You can bypass essentially all paywalls using DNS tunnelling. The connection you get has _terrible_ bandwidth and latency characteristics, which is why nobody does it.
This doesn't work for many hotel paywalls, because they would have a catch-all rule for all DNS A queries (resolving to a local IP of authenticating proxy) and block everything else. And the reason is exactly because of the DNS tunneling, which was making rounds in p2p circles as far back as 2005 if not earlier.
Doesn't this cause issues with cached bogus A records once the user pays and is granted access? I suppose you could return really short TTLs, but there would still be a delay of at least a few seconds.
(I'm not doubting they do this, just saying it seems very hacky...)
Yes, it does, and of course fails if the site called is https. AFAIK some implementations work as a proxy after successful authentication to reduce that problem.
Other solutions use proxy configuration detection to redirect people to a proxy that first asks for authentication/payment. (wpad file)
Both solutions are kind of hacky, but they work for more or less all devices.
Yea, it was pretty bad for me. I did manage to establish an ssh connection over that, but it would get dropped pretty fast. I'd setup L2TP on the host if you want to browse the web, it might just about work.
The connection itself is not that bad, I actually paid for it eventually and it was okayish. I'm pretty sure with a bunch of adjustments you could get it to a point where you can use some IM comfortably.
