it is more difficult to determine with S60 than with the other smartphone O/S.) And additionally, it was reported fairly recently that at&t didn't have the ability (or desire to make the same effort) to identify QMD usage and match it with the billing records as they are doing for smartphones. Subsequently (in February), at&t eliminated the requirement for an additional $20 in monthly feature add-ons with a QMD. Realizing both of these identification processes are primarily IMEI based, but if they only now have begun those levels of identification/cross-reference to billing records, I just find it hard to believe that they would really have implemented it on a much more sophisticated level at this point. For one thing, I'd have to think that the number of "abusers" is actually pretty small; and then I'd also think that as we approach the point where the remaining "unlimited" smartphone data plan users come out of their existing contract so that at&t can require them to change to a newer limited data plan allotment (which I'd expect them to do), you are talking about all this additional cost/effort just to catch a decrementing number of potential abusers? Wouldn't make a lot of sense to me. ( lol. Of course I'm always being told not to expect at&t to "make sense".) Then as has already been pointed out, that only leaves the "unlimited" data plan for feature phones/QMDs as the potential for tethering/increased data usage without a corresponding charge - but I just wouldn't expect a lot of tethering from feature phones/QMDs. Plus the fact that a higher % of users are migrating to smartphones all the time.