Cable Modem Hackers Release Improved Firmware
FatCat writes "SecurityFocus has a story about a group of hardware and software hobbyists specializing in embeddded systems who've released their own custom firmware for Motorola Surfboard cable modems. The firmware lets you log in to an interactive VxWorks shell, or issue commands from a Web browser through an http interface. You load it by tapping an undocumented console serial port on the circuit board. So far, uncappers are apparently the primary consumers, and they're downloading up to 400 copies a day."
will be quickly disconnected! More bandwidth for me!
The cesspool just got a check and balance.
IANAA (I am not an admin) but shouldn't bandwidth capping be handled at the ISP's end, through a transparent proxy? Not through the cable modem? At the very least couldn't they just have the system automagically cut off service when the packets start flowing too fast, rather than getting into the legal minefields? Then they could say "I'm sorry, our system does not support uncapping" when someone tries and finds their machine not getting anything. Seems a more elegant solution than simply hoping nobody will try and then hosing lawyer hours at them when they do.
Here in Sweden the caps aren't in the modems and quite frankly what kind of idiot ISP would do it this way? We are capped at the router or somesuch. I got 8 Mbit on my ADSL though which is maximum for ADSL so im not complaining.
My Comcast (and my Sprint PCS) TOS states that the TOS is free to change at any time, without needing any notification, additional signature or approval from me, and is enforceable without my prior knowledge. They can add fees and still charge a cancellation fee if I get upset and leave.
Something ain't right about that.
Lesson learned:
Don't stake your business on being able to place artificial limits on how users use a product they buy.
DivX learned this. The RIAA are learning this. the MPAA will learn it. And looks like broadband providers will soon learn it too.
It's interesting today, but it won't last. I wouldn't really bother with it. If the ISP is capping it at the modem and users find a way around it, the ISP will just figure out a way to cap it in a different place - they'll probably put the cap on the other end of the pipe where they have absolute control of the firmware/hardware.
I do think it's an interesting attack on the Cable providors who have an undocumented bandwidth limitation that they enforce. One would think that a potential benefit would be an increase in the number of people who are diconnected due to this invisible marker, and some court enforced clarification/disclosure of limitations. Sadly, the activity is obviously illegal, and therefore any potential long term gains from this kind of activity are rendered unachievable.
Why do this on a shared medium, particularly one you have to share with your neighbors? I like my neighbors, and I get almost 3.5 megabits down, which is pretty quick. Plus, my neighbors know I'm the cul-de-sac computer geek, and they'd probably come to me if their connections slowed to a crawl. What am I supposed to do? Play dumb when they ask me if I know what's up with their slow connections? That's pretty weak... and looks even weaker when the cable company tells my neighbors that someone in the neighborhood uncapped their cable modem... Hmmm... wonder who that person could be?
Sorry, but there's very few things worse than being a weasel.
Yeah, it's great to have m4d bandwidth, but you're really paying for a shared resource, and I think most people know that. Don't get me wrong... I appreciate the value of a good hardware hack as much as the next geek, but if you're using it to siphon huge amounts of bandwidth from your neighborhood node, that's a problem.
If you need huge, dedicated bandwidth, I'd say buy a T-1 line, or pay for a business-class account.
Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.