Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cable Modem Hackers Release Improved Firmware

Posted by michael on from the improvise-adapt-overcome dept.

FatCat writes "SecurityFocus has a story about a group of hardware and software hobbyists specializing in embeddded systems who've released their own custom firmware for Motorola Surfboard cable modems. The firmware lets you log in to an interactive VxWorks shell, or issue commands from a Web browser through an http interface. You load it by tapping an undocumented console serial port on the circuit board. So far, uncappers are apparently the primary consumers, and they're downloading up to 400 copies a day."

25 of 419 comments (clear)

  1. Great, the bandwidth hogs by Gr8Apes · · Score: 4, Insightful

    will be quickly disconnected! More bandwidth for me!

    --
    The cesspool just got a check and balance.
  2. Is this right? by ObviousGuy · · Score: 2, Insightful

    It's a simple question: Just because you can, should you?

    --
    I have been pwned because my /. password was too easy to guess.
  3. Hmm... by Pxtl · · Score: 5, Insightful

    IANAA (I am not an admin) but shouldn't bandwidth capping be handled at the ISP's end, through a transparent proxy? Not through the cable modem? At the very least couldn't they just have the system automagically cut off service when the packets start flowing too fast, rather than getting into the legal minefields? Then they could say "I'm sorry, our system does not support uncapping" when someone tries and finds their machine not getting anything. Seems a more elegant solution than simply hoping nobody will try and then hosing lawyer hours at them when they do.

    1. Re:Hmm... by asdfghjklqwertyuiop · · Score: 2, Insightful

      I preached about this to Blizzard Entertainment for ages (via email, and on their forums) and they STILL don't get it.

      Blizzard has been ignoring you because you don't know what you're talking about. It is simply not possible to design a game that has all sensitive computation being done on the server. The game will not be playable over the internet. It simply won't perform well enough.

  4. Re:My Opinion by Pope · · Score: 2, Insightful

    You're free to pay full market rate for your connection, just get a fractional T1 or leased line: problem solved! :)

    --
    It doesn't mean much now, it's built for the future.
  5. This shouldn't even be possible by huhmz · · Score: 4, Insightful

    Here in Sweden the caps aren't in the modems and quite frankly what kind of idiot ISP would do it this way? We are capped at the router or somesuch. I got 8 Mbit on my ADSL though which is maximum for ADSL so im not complaining.

    1. Re:This shouldn't even be possible by Quill_28 · · Score: 4, Insightful

      Umm.. I believe cable modem use a shared line with other users.
      I am certainly no expert but I think it is more difficult with this setup, than with DSL.

      But I could be wrong

    2. Re:This shouldn't even be possible by Jarnis · · Score: 4, Insightful

      There is a big difference in technology when comparing ADSL and Cable modems. Yes, one could argue that the early cable modem standard sucks and is exploitable, but that's what is in use by millions of customers right now.

      ADSL is single line from you to your local DSLAM. Zero issues with capping at the DSLAM end.

      Cable modem has tons of users sharing the same cable, and the easiest point where you squeeze down what a single user can send/receive to the cable is your cable modem. Yes, there are ways of doing it at the ISP:s end, but they are either expensive or require nasty kludges.

    3. Re:This shouldn't even be possible by 3Daemon · · Score: 2, Insightful

      Not really sure about the technicalities of cable-modem capping either.

      However, I don't understand how so many businesses can actually base their plans on digital boxes being "tamperproof". To my knowledge, nobody has EVER successfully made anything digital tamperproof. DVD players, XBOX'es, Cable modems, Play Stations, all have been hacked. So why on earth do they keep trying?

      Sure, it can make for some very tempting business models, but COME ON. It's like building your house on an erodable ledge by the sea, and then whine about it when your property goes bye-bye into the big blue.

      Of course, as politicians seems to think such behaviour perfectly reasonable, and even write laws to support it, its never going to go away. :/

  6. Re:My Opinion by lukewarmfusion · · Score: 4, Insightful

    My Comcast (and my Sprint PCS) TOS states that the TOS is free to change at any time, without needing any notification, additional signature or approval from me, and is enforceable without my prior knowledge. They can add fees and still charge a cancellation fee if I get upset and leave.

    Something ain't right about that.

  7. Harsh lesson for business by Stiletto · · Score: 5, Insightful


    Lesson learned:

    Don't stake your business on being able to place artificial limits on how users use a product they buy.

    DivX learned this. The RIAA are learning this. the MPAA will learn it. And looks like broadband providers will soon learn it too.

  8. It's of no moment by picklepuss · · Score: 5, Insightful

    It's interesting today, but it won't last. I wouldn't really bother with it. If the ISP is capping it at the modem and users find a way around it, the ISP will just figure out a way to cap it in a different place - they'll probably put the cap on the other end of the pipe where they have absolute control of the firmware/hardware.

    I do think it's an interesting attack on the Cable providors who have an undocumented bandwidth limitation that they enforce. One would think that a potential benefit would be an increase in the number of people who are diconnected due to this invisible marker, and some court enforced clarification/disclosure of limitations. Sadly, the activity is obviously illegal, and therefore any potential long term gains from this kind of activity are rendered unachievable.

  9. Re:dropped carrier by ErichTheRed · · Score: 3, Insightful
    Yup, lots of people don't realize that. Especially over the last two years, cable broadband has emerged from the Wild West period. Now providers are actually looking at what's going on in their networks, and going after people who are stealing service. Of course, they don't have time to crack down on everyone, but they can easily collect statistics from the routers.

    The thing that stinks is that our provider is great. They block a few common ports inbound to prevent casual abuse, but that's about it; it's fast and stable! Uncappers may ruin it for the rest of us with this firmware mod.

  10. Re:Increasing Speed by Anonymous Coward · · Score: 1, Insightful

    Of course you can always setup a compressed SSH tunnel to speed up the text part of web browsing

    I'm sure people wanting to uncap their modems won't be interested in text websites. MP3s, movies and w4r3z are already compressed...

  11. Re:Increasing Speed by spectrokid · · Score: 2, Insightful

    Which would assume you have a computer on the other side for decompressing...

    --

    10 ?"Hello World" life was simple then

  12. so the question becomes by The+Tyro · · Score: 5, Insightful

    Why do this on a shared medium, particularly one you have to share with your neighbors? I like my neighbors, and I get almost 3.5 megabits down, which is pretty quick. Plus, my neighbors know I'm the cul-de-sac computer geek, and they'd probably come to me if their connections slowed to a crawl. What am I supposed to do? Play dumb when they ask me if I know what's up with their slow connections? That's pretty weak... and looks even weaker when the cable company tells my neighbors that someone in the neighborhood uncapped their cable modem... Hmmm... wonder who that person could be?

    Sorry, but there's very few things worse than being a weasel.

    Yeah, it's great to have m4d bandwidth, but you're really paying for a shared resource, and I think most people know that. Don't get me wrong... I appreciate the value of a good hardware hack as much as the next geek, but if you're using it to siphon huge amounts of bandwidth from your neighborhood node, that's a problem.

    If you need huge, dedicated bandwidth, I'd say buy a T-1 line, or pay for a business-class account.

    --
    Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
    1. Re:so the question becomes by Awptimus+Prime · · Score: 4, Insightful

      Do you actually think they run another line for a business-class account?

      I think that's the point, exactly. There are others paying for the bandwidth, while some kid with a hacked firmware is, in essence, stealing it.

      Just because it's there, does not mean it's there for the taking. If you need the extra bandwidth, don't steal it. Buy it.

      Also, just because the cable modem ring concept is flawed and difficult to control, by design, that does not make it justifyable to steal from them any more than it does to steal from music artists by downloading Mp3's. If you are going to be a criminal, don't play like it's not wrong. Accept that it's wrong, and get your kicks on the idea you stole something. That's less sick than the relentless and asinine justification I see all through this thread.

  13. Re:Cheap VxWorks development system? by Quasar1999 · · Score: 3, Insightful

    Umm, you are aware that VxWorks runs fine on an x86 based PC? Why muck around with a modem and hacking, when you could install VxWorks on a PC and worry about learning the system, not hacking the hardware.

    --

    ---
    Programming is like sex... Make one mistake and support it the rest of your life.
  14. Re:This won't last long by arctan1701 · · Score: 3, Insightful

    hmmmm... i own my cable modem. my contract says nothing about allowing my cable company to access my computer systems and make changes. shouldn't this be a form of hacking/terrorism and be punished by death as it is for the rest of us?

  15. Re:How to handle uncappers fairly? by base3 · · Score: 2, Insightful
    Cut off the user's service, and when they call, say that you noted a "network anomaly" and will need to reset their client equipment. Reset the parms, turn the service back on. No accusation necessary, and the subscriber will probably get the message.

    If it were to happen a second time, it would be time to either permanently cancel the user or escalate to less subtle threats.

    --
    One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
  16. Re:My Opinion by gowen · · Score: 2, Insightful
    Something ain't right about that
    Well, if I were you, I'd blame the moron who forged your signature on that particularly unbalanced and unreasonable contract.
    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  17. No by The+Tyro · · Score: 3, Insightful

    I know for a fact they don't run another line, because I purchased one of their business-class accounts for my corporation.

    Why? Running servers for one, and I also get priority for bandwidth on the node, as well as better tech support (which I basically never use... calling tech support is a sign of weakness). Yes, it costs more, but I knew my utilization would be a good deal more than average, so I paid for the next level of service.

    I personally suspect the uncappers are after some better upstream pipe... that's where residential accounts are seriously lacking compared to a T-1.

    --
    Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
  18. Re:How to handle uncappers fairly? by Anonymous Coward · · Score: 2, Insightful

    To do it fairly requires:

    1. a good upstream end (high end CISCO)
    2. A "fair share" scheduler

    The goal of the "fair share" scheduling is to make a history of usage part of the scheduling. Packets are "delayed" in delivery until the users "fair share" limits are reached.

    If the bandwidth maximum has not reached, then everyone gets full speed, BUT their usage is tracked. This tracking also involves a decay function to subtract from the usage.

    When the bandwidth reaches maximum, the individual destination packets are delayed by an amount proportional to the current "usage" level of that destination. Since new connections (or idle ones) decay to a 0 usage, they end up getting preferential treatment. Once saturation occurs, the heavy usage distinations are delayed while the new connections accumulate usage.

    It is similar to a priority heirarchy - no use - high priority... high usage - low priority. Over time, all usage becomes balanced, and the maximum bandwidth becomes shared among all targets.

    The usual difficulty in "fair share" algorithms is in determining the "decay" function. Since it is time based you have the number of seconds vs consumed bandwidth. You also don't want it to delay too long (you want the packet delayed in the 10-500 ms range, but the packet itself transmitted in as short a time as possible).

    You are shaping the traffic.. And I thought this was part of the newer routers...

  19. Re:How to handle uncappers fairly? by HeghmoH · · Score: 2, Insightful

    There should certainly be a less-subtle threat somewhere before permanent cancellation. It is utter bullshit if somebody pulls a stunt where they call you, say "we found some problem, can you reset your equipment?" with the hope that you will get the message, then cancel your service just because you thought your experiment and the phone call weren't related.

    My high school pulled stunts like this, revoking my account whenever I violated rules which they never told me about, without so much as a warning beforehand. It's not a tactic worthy of a profit-making business.

    --
    Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
  20. Re:cable "modem"? by Anonymous Coward · · Score: 2, Insightful

    Enlighten us, then, oh wise Yoda, how to call these wondrous devices?

    Cable or DSL modems are called modems, because they are essentially signal MOdulators/DEModulators. They function essentially the same way as an analog modem. DSL modems even use the same physical line, but communicate over a different set of frequencies then analog modems. Ditto for cable modem, the main difference being that cable modem taps into the cable line, while DSL modem taps into more-or-less standard phone lines.

    So yeah, us illiterate slashdroids call these mystical devices cable or DSL modems, 'cause we are so ILLITERATE. :P

    If only basic literacy came with obligatory logic and general knowledge module attached. Alas, the wonders of classical education, now long gone.