×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cable Modem Hackers Release Improved Firmware

michael posted more than 10 years ago | from the improvise-adapt-overcome dept.

Security 419

FatCat writes "SecurityFocus has a story about a group of hardware and software hobbyists specializing in embeddded systems who've released their own custom firmware for Motorola Surfboard cable modems. The firmware lets you log in to an interactive VxWorks shell, or issue commands from a Web browser through an http interface. You load it by tapping an undocumented console serial port on the circuit board. So far, uncappers are apparently the primary consumers, and they're downloading up to 400 copies a day."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

419 comments

fp faggots (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8188914)

uncapped cable modems! JEAH!
big ups to jersey!

YAH!

GULRGULRGLRLRGLRG (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8188917)

not quite first post

Loss of service (5, Informative)

mpost4 (115369) | more than 10 years ago | (#8188931)

I would think that doing this could put one in dangar of lossing their service. I this more then likely is a violation of the TOS of most cable ISP's and when you violate a contract( TOS's are contracts of a form ) you void it, so then the cable company is not obligated to server you any more. Is the promise of high speed you don't pay for (theft) worth the lose of service, and posable legal action?

Re:Loss of service (0)

Anonymous Coward | more than 10 years ago | (#8189030)

The thing is, companies like Cox Cable or Comcast advertise their services as "Unlimited Access to the Internet" and make no mention of bandwidth caps in their TOS's.

Re:Loss of service (2, Informative)

MCZapf (218870) | more than 10 years ago | (#8189150)

Your statement is false. Comcast, for one, is now advertisting its new faster service capped at 3Mb/sec instead of 1.5Mb/sec. Maybe in the past they didn't mention the caps, but they do now.

It's "serve" not "server": use preview. (-1)

Anonymous Coward | more than 10 years ago | (#8189032)

No text for me to poop on.

Re:Loss of service (1, Informative)

BeemanH2O (718832) | more than 10 years ago | (#8189035)

Not only is it a violation of the TOS on most cable ISP's, it's a violation of FCC law. So think again if you're wanting to hack or uncap your cable modem.

Re:Loss of service (0, Troll)

cayenne8 (626475) | more than 10 years ago | (#8189293)

This is new to me...I just joined Cox cable high speed. They can control the modem "I" bought? I didn't take the one they wanted to give...it would have cost me twice as much for them to provide the same motorala modem I got.

So, if I get this correctly, they can still get in and control this modem? But, if it is MY purchased hardware, what can they say about me wanting to hack into it and learn how it works?

Re:Loss of service (-1)

Seth Finklestein (582901) | more than 10 years ago | (#8189047)

Dear Mike:

I'm sorry, but you're wrong. The Terms of Service is most definitely not a contract in the strictest legal sense of the term. A contract, per U.S. Common Law section 604(b), is a "binding document that allows for the provision of services in exchange for consideration." What the Terms of Service does is limit your rights. Furthermore, you provide no additional consideration (in juris the fee you pay for the basic cable modem service) as a result of accepting the Terms of Service.

As a lawyer, I vow to defend any user who is unjustly denied Internet access or any other basic human necessities due to the fully legal liberation of their cable modem connectivity device.

Sincerely,
Seth Finklestein
Internationally Acclaimed Freedom Fighter and Lawyer

so the question becomes (5, Insightful)

The Tyro (247333) | more than 10 years ago | (#8189214)

Why do this on a shared medium, particularly one you have to share with your neighbors? I like my neighbors, and I get almost 3.5 megabits down, which is pretty quick. Plus, my neighbors know I'm the cul-de-sac computer geek, and they'd probably come to me if their connections slowed to a crawl. What am I supposed to do? Play dumb when they ask me if I know what's up with their slow connections? That's pretty weak... and looks even weaker when the cable company tells my neighbors that someone in the neighborhood uncapped their cable modem... Hmmm... wonder who that person could be?

Sorry, but there's very few things worse than being a weasel.

Yeah, it's great to have m4d bandwidth, but you're really paying for a shared resource, and I think most people know that. Don't get me wrong... I appreciate the value of a good hardware hack as much as the next geek, but if you're using it to siphon huge amounts of bandwidth from your neighborhood node, that's a problem.

If you need huge, dedicated bandwidth, I'd say buy a T-1 line, or pay for a business-class account.

Re:Loss of service (4, Informative)

garcia (6573) | more than 10 years ago | (#8189360)

I worked for ATTBI before they were swallowed up by Comcast. I still have an ATTBI hostname...

When the first round of "cable modem uncapping" documents started floating around to the masses I found plenty of open tickets that had been forwarded to the "legal department" for possible action. Most people had uncapped their modems to 10mbit/10mbit.

Apparently they had a script that ran that checked for this as they had quite a few open tickets all over the place. I guess it was not hard to find.

They would disable your modem, forcing you to power-cycle it. Then your modem would download a new, correct, config file. If they found that you were AGAIN in violation you were terminated.

Some people did not lose their service but most did.

So far... (3, Funny)

randomErr (172078) | more than 10 years ago | (#8188943)

So far, uncappers are apparently the primary consumers, and they're downloading up to 400 copies a day.

That was until /. posted the link. Now something like 30,000 downloaded will be registered today.

Re:So far... (1)

SQLz (564901) | more than 10 years ago | (#8188984)

Bah, who cares. Let the lemmings get their service canceled. More bandwidth for me!

Make that 40,000 now (3, Funny)

Anonymous Coward | more than 10 years ago | (#8188948)

Thanks to Slashdot, I'm sure it'll be 40,000 sometime today, that is unless Google changes their graphic to some sore of cable modem and beats Slashdot to the punch.

confused (3, Funny)

fjordboy (169716) | more than 10 years ago | (#8188950)

I've always wondered why people go to so much trouble to uncap their cable modems and stuff. I used dialup for years and NEVER had to worry about messing with my modem to uncap it. My connection was burstable and had absolutely no cap!

Re:confused (1, Funny)

randomErr (172078) | more than 10 years ago | (#8188975)

So that they could run that pr0n video server of Janet's boob?

Re:confused (1, Funny)

Anonymous Coward | more than 10 years ago | (#8189081)

Jeez, if you're going to run a porn server, can't you at least find boobs that are not scary?

Re:confused (3, Informative)

Pyro226 (715818) | more than 10 years ago | (#8189039)

I used dialup for years and NEVER had to worry about messing with my modem to uncap it. My connection was burstable and had absolutely no cap!

This is not actually true; "56k" modems are actually capped at 53k due to FCC regulations. I looked quickly on google and I couldn't figure out why they are capped and it doesn't really matter because almost no-one has a high enough quality phone line to get this rate. But there could be some dial-up hackers out there trying to get an illegal 3k.

Re:confused (4, Interesting)

aonaran (15651) | more than 10 years ago | (#8189170)

It's because the higher voltage required to push it to 56k would cause enough crosstalk to interfere with neighboring voice lines which is what the telephone system is supposed to be used for.

Re:confused (2, Informative)

Fuyu (107589) | more than 10 years ago | (#8189355)

According to this reply [cctec.com] on NANOG, "What the FCC limits is the power (db) level you can place on the line in the PSTN. This is to limit crosstalk in copper cable bundles. This power limitation does not equal a speed limitation. This seems to have arisen from the fact that the first PCM modems - USR X2 units - could not go faster than 53.3K without violating the FCC power limitations. All other things being equal, the more power you can use, the faster you can go. To cover their ass USR put the disclaimer on the boxes talking about how X2 was capable of 56K, but limited to 53.3K due to the FCC blah, blah. Many people read this as the FCC having some cap on allowed speed since they didn't explain that the trouble was with X2's inability to go faster in
the allowed power band."

Re:confused (1)

vpscolo (737900) | more than 10 years ago | (#8189052)

I remeber the day of 14.4K and we were happy. It took forever to download things and when we finally got that low res porn we wondered why we had bothered

Rus

Re:confused (2, Funny)

IWorkForMorons (679120) | more than 10 years ago | (#8189106)

...when we finally got that low res porn we wondered why we had bothered...

I think I speak for many of us when I say I've never wondered why I've downloaded porn.

Re:confused (1)

kristan (53139) | more than 10 years ago | (#8189198)

14.4kbps? Paah! I remember running my own BBS (on a C64 no less) with a 300 baud modem. You were _extra_ cool if, like me, you had hacked it to 450 baud. 1200 baud was a luxury mere teenagers like myself could not afford.

Re:confused: do ya want speed or reliable speed? (1)

unfortunateson (527551) | more than 10 years ago | (#8189080)

Of course the other baffling half of this is, while Comcast is putting download hogs under their thumb, they're making it easier to be a download hog: At the end of January, they raised my cap from 1.5M/128K to 3.0M/256K (altho DSLreports only rated the up at about 160 at that moment).

Which would you rather have: possible bursts of 3MB/sec or dependable 1.5MB/sec? I'd rather have the latter if I want to do VOIP, streaming webcam conferences, etc.

My Opinion (4, Interesting)

TheRealMindChild (743925) | more than 10 years ago | (#8188952)

Ok, while I HATE the fact that my cable is capped, and now I have some invisible limit to my cable modem, there isn't a court in the land that will side with me, blatently breaking a few laws, and ignoring the TOS that was agreed to.

Im just going to sit back for a while and hope something good comes of this... maybe cable providers will find that fighting with these people isnt worth the hassle.

Re:My Opinion (2, Insightful)

Pope (17780) | more than 10 years ago | (#8188997)

You're free to pay full market rate for your connection, just get a fractional T1 or leased line: problem solved! :)

Re:My Opinion (4, Insightful)

lukewarmfusion (726141) | more than 10 years ago | (#8189041)

My Comcast (and my Sprint PCS) TOS states that the TOS is free to change at any time, without needing any notification, additional signature or approval from me, and is enforceable without my prior knowledge. They can add fees and still charge a cancellation fee if I get upset and leave.

Something ain't right about that.

Re:My Opinion (-1)

Seth Finklestein (582901) | more than 10 years ago | (#8189083)

There's a simple solution: cancel your "contract" and don't pay the so-called "cancellation fee." Your former provider might try to sue you in small-claims court. When they do, hire me. I know more about trademark law than Comcast does; they probably won't show up. When the plaintiff doesn't show up, you'll get off the hook. I charge only $39.95 for this service, plus travel and expenses.

For more information, go to Google.com [amazon.com] .

Sincerely,
Seth Finklestein
Acclaimed Cyberlaw Expert

Re:My Opinion (1)

ooPo (29908) | more than 10 years ago | (#8189153)

> Something ain't right about that.

The fact that you still do business with them?

Re:My Opinion (3, Interesting)

smellystudent (663516) | more than 10 years ago | (#8189117)

"Uncapping" a modem refers simply to removing a speed limit implemented in the modem. It cannot remove speed limits imposed upstream, or monthly download limits. In fact, you'll just speed towards those limits even quicker!

Re:My Opinion (0)

Anonymous Coward | more than 10 years ago | (#8189186)

I get decent speed on my cable modem, and my isp doesn't have monthly download limits, so when I want to DL a really big file, I just start the DL in the morning before I go to work, and it's sitting complete in my DL folder when I get home at the end of the day.

Now I have a backlog of media to watch so big, I wonder when I'll have time to go through it all... maybe when I retire, or if I lose my job to some oversea person.

Re:My Opinion (1)

cayenne8 (626475) | more than 10 years ago | (#8189352)

I just signed with Cox for a business acct. I'm going to go back and read the fine print again, but, I didn't see anything in there saying you couldn't hack into the modem...nor anything about caps..etc. There was a vague acceptable use section, but, mostly related to downloading or host illegal things. Can someone quote or put links to where a company like Cox or the FCC says this 'uncapping' is illegal?

I'm new to this topic...and curious...

Great, the bandwidth hogs (4, Insightful)

Gr8Apes (679165) | more than 10 years ago | (#8188954)

will be quickly disconnected! More bandwidth for me!

Re:Great, the bandwidth hogs (2, Funny)

haplo21112 (184264) | more than 10 years ago | (#8189236)

F U...You have the whole issue backwards, if the Cable company would just provide enough bandwidth all all users could go at thier full speed In my case 2/256 all the time...there wouldn't be any such thing as a bandwidth hog...I pay for a cable modem which is supposed to go at 2/256, and I don't think its at all unreasonable fr me to expect it to go a 2/256 whenever I want it too, and if thats all the time because I download/upload alot of stuff...(I ftp stuff back and forth from work, as well as send a shoutcast stream to myself at work so I can listen to anything in my music collection whicle I am at work)...then so be it, Its my Fing right as a customer to use what I purchased.

dropped carrier (5, Interesting)

sinucus (85222) | more than 10 years ago | (#8188958)

I'll have to say that with all the draconian rules being put in place with cable providers that I don't see this as being a new playground for crackers. You'll likely get dropped quicker than you can refresh the BIOS on that cable modem of yours. With DOCSIS compliant cable modems you'll be sure to know that the cable modem company DOES know what you're doing with it.

Re:dropped carrier (3, Insightful)

ErichTheRed (39327) | more than 10 years ago | (#8189144)

Yup, lots of people don't realize that. Especially over the last two years, cable broadband has emerged from the Wild West period. Now providers are actually looking at what's going on in their networks, and going after people who are stealing service. Of course, they don't have time to crack down on everyone, but they can easily collect statistics from the routers.

The thing that stinks is that our provider is great. They block a few common ports inbound to prevent casual abuse, but that's about it; it's fast and stable! Uncappers may ruin it for the rest of us with this firmware mod.

Re:dropped carrier (2, Informative)

clarkc3 (574410) | more than 10 years ago | (#8189245)

Of course, they don't have time to crack down on everyone, but they can easily collect statistics from the routers.

they dont have to take any special/extra time to crack down on them - they can check that with scripts, flag the account, and disable the modem.

Re:dropped carrier (1)

sinucus (85222) | more than 10 years ago | (#8189332)

8 years ago or so when I first got my cable modem it was quite easy to hack the modems. Most of them had exposed serial ports to plug into. Some providers back in the day left access to their control matrix on the network. All I needed was the user/pass which was the same for all workers. A quick keyboard logger and a service call later and I have root access on the network. Then when DOCSIS 1.0 came out all you had to do was build a linux box and a BOOTP server and uncapped modem again. Then DOCSIS 1.1 came out and changed all that. Now uncapped cable modems last all of about 1 min when the new script gets sent to the modem. If you want fast internet, either get a job at a very rich company or go to school.

VxWorks? (3, Interesting)

Quasar1999 (520073) | more than 10 years ago | (#8188972)

It ain't free like linux is... so not only are they violating their AUP from their service provider, these guys are using software that they didn't pay for? WindRiver is gonna be pissed!

Cheap VxWorks development system? (2, Funny)

jerryasher (151512) | more than 10 years ago | (#8189181)

For engineers eager to gain VxWorks experience inexpensively, how reasonable a development platform is this modem?

Re:Cheap VxWorks development system? (3, Insightful)

Quasar1999 (520073) | more than 10 years ago | (#8189242)

Umm, you are aware that VxWorks runs fine on an x86 based PC? Why muck around with a modem and hacking, when you could install VxWorks on a PC and worry about learning the system, not hacking the hardware.

What will the companies do? (4, Interesting)

toasted_calamari (670180) | more than 10 years ago | (#8188982)

I have heard stories of cable companies coming down *extremely* hard on uncappers, doing things like banning them from having cable service for life and other such actions.

Given this, and the actions of DirectTV towards those who buy smartcards, I wonder what the cable companies will do.

Will they ignore those who download these firmwares for the advanced features like the remote terminals and have no intention of uncapping, or will they treat everyone who re-flashes their firmware as a "criminal".

Re:What will the companies do? (1)

vpscolo (737900) | more than 10 years ago | (#8189119)

From a business point of view I can sort of understand. A cable provider only has so much bandwidth and if everyone used all of it at once the network would die. Of course they can ad more bandwidth but someone has to pay for it, and in this case it would be customers

Rus

Re:What will the companies do? (2, Informative)

DOCStoobie (731093) | more than 10 years ago | (#8189260)

Well, some cable ISP's actually have it set up to where the CMTS (cable mdoem termination system) verifies both the modems firmware and config file source, to ensure that the modem is legit, and if the source doesn't match ... the CMTS won't route packets from that modem, or even allow it to pass on DHCP to the user's PC/router, so this will only work on some Cable systems

spokesman? (1)

imag0 (605684) | more than 10 years ago | (#8188986)

SecurityFocus asked four U.S. cable modem service providers if they protected their customers with the encryption option....a spokesman for Time Warner's Road Runner service didn't return repeated phone calls on the question.

That would be a "no"

Cool, I got a SB3100. I'm in like Flynn!

Re:spokesman? (1)

sponge_dan_square_pa (749380) | more than 10 years ago | (#8189222)

I had RoadRunner for 2 years in Ohio. That entire time, I kept thinking to myself "This has got to be faster than 256Kbp/s!". I finally benchmarked my throughput and it was JUST UNDER 9Mbp/s! Let me tell you, I fixed all my internet acess problems myself from then on. A few months before I moved, my service went down and I was forced to call in for help. I got a comment from the techie - "Oh, this is interesting! Allright, your service should be back on now.". It was never the same :(

Is this right? (2, Insightful)

ObviousGuy (578567) | more than 10 years ago | (#8188989)

It's a simple question: Just because you can, should you?

Re:Is this right? (1)

vpscolo (737900) | more than 10 years ago | (#8189091)

If everyone else is doing it should you? If you best friend jumped off a cliff would you follow?

Rus

Re:Is this right? (1)

Quill_28 (553921) | more than 10 years ago | (#8189095)

Good question and a fair one.

With an uncapped modem you are basically stealing for the other users(at least in heavy load times)

Re:Is this right? (1)

gl4ss (559668) | more than 10 years ago | (#8189244)

with uncapped cable modem you're basically posting a banner in your window "HEY CABLE COMPANY, I'M STEALING BANDWITH!!!!! COME AND DROP ME, MIGHT AS WELL SUE!!"

it's not really like they don't know you have the thingy.. well maybe if you hacked it enough you could sniff some other users mac id,or whatever there's in those things to seperate them from each other. there's no pppoe here anyways on cable modems usually to handle the negotiation, it's basically that you just stick the cable modem that obviously is somehow identified to the cable jack and then connect a computer to the ethernet connection of the cable modem.

anyways the possible negatives from getting caught outweight the little positives of getting few kb more by a quite wide margin(most probably you'd be just not breaking the tos but the law as well).

Very neat (2, Interesting)

BenDalton (573850) | more than 10 years ago | (#8188990)

now if someone could do this for my cable modem. Although, I have to wonder how many people will use this to uncap their cable modem only to get in trouble by their provider. In this society, i wonder how long until the developers get sued by the people installing it on their cable modems because they got prosecuted by their provider? Sigh... what a nice little circle

Increasing Speed (4, Interesting)

vpscolo (737900) | more than 10 years ago | (#8188993)

Of course you can always setup a compressed SSH tunnel to speed up the text part of web browsing. I've found you get get upto 400% increases which is nice :)

rus

Re:Increasing Speed (0)

Anonymous Coward | more than 10 years ago | (#8189101)

Of course you can always setup a compressed SSH tunnel to speed up the text part of web browsing. I've found you get get upto 400% increases

A tunnel to where exactly? That only works if you've got a shell account on an external server which has extra bandwidth.

Can you read the text 400% faster too? ;-)

Re:Increasing Speed (1, Insightful)

Anonymous Coward | more than 10 years ago | (#8189199)

Of course you can always setup a compressed SSH tunnel to speed up the text part of web browsing

I'm sure people wanting to uncap their modems won't be interested in text websites. MP3s, movies and w4r3z are already compressed...

Hmm... (5, Insightful)

Pxtl (151020) | more than 10 years ago | (#8188996)

IANAA (I am not an admin) but shouldn't bandwidth capping be handled at the ISP's end, through a transparent proxy? Not through the cable modem? At the very least couldn't they just have the system automagically cut off service when the packets start flowing too fast, rather than getting into the legal minefields? Then they could say "I'm sorry, our system does not support uncapping" when someone tries and finds their machine not getting anything. Seems a more elegant solution than simply hoping nobody will try and then hosing lawyer hours at them when they do.

Re:Hmm... (5, Interesting)

hattmoward (695554) | more than 10 years ago | (#8189172)

The thing is, within a few blocks of you, cable modems are pretty much all working on the same piece of wire. There is a good amount of bandwidth to share out there (sorry, I don't remember, but it's A LOT), but if you use a transparent proxy, it's still possible to saturate the local segment and irritate other users. A solution using a bandwidth arbitrator for routing to users may work, but if all the cable modems run in full-speed mode, you get bursty connections while each modem waits its turn to go full-saturation. Unfortunately, uncappers don't realize that they're potentially screwing over someone else. I think that's the big beef that the ISPs have... They already planned for a high potential bandwidth, it's just that when you go from 1.5 to 3 Mbps, you're giving yourself a bigger timeslice on the wire. Other than that, DOCSIS (in its most common configuration) is a very Big Brother-ish protocol, and your ISP will know what you're doing the minute you do it... unless they're a bunch of monkeys with wire (read: Comcast).

Re:Hmm... (1)

larien (5608) | more than 10 years ago | (#8189209)

Monitoring/limiting bandwidth usage by clients at the ISP end probably incurs a performance penalty while you're monitoring; therefore it's probably cheaper to have the client check it.

Re:Hmm... (1)

Quixadhal (45024) | more than 10 years ago | (#8189262)

Yep, it's one of the oldest lessons in the book. NEVER trust the client. ALWAYS do any authentication, state-management, etc on the SERVER side.

I preached about this to Blizzard Entertainment for ages (via email, and on their forums) and they STILL don't get it. The client should only get access to the data it needs, and any data from the client must be sanitized and verified before being accepted.

In the case of cable modems in a WAN, relying on the customer-installed cable modem, residing on their property -- where you DON'T have full control of it, to handle security or resource management is like asking people at the buffet to only take one plate of food.

The best way cable ISP's can handle this is to have the first tier routers do bandwidth shaping, and put both soft and hard caps in place. If you exceed the soft cap for more than N minutes, you get clamped, and you can't exceed the hard cap at all.

Of course, if we could just make spamming a capital crime, there would be PLENTY of bandwidth to go around! :)

Re:Hmm... (5, Interesting)

tazanator (681948) | more than 10 years ago | (#8189270)

Well this is comcast.. My tcpdump shows ARP traffic on my cable modem from 4 different class B subnets(XX.XX.xx.xx), and even 2 class A subnets (XX.xx.xx.xx) I could understand a class C subnet(XX.XX.XX.xx) but not traffic in class A corporate down at end user. I'm in Indiana and seeing customers in California reply to ARP's... wasted bandwidth. With this much ARP traffic allowed thru the routers it's no wonder they are short bandwidth and kicking bandwidth hogs. Comcast has great speed but at very high cost (about $60 in my area) and the limits and additional overhead they build into the network it's no wonder the people hate them. If I can wean my 10 year old daughter from the TV I will cut the cord and go to DSL (I want to run a game server anyways and DSL is only $30 out here). I am not surprised people uncap and reconfig the cable modem ... they do it to phones (voicemail, speaker phones, heck the ham's started long distance connecting the ham radio to a phone to get longer distance with out the bill), why should the inovative spirit stop at the cable company?

Re:Hmm... (0)

Anonymous Coward | more than 10 years ago | (#8189317)

Not a bad idea.
Companies could hide behind incompetence instead of resolving problems... Wait.

-- I randomly moderate down people who moderate down people who describe their abuses of the mod and metamod system in their sigs. --

Monopoly (5, Interesting)

lukewarmfusion (726141) | more than 10 years ago | (#8188998)

In my area, Comcast is the ONLY option (outside of extremely expensive satellite alternatives). If they want to shut you off, they can. Then, you're screwed. I try not to do anything that will get me in trouble with them. Losing my cable, internet, etc. would be far worse than the tyranny of having my cable modem capped or my speed tiered. The problem is that they know this as well. That's why they can and do take these steps. My solution was the same one that Utah and others were going to do - city/state run broadband. It'd be just another utility and they could certainly offer it cheaper than Comcast. Plus, with the profits going back to the city or state, it would probably help lower/cut taxes. It's probably a simplistic view, and I realize that there are issues with letting the government control your internet access, but it would probably benefit the consumer much more than letting a monopolistic cable company charge $45 for crappy television and $45 more for internet access that goes down for "unscheduled maintenance."

This shouldn't even be possible (4, Insightful)

huhmz (216967) | more than 10 years ago | (#8189003)

Here in Sweden the caps aren't in the modems and quite frankly what kind of idiot ISP would do it this way? We are capped at the router or somesuch. I got 8 Mbit on my ADSL though which is maximum for ADSL so im not complaining.

Re:This shouldn't even be possible (2, Informative)

Anonymous Coward | more than 10 years ago | (#8189044)

errrr...... this is a discussion of CABLE not ADSL. ADSL lines are individual lines to the ISP's DSLAM, whereas cable modems are on a local network loop with other users, hence the need for capped modems......

Re:This shouldn't even be possible (4, Insightful)

Quill_28 (553921) | more than 10 years ago | (#8189053)

Umm.. I believe cable modem use a shared line with other users.
I am certainly no expert but I think it is more difficult with this setup, than with DSL.

But I could be wrong

Re:This shouldn't even be possible (1)

milgr (726027) | more than 10 years ago | (#8189243)

The cable company should be able to cap traffic at the ISP based on MAC or IP addresses - assuming that all traffic from a cable loop goes through one router in order to get off the loop.

To limit traffic between cable modems that are on the same loop, they need to either limit the traffic at the cable box, or add a box to the pole.

Re:This shouldn't even be possible (2, Insightful)

3Daemon (577902) | more than 10 years ago | (#8189297)

Not really sure about the technicalities of cable-modem capping either.

However, I don't understand how so many businesses can actually base their plans on digital boxes being "tamperproof". To my knowledge, nobody has EVER successfully made anything digital tamperproof. DVD players, XBOX'es, Cable modems, Play Stations, all have been hacked. So why on earth do they keep trying?

Sure, it can make for some very tempting business models, but COME ON. It's like building your house on an erodable ledge by the sea, and then whine about it when your property goes bye-bye into the big blue.

Of course, as politicians seems to think such behaviour perfectly reasonable, and even write laws to support it, its never going to go away. :/

Re:This shouldn't even be possible (4, Insightful)

Jarnis (266190) | more than 10 years ago | (#8189134)

There is a big difference in technology when comparing ADSL and Cable modems. Yes, one could argue that the early cable modem standard sucks and is exploitable, but that's what is in use by millions of customers right now.

ADSL is single line from you to your local DSLAM. Zero issues with capping at the DSLAM end.

Cable modem has tons of users sharing the same cable, and the easiest point where you squeeze down what a single user can send/receive to the cable is your cable modem. Yes, there are ways of doing it at the ISP:s end, but they are either expensive or require nasty kludges.

This is the US (4, Funny)

Anonymous Coward | more than 10 years ago | (#8189161)

We have to reserve a certain portion of all economic activity for our lawyers, else they're likely to run wild in the streets and start chewing the tires off cars.

With caps inside the cable company's network, there would be no oppurtunity for legal disputes and the resulting lawyer's fees....

Content filtering on outoging packets? (2, Interesting)

G4from128k (686170) | more than 10 years ago | (#8189089)

It would be nice if these enhanced firmware systems provided some level of content filtering on outgoign packets. A simple test would see if key passwords, financial account numbers, or a honeypot file name were in any outgoign packets. If so, the modded device would kill the outgoing packet and log the destination.

Re:Content filtering on outoging packets? (1)

way2trivial (601132) | more than 10 years ago | (#8189234)

so how then, would you USE account #'s or passwords..
to check my bank account balance, I must type in my acct# on their website.
this information goes to them in packets

Doesn't sound wise.. (3, Informative)

stratjakt (596332) | more than 10 years ago | (#8189100)

Could the cable company not quickly whip something together to scan all of their subscribers modems, and have a list of uncapped/hacked boxes in their hands within a few minutes, hours tops?

Or even better, can hackers reach this shell from the outside?

Sounds like a good way to lose your service and wind up in court.

Is it "bad netizenship"? (4, Interesting)

djeaux (620938) | more than 10 years ago | (#8189103)

Leaving aside the Sir Edmund Hillary rationale for hacking anything ("Because it was there") which is probably the #1 reason for any slashdottoid to crack out the soldering iron anyway, I have to wonder if this would be like circumventing any other speed limit. Aren't roadway speed limits set partly for safety & partly to control traffic?

If everybody "uncapped", would the result be enough net congestion that everyone would wind up getting "capped" speeds again? Is this a netizenship question?

As far as the ISP detecting "uncapped" cable modems, which has already been mentioned on this topic, I'd have to offer that my local cable provider employs so many utterly inept techs that they have trouble detecting when someone hooks up an unauthorized line to the pole, much less a change in the modem itself. That's why I've stuck with DSL -- 2 years with zero downtime, including a hurricane, while my cable service is down 3-4 times a week.

Re:Is it "bad netizenship"? (1)

JeffTL (667728) | more than 10 years ago | (#8189219)

Cable TV down 3-4 times per week? You may need to have your wiring checked.

Re:Is it "bad netizenship"? (1)

djeaux (620938) | more than 10 years ago | (#8189358)

You may need to have your wiring checked.

Several times. The problem is several blocks away from my house at an amp.

For background, I have operated a local access cable channel for a church for over 10 years. It is unique in our region in that it has a reverse feed set-up. For two years, we had frequent outages on the feed from the remote site to the cable company's head end. Turned out to be a line amp midway between the two locations; it had been set to amplify the regular channels but not the reverse feed.

In this case, the cable company lines & head end hardware have changed ownership several times. The new company employs nobody who was involved with the original set-up. When they "went digital" a year ago, it was a Chinese fire drill...

Roadway speed limits are revenue makers (0)

Anonymous Coward | more than 10 years ago | (#8189246)

If traffic laws in the US were really designed for traffic control and safety, we wouldn't have 55 MPH speed limits on roads designed for 75 or 80. Nor would we have red light cameras that trigger 2 seconds after the light turns yellow but before it turns red.

We'd do like Germany does: enforce keep-right-pass-left so we wouldn't get the Los Angeles knuckleheads who cut an overloaded SUV doing 45 MPH across five lanes of traffic that's doing 70 MPH just so they can sit in the HOV lanes and go 50 MPH.

But let that car get in the HOV lanes when the line is solid instead of dotted and we fine them $271 or more.

Re:Is it "bad netizenship"? (1)

just some computer j (594460) | more than 10 years ago | (#8189273)

It is true that cable is capped to control traffic, but usually is it because of the size of the pipe at the headend of the cable line. Most cities have at least a T3 line, some have OC-3, but I haven't heard of anything bigger than that. One ISP I worked for had 4 T1 lines, with only one of them dedicated to cable customers for their broadband.

And if your cable modem was going down 3 or 4 times a week, from experience I would say the cable in your house wasn't up to snuff, or the node that you were connected to with all the other houses in your neighborhood was not powerful enough. And I would agree in that most ISPs' don't do very well with tech support. Most of the people that you will talk to on the phone are salepersons, not techs. If you really want to talk to a tech, most generally, you have to ask for one. TW in the city I live does a pretty good job, but a lot of people in this city can't stand DSL, because SWB didn't do a good job laying out their network.

Either way, we all won't be happy until we get fiber to the house. But even then, we are still going to have problems.

Harsh lesson for business (5, Insightful)

Stiletto (12066) | more than 10 years ago | (#8189108)


Lesson learned:

Don't stake your business on being able to place artificial limits on how users use a product they buy.

DivX learned this. The RIAA are learning this. the MPAA will learn it. And looks like broadband providers will soon learn it too.

Sniffing (2, Interesting)

Quill_28 (553921) | more than 10 years ago | (#8189127)

So cable modem lines are shared.

If you got a shell from the modem, could you then sniff the traffic?

Just curious.

Re:Sniffing (0)

Anonymous Coward | more than 10 years ago | (#8189281)

You can access the cable modem via a local web page like an ADSL modem by setting the ip on the network card to a specified one and you go to the page. Read the manual . its there.

You get advanced settings. Try the manufacturer of the modem and download a config tool, my ADSL modems maker has them.

My cable modem is the same.

Re:Sniffing (2)

milgr (726027) | more than 10 years ago | (#8189303)

More than a shell is required for sniffing traffic. I don't know what comes with the box, but typically the network drivers must be set up to sniff the wire in promiscuous mode.

Additionally, as the article indicates, the current cable modem standard supports encryption - so sniffing won't be so useful if it is turned on. The newer version of the standard has encryption turned on by default.

Re:Sniffing (0)

DOCStoobie (731093) | more than 10 years ago | (#8189371)

the cable modems themselves run on a prive IP network, and have access-lists to only talk to certain IP's on the CABLE interface, so, without hacking either the provisoining server, or the CMTS(cable modem termination system) you will NOT be able to access the cable modem itself. Now, if you were able to fool the modem into thinking that YOU are the provisioning server, and either change frimware or config file, the CMTS will detect that, and force the modem to "update" its config/firmware, setting it back to the cable co.;s configuration ... at least thats how MY cable co.'s system operates.

It's of no moment (5, Insightful)

picklepuss (749206) | more than 10 years ago | (#8189142)

It's interesting today, but it won't last. I wouldn't really bother with it. If the ISP is capping it at the modem and users find a way around it, the ISP will just figure out a way to cap it in a different place - they'll probably put the cap on the other end of the pipe where they have absolute control of the firmware/hardware.

I do think it's an interesting attack on the Cable providors who have an undocumented bandwidth limitation that they enforce. One would think that a potential benefit would be an increase in the number of people who are diconnected due to this invisible marker, and some court enforced clarification/disclosure of limitations. Sadly, the activity is obviously illegal, and therefore any potential long term gains from this kind of activity are rendered unachievable.

This won't last long (5, Informative)

Knightsaber2003 (727853) | more than 10 years ago | (#8189149)

As soon as someone from Motorola reads this, they'll be popping out new firmware to cable ISP's right quick. It's quite easy for the ISP's to push this out in a night or two. I do it for a living :)

Re:This won't last long (2, Informative)

Peridriga (308995) | more than 10 years ago | (#8189286)

IDDWYDFAL (I don't do what you do for a living) but, couldn't it be possible for the flashed firmware have a option to refuse to allow a pushed firmware update?
Since essentially they are overwriting almost all of the programable material on the boxes wouldn't this be simple task?

Although you'd run the risk of your ISP saying if (modem.firmware != current_version) {disconnect_service}, I'd say that'd effect their QoS if some of the customer boxes didn't accept the update.

Re:This won't last long (0)

Anonymous Coward | more than 10 years ago | (#8189327)

You're actually wrong. The modified firmware disables remote updates. HA!

Re:This won't last long (3, Insightful)

arctan1701 (635900) | more than 10 years ago | (#8189383)

hmmmm... i own my cable modem. my contract says nothing about allowing my cable company to access my computer systems and make changes. shouldn't this be a form of hacking/terrorism and be punished by death as it is for the rest of us?

Mindless (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8189269)

www.fibercoax.net
These people arent led by the money hungry DerEngel (as known on efnet), and actually have quality software. their hmac-md5 cracker can do over 1million keys/sec.

Re:Mindless (0)

Anonymous Coward | more than 10 years ago | (#8189305)

I forgot to add that the tcniso group (DerEngel) fell into (?federal?) pressure and now has backdoors in the firmware, not to mention blocking irc.fibercoax.net and www.fibercoax.net with their firmware. It's really silly.

Re:Mindless (0)

Anonymous Coward | more than 10 years ago | (#8189343)

Why is this marked offtopic ?

Surfboard (0)

Anonymous Coward | more than 10 years ago | (#8189299)

I had a Motorola Surfboard.

It died.

The guy who came to replace it (with a cable modem from a different manufacturer) said that he replaced quite a few dead 18-month-old Surfboards.

How to handle uncappers fairly? (5, Interesting)

lordmoose (696738) | more than 10 years ago | (#8189339)

Okay, I work for a cable ISP. We don't want to send jack-booted thugs to shake down some 13 year-old kid who's just hacking to see what happens (I've been down that road myself). What is the best way to handle someone who uncaps their modem?

I'm not the SysAdmin, just a concerned employee.

Um...I don't think so (1)

just some computer j (594460) | more than 10 years ago | (#8189363)

Why would I want to uncap my cable modem? The people that do this are playing Russian Roulete and eventually, they will shoot themselves in the head. Not to mention piss off the neighbors for slowing down their porn searches.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...