I can’t remember exactly what I was doing with my spare time as a 17-year-old teenager, but it sure wasn’t finding flaws in T-Mobile’s system. But I guess that’s why I had to actually put up with a data cap.

For Jacob Ajit, not so much of a problem. He discovered a flaw in T-Mobile’s filters that allowed him to use the network’s data, even when he hadn’t paid for anything.

DON’T MISS: Here’s why complaints about Apple’s iPhone 7 design are ridiculous

Ajit discovered that if he put a prepaid SIM with no credit into a phone, he was still able to connect to T-Mobile’s portal, where he could potentially buy more data. Then he noticed that his Speedtest app still worked, which meant that T-Mobile was allowing for images (what Speedtest uses to measure download speed) to be downloaded across its network without paying.

So, with a little messing around, Ajit worked out that anything in a folder labelled /speedtest was whitelisted by T-Mobile. He tried it out by loading up a music video on his server in a folder marked /speedtest, and sure enough, it worked.

To take the test to its logical conclusions, he set up a proxy server using the same rules, which he was able to use to freely browse the internet through T-Mobile’s network without ever paying for service.

Ajit alerted T-Mobile and disabled the proxy server before writing up his discovery on Medium, so don’t expect this to keep working. As Ajit says, it’s a “very simple” fix for T-Mobile to patch the hole.

Chris Mills has loved tinkering with technology ever since he worked out how to defeat the parental controls on his parents' internet. He's blogged his way through Apple events and SpaceX launches ever since, and still keeps a bizarre fondness for the Palm Pre.