Slashdot Mirror
Cable Firms Limit Users' Freedoms
Passacaglia writes "An article in the Washington Post reports that a coalition of companies, including Dell, Microsoft, IBM, Sun, and even the BSA, have filed a report with the FCC complaining about how cable providers are placing restrictions on how subscribers use broadband access. This is in the wake of the recent FCC ruling that cable providers need not open their networks to competition from outside ISPs. The restrictions include limits on VPNs, servers, and many things that would make broadband really worth having." Meanwhile, TWC sent nastygrams to people it suspects are using unsecured wireless networks, skimming the info from the public database of wireless access points.
Dear xxxxxxxxx;
We have information indicating that you or omeone using your Road Runner account has been transmitting the Road runner service over a wireless network so that anyone with a wireless network card can tap into our service without authorization from us.
Use of your account for this purpose violates your subscription agreement and our Acceptable Use Policy in a number of ways, including Paragraph 5(d) of the agreement, which states that subscribers are prohibited from reselling or redistributing the service, or any portion thereof, whether for a fee or otherwise. This activity also violates a number of federal and state laws, including 47 U.S.C. 553, which allows for civil remedies of up to $50,000.
You should be aware that this is a very serious problem that goes beyond the theft of our services. Individuals utilizing the Road runner system in this manner to carry out criminal activity, would be able to do so in an anonymous manner. In such circumstances, when law enforcement attempted to trace such activity, the trail would end with your account.
It is not our desire at this time to sue you, and we assume it is not your desire to allow unknown users to anonymously plan criminal acts through your account. However, your wireless broadcast of the Road Runner service must cease and desist.
If we do not receive written assurances from you within three (3) business days of this letter that your account will not be utilized in this manner, or if the unauthorized use continues, we will suspend your account and we may pursue our legal remedies. Your written confirmation should be sent to:
Gregory Powell
Abuse and Security
Time Warner Cable of New York City
41-61 Kissena Boulevard
Flushing, New York 11355
Internet.security@twcable.com
Please contact Internet Security directly at either (718) 670-6621 or internet.security@twcable.com if you have any questions.
Sincerely,
Gregory Powell
Abuse & Security, Supervisor
High Speed Online Services
Time Warner Cable of NYC
http://www.usdoj.gov/criminal/cybercrime/47usc553. htm
47 U.S.C
553. Unauthorized Reception of Cable Service
(a) Unauthorized interception or receipt or assistance in intercepting or receiving service; "assist in intercepting or receiving" defined
(1) No person shall intercept or receive or assist in intercepting or receiving any communications service offered over a cable system, unless specifically authorized to do so by a cable operator or as may otherwise be specifically authorized by law.
(2) For the purpose of this section, the term "assist in intercepting or receiving" shall include the manufacture or distribution of equipment intended by the manufacturer or distributor (as the case may be) for unauthorized reception of any communications service offered over a cable system in violation of subparagraph (1).
Don't worry - most cable ISPs (I work for one) don't check for SSH servers, nor do they appear to care about it. SCP is crappy for distributing warez and pr0n, as it requires *shell accounts* on the box giving out the files, and thus there's no anonymous access, plus SCP is cpu-intensive, so the incentive to use SSH at home for anything but "legit" means is very very low.
;)
As for VNC, you've got me there. Not because the ports are blocked, but because 128kbit upload is crap for VNC.
The Free desktop that Just Works
> I wonder if DSL has different rules?
I suspect it does. Actually, DSL has the normal rules;
it's cable modem service that has different rules.
There are good reasons for this, and it comes down
to design. The cable network was _designed_ to
deliver lots of the SAME content to every subscriber.
Yeah, it can carry 50+ channels, but it takes the
same 50+ channels to everybody. Need to add another
thousand users? No problem: just tee off the line
that's already there. As cable TV grew, they've
been teeing the lines for years.
As a result, the lines can handle pretty substantial
bandwidth to an individual node, but the _total_
amount of bandwidth on a given subnet has some pretty
stiff limits on it. In particular, the total amount
of available bandwidth, that has to be split between
all nodes, is not necessarily greater than what one
node is capable of receiving (unless they place some
artificial cap on the latter).
This is backwards from almost every other network.
If you have, say, a T1 line, your provider (typically)
won't whine much if you use its maximum capacity,
because the T1 line itself is the chokepoint. At
the other end is a router that's probably on your
ISP's core LAN (for small ISPs) or core WAN segment
for your area. The bandwidth there is somewhat more
plentiful (though not unlimited by any means). DSL
is probably in this category, as are dialup, satelite
service, and so on -- most forms of internet access.
if you have dialup, your provider doesn't mind if you
max out your phone line every minute that you're
connected. In fact, if they had to pick, they'd
rather that you use that phone line at max capacity
until you're finished getting everything downloaded
that you want and then disconnect, rather than
downloading at half speed for twice as long. Because
that way they can get by with fewer dial-in lines.
Cable modem service is different, because you do
not have a dedicated pipeline from you straight to
the company's core network. Instead, you share
the pipeline with numerous other nodes. Bandwidth
you use directly affects your neighbor's ability
to get data to and from your ISP's network.
For this reason, cable modem service, while being
cheaper than broadband, is also inferior. For
myself, I'm sticking with my existing dialup
account until I can get true broadband, something
better than cable modem (such as DSL).
Cut that out, or I will ship you to Norilsk in a box.
I wholeheartedly agree that people should be able to run 'low-bandwith' daemons--provided they stay low bandwith. The problem is that 95% of your cable company's customers haven't heard of sshd, 4.9% have, and .1% actually want to run an sshd server. Sorry, you're not in the target market.
... somewhat SOL.
Let's explore this further. I should be able to run a low-bandwith web server and serve small personal pages. However, the reality of the other 99% of the customers is this: Code Red/Nimda. Idiots who didn't even know they had a webserver running got wormed and turned a low-bandwith web server into a massive pipeleech that made my Internet connection horrendously slow for about two months and logged tens of thousands of 404's to apache running off my cable. You mention you want to run sendmail. You gonna leave that an open relay? No, I'm sure... but a majority of everybody else who would run an MTA (either accidentally (it came with my WinInternetSharingProgram32 Lite!)) or purposefully isn't smart enough to lock it down, and this further compends the spam problem. Same with people who run NNTP servers and screw up news for everyone else.
Broadband customers as a whole are too irresponsible to run servers and should be prohibited from doing so. That's why this is prohibited in the Accetable Use Policy. It's a bitter reality.
I however, should be free of such restrictions as I'm smarter than most other broadband customers, but until I can prove that to my cable company and/or they see a market in letting intelligent people run servers, I'm
I run sshd, and ftpd for myself. Cox doesn't block it, but they do block SMB (139/tcp), HTTP, and telnet (23/tcp). They have the technical measures to block problematic ports, and I'm quite frankly glad they do that for the nimda reasons discussed above. I run apache off of port 8080 and cox doesn't seem to mind, else they'd send their AUP Gestapo after me
"Cable modems should be priced like burstable T1's used to be. "
Burstable T1's run today in my part of town (Phoenix metro) for a unnegotiatable local loop fee of $400/month, plus data fees of somewhere around $700 - $1200 depending on the provider. I know I'm misconstruing your statement, but as I understand it, Cox.net has an OC-12 coming in to what I assume is the entire Phoenix metro area (3 million people) A pricing structure that would allow for profitability and burstability up to T1 speeds and beyond and the ability to run servers would be only somewhat more cost-effective than an actual dedicated circuit with the added disadvantages of being far less reliable. Cox.net does offer a business rate plan, but it's not nearly as flexible as a T1 feed would be, probably for these reasons.
Moreover, people who want to run servers generally can afford colocation (which is far more cost-effective) and/or pay for their own line.
I'm in the same boat as you, I'm a poor geek who likes high bandwith and apache and php and MySQL and all that good stuff, but we're few and far between to even be considered a blip on MassiveCableCo's radar. Maybe, in time...
My $0.02
"[T]he single essential element on which all discoveries will be dependent is human freedom." -- Barry Goldwater
Create an IPTABLES rule like...
iptables -A INPUT -p tcp -s x.x.x.x/32 -dport 22 -j ACCEPT
iptables -A INPUT -p tcp -dport 22 -j reject-with tcp-reset
They can scan for you all they want. Just sub -s with your CIDR of choice where you want to come with, and anyone else trying to connect to port 22 gets connection reset, making it look like nothing is listening on the port.
Static IPs for all, no restrictions at all except don't serve pr0n or Warez from your home server.
The whole company is run by computer enthusiasts. They even have their own game server. How cool is that?
They work with the Telcos for their last mile, so you are limited to what Verizon or SBC can do for you, respectively. I have 768/128, but if you're in SBC territory the base package gives you a little more downstream bandwidth. My speed tests have been running around 735Kbps which is close to the max. When I had DSL previously with Flashcom 384Kbps was all I could get.
DSLExtreme rocks my world. No, I am not employed by them.
Knowledge is power. Knowledge shared is power multiplied.