Slashdot Mirror
Uncap Your Modem, Get Visit From the FBI
FlightSimGuy writes "The Blade wrote this article about how seven men were arrested by FBI agents with guns drawn and indicted by a local grand jury for allegedly "reconfiguring computer systems to access excessive amounts of bandwidth". Apparently the provider, Buckeye Cable Systems, wanted to make an example out of the men. According to the company's attourney, "Cyber crime is potentially very damaging to society. We are taking a firm position on that type of criminal activity. We hope these cases will have a deterrent value...""
Hands up!!! Hand over the bandwidth, punks. *snarl*
Sounds to me like the FBI should go after the cable company for using up valuable resources for this kind of crap.
A cable company making an example out of customers, or fighting terrorism and REAL crime... Wonder which the FBI's resources would be better spent at...
"Nothing strengthens authority so much as silence." - Charles de Gaulle
We hope these cases will have a deterrent value...
Sure will, it will deter people from becoming your customers.
-Kevin
Let this be a lesson to everybody. If you uncap your pipe to get speedier access to a naked woman, you end up paying for it in the long run.
---
When you come to a fork in the road, take it! --Yogi Berra--
And people are asking why the FBI didn't know about the pending terrorist attacks last year...
I don't see anything in the linked article about FBI agents pointing their guns at anybody.
Can we quit adding sensationalist crap to story summaries? Please?
"Mr. Runner, 55, of 4561 Westbourne Ct., Sylvania, resigned as Waterville solicitor in March, 2001, after a covert police surveillance operation videotaped him stealing coffee, creamer, and paper from village supplies."
:)
From stealing coffee and creamer to stealing bandwidth. This is the downward spiral into crime that the RIAA has been warning us about
Also, from the department of Redundancy dept.:
" "There have been no indications that other high-speed Internet providers have taken such firm steps to prosecute for the theft of broadband theft," Mr. Shryock said. "
This arrest goes beyond any other "computer crime" arrest I have ever seen. If I lived in Toledo (and thank the gods I don't), I would make it my personal quest to do everything in my power to embarrass this company by protests or other methods for what they've done. To borrow a commonly used phrase from the clown running for Governor in Florida, this is shameful.
What this really does is set a bad example for everyone. Just because something which is illegal and involves a computer, doesn't make it "cybercrime".
I wonder if these guys also send the FBI out every time they find out someone has free HBO.
A slip of the foot you may soon recover, but a slip of the tongue you may never get over. -Benjamin Franklin
Why could they even get additional bandwidth by changing their modem? If the provider wants to impose a limit, that should be done in their own hardware in their own end of the connection. If the system had been designed with this in mind, there wouldn't have been a case.
Do you care about the security of your wireless mouse?
Why is the FBI moving in on this thing? I always thought them goons won't get away from their coffee makers unless there is a monetary damage of one million dollars involved in the crime?
Why is the article posting the FULL names including street adresses of the fugitives (and that is what they are at this point, i guess)? This would be highly illegal in most of the rest of the world (it for sure is here in .de)
What makes people think that they can get away with an uncapped modem? I mean, by uncapping you show a certain sense and understanding of network and IT technology principles. Don't they realize that the cable modem MAC address is unique like a fingerprint? Don't they know that those MAC adresses are registered to their names with the provider? Can't they imagine that a simple script running at the providers location will easily identify them and document their crime basically within a minute after uncapping?
+++ath0
This is rediculous. FBI knocks down your door because your cable provider is too stupid to properly keep its customers from sucking up all the bandwidth?
...fucking morons
What happens when the system is DOCSIS compliant, and the modem you are using is YOURS. Then what? Arrest you because you made an aftermarket modification to your own property?
This is a fucking joke. The solution isn't to arrest the people that uncap their modems. The solution is to install a packet shaper to manage bandwidth usage from a location inaccessible to your customers. Once again, cable companies prove that they are not capable of being competent ISPs.
What I'd like to see is a federal law passed that requires cable companies to share their lines with local competitors, much like the phone companies. I think we'd see a lot less of this crap once we had cable modem providers that did not have a CATV service on the side, or any CATV mentality.
Here's a question: I just read my Cablevision AUP for the cable modem service I've bought from them since 1996. Now, I OWN my cable modems (I have four) that I bought from the Wiz to replace the LanCity (after that, Terayon) modems I rented from Cablevision.
Nowhere in this agreement does it say " you may not modify your hardware to squeeze more bandwidth out of us." The ads constantly promise "up to 100 times a 56k modem" but nowhere in the agreement does it prevent "optimization of your own gear to increase throughput efficiency" or any such language.
In fact, I don't see anything about uncapping or hardware modification at all.
There ARE stringent rules about reselling the service, running any kind of server, and warnings that routers and home LANs are NOT supported, but nothing saying "altering your own hardware to increase bandwith" is proscribed.
There are rules about "tampering wih the Optimum Online Service" but it would be a far stretch to say that includes optimizing your own equipment.
And even if this was the interpretation, where is the statement that this violates anything but an AUP, which would be at most a civil infraction.
How does this become a Federal crime?
"The pie shall be cut in half and each man shall receive.....death. I'll eat the pie."
Exactly. There was no need for the cloak and dagger takedown here. The ISP simply should have shut down their account and called them up saying, "Hey, you're stealing service and we're suspending the account, you still owe us for this month's service as well. Pay up."
I wholeheartedly disagree with the whole "making an example" stance that courts (and in this case a company) do. It's a perversion of justice. Under the same circumstances, one guy gets a sentence twice as harsh as the next guy, just because some cowboy judge "wants to set an example"?? The law should see everyone as equal and handle every case based on the law, not public perception.
"Yeah kid, we know you only jaywalked, but there's a lot of scofflaws like you out there, and dammit, we're gonna make an example outta you! 20 YEARS!"
I think the ISP reaction is too harsh. For sure, they basically have been stealing from them (bandwidth, or service or whatever). But having the FBI boot down doors for a crime like this exceeds the boundaries of common sense. Don't they have any rape crimes to investigate.
And yes, uncapping is/can usually be done by software. It is however no trivial task (sometimes requiring to mess with MD5 checksums, reconfiguring your machine to look like the ISPs FTP server and stuff like that).
What bugs me is that this could have been solved from the desk of the ISPs staff. Most cable modems allow for remote reboot, which means that the modem would reset and retrieve its config file (where the limits are set) from the ISP FTP server. So, just have them reboot the modems by script as soon as they detect anomalies. No problem, cheap script I guess. In case these uncap's were hardcoded (i.e. by unsoldering firmware or reflashing hardware parts of a *rented* modem) things get a little worse... It'll be a heavier charge than just theft of service/bandwidth then. Don't know the verbatim for that, but fiddling with hardware you've been told to keep your fingers out of which does not even belong to you...uh-oh.
+++ath0
That brings up an interesting parallel.
You see, "stealing cable," as the cable companies don't want you to know, means climbing their pole, entering their lock box, opening the neighborhood green base, and turning on your signal. Descramblers themselves are not illegal, as the 1934 Communications Act states that any citizen has the right to receive any broadcast signal. (The 1994 Communications Act modifies this to exclude the 800 MHz range to make analong cellular phone eavesdropping a punishable offense.) So long as you have not trespassed on the cable company's property, there is nothing illegal about "stealing cable."
So, if you own your modem and you modify its software to be uncapped, can they really go after you for "unauthorized access to a computer system" and that sort of crime? Obviously, they can ban you from their network, which is exactly what AT&T Broadband does (and makes me think twice about uncapping or modifying the cap limit), but can they seriously bring charges against you?
How might this be different than obtaining a signal via a decoder? After all, they're supplying the signal already.
Jory
It is serious when someone steals bandwidth from an ISP, thus hurting other customers. However, it is nothing the FBI should be involved in; its a matter for the state authorities.
Also, you have to remember, this is not like stealing in the conventional sense. In this case, the defendants modified their own computer software to uncap bandwidth. It seems to me that you should be able to alter you're own property in any way you want to. If the ISP doesn't like that, they should include clauses in the contract which say they can terminate you're account for doing so, and can fine you extra for the extra bandwidth you used.
However, I can see how this can be contrieved as stealing; you're modifying your own computer to be used as a tool to steal bandwidth from an ISP (and from other customers) which you haven't paid for and don't have a right to by the agreement with you're ISP. You may have the right to alter your computer in any way you want, but that doesn't mean you have the right to use those modifications for any means you want; i.e., I can add Nitroboosters to my Boxter, but that doesn't mean I can cruise down the highway at 250mph.
I'm fine with these people being prosecuted. What they did is, in fact, theft; not only from their ISP, but also from other customers. Other customers experience obscene slowdowns to dialup speed because a few selfish customers want to download at 10MB/s. But the FBI should not be involved, and certainly these crimes don't call for armed raids. The FBI should be focusing on serious criminals, like terrorists, serial killers, serial rapists, organized child-molesters, organized crime, and large-scale frauds (refer to Enron, Global Crossings).
This brings up an interesting note on ISPs. Why do broadband companies cap bandwidth at all? Why not just divide up the available bandwidth evenly among all the requesting users. Lets say that there's a 100 users and that the ISP can offer 100MB/s of bandwidth total. If they all request bandwidth at the same time, they should each get 1MB/s of bandwidth. If, later on, only 50 of them are requesting bandwidth, each should get 2MB/s of bandwidth. If only one is requesting bandwidth, (s)he should get 100MB/s of bandwidth. They could also integrate prioritized bandwidth, where you get preference in accordance to how much extra you pay; i.e., if you pay 2x the average, you get 2x the bandwidth at any given moment. Another useful thing to do would be to minimize net wait-times. If person A is downloading a file of 1MB and person B is downloading a file of 2MB, then it makes sense to let person A do his download first, then let person B do his download. This way, the net wait time is 2(1MB / 100MB/s) + 2MB / 100MB/s = 0.04s; instead of 2(2MB / 100MB/s) + 1MB / 100MB/s = 0.05s.
social sciences can never use experience to verify their statemen
So does this mean I can press charges against QWest since I pay for a 256kbps connection and I have never topped 100kbps cumulative of all my downloads and never 70 on a single download?
I do security
Big deal! You do the crime, you do the time.
It's like those posts we always read whenever copyright infringement comes up: "You're stealing. Saying, 'Can I borrow that CD for a sec?', popping it into your CD drive, ripping a track, and giving it back to your friend is NO DIFFERENT from breaking into my house and stealing my computer. If one gets you in jail, so should the other."
Likewise: What these people did, stealing bandwidth, is NO DIFFERENT from what it would be if, instead of just modifying some hardware in the privacy of their own homes, they BROKE INTO Fort Knox, weilding NUCLEAR WEAPONS LACED WITH BIOCHEMICAL WARFARE and stole BULLION BANDWIDTHS!!!
It's no different, and I for one am GLAD, do you hear? glad with all my heart to see these CRIMINALS finally come to justice.
An EULA by a private organization is NO DIFFERENT from a constitutionally sound law passed by a majority of our elected senate and subject to the scrutiny, [1] of an impartial office whose members are appointed by a democratically elected leader (and subject to approval by our democratically elected senate.)
I don't know about you, but I'll be GLAD when my tax dollars go toward knocking my door down for modding my xbox (which will be specifically illegalificated by the EULA). I'll be laughing all the way to the electric chair! And then have my sentence compounded (two consecutive electrocutions?) for sitting in the electric chair in a non-authorized way!
How beautiful the world will be when EULA's reign supreme!
~Robert.
[1] against the standard of a sacred document detailing our most cherished rights, and being the only thing separating us from a fascist regime appointed by the majority -- Hitler was elected, don't-ya-know.
by Kris Olsen
Bored during my summer, I thought I would take this project on. I began my research on June 26, before 2600 published the article on uncapping. Through various methods (mainly IRC), I talked to several people and finally figured out how to uncap my modem. Well, it wasn't as easy as it seems.
I went to a lot of trouble that in the end left me without cable and nearly in jail.
My ISP, like many, uses a system called QoS, or Quality of Service. This means a few things.
1) You can't connect without a config that the ISP doesn't already have (i.e., you can't create a config file with a 10mbit/10mbit line if the cable company only offers 400/200 800/400 and 1.5/512). This means in order to uncap, you can only uncap to a better service plan (i.e., going from 400/200 to 1.5/512).
2) In order to uncap to a better service plan you must get the config for that service plan, as making one with those caps often will not work. Take note, this config file has a different name than the one sent to your modem, and since the TFTP protocol doesn't allow directory listing, you must either have once used the faster service and seen the config file, or you have to know someone who has it who can help you out. Should you manage to get this config file, your problems are still not over.
3) The QoS checks your modem's MAC address every 10-15 minutes (depending on the size of your node) to make sure that the parameters set in your modem are the ones that you pay for. Note: the MAC cannot be changed because you have to register your MAC with the ISP, s they inevitably know who you are. To get around the QoS resetting your modem, one may think "Well hay, let's just change the SNMP ports so they can't send the reboot command to me!" Hah! That pisses them off like nothing else, and yes, they can track that. All it takes is about a day to find your port. The default SNMP ports are 161 and 162. I changed minme to 9999999941 and 9999999942. In two days they were once again resetting via SNMP.
4) So you figure, "Well, that means I have one or two days of uncapped modem, right?" Wrong. There is another way they can reset you that you can do nothing about. In order for your modem to stay connected to the server it must "ping" the server and get responses back. I say "ping" in quotations since it is not your normal 52 byte packet ping. It is a special CMTS type ping. What the ISP can do, should they notice that you are indeed using a faster config, is "suspend" the "pings," meaning that they are lost, and none come back to the modem. This will force an "HFC: Async Error Range Failed" error on your modem's long, which will be followed by "HFC: Shutting Upstream Down," and then "BOOTING: (firmware version)."
So now, this doesn't seem that bad. You may be thinking, "Why is this guy even writing this stuff - if there is a will there is a way." That is true, but my purpose is to show you that if your ISP does use QoS (examples of some that do are: Blueyonder, ATTBI, Cableone, Charter, Comcast, and NTL) then if you ever attempt ot uncap, they will notice and they will call you.
I received my first call the morning after I requested tech support to come out and fix the signal strength of my line (it was way out of spec and kept resetting my modem). Well, as protocol they watch your line to see what they can diagnose before the tech arrived at your house. Well that morning (the 10th of July), I uncapped and within ten minutes I had a call from the headquarters of my ISP, some 600 miles away. This was a "tap on the wrist" type conversation. They said basically, we see that you are uncapping, and that violates our Terms of Service agreement. Don't do it again. So I didn't for a while.
A couple of weeks went by and I used Ethereal, I common network "sniffer", to determine whether or not my ISP was watching my MAC address. Later I learned they were on the entire time and when they saw me "Sniffing" for info, they simply hid themselves behind the IP address 255.255.255.254. Not knowing that information, I decided it was safe to uncap again. And so I did and continued to be reset with HFC errors. I tried various methods to get around it, installed hacked firmware, sent various SNMP commands, even attempted to fake a CMTP server so that the CM would send the "pings" to a computer on my LAN, all to no avail. So when my modem would go back to normal, I would send it a new config, and the process went on and on like that for two weeks or so.
I left early on a Friday morning for a little weekend getaway. While I was out of town, I didn't even think about the status of my cable. No, I did not leave it uncapped when I left the house, but the damage had already been done. My ISP had all the evidence they needed to shut my cable off, and press misdemeaner charges, mainly based on cyber theft.
I returned to find a message on my answering machine from an "Internet Engineer" at the ISP's headquarters. He was not very pleased. The message was over 15 minutes long and contained a great deal of threats and comments obviously designed to scare an uncapped. It worked. I was terrified. After hearing the message, I went out to check the mail. In there was an envelope from my ISP containing a "Declaration of Termination of Service." In this letter were several items, including possible criminal charges to be pressed, two pages dealing every time I uncapped from July 10 to the present, and a long, long list of how I violated the Terms of Service with my ISP. Sure enough, when I went to contact the Internet Engineer by email, (the only contact information that was listed), my Internet service did not work. As a routing check, I looked at my modem's long file only to find this disturbing messsage: 7-Information D509.0 Retreived TFTP Config TRMNT.cm SUCCESS.
I twas clear. My service had been terminated. But my problems were not over yet.
The following day (August 5) I received another call from him, telling me that the ISP wanted to press charges. As soon as I was off the phone I immediately called my lawyer and told him the entire situation. My lawyer spent the rest of the day on the phone with my ISP and came to an agreement that for the two months that I uncapped, I would have to pay for the better service.
In the end, uncapping got me these final results:
Pros:
Cons:
The choice is up to you. This was just my experience.
----
Reprinted from 2600: The Hacker Quarterly, Volume 19, Number 3, Fall 2002 without permission. Even though Olsen's account obviously has some glaring mistakes (52-byte ping? Since when is the payload fixed? He probably means an ICMP ping.), I believe it provides an interesting account into what can happen if you're uncapped. Maybe not as drastic as the visit from the FBI in this Slashdot article, but certainly uncapping is still not worth it. Especially when your cable provider is a monopoly!
"The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare
Well, being slightly technically savvy myself, I'll point out that it's actually the underlying phsyics of a copper wire, plus the existing POTS architecture that limited things to "56k". Not to mention that the number is 99.99999% marketing hype, and practical use never could realize more than a slight and brief increase over the previous 33.6k... which itself was fairly heavy voodoo.
But yeh... I tend to agree with the sentiment that the FBI goons raiding you for modifying your own property is generally bad. The lesson here, is the internet is too empowering for the common man to be allowed to use it for more than a few small emails (which are safe now that they have carnivore). They'd be happy to let monopolistic market forces price internet service out of everyone's budget, but people who try to avoid that need to be dealt with harshly.
If we Slashdot their company webservers will they send FBI agents after us too? Damn it's evil of us using up bandwidth. We shouldn't take deep breaths either.. we might be depriving others in our neighborhood of oxygen. Or would the neighborhood committee have to force us to sign an EULA when we moved in to criminzlize that?
Monopoly companies think they can force anything from their customers but how long until their customers just cut the monopoly out of the loop. Electric companies screw over customers.. alternative power is gaining in popularity. Phone companies screw over customers.. VoIP is on the rise. Cable companies screw over their customers.. kids download movies off the Internet. Internet screw customers.. Mesh computing is on the rise. It takes time but these companies are choking themselves.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
I can go to Circuit City or any of several other computer stores and buy a cable modem. If I don't happen to buy one that is as crippled as the one the local cable company provides, just what crime have I commited? These modems are apparently legal, as they are sold and advertised very openly (and in fact are much more available than DSL modems). It doesn't seem likely that Linksys, Actiontec and the rest will all strive to make the slowest cable modem. How do you keep gun ho yahoos who weren't unstable enough to get into the ATF from breaking down your door if you use a retail purchased cable modem?
I'm an American. I love this country and the freedoms that we used to have.
But this isn't just "modifying your own property." For one thing, there's a good chance that they're renting/leasing the modem, a lot of cable providers do that. But more important, they've modified the modem to abridge a service agreement. It's like if the gas company determined that they could provide a certain amount of gas to an area based on their infrastructure there. And to keep people from starving gas customers further down the line, they put a choke on each customer's gas line to keep the amount of gas use down to a level the infrastructure can handle. Say that somebody said "fuck the man, I'll take as much gas as I want!" and took the choke out of their gas line. Sure, it's their property, but they're screwing other people and violating the agreement they had with the gas company.
I'm sure that they used Feds instead of locals because it was a violation of some federal law, not for some jackbooted nazi thug "repress the proles" sort of thing.
And the "few small emails" thing is a load of bull. It's not like they were limited to a few kbps or something.
High speed internet isn't exactly "monopolistic" in metropolitan areas like Toledo, either. If you read the forums attached to the Blade's article, you'll see one person from the area who didn't even consider Buckeye cable, implying that not only is there a second choice, there's at least a third because the person had a choice to make even after DQing Buckeye.
Matt
FBI 'raids' have already occured on people uncapping their hardware to take up more bandwidth. And all the same arguments were provided last time this was on slashdot.
Lets sum them up.
1) This is lame, its not like its a real crime!
Answer : This is a real crime. Uncapping your modem increases your use of the ISP's equipment. Not only does this steal from the ISP, it is also detrimental to the other users of the service.
2) Why is the FBI involved, thats Overkill?
Answer: The FBI are involved because the only two agencies with jursdiction in america over Network Crimes which may pass in and out of normal police lines are the Secret Service and the FBI. Who do you prefer to have knocking on your door?
3) I bought this modem, its my property and I am alowed to change the settings on it as I wish.
Answer: Okay, lets make an analogy. I own some magnetic swipe plastic cards. Using a card programer I also own, I program these cards to match other peoples credit cards. I then go out and buy stuff. I've only used my property to do that, so its not illegal right?
4) They can solve this problem at the router side anyway! They dont have to mess around the users.
This is just flat wrong. Any distributed network, especialy wan systems that share contention, can be damaged by individual network stations. There is no way to get around this. You can only stop them off at the network segments you directly control, but by then the proformance of any network segments prior to that may have been degraded. A badly configured modem/home router sending oddly configured packets in an atempt to 'fix' their access can do bad things to a network.