Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cable Modem Hackers Release Improved Firmware

Posted by michael on from the improvise-adapt-overcome dept.

FatCat writes "SecurityFocus has a story about a group of hardware and software hobbyists specializing in embeddded systems who've released their own custom firmware for Motorola Surfboard cable modems. The firmware lets you log in to an interactive VxWorks shell, or issue commands from a Web browser through an http interface. You load it by tapping an undocumented console serial port on the circuit board. So far, uncappers are apparently the primary consumers, and they're downloading up to 400 copies a day."

26 of 419 comments (clear)

  1. Loss of service by mpost4 · · Score: 5, Informative

    I would think that doing this could put one in dangar of lossing their service. I this more then likely is a violation of the TOS of most cable ISP's and when you violate a contract( TOS's are contracts of a form ) you void it, so then the cable company is not obligated to server you any more. Is the promise of high speed you don't pay for (theft) worth the lose of service, and posable legal action?

    1. Re:Loss of service by garcia · · Score: 4, Informative

      I worked for ATTBI before they were swallowed up by Comcast. I still have an ATTBI hostname...

      When the first round of "cable modem uncapping" documents started floating around to the masses I found plenty of open tickets that had been forwarded to the "legal department" for possible action. Most people had uncapped their modems to 10mbit/10mbit.

      Apparently they had a script that ran that checked for this as they had quite a few open tickets all over the place. I guess it was not hard to find.

      They would disable your modem, forcing you to power-cycle it. Then your modem would download a new, correct, config file. If they found that you were AGAIN in violation you were terminated.

      Some people did not lose their service but most did.

    2. Re:Loss of service by Muad'Dave · · Score: 4, Funny

      If they found that you were AGAIN in violation you were terminated.

      Your service was terminated, right? I've heard of "substantial penalties" for breach of contract, but termination? Jeez!

      --
      Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
  2. My Opinion by TheRealMindChild · · Score: 4, Interesting

    Ok, while I HATE the fact that my cable is capped, and now I have some invisible limit to my cable modem, there isn't a court in the land that will side with me, blatently breaking a few laws, and ignoring the TOS that was agreed to.

    Im just going to sit back for a while and hope something good comes of this... maybe cable providers will find that fighting with these people isnt worth the hassle.

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    1. Re:My Opinion by lukewarmfusion · · Score: 4, Insightful

      My Comcast (and my Sprint PCS) TOS states that the TOS is free to change at any time, without needing any notification, additional signature or approval from me, and is enforceable without my prior knowledge. They can add fees and still charge a cancellation fee if I get upset and leave.

      Something ain't right about that.

  3. Great, the bandwidth hogs by Gr8Apes · · Score: 4, Insightful

    will be quickly disconnected! More bandwidth for me!

    --
    The cesspool just got a check and balance.
  4. dropped carrier by sinucus · · Score: 5, Interesting

    I'll have to say that with all the draconian rules being put in place with cable providers that I don't see this as being a new playground for crackers. You'll likely get dropped quicker than you can refresh the BIOS on that cable modem of yours. With DOCSIS compliant cable modems you'll be sure to know that the cable modem company DOES know what you're doing with it.

  5. What will the companies do? by toasted_calamari · · Score: 4, Interesting

    I have heard stories of cable companies coming down *extremely* hard on uncappers, doing things like banning them from having cable service for life and other such actions.

    Given this, and the actions of DirectTV towards those who buy smartcards, I wonder what the cable companies will do.

    Will they ignore those who download these firmwares for the advanced features like the remote terminals and have no intention of uncapping, or will they treat everyone who re-flashes their firmware as a "criminal".

    --
    Let's make a difference
  6. Increasing Speed by vpscolo · · Score: 4, Interesting

    Of course you can always setup a compressed SSH tunnel to speed up the text part of web browsing. I've found you get get upto 400% increases which is nice :)

    rus

    --
    CPanel + Root from $35/mo - 10% off with discount code SLASHDOT
  7. Hmm... by Pxtl · · Score: 5, Insightful

    IANAA (I am not an admin) but shouldn't bandwidth capping be handled at the ISP's end, through a transparent proxy? Not through the cable modem? At the very least couldn't they just have the system automagically cut off service when the packets start flowing too fast, rather than getting into the legal minefields? Then they could say "I'm sorry, our system does not support uncapping" when someone tries and finds their machine not getting anything. Seems a more elegant solution than simply hoping nobody will try and then hosing lawyer hours at them when they do.

    1. Re:Hmm... by hattmoward · · Score: 5, Interesting

      The thing is, within a few blocks of you, cable modems are pretty much all working on the same piece of wire. There is a good amount of bandwidth to share out there (sorry, I don't remember, but it's A LOT), but if you use a transparent proxy, it's still possible to saturate the local segment and irritate other users. A solution using a bandwidth arbitrator for routing to users may work, but if all the cable modems run in full-speed mode, you get bursty connections while each modem waits its turn to go full-saturation. Unfortunately, uncappers don't realize that they're potentially screwing over someone else. I think that's the big beef that the ISPs have... They already planned for a high potential bandwidth, it's just that when you go from 1.5 to 3 Mbps, you're giving yourself a bigger timeslice on the wire. Other than that, DOCSIS (in its most common configuration) is a very Big Brother-ish protocol, and your ISP will know what you're doing the minute you do it... unless they're a bunch of monkeys with wire (read: Comcast).

    2. Re:Hmm... by tazanator · · Score: 5, Interesting

      Well this is comcast.. My tcpdump shows ARP traffic on my cable modem from 4 different class B subnets(XX.XX.xx.xx), and even 2 class A subnets (XX.xx.xx.xx) I could understand a class C subnet(XX.XX.XX.xx) but not traffic in class A corporate down at end user. I'm in Indiana and seeing customers in California reply to ARP's... wasted bandwidth. With this much ARP traffic allowed thru the routers it's no wonder they are short bandwidth and kicking bandwidth hogs. Comcast has great speed but at very high cost (about $60 in my area) and the limits and additional overhead they build into the network it's no wonder the people hate them. If I can wean my 10 year old daughter from the TV I will cut the cord and go to DSL (I want to run a game server anyways and DSL is only $30 out here). I am not surprised people uncap and reconfig the cable modem ... they do it to phones (voicemail, speaker phones, heck the ham's started long distance connecting the ham radio to a phone to get longer distance with out the bill), why should the inovative spirit stop at the cable company?

      --
      I'm told you are what you eat, does that mean I can be you by tomorrow with some A1?
  8. Monopoly by lukewarmfusion · · Score: 5, Interesting

    In my area, Comcast is the ONLY option (outside of extremely expensive satellite alternatives). If they want to shut you off, they can. Then, you're screwed. I try not to do anything that will get me in trouble with them. Losing my cable, internet, etc. would be far worse than the tyranny of having my cable modem capped or my speed tiered. The problem is that they know this as well. That's why they can and do take these steps. My solution was the same one that Utah and others were going to do - city/state run broadband. It'd be just another utility and they could certainly offer it cheaper than Comcast. Plus, with the profits going back to the city or state, it would probably help lower/cut taxes. It's probably a simplistic view, and I realize that there are issues with letting the government control your internet access, but it would probably benefit the consumer much more than letting a monopolistic cable company charge $45 for crappy television and $45 more for internet access that goes down for "unscheduled maintenance."

  9. This shouldn't even be possible by huhmz · · Score: 4, Insightful

    Here in Sweden the caps aren't in the modems and quite frankly what kind of idiot ISP would do it this way? We are capped at the router or somesuch. I got 8 Mbit on my ADSL though which is maximum for ADSL so im not complaining.

    1. Re:This shouldn't even be possible by Quill_28 · · Score: 4, Insightful

      Umm.. I believe cable modem use a shared line with other users.
      I am certainly no expert but I think it is more difficult with this setup, than with DSL.

      But I could be wrong

    2. Re:This shouldn't even be possible by Jarnis · · Score: 4, Insightful

      There is a big difference in technology when comparing ADSL and Cable modems. Yes, one could argue that the early cable modem standard sucks and is exploitable, but that's what is in use by millions of customers right now.

      ADSL is single line from you to your local DSLAM. Zero issues with capping at the DSLAM end.

      Cable modem has tons of users sharing the same cable, and the easiest point where you squeeze down what a single user can send/receive to the cable is your cable modem. Yes, there are ways of doing it at the ISP:s end, but they are either expensive or require nasty kludges.

  10. Is it "bad netizenship"? by djeaux · · Score: 4, Interesting
    Leaving aside the Sir Edmund Hillary rationale for hacking anything ("Because it was there") which is probably the #1 reason for any slashdottoid to crack out the soldering iron anyway, I have to wonder if this would be like circumventing any other speed limit. Aren't roadway speed limits set partly for safety & partly to control traffic?

    If everybody "uncapped", would the result be enough net congestion that everyone would wind up getting "capped" speeds again? Is this a netizenship question?

    As far as the ISP detecting "uncapped" cable modems, which has already been mentioned on this topic, I'd have to offer that my local cable provider employs so many utterly inept techs that they have trouble detecting when someone hooks up an unauthorized line to the pole, much less a change in the modem itself. That's why I've stuck with DSL -- 2 years with zero downtime, including a hurricane, while my cable service is down 3-4 times a week.

    --
    "Obviously, I'm not an IBM computer any more than I'm an ashtray" (Bob Dylan)
  11. Harsh lesson for business by Stiletto · · Score: 5, Insightful


    Lesson learned:

    Don't stake your business on being able to place artificial limits on how users use a product they buy.

    DivX learned this. The RIAA are learning this. the MPAA will learn it. And looks like broadband providers will soon learn it too.

  12. It's of no moment by picklepuss · · Score: 5, Insightful

    It's interesting today, but it won't last. I wouldn't really bother with it. If the ISP is capping it at the modem and users find a way around it, the ISP will just figure out a way to cap it in a different place - they'll probably put the cap on the other end of the pipe where they have absolute control of the firmware/hardware.

    I do think it's an interesting attack on the Cable providors who have an undocumented bandwidth limitation that they enforce. One would think that a potential benefit would be an increase in the number of people who are diconnected due to this invisible marker, and some court enforced clarification/disclosure of limitations. Sadly, the activity is obviously illegal, and therefore any potential long term gains from this kind of activity are rendered unachievable.

  13. This won't last long by Knightsaber2003 · · Score: 5, Informative

    As soon as someone from Motorola reads this, they'll be popping out new firmware to cable ISP's right quick. It's quite easy for the ISP's to push this out in a night or two. I do it for a living :)

    --
    -KS2k3
  14. This is the US by Anonymous Coward · · Score: 4, Funny
    We have to reserve a certain portion of all economic activity for our lawyers, else they're likely to run wild in the streets and start chewing the tires off cars.

    With caps inside the cable company's network, there would be no oppurtunity for legal disputes and the resulting lawyer's fees....

  15. Re:confused by aonaran · · Score: 4, Interesting

    It's because the higher voltage required to push it to 56k would cause enough crosstalk to interfere with neighboring voice lines which is what the telephone system is supposed to be used for.

  16. so the question becomes by The+Tyro · · Score: 5, Insightful

    Why do this on a shared medium, particularly one you have to share with your neighbors? I like my neighbors, and I get almost 3.5 megabits down, which is pretty quick. Plus, my neighbors know I'm the cul-de-sac computer geek, and they'd probably come to me if their connections slowed to a crawl. What am I supposed to do? Play dumb when they ask me if I know what's up with their slow connections? That's pretty weak... and looks even weaker when the cable company tells my neighbors that someone in the neighborhood uncapped their cable modem... Hmmm... wonder who that person could be?

    Sorry, but there's very few things worse than being a weasel.

    Yeah, it's great to have m4d bandwidth, but you're really paying for a shared resource, and I think most people know that. Don't get me wrong... I appreciate the value of a good hardware hack as much as the next geek, but if you're using it to siphon huge amounts of bandwidth from your neighborhood node, that's a problem.

    If you need huge, dedicated bandwidth, I'd say buy a T-1 line, or pay for a business-class account.

    --
    Even if a man chops off your hand with a sword, you still have two nice, sharp bones to stick in his eyes.
    1. Re:so the question becomes by Awptimus+Prime · · Score: 4, Insightful

      Do you actually think they run another line for a business-class account?

      I think that's the point, exactly. There are others paying for the bandwidth, while some kid with a hacked firmware is, in essence, stealing it.

      Just because it's there, does not mean it's there for the taking. If you need the extra bandwidth, don't steal it. Buy it.

      Also, just because the cable modem ring concept is flawed and difficult to control, by design, that does not make it justifyable to steal from them any more than it does to steal from music artists by downloading Mp3's. If you are going to be a criminal, don't play like it's not wrong. Accept that it's wrong, and get your kicks on the idea you stole something. That's less sick than the relentless and asinine justification I see all through this thread.

  17. How to handle uncappers fairly? by lordmoose · · Score: 5, Interesting
    Okay, I work for a cable ISP. We don't want to send jack-booted thugs to shake down some 13 year-old kid who's just hacking to see what happens (I've been down that road myself). What is the best way to handle someone who uncaps their modem?

    I'm not the SysAdmin, just a concerned employee.

  18. Screw uncapping, I just want my diagnostics back. by Resaurtus · · Score: 5, Interesting
    Cox locks us out of the SNMP interface on our own modems. Now I understand taking away write privs but I feel I should have the right to see exactly how my modem is configured. Little things, like exactly what is my cap set at? Is it seeing errors? Whats my power level and SNR?

    As I own that hardware, I feel I have a right to see how well it's working. Many issues (Like signal loss) would likely be within my own home and something I could fix. This software would probably let me read this information, however, as I don't own one of the modable products I'll probably look for one with all the info I want on a web page rather than getting a hackable one.