Cable Modem Hackers Release Improved Firmware 419
FatCat writes "SecurityFocus has a story about a group of hardware and software hobbyists specializing in embeddded systems who've released their own custom firmware for Motorola Surfboard cable modems. The firmware lets you log in to an interactive VxWorks shell, or issue commands from a Web browser through an http interface. You load it by tapping an undocumented console serial port on the circuit board. So far, uncappers are apparently the primary consumers, and they're downloading up to 400 copies a day."
Loss of service (Score:5, Informative)
so the question becomes (Score:5, Insightful)
Sorry, but there's very few things worse than being a weasel.
Yeah, it's great to have m4d bandwidth, but you're really paying for a shared resource, and I think most people know that. Don't get me wrong... I appreciate the value of a good hardware hack as much as the next geek, but if you're using it to siphon huge amounts of bandwidth from your neighborhood node, that's a problem.
If you need huge, dedicated bandwidth, I'd say buy a T-1 line, or pay for a business-class account.
Re:so the question becomes (Score:2)
Erm, a T1 is only 1.544mbps. That's hardly huge, dedicated bandwidth. It's about the same as the average cable cap. It sure isn't what the uncappers are shooting for.
Re:so the question becomes (Score:3, Informative)
Re:so the question becomes (Score:3, Interesting)
Re:so the question becomes (Score:3, Informative)
Might be useful for the few geeks they don't leave their machines on 24x7.
Slow Upstream (Score:3, Informative)
-Lucas
No (Score:4, Insightful)
Why? Running servers for one, and I also get priority for bandwidth on the node, as well as better tech support (which I basically never use... calling tech support is a sign of weakness). Yes, it costs more, but I knew my utilization would be a good deal more than average, so I paid for the next level of service.
I personally suspect the uncappers are after some better upstream pipe... that's where residential accounts are seriously lacking compared to a T-1.
Re:so the question becomes (Score:5, Insightful)
I think that's the point, exactly. There are others paying for the bandwidth, while some kid with a hacked firmware is, in essence, stealing it.
Just because it's there, does not mean it's there for the taking. If you need the extra bandwidth, don't steal it. Buy it.
Also, just because the cable modem ring concept is flawed and difficult to control, by design, that does not make it justifyable to steal from them any more than it does to steal from music artists by downloading Mp3's. If you are going to be a criminal, don't play like it's not wrong. Accept that it's wrong, and get your kicks on the idea you stole something. That's less sick than the relentless and asinine justification I see all through this thread.
Re:Loss of service (Score:5, Informative)
When the first round of "cable modem uncapping" documents started floating around to the masses I found plenty of open tickets that had been forwarded to the "legal department" for possible action. Most people had uncapped their modems to 10mbit/10mbit.
Apparently they had a script that ran that checked for this as they had quite a few open tickets all over the place. I guess it was not hard to find.
They would disable your modem, forcing you to power-cycle it. Then your modem would download a new, correct, config file. If they found that you were AGAIN in violation you were terminated.
Some people did not lose their service but most did.
Re:Loss of service (Score:5, Funny)
If they found that you were AGAIN in violation you were terminated.
Your service was terminated, right? I've heard of "substantial penalties" for breach of contract, but termination? Jeez!
No way! (Score:2, Funny)
SEE!
c>ping -t www.google.com
Reply from 216.239.41.104: bytes=32 time=10ms TTL=244
Reply from 216.239.41.104: bytes=32 time=17ms TTL=244
Reply from 216.239.41.104: bytes=32 time=7ms TTL=244
Reply from 216.239.41.104: bytes=32 time=4ms TTL=244
Wooho^C^C%%$*&$%.Destination host unreachable
Re:Loss of service (Score:2, Informative)
You forgot the second half of that (Score:3, Interesting)
Re:Loss of service (Score:2, Interesting)
Aside to Michael and FatCat: It's spelled "hobbyist".
Re:Loss of service (Score:3, Funny)
Sorry... couldn't resist.
So far... (Score:3, Funny)
That was until
Re:So far... (Score:2)
Make that 40,000 now (Score:3, Funny)
confused (Score:3, Funny)
Re:confused (Score:4, Informative)
This is not actually true; "56k" modems are actually capped at 53k due to FCC regulations. I looked quickly on google and I couldn't figure out why they are capped and it doesn't really matter because almost no-one has a high enough quality phone line to get this rate. But there could be some dial-up hackers out there trying to get an illegal 3k.
Re:confused (Score:5, Interesting)
Re:confused (Score:2, Informative)
Re:confused (Score:2)
Rus
Re:confused (Score:2, Funny)
I think I speak for many of us when I say I've never wondered why I've downloaded porn.
Re:confused: do ya want speed or reliable speed? (Score:2)
Which would you rather have: possible bursts of 3MB/sec or dependable 1.5MB/sec? I'd rather have the latter if I want to do VOIP, streaming webcam conferences, etc.
My Opinion (Score:5, Interesting)
Im just going to sit back for a while and hope something good comes of this... maybe cable providers will find that fighting with these people isnt worth the hassle.
Re:My Opinion (Score:2, Insightful)
Re:My Opinion (Score:5, Insightful)
Something ain't right about that.
Re:My Opinion (Score:3, Interesting)
Re:My Opinion (Score:3, Interesting)
Re:My Opinion (Score:3, Informative)
There's two sides to how much bandwidth is allowed to your cable modem, the modem, and the headend, called the CMTS (Cable Modem Termination System). As part of the modem's configuration file, there's either a Class of Service (DOCSIS 1.0) or a Quality of Service (DOCSIS 1.1/
Re:My Opinion (Score:2)
I'm new to this topic...and curious...
Great, the bandwidth hogs (Score:4, Insightful)
Re:Great, the bandwidth hogs (Score:3, Funny)
Re:Great, the bandwidth hogs (Score:3)
I'm sure you do, but probably not in the sense that you seem to think is "reasonable." If you are like most people, you are paying for a modem which has been capped at those rates, which I'm sure you'll agree is a different thing entirely. It is "unreasonable" that you don't get 2/256 all the time only if you were guaranteed 2/256 continuously. I really doubt that you were. It is your right as a customer to use what you purchased, I agree. But
dropped carrier (Score:5, Interesting)
Re:dropped carrier (Score:4, Insightful)
The thing that stinks is that our provider is great. They block a few common ports inbound to prevent casual abuse, but that's about it; it's fast and stable! Uncappers may ruin it for the rest of us with this firmware mod.
Re:dropped carrier (Score:3, Informative)
they dont have to take any special/extra time to crack down on them - they can check that with scripts, flag the account, and disable the modem.
VxWorks? (Score:4, Interesting)
Cheap VxWorks development system? (Score:3, Funny)
Re:Cheap VxWorks development system? (Score:4, Insightful)
Re:Cheap VxWorks development system? (Score:3, Funny)
Why muck around with a modem and hacking, when you could install VxWorks on a PC and worry about learning the system, not hacking the hardware.
I'm sorry, sir. You seem a little lost here. Are you aware that this is Slashdot? :-)
What will the companies do? (Score:5, Interesting)
Given this, and the actions of DirectTV towards those who buy smartcards, I wonder what the cable companies will do.
Will they ignore those who download these firmwares for the advanced features like the remote terminals and have no intention of uncapping, or will they treat everyone who re-flashes their firmware as a "criminal".
Re:What will the companies do? (Score:2)
Rus
Re:What will the companies do? (Score:2, Informative)
spokesman? (Score:2)
That would be a "no"
Cool, I got a SB3100. I'm in like Flynn!
Re:spokesman? (Score:2)
Encryption slows it all down. The biggest battle a cable ISP has to fight right now is public opinion on the SPEED, not security, of the network.
A lot of them already have to push headend equipment to the limits to serve all their customers and still make a profit to pay back all the loans they got to put the internet service up in the first place, adding encryption to the modem to headend link would slow things down,
Is this right? (Score:2, Insightful)
Re:Is this right? (Score:2)
Rus
Re:Is this right? (Score:2, Funny)
Re:Is this right? (Score:2)
With an uncapped modem you are basically stealing for the other users(at least in heavy load times)
Re:Is this right? (Score:2)
it's not really like they don't know you have the thingy.. well maybe if you hacked it enough you could sniff some other users mac id,or whatever there's in those things to seperate them from each other. there's no pppoe here anyways on cable modems usually to handle the negotiation, it's basically that you just stick the cable modem that obviousl
Very neat (Score:2, Interesting)
Increasing Speed (Score:5, Interesting)
rus
Re:Increasing Speed (Score:3, Insightful)
Hmm... (Score:5, Insightful)
Re:Hmm... (Score:5, Interesting)
Re:Hmm... (Score:2)
Re:Hmm... (Score:2)
I preached about this to Blizzard Entertainment for ages (via email, and on their forums) and they STILL don't get it. The client should only get access to the data it needs, and any data from the client must be sanitized and verified before being accepted.
In the case of cable modems in a WAN, relying on the customer-installed cable modem, residing on their pro
Spam (Score:2)
Re:Hmm... (Score:3, Insightful)
Blizzard has been ignoring you because you don't know what you're talking about. It is simply not possible to design a game that has all sensitive computation being done on the server. The game will not be playable over the internet. It simply won't perform well enough.
Re:Hmm... (Score:3, Interesting)
What does a game need to send to the server?
- Character data (who you are, what you're saying)
- Positioning data (where you're at)
- Action data (spells you're casting, etc)
- Item data
The latter is where problem start: People can hack an item to give them whatever power they want. Then the client says "I'm doing 1,000 points of damage with my bare hands" and the server just eats it right up. There's no
Re:Hmm... (Score:5, Interesting)
Re:Hmm... (Score:3, Interesting)
Your analogy to the phone system is flawed though. Speakerphone, answering machines (voicemail), people talking over HAM radio instead of picking up the ph
Re:Hmm... (Score:4, Informative)
You have obviously lost touch with your inner lawyer.
IMHO, the best solution is to alter the terms of all contracts with users (those who wish to cancel service can do so)
Monopoly (Score:5, Interesting)
This shouldn't even be possible (Score:5, Insightful)
Re:This shouldn't even be possible (Score:2, Informative)
Re:This shouldn't even be possible (Score:5, Insightful)
I am certainly no expert but I think it is more difficult with this setup, than with DSL.
But I could be wrong
Re:This shouldn't even be possible (Score:2, Insightful)
Not really sure about the technicalities of cable-modem capping either.
However, I don't understand how so many businesses can actually base their plans on digital boxes being "tamperproof". To my knowledge, nobody has EVER successfully made anything digital tamperproof. DVD players, XBOX'es, Cable modems, Play Stations, all have been hacked. So why on earth do they keep trying?
Sure, it can make for some very tempting business models, but COME ON. It's like building your house on an erodable ledge by the s
Re:This shouldn't even be possible (Score:5, Insightful)
ADSL is single line from you to your local DSLAM. Zero issues with capping at the DSLAM end.
Cable modem has tons of users sharing the same cable, and the easiest point where you squeeze down what a single user can send/receive to the cable is your cable modem. Yes, there are ways of doing it at the ISP:s end, but they are either expensive or require nasty kludges.
Re:This shouldn't even be possible (Score:3, Interesting)
That's what is so cool about the DSL world, everything happens on that DSLAM, so the telco has control over your speeds.
Let's say you upgrade to a faster speed... Well remotely push an update to the port card you tie into that's in the DSLAM, then push an update to the modem and bam... You speed is upgraded.
The coolest thing to do is queue up a large download on the users PC, then push the updates to the modem and the DSLAM and you can actually see the speed increase
This is the US (Score:4, Funny)
With caps inside the cable company's network, there would be no oppurtunity for legal disputes and the resulting lawyer's fees....
Content filtering on outoging packets? (Score:3, Interesting)
Re:Content filtering on outoging packets? (Score:2)
to check my bank account balance, I must type in my acct# on their website.
this information goes to them in packets
Re:Content filtering on outoging packets? (Score:2)
Those packets would encrypted (or should be encrypted!) on the computer so the cable/DSL modem would not filter them. This content filtering would only catch plain-text transmissions of valuable data. I suppose it is possible that malware keyboard logger or a backdoor-using blackhatter could use an encrypted connection, but that seem
Doesn't sound wise.. (Score:3, Informative)
Or even better, can hackers reach this shell from the outside?
Sounds like a good way to lose your service and wind up in court.
Is it "bad netizenship"? (Score:5, Interesting)
If everybody "uncapped", would the result be enough net congestion that everyone would wind up getting "capped" speeds again? Is this a netizenship question?
As far as the ISP detecting "uncapped" cable modems, which has already been mentioned on this topic, I'd have to offer that my local cable provider employs so many utterly inept techs that they have trouble detecting when someone hooks up an unauthorized line to the pole, much less a change in the modem itself. That's why I've stuck with DSL -- 2 years with zero downtime, including a hurricane, while my cable service is down 3-4 times a week.
Re:Is it "bad netizenship"? (Score:2)
Re:Is it "bad netizenship"? (Score:2)
Several times. The problem is several blocks away from my house at an amp.
For background, I have operated a local access cable channel for a church for over 10 years. It is unique in our region in that it has a reverse feed set-up. For two years, we had frequent outages on the feed from the remote site to the cable company's head end. Turned out to be a line amp midway between the two locations; it had been set to amplify the regular channels but not the reverse
Re:Is it "bad netizenship"? (Score:2, Informative)
That was actually George Mallory who died whilst climbing Everest on June 6, 1924.
Harsh lesson for business (Score:5, Insightful)
Lesson learned:
Don't stake your business on being able to place artificial limits on how users use a product they buy.
DivX learned this. The RIAA are learning this. the MPAA will learn it. And looks like broadband providers will soon learn it too.
Sniffing (Score:3, Interesting)
If you got a shell from the modem, could you then sniff the traffic?
Just curious.
Re:Sniffing (Score:2)
Additionally, as the article indicates, the current cable modem standard supports encryption - so sniffing won't be so useful if it is turned on. The newer version of the standard has encryption turned on by default.
It's of no moment (Score:5, Insightful)
I do think it's an interesting attack on the Cable providors who have an undocumented bandwidth limitation that they enforce. One would think that a potential benefit would be an increase in the number of people who are diconnected due to this invisible marker, and some court enforced clarification/disclosure of limitations. Sadly, the activity is obviously illegal, and therefore any potential long term gains from this kind of activity are rendered unachievable.
This won't last long (Score:5, Informative)
Re:This won't last long (Score:3, Informative)
Since essentially they are overwriting almost all of the programable material on the boxes wouldn't this be simple task?
Although you'd run the risk of your ISP saying if (modem.firmware != current_version) {disconnect_service}, I'd say that'd effect their QoS if some of the customer boxes didn't accept the update.
Re:This won't last long (Score:2, Informative)
See, in deployed network, where you don't have physical access to the box you can't afford to not be able to communicate with it.
So a company like Motorolla would not allow this to be a 'changable' option in the first place.
Re:This won't last long (Score:3, Insightful)
How to handle uncappers fairly? (Score:5, Interesting)
I'm not the SysAdmin, just a concerned employee.
Re:How to handle uncappers fairly? (Score:2, Insightful)
If it were to happen a second time, it would be time to either permanently cancel the user or escalate to less subtle threats.
Re:How to handle uncappers fairly? (Score:3, Insightful)
My high school pulled stunts like this, revoking my account whenever I violated rules which they never told me about, without so much as a warning bef
I work for a cable ISP... (Score:3, Interesting)
As for the question "why is the bandwidth capping happening at the cable modem?", I beleive the answer is that it has to so that the CMTS bandwidth (the bandwidth on the cable plant between the modem and the cable router) is not used up. But that's not to say that the bandwidth you use at the cable router end isn't closely monitored. Hence why you will get shut off in no time flat when you start to exceed your provisioned bandwidth.
They got too much attention... (Score:3, Interesting)
http://www.tcniso.net/
cap? (Score:3, Funny)
If they just downloaded it once, maybe they wouldn't exceed their cap?
Screw uncapping, I just want my diagnostics back. (Score:5, Interesting)
As I own that hardware, I feel I have a right to see how well it's working. Many issues (Like signal loss) would likely be within my own home and something I could fix. This software would probably let me read this information, however, as I don't own one of the modable products I'll probably look for one with all the info I want on a web page rather than getting a hackable one.
Re:Screw uncapping, I just want my diagnostics bac (Score:3, Informative)
AGGH!!!! GET A SPELLCHECKER!!!!! (Score:3, Funny)
Re:Spelling nazi... (Score:3, Funny)
If so will all companies eventually be forced by law to employ a certain number of hoobys in some sort of perverse positive discrimination?
Will we get "hooby rights marches" and will Holland allow two hoobys to get married?
Enquiring minds etc etc
troc