Uncap Your Modem, Get Visit From the FBI

FlightSimGuy writes "The Blade wrote this article about how seven men were arrested by FBI agents with guns drawn and indicted by a local grand jury for allegedly "reconfiguring computer systems to access excessive amounts of bandwidth". Apparently the provider, Buckeye Cable Systems, wanted to make an example out of the men. According to the company's attourney, "Cyber crime is potentially very damaging to society. We are taking a firm position on that type of criminal activity. We hope these cases will have a deterrent value...""

Wasting resources.

[Nogami_Saeko]

Sounds to me like the FBI should go after the cable company for using up valuable resources for this kind of crap.

A cable company making an example out of customers, or fighting terrorism and REAL crime... Wonder which the FBI's resources would be better spent at...

Re:Wasting resources.

[scoove]

Seems like the /. discussion has been rather one-sided. While I can relate to both sides of the issue (politically leaning libertarian, manager of a rural regional broadband company), I think there are some points to be made that explains the FBI's interest and motivation, as well as the role of the service provider:

A cable company making an example out of customers, or fighting terrorism and REAL crime...

Or hunting down and executing civilians who ignore their authority (Ruby Ridge), dousing with flammable gas and igniting, then denying photographic evidence of shooting civilians as they attempted to flee (Waco), or ignoring evidence of Islamic terrorism in the prosecution of a major case preferring to stick with the politically pleasing but incorrect "angry white male" prosecution (OKC), yes, the FBI does seem to have some priority problems.

I don't mean to sound like a conspiracy theorist - fortunately there has been enough evidence, charges/convictions against agents and public condemnation for many of those events to provide enough substantiation for reasonable persons. Also, recognizing them as a political organization, not an objective law enforcement organization, clarifies their behavior substantially and explains why good agents are asked to do not-so-good things sometimes.

From this perspective, these actions make sense:

Wonder which the FBI's resources would be better spent at..."

In this case, it appears the FBI is working to establish deterrance on infrastructure crimes. There is considerable fear about the present security of our telecom, power, water, gas pipeline and railroad infrastructure.

I'll guarantee that this case was hand selected by top FBI officials, not a regular response to a service provider complaint. My experience two years ago with absolute disregard by FBI and Secret Service authorities to our exposing a hacking ring that had exploited several foreign embassies in DC and a DC dialup provider was enough to prove that they really don't care about crime unless it suits their political agenda.

Exactly! This is a job for CIVIL courts and local jurisdictions, not the FBI and the Feds.

Except when they need to scare the civilians out of tampering with infrastructure so they can focus on the /real/ bad guys.

IANAL, but this seems to me to be a violation of a CONTRACT, not a criminal act!

I'd absolutely concur, but thanks to popular support of intent crime laws (e.g. hate crimes), you folks have opened the doors to more of these ugly laws. Tampering with your CATV coax or POTS can now be construed as an act of terrorism, thanks to the wonders of "intent."

Unfortunately, the libertarians warned both sides about this encroachment (Democrats for hate crime and excessive intent-based gun laws; Republicans for national defense and terrorist intent laws, and both sides for the mess associated with RIAA "intent to steal intellectual property" laws), but most folks ignored us.

You know the line about having made your bed... election day is Tuesday in the US. Maybe it's a chance to send a message by voting libertarian.

*scoove*
(Not associated nor registered with the libertarian party, but disgusted with both major parties)

Re:Is this no different then pirating pay-per-view

[yroJJory]

That brings up an interesting parallel.

You see, "stealing cable," as the cable companies don't want you to know, means climbing their pole, entering their lock box, opening the neighborhood green base, and turning on your signal. Descramblers themselves are not illegal, as the 1934 Communications Act states that any citizen has the right to receive any broadcast signal. (The 1994 Communications Act modifies this to exclude the 800 MHz range to make analong cellular phone eavesdropping a punishable offense.) So long as you have not trespassed on the cable company's property, there is nothing illegal about "stealing cable."

So, if you own your modem and you modify its software to be uncapped, can they really go after you for "unauthorized access to a computer system" and that sort of crime? Obviously, they can ban you from their network, which is exactly what AT&T Broadband does (and makes me think twice about uncapping or modifying the cap limit), but can they seriously bring charges against you?

How might this be different than obtaining a signal via a decoder? After all, they're supplying the signal already.

Re:Wrong design

[WCMI92]

"Why could they even get additional bandwidth by changing their modem? If the provider wants to impose a limit, that should be done in their own hardware in their own end of the connection. If the system had been designed with this in mind, there wouldn't have been a case."

A very interesting point!

How about this: A customer who uses their own modem, ie, there is no cable company equipment inside the home at all. Most, if not all cable and DSL providers allow you to use/buy your own modem.

How could altering that be "unauthorized use of a computer device" or whatever, since the provider AUTHORIZED it to be connected to the network?

I think this is very, VERY thin as a criminal case. It'd be far stronger as a CIVIL case, ie: breech of contract.

But they don't send in the Federal jackboots to storm people's houses when you file a civil suit.

It's risky for even a monopoly like a cable company to do this, particularly in a larger area like Toledo. This could bite them in the ass, as people there can switch to satellite and get their local channels (as you can in most larger areas), and DSL is probably available (as well as other wireless broadband options).

I don't condone what they did, but neither do I condone what is definately a clear cut case of MISUSE of government power. This is a CONTRACT matter, not a criminal one!

"A Word of Warning From a Caught Uncapper"

[Istealmymusic]

"A Word of Warning From A Caught Uncapper"
by Kris Olsen

Bored during my summer, I thought I would take this project on. I began my research on June 26, before 2600 published the article on uncapping. Through various methods (mainly IRC), I talked to several people and finally figured out how to uncap my modem. Well, it wasn't as easy as it seems.

I went to a lot of trouble that in the end left me without cable and nearly in jail.

My ISP, like many, uses a system called QoS, or Quality of Service. This means a few things.

1) You can't connect without a config that the ISP doesn't already have (i.e., you can't create a config file with a 10mbit/10mbit line if the cable company only offers 400/200 800/400 and 1.5/512). This means in order to uncap, you can only uncap to a better service plan (i.e., going from 400/200 to 1.5/512).

2) In order to uncap to a better service plan you must get the config for that service plan, as making one with those caps often will not work. Take note, this config file has a different name than the one sent to your modem, and since the TFTP protocol doesn't allow directory listing, you must either have once used the faster service and seen the config file, or you have to know someone who has it who can help you out. Should you manage to get this config file, your problems are still not over.

3) The QoS checks your modem's MAC address every 10-15 minutes (depending on the size of your node) to make sure that the parameters set in your modem are the ones that you pay for. Note: the MAC cannot be changed because you have to register your MAC with the ISP, s they inevitably know who you are. To get around the QoS resetting your modem, one may think "Well hay, let's just change the SNMP ports so they can't send the reboot command to me!" Hah! That pisses them off like nothing else, and yes, they can track that. All it takes is about a day to find your port. The default SNMP ports are 161 and 162. I changed minme to 9999999941 and 9999999942. In two days they were once again resetting via SNMP.

4) So you figure, "Well, that means I have one or two days of uncapped modem, right?" Wrong. There is another way they can reset you that you can do nothing about. In order for your modem to stay connected to the server it must "ping" the server and get responses back. I say "ping" in quotations since it is not your normal 52 byte packet ping. It is a special CMTS type ping. What the ISP can do, should they notice that you are indeed using a faster config, is "suspend" the "pings," meaning that they are lost, and none come back to the modem. This will force an "HFC: Async Error Range Failed" error on your modem's long, which will be followed by "HFC: Shutting Upstream Down," and then "BOOTING: (firmware version)."

So now, this doesn't seem that bad. You may be thinking, "Why is this guy even writing this stuff - if there is a will there is a way." That is true, but my purpose is to show you that if your ISP does use QoS (examples of some that do are: Blueyonder, ATTBI, Cableone, Charter, Comcast, and NTL) then if you ever attempt ot uncap, they will notice and they will call you.

I received my first call the morning after I requested tech support to come out and fix the signal strength of my line (it was way out of spec and kept resetting my modem). Well, as protocol they watch your line to see what they can diagnose before the tech arrived at your house. Well that morning (the 10th of July), I uncapped and within ten minutes I had a call from the headquarters of my ISP, some 600 miles away. This was a "tap on the wrist" type conversation. They said basically, we see that you are uncapping, and that violates our Terms of Service agreement. Don't do it again. So I didn't for a while.

A couple of weeks went by and I used Ethereal, I common network "sniffer", to determine whether or not my ISP was watching my MAC address. Later I learned they were on the entire time and when they saw me "Sniffing" for info, they simply hid themselves behind the IP address 255.255.255.254. Not knowing that information, I decided it was safe to uncap again. And so I did and continued to be reset with HFC errors. I tried various methods to get around it, installed hacked firmware, sent various SNMP commands, even attempted to fake a CMTP server so that the CM would send the "pings" to a computer on my LAN, all to no avail. So when my modem would go back to normal, I would send it a new config, and the process went on and on like that for two weeks or so.

I left early on a Friday morning for a little weekend getaway. While I was out of town, I didn't even think about the status of my cable. No, I did not leave it uncapped when I left the house, but the damage had already been done. My ISP had all the evidence they needed to shut my cable off, and press misdemeaner charges, mainly based on cyber theft.

I returned to find a message on my answering machine from an "Internet Engineer" at the ISP's headquarters. He was not very pleased. The message was over 15 minutes long and contained a great deal of threats and comments obviously designed to scare an uncapped. It worked. I was terrified. After hearing the message, I went out to check the mail. In there was an envelope from my ISP containing a "Declaration of Termination of Service." In this letter were several items, including possible criminal charges to be pressed, two pages dealing every time I uncapped from July 10 to the present, and a long, long list of how I violated the Terms of Service with my ISP. Sure enough, when I went to contact the Internet Engineer by email, (the only contact information that was listed), my Internet service did not work. As a routing check, I looked at my modem's long file only to find this disturbing messsage: 7-Information D509.0 Retreived TFTP Config TRMNT.cm SUCCESS.

I twas clear. My service had been terminated. But my problems were not over yet.

The following day (August 5) I received another call from him, telling me that the ISP wanted to press charges. As soon as I was off the phone I immediately called my lawyer and told him the entire situation. My lawyer spent the rest of the day on the phone with my ISP and came to an agreement that for the two months that I uncapped, I would have to pay for the better service.

In the end, uncapping got me these final results:

Pros:

• 200+ KBps downloads (needing to be reconfigured every 35 minutes)
• 100+ KBps uploads (needing to be reconfigured every 35 minutes).

Cons:

• No more cable Internet.
• Almost got charges pressed.
• Ended up wasting about 150 hours of my life to no avail.
• Had to deal with really pissed off nerds with power.

The choice is up to you. This was just my experience.

----
Reprinted from 2600: The Hacker Quarterly, Volume 19, Number 3, Fall 2002 without permission. Even though Olsen's account obviously has some glaring mistakes (52-byte ping? Since when is the payload fixed? He probably means an ICMP ping.), I believe it provides an interesting account into what can happen if you're uncapped. Maybe not as drastic as the visit from the FBI in this Slashdot article, but certainly uncapping is still not worth it. Especially when your cable provider is a monopoly!

Good use oft ax dollars.

[MikeFM]

If we Slashdot their company webservers will they send FBI agents after us too? Damn it's evil of us using up bandwidth. We shouldn't take deep breaths either.. we might be depriving others in our neighborhood of oxygen. Or would the neighborhood committee have to force us to sign an EULA when we moved in to criminzlize that?

Monopoly companies think they can force anything from their customers but how long until their customers just cut the monopoly out of the loop. Electric companies screw over customers.. alternative power is gaining in popularity. Phone companies screw over customers.. VoIP is on the rise. Cable companies screw over their customers.. kids download movies off the Internet. Internet screw customers.. Mesh computing is on the rise. It takes time but these companies are choking themselves.

someone please explain this

[frovingslosh]

I can go to Circuit City or any of several other computer stores and buy a cable modem. If I don't happen to buy one that is as crippled as the one the local cable company provides, just what crime have I commited? These modems are apparently legal, as they are sold and advertised very openly (and in fact are much more available than DSL modems). It doesn't seem likely that Linksys, Actiontec and the rest will all strive to make the slowest cable modem. How do you keep gun ho yahoos who weren't unstable enough to get into the ATF from breaking down your door if you use a retail purchased cable modem?

Re:What about my rights?

[Kupek]

This isn't just funny, I think it's a legitamite question.

If attempting to go get bandwidth you didn't pay for is a violation of the TOS, shouldn't it also be considered a violation of contract if they systematicaly don't get the bandwidth they paid for?