Slashdot Mirror
Security Focus on Cable Modem Uncapping
Anonymous Coward writes "Cable modem uncapping allows broadband customers to boost their bandwidth to 6 or 7 times what they're paying for, by spoofing their modem's TFTP client into downloading a hacked DOCSIS configuration file. Kevin Poulsen at SecurityFocus reports that a new underground program called OneStep makes the process easy and fun for the whole family. Broadband companies are cutting off the uncappers that they catch, but things could get out of control soon."
Unless you're severely capped (at around 512kbps) I don't really see an issue with it. Most sites I go to I can only get around 70-100 kBytes/s on a download. This is far less than the 1.5Mbps cap usually put on the modem. Going to my ISP's download test site (which is connected by a fat pipe) I got 400kBytes/s, or 3.2Mbps. Basically, the chokepoint is mostly at the other end, not at the home user's end. When websites all have huge pipes running from them then maybe this will be an issue, but until then it's probably a moot point.
Think about it... even if it did get "out of control"... cable providers could simply restrict bandwidth further up the line (someone please explain why on earth it would be delegated at the modem in the first place???).
Anyone remember years ago when the same thing happened with DirecPC's service?
Slashdot: rejecting tech news in favor of rubber band guns since 1997.
I fully realize I'm using making the download even slower for everyone else by using Getright to have 4 independent connections.. Some people are just more equal than others, dammit!
The optimal use would be to find mirrors.
I often download my linux iso's in Windows because I like Getright so much. It can usually find mirrors around the world and I can get an iso in about 45 mins - something almost impossible when new iso's are released.
Get your Unix fortune now!
Don't forget video conferencing. Being capped at 15KB/s limits you to some pretty ugly video quality. I want to use my cable modem to do video conferencing with family and friends around the country. Right now it is one step away from intolerable and usually not worth the effort.
When information is power, privacy is freedom.
This would also encourage off peak usage. It'd be far better to squeeze out that 2 gig download quickly when it has no real impact on others versus taking hours due to a cap during peak.
I'm guessing you just can't reprovision the cable boxes that quickly and dynamically everywhere, but damn, it makes sense and I still don't understand why caps aren't implemented using some QOS type service at the head-end anyway...
Anyone else find this rather creepy ? Submitted the previous comment without a subject. Whoops. Found at the bottom of http://www.iscentral.org/~tcniso/main/oneStep.htm On a final note, the server install is approximately 23 megabytes (what the heck ?), and we have put some extra security features in. Since we know you should be online when you try to run the software, every time the software is started up, it will use a unique software key to download a special authorization pack from the website. The software must have this pack in memory before it can properly run. The unique key is generated from your hardware MAC Address and must have that same address to be able to function. All keys will have to be created by a special generator. This will also allow us to only let others use this software when we want them to, incase we need to shut it down or to upgrade. Server should upgrade easy. I have put a lot of time into this software and am very glad its finally a reality.
"However beautiful the strategy, you should occasionally look at the results" - Winston Churchill
That's good to know Cato. But you know, that brings to mind a question I've been asking myself off and on for a few months now:
if they can easily monitor something like bandwidth usage on a per-customer basis, why the heck can't they also scan for other violations/problems like code red?
I live in the midwestern U.S. (Ohio) and have Time Warner's Road Runner service. To this day I'm still seeing a large number of code red attempts on my router logs - greatly reduced from when it first hit of course, but still quite a few. When I spoke to RR's customer service back when CR first hit (and brought the entire RR network to it's knees) I asked them why they didn't just monitor for the bug and either cutoff or contact anyone with an infected machine. They told me they didn't have that capability.
Now granted, this was just a customer service flunkie, but I still remember thinking, "What the heck?! You guys can't track this sort of thing on your own network?" Apparently he may have been correct, given the number of CR attempts I'm still seeing.
Any idea what the real story is?
DerEngel
After getting so many negative comments, All I have to say is this, OneStep does exist, and becuase everyone knows I have too much time on my hands, It does support MD5 Authentication.. How this is done may only be a well guarded secret. But I guess you have to see it before you believe it? How will I distribute it and when? Me and Byter will still amaze you all, or a select few..
Doesn't work that way. Consider this: The government provide the roads. I pay the government to provide roads, and they keep up their end of the bargain by giving me nice, long, straight motorways to drive on. However, the conditions of use, as it were, state that there's a maximum speed limit of 70mph on the motorway.
Now, the government doesn't supply the car. I went out and bought the car. I have a Citroen, you may have a Ford, or a Vauxhall, or whatever you like. They're all *capable* of going faster than 70mph, but if I get caught doing that, I get a speeding fine, and points on my licence. I can't argue that "I bought the car, I paid for it, so I'll use it any way I want".
OK, how's this for an idea?
The config file is uploadable through the ethernet port, and seems to be able to specify the upstream and downstream frequencies, along with the maximum bandwidth rates etc. What would happen if you joined two cable modems with an F-to-F connector cable, and send config files to them so that the receive frequency of one was set to the transmit frequency of the other? And, how far from each other could they be? I know that the sub-headend that supplies my cable modem is only about 1/4 of a mile away, but I'm sure they work over a greater distance.
Any thoughts?
It seems like the overwhelming majority of folks here think that uncapping your cable modem is a Bad Idea, either because you're stealing the service, breaking the law, taking bandwidth away from people who are paying for it, or will lose your high speed access if you do.
But how many of you used Napster, and now use Gnutella, Kazaa, Audiogalaxy and the like, and think it's your god-given right to do so?
The shoe seems to be on the other foot when *you* run the risk of losing something. Consider, though, that other than the much closer-to-home personal risk involved in this one, that *both* acts are basically theft.
(As an aside, I wonder, though, how long until the "studies" show that uncapping your cable modem leads to the purchase of higher-bandwidth levels of service.)
Ed R.Zahurak
You know, oblivion keeps looking better every day.
providers don't "switch to DOCSIS".
Mine did. They began upgrading the system all over town. Vastly improved. Many new services. They started gradually switching sections of town over to DOCSIS. There was a window of time in which you could use both the old ugly Zenith modems or the new SurfBoard modems. But by a certian date you had to bring in your cable modem and replace it with a DOCSIS modem. Unfortunantly, I had to change all of my static IP's at the same time.
Those who would give up liberty in exchange for security and DRM should switch to Microsoft Palladium!
"Library books are free for all to borrow, but people don't all go there and borrow as many as they can just because it's open to anyone for free."
Check your Library card. Most public libraries limit the maximum amount of books you can take out. And they have fines for late returns.
"Water from a public drinking fountain is free, but nobody sits there all day filling up bottles of water just because it's free."
But when piped water was new, they did just that. It took a lot of teaching to get our curent social stigma of wasting water that comes from a tap.
"Besides, the "tragedy of the commons" is usually used as an example of why government control of something is bad. Yet in this case the connection is owned by a private company, and you're still crying about the 'tragedy of the commons'?"
Er... So, because I dont use the argument in the traditional role, its wrong? And, I seriously think you have the wrong end of the stick there with your given usage too.
"If it wasn't for the shared backbone you wouldn't have an internet connection at all."
Yes. And no. Networking is more complicated than that these days. But I'm not saying a shared escential resource is inherently wrong. (Apart from single point of faliure, but thats a diferent argument all together)
"I find nothing tragic about having this sort of 'commons', it's an enabling device for crying out loud!"
Uh huh? And your point was what exactly?
The 'Commons' example is for an *Uncontroled* and *Unmetered* limited availablity resource. I dont understand how anything you've said is relevent to what I said.
When onestep comes out I plan to try it. I don't think I will be caught because I'm going to set the speeds to the setting they ARE ADVERTISED AT.I might not get an increase, but its worth a try. I'm supposed to get 1500k down and 128k up. Those are both kilobits per second measured with kilo meaning 1000 not 1024.(as defined by communication term of kilo not storage term.) I have comcast and I have NEVER got the top speed as I did with @home. I understand if I don't get it all the time, or maybe not often but "never" is different! The top speed I have ever gotton is 900k down and 96k up. So if they are cheating us by setting the numbers (that we can't see) lower than they are supposed to, I will be fighting back. Its like a butcher's thumb on the scale, and I'm not going to fall for it. And if any records show that I am going faster than everyone else, I will still be BELLOW the allowed speed they say I can go.
I've heard of uncapping your cable modem and have seen some tools around for doing so. However, I figured that it was a pretty dumb thing to do; if you actually used the resulting higher bandwidth, you would only call attention to yourself and have the cable company disconnect you.
If more people start uncapping their cable modems (which, in reality, are ethernet bridges not modems) then I can foresee the cable companies devoting more resources to stopping such activity. Given that the cable modem is in the path before any firewall, they could simply remote detect and disable an
uncapped mdoem. Afterall, like the Night of Long Knives at Internet Direct a few years back (wherein users who left their dial-up connections up for 24/7 suddenly had their "unlimited" usage accounts terminated), it's in their interest to weed out the high volume (ab)users and cherrypick for the users who won't use the system to its potential. The more people they can get on a switch (i.e. a smaller netmask) the less costly it is for them to provide the service.
And if uncapping your cable modem seems attractive, consider this; would you want to be on a subnet with a neighbour who uncapped his/her modem and was sucking up the bandwidth such that your DivX and mp3 downloads were slowed to a crawl? You'd be on the phone to the cable company PDQ to get your speed
back, wouldn't you? And what do you think the cable co. would do to the bandwidth bandit once they found out what the problem was?
In Canada, Shaw/Rogers has capped their cable modems at 1.5 mbps down and 640 kbps up and charge CDN$40/month (US$25)for this service without extra charge (so far) for high volume usage. Personally, I think that's a bargain especially when I read about what (lack of) service our neighbours in the Excited States receive.