Slashdot Mirror
What Software Do Cable Installers Place on Your PC?
{e}N0S asks: "The cable guy came over to install a cable modem at my Dad's house. As I watched him do his stuff I noticed he was installing something called Broadjump Client Foundation. I know you don't need software for a cable modem to work so I asked if it was necessary. He said he had to do his list of things, and we had to sign that he did his list of things, otherwise he couldn't leave it with us to use. Since I can always remove the software, I agreed, but I noticed while he was flipping through the install, he was clicking 'agree' on every EULA that came up. Doing a search on Google for 'Broadjump Client Foundation' comes up with some pretty scary stuff as far as what it does, like: 'Builds a database of subscriber demographics and buying behaviors to help evolve and refine marketing efforts.' Now, how does this affect us? Neither myself or anyone in my family agreed to the software; the cable guy did. And is there anyway to get cable companies to stop doing this as I can imagine since the cable company is a monopoly in this town, that the percentage of people who still have this software on their computers is pretty high."
nothing.
he did nothing. i wouldnt let him. i just signed as if he did, to keep him outta shit.
I don't need no instructions to know how to rock!!!!
"Just give me the network info. I'll do it. You have no business touching my machine"
"but that's what my instructions say to do."
"are you bonded?"
"Whats that?"
"It means are you insured in case I have to sue you personally for screwing something up"
"oh.... Here's the info."
Besides, I connect through a router. What possible good would THEIR software do me?
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
Well, as a very first step, I would recommend against posting this to Slashdot. Let me explain with a little thought experiment. Presumably you are trying to "get the word out" about the Evil Corporate Spyware installed by your cable provider. Suppose you were to succeed, and almost every cable customer were to remove said software from his or her PC. Their demographics database would start to be pretty thin, and suddenly they can no longer use that information to defray some of the costs of running a broadband outfit. Best case, you get a rate hike. Worst case, the cable company goes out of business, and you're back on dialup (which, if you wanted to vote with your wallet against this kind of practice to discourage it, you could have done anyway). A better course of action would be to quietly uninstall everything the cable guy installed and keep it all under your hat.
Karma: Good (despite my invention of the Karma: sig)
1.Connect PC, cable modem and a second PC (everyone has one :) ) to a simple hub ($20).
2.Run a network capture tool (tcpdump, snoop, ethereal, etc.) on the 2nd PC.
3.Boot your broadband PC.
4.Look at the traffic.
You should be able to recognize the DHCP negotiations and see whether anything unusual is going on. Odds are, all it needs to do is negotiate for an address, everything else is probably frill.
The next step is to install a 2nd NIC in the 2nd PC, load linux, connect the cable modem to that and the other NIC to your little LAN and use IP tables to set up a firewall and NAT.
KK4SFV
I did this the first time I got cable. It was a 486 with Windows95 installed on it. Took the guy 30 minutes to install his warez on it. After he left, I got out my real computer and put the garage sale relic back in the attic.
More significantly, isn't him clicking through the end user agreements a forgery of your agreement?
On a practical level, I agree with someone above: have a sacrificial machine. I built a machine from my parts boxes for them to mess up. After all, all they want is a windows control panel to poke at, that it is on a P100 with almost no disk space and a slightly dodgy power supply doesn't matter.
_O_
.|< The named which can be named is not the true named
... is how when you search for "Broadjump Client Foundation" in Google, the company's own homepage doesn't come up in the early listings.
This says to me that either there are very few links to the company's homepage, or there is no company homepage.
Heh. Conspiracy therories entered here. 10 cents.
If Nalgene water bottles are outlawed, only outlaws will have Nalgene water bottles.
Dunno what this guy used, but certainly ATTBI/MediaOne/whatever does this.
Broadjump is the biggest piece of shit software I've ever seen. It reboots your computer whenever possible (god forbid they should check to see if you're running on 2K/XP which doesn't need to be rebooted to renew DHCP). You also need that program to register your MAC address with them. I could have made a fuss, but it wasn't worth it. I installed, registered, and de-installed. No more problems.
They certainly don't require that you leave it installed, except for Tech Support. Which so far has been easy, because if it's a problem with the line, you simply call and report that cable TV is out. Then they don't ask you to reboot your computer 500 times.
There is no sig, there is only Zuul.
I switched from Speakeasy DSL to Optimum Online when I moved (No DSL in new neighborhood... d'oh!!)
...) The guy just looked at it, and said, and I quote "Damn! You did a better job than I would have." The guy literally handed me the DSL bridge (It's NOT A MODEM DAMNIT!), we plugged it in, he saw the lights "go green" and said "good 'nuff for me."
... DirecTV rocks), I had my Linksys router plugged into my iBook.
:)
;)
When the Speakeasy guy came out 2+ years ago, I had done all the "inside wiring" myself (this was back in the dedicated-line days
When the Optimum Online guy came out here (I needed someone to come out since I don't subscribe to cable
First thing he did was go outside, climb the pole and turn the line on. when he did that, the cable bridge (IT'S NOT A MODEM DAMNIT!) "went green" and that was that.
All he asked was to see me pull up a web page. That was good enough.
Seriously, don't give the guy the old chip-on-the-shoulder attitude. Don't sound like a clueless yutz, either. Just explain to the guy that listen, it's my machine and I'll install all the software on it, thanks. It's already configured for the network -- I read the directions (on the web, in the box, etc.)
The installers are usually _very_ cool about that stuff. In fact, the cable guy saw my Sun Microsystems jacket and started asking me some questions... we had a good long talk about IP networks and stuff, since he was looking to go to some Cisco courses and get outta the cable install business
Best of luck with the installs! Remember, don't give them an attitude, just convince them that your machine is all ready to go. Remember, if they get out of there in 5 minutes instead of 2 hours, it means they get to take a long lunch
--NBVB
In the UK when a guy from BT cam around to install my DSL he did the exact opposite. They're specifically not allowed to touch my PC as they're not insured for any damage. So the engineer has a laptop, he plugs in the modem and proves the line works. Then I sign him off, he gives me the modem and a driver disc and it's up to me.
Of course this was 2 years ago, these days the engineer doesn't even come over...
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
Actually I wasn't aware of that "self-install" was a seperate option, so two guys came by and unpacked and plugged in the cable modem. Then one guy hunted around a bit trying to test if the connection was working until I realized that I had the DHCP Client service turned off, at which point I turned it on, and then explained to him, after he asked, what I had just done. So I guess "props" to Road Runner (although I'm not sure I feel good about giving "props" to anything related to the AOL/TimeWarner/MechaGodzilla conglomerate).
I think these guys get commission on the number of installations they do in a day, so they are glad to get out the door as soon as they can.
It's 10 PM. Do you know if you're un-American?
They also said they did not turn on the software, but after portscanning all of Charter's IP space that Arin said was allocated to them over 13,000 computers had this port listening out of over 25,000+ (4.5 Class C's) were actively listening for connections and would accept a connection if you telnetted to the port. Whereas scanning a non charter IP subnet there were less than 20 that accepted this (I don't have my numbers with me ATM).
The wonderful fellows at Securepipe.com Looked into this and brought it up with the local "watch dog" columnist for one of the local papers who wrote an article about this. Charter was not happy. The guys at Securepipe also brought this up with the local cable commission. Who were semi interested in this issue. About a week later port filtering was in place, including port 641 (what the software runs on).
They said the use was for the ability to remotely help users. Yes this is a nice function to have, but what if this fell into the wrong hands? The Broadjump software is based off of an older version of VNC that has some weak authentication issues. And also dealing with Charter and @home techs I wouldn't trust these people with my computer anyway. I don't trust my mother with my computer.
This was back in Novemeber/December who knows what they could do now.
wi2600.org You can read the threads here, many to list and you can see the research that we did to get into this. I do not know if an electronic copy of the mentioned newspaper article exists but if it does, I will try and get it posted.
Slashdot # 199661 the number that's the same upside down and right side up
Such an agreement would not be binding unless it included the texts of all the EULAs.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
They sent me two guys, one 'seasoned' one in training.
I was running win2k before they supported it, to appease the installers i ran win98 system in a fullscreen VMware. You should have seen the look on their faces when the win2k desktop popped up for a second while the virtual machine rebooted.
they installed all kinds of stuff, the IE on that image never worked the same again.
All I had to do was take note of the IP and PC Name, (they were using some funky DHCP via NetBios carp) shut down the vm and cram the IP and Name into the 2k install. bam! instant access.
Quote, unquote: "Since I can always remove the software, I agreed, but I noticed while he was flipping through the install, he was clicking 'agree' on every EULA that came up. ....Neither myself or anyone in my family agreed to the software; the cable guy did. And is there anyway to get cable companies to stop doing this as I can imagine since the cable company is a monopoly in this town, that the percentage of people who still have this software on their computers is pretty high."
Ummmm...."clicking through the Eulas" is the only way to install the software. If he wants "cable companies to stop doing this" he could have cancelled the install and thrown the "cable guy" out. And, yes, as he observed the cable guy "clicking through the Eulas" and did not throw him out he *did* agree to them. However, this is a moot point because the software is easily uninstallable and is not required for the cable modem to function properly.
Cable companies are frequently "monopolies" in towns because of the expense of laying new cable and maintaining it. You can't have 10 cable companies all laying 10 strands of cable on each telephone poll. Besides that, it isn't economical for a company to provide service in an area in which it cannot have a guaranteed customer base (not a guaranteed number of paying customers--that is entirely different), because of the expense involved in setting up the cabling to begin with. Towns frequently entertain "bids" by competing cable companies as to which company will provide the area with the best prices, service and choice prior to awarding the "contract" to a particular cable company. It's not a monopoly--it's a practicality.
Frankly, I grow a bit weary hearing people complain about non-issues like this. Usually, these complaints are based on a wide degree of ignorance and fear, just like this one. It would be a different matter if you couldn't uninstall the software and still use the modem. But you can, and that fact alone makes this much ado about nothing.
I NEVER let anyone install any software on my company computers or my home computers that deal with broadband.
This approach may get you permanently relegated to the slow lane of the Internet, if that (hint: what do you think your AOL or Earthlink connection does, especially upstream? Do you think they ignore all that nifty consumer buyer profile data they see pass through web proxies and such?)
As a Cox.net consumer and manager of a regional broadband service provider (not cox - we service flyover country:-) ), I'd suggest a better alternative:
- supply a stock Wintel PC next to your cable modem/DSL/wireless DSL termination. Win2K or WinXP are probably necessary.
- use the stock machine for the installer to load his garbage on
- use the machine for customer support calls
- let it crunch keys or run some other distributive application
- replace it in the link for normal operation using your router/internet sharing device of choice (e.g. RouterOS, Linux dual-nic, Linksys firewall router, etc)
Just make sure you get the details down of how your service provider authenticates you and let you on his network - PPPoE, DHCP, MAC-based authentication, etc. and make sure your router solution is configured to do the same.
Yea, I hate spyware and won't use it on my network either...
*scoove*
I moved about a month ago, and moved from DSL to cable, and thought I'd share my experience with people.
The guy came over, hooked up the cable modem, and watched as I ran about 50 feet of cable from it, around the back of the apartment, and through the window of the office (the only cable jack was on the opposite side of the house to the computers). When I finished he asked which computer had to be set up. "That one" I said, pointing to a small box hidden under the desk. It is a p133 that has run my website on 48 megs of ram for the last 5 years. "But not really that one," I finished.
See I have a nifty little firewall from netmaster (was merilus) which is a full computer on a pci card that uses the host computer only for power via the PCI bus. When I explained this to him he just kinda nodded.
"Don't worry," I told him, "I'll take care of it all." "All I need from you is the end of a cat5 cable." He went back to the cable modem and did the initialization or whatever he needed to do, and I overheard him say to head office something about "no, this guys going to set it all up."
I had already set up the card for DHCP, so it was a matter of replacing the DSL modem cat5 cable and putting in the new one from the cable modem. I borrowed a pen from the slightly stunned installer and reset the system, waited the 40 or 50 seconds for the system to come back up, and then pinged out from my linux workstation.
I mentioned that I worked for the last few years with a networking company and he said "well, you know a lot more than me then." No shit was the un-stated response. He left after having touched nothing more than the cabel modem.
Moral of the story: If you don't want them to touch anything (and any moderately competant geek shouldn't), don't let them! All that needs to be done on a cable modem install is to plug in the external cable into your firewall (you DO have a firewall right?) and for you to either reboot it or renew the DHCP lease. You can set up all the @HOME proxy info if you want, but it's not needed.
It's all about squeezing every last dime from the customers.
Actually, It's about more than that. PPPoE adds support for things like authentication which makes it easier to support multiple ISPs on one physical network. That's the reason PPPoE was deployed in Ontario, Canada. The phone company was forced by the govt to resell its ADSL service to competitors at a bulk rate, to allow competition. This meant that there was now multiple providers on the same network, and the ADSL network behaves a lot like ethernet. Thus, to allow things like metering and authentication and lots of other things that ISPs might care about, a new protocol had to be deployed over the existing one. Hence, PPPoE.
Yes, PPPoE is a pain in it's "dial-up" like nature. Yes, it does have some overhead over ethernet. However, it does allow for competition. Which is a good thing. As for the inability to keep an IP address, well, nothing says that you'll always get the same IP address using DHCP.
Also, I bet that in certain areas of the world the Cable companies will also start using PPPoE once the regulators start making them resell bandwidth too. I hate the thought, since I also like DHCP better, but it's the way of the world: Physical networks are prohibitively expensive. So to enable competition, you have to share them.