Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Focus on Cable Modem Uncapping

Posted by chrisd on from the a-new-way-to-go-to-court dept.

Anonymous Coward writes "Cable modem uncapping allows broadband customers to boost their bandwidth to 6 or 7 times what they're paying for, by spoofing their modem's TFTP client into downloading a hacked DOCSIS configuration file. Kevin Poulsen at SecurityFocus reports that a new underground program called OneStep makes the process easy and fun for the whole family. Broadband companies are cutting off the uncappers that they catch, but things could get out of control soon."

4 of 484 comments (clear)

  1. Fun? Yes. Legal? Questionable by ObviousGuy · · Score: 5, Insightful

    Just because technology allows you to do something, does not mean that it is also legal.

    --
    I have been pwned because my /. password was too easy to guess.
  2. Re:Property vs Service by redgekko · · Score: 5, Insightful
    True, you are within your rights to do whatever you want to the cable modem itself if you own it... HOWEVER, the moment you attach it to a leased cable line, you are most likely violating the provider's TOS/AUP/FAP/EULA that you agreed to be legally bound to when you subscribed.

    Here's another example: you may own your telephone handset, AND it may even be legal to modify it for the purpose of phone phreaking (maybe...DMCA?), but once you plug it into a live phone jack, you've surely committed a crime.

    Summary: It's not about how you handle your equipment, it's where you have permission to stick it.

    --
    Slashdot: rejecting tech news in favor of rubber band guns since 1997.
  3. detection by service provider by Eric+Smith · · Score: 5, Insightful
    The article suggests that service providers detect this by querying the modem at the customer end using SNMP. If that's true, a better[*] hack would be to modify the firmware to uncap the bandwidth regardless of what the MIB variables say. In other words, let it report back via SNMP exactly what the service provider sets the cap to, but have the modem disregard that variable.

    People have done much more amazing hacks than that on DVD players, such as the Apex AD600A, despite the use of a non-standard microprocessor. Hacking the firmware of a cable modem should be quite simple by comparison.

    That's the sort of reverse-engineering I used to do quite often, but now I get little opportunity due to the DMCA. It doesn't seem like service provider or cable modem vendor can use the DMCA to ban reverse-engineering of the cable modem, since the features in question aren't involved in copy protection. But the trend seems to be to sue first and try to justify it later.

    Eric

    [*] Better in the sense of being less detectable. I'm not suggesting that doing this is legal or ethical.

  4. Re:Unused bandwidth can never be recovered... by weave · · Score: 5, Insightful
    I've gotten some e-mail basically saying this would be useless because most users aren't savvy enough to know how to shift their usage around, but by the cable companies own admission, the bulk of bandwidth is used by a small portion of subscribers. I put it to you that these same subscribers are the ones who would know how to shift their usage around via programattic means.

    Given half a chance, I don't believe most of us geeks are unreasonable. And if variable bandwidth caps were instituted that were raised or lowered based on demand, just like the compression level on a CDMA cell signal is manipulated based on cellular tower usage and capacity, you'd start to see a lot of tools written that would make shifting of bandwidth around available for average users too...