Slashdot Mirror
Comcast Plans Cable Boxes with Integrated Wi-Fi and Snooping
Kaa writes "Short version: Comcast's cable modem/802.11g base station that is made by Linksys has capabilities to 'phone home' to Comcast and tell them how many devices are connected to your WiFi base station, how much bandwidth they are using, etc. It also has the capability to 'disable LAN segments' which, I assume, means they can kick your devices off your home network if they choose to do so. Something tells me this particular device won't make it into my house..."
Sure, the /. user won't want this in their house...
But the user who is too dumb to configure WiFi without Comcast's help needs this. This technology could let Comcast's techs lock down any access point who's not running WEP, and see to it that all the devices the customer has are taking their DHCP assignments properly. Of course, anybody reading this will know how to do these administrative tasks on their own, but those who are clueless can have trust Comcast configure their router and firewall to optimal settings.
If this cuts down the number of worm-vunerable computers on the Internet by letting those who don't know what they're doing hand the controls over to Comcast, I won't complain.
But that type of feature could be usefull such as blocking a worm ridded PC from the Internet until it is cleaned and remote assisance and configuration with permision...if your ISP want to spy on you they can if they REALLY want to.this type of stuff has its uses.
This has the capability to 'disable LAN segments'.
Something tells me there's going to be a new worm out once someone finds a hole in this router.
Their goal is to sell these expensive "home office" packages.
The way it works now is that they make it difficult to get a device online, you have to use their software to register the service.
I forget the details but I had to do some trickery for each machine on my network to get the cable modem to route traffic to them via my router. Occasionally devices 'unregister' and I have to run the comcast software again and pretend like I am a one system home.
I'm ditching comcast, my local ISP has fixed wireless now and I'm gonna go with the little guy and I've already picked up DirectTV AND I'll save $30 a month. Seeya comcast.
While this could have beneficial effects, (i.e. Comcast offering better tech support...though from past experience I HIGHLY doubt this.. "Yes we need you to unplug your computer 10 times, do the hokey pokey and turn yourself around."), I can also see the major disadvantages (monitoring my computer, having access to my computer, etc.) While I could prevent this with a firewall (and frankly I hate installing a firewall when I have my nice router firewall) most people just do not know what the deal is with computers and protections. Eh, while I use comcast (not really a better choice in my area) I can't say that I like them.
I mod down so you can mod up. Your welcome.
Call 1-800-Comcast and tell them that you won't be buying this garbage and are less happy with Comcast for even thinking of using this kind of big-brotherish technology on their own paying customers. If a lot of people call in to complain, they may think twice about rolling this out. For awhile, at least.
I'm done with consumer/residential broadband. Blocked ports, slow connections, poor customer service, arbitrary limitations on use... It's just not worth it anymore. I've dealt with dead lines and clueless techs for too long.
Instead, I'm springing for commercial/business class service. The support is better, the speeds are higher, and the service is usually excellent (since businesses won't put up with the same garbage residential users will).
Consider this: a cable modem usually costs about $40-$50 a month for residential service including a single IP address and bandwidth caps. I can get 1536k x 256k commercial DSL for about $80 a month that includes web hosting, DNS, and 5 IP addresses. The extra $40 is not much, and you can offset that by selling access to your neighbor if you're so inclined (perfectly ok with most providers).
The above costs about as much as most people pay for a cable modem and cable TV, and quite frankly, I've found that lots of bandwidth is far more entertaining than lots of TV stations.
I'd list some companies that offer comparable service plans, but I don't want to look like an astroturfer. Hit Google and you'll find lots of nice options (as long as you live somewhere civilized ^_~)
GeekNights!
Late Night Radio for Geeks!
If you are a user like an old grandma this prevents the neighbor kids from hacking into her network and using her connection to invoke the wrath of the RIAA against nanna. Now if you are a power user you go out and buy your own danged cable modem, it is as easy as that!
Tsukasa: All I really want, is to be left alone...
Well in theory this technology could be good if they only charged you for the bandwidth you actually pulled through your modem, but they could do this without their level of snooping.
My guess is that they just want more control over your modems, making sure that there's no way you can modify the bandwidth you use (uncapping), automatically updating firmware ([[could be good: block certain ports during a virus emergency]]), etc etc etc... but the fact still remains: they could do all of this from their side of the network.
So really, you have to question what they're going to do with this..
"Victory means exit strategy, and it's important for the President to explain to us what the exit strategy is." G.W.Bush
ummmm....since they bumped up their download speed here in the Bay area, we are getting 3 Mbit/sec for $19.99 per month (a 3 month promotion). Is that a good enough reason? :-) We have our own wireless G WAP so it's not an issue anyway.
And I've never seen TechTV, so I could care less about that.
From the press release...
Users who sign up for the service can receive a Linksys wireless gateway, along with network adapters for connecting up to five computers, professional installation, multiple levels of security, and increased downstream speed of up to 4Mbps.
Comcast's current peak downstream bandwidth for most customers is 3 Mbps. So, so far Comcast is actually offering to tweak upwards the bandwidth of people who pay for this service.
Of course, I've rarely found a website (other than my own) that actually feeds me data at a speed that's anywhere near 3 Mbps, so that extra space within 3 to 4 Mbps is rarely going to be used. Still, if you are somebody who frequenly maxes out the downstream on a Comcast modem, this might be of interest to you.
This has got to stop.
I'm sure someone here will post about one of the lucky few localities with cable competition. The prices are lower, the house calls are faster, etc. And I seriously doubt they would get away with spying on their customers' home networks.
That's a good question. I setup port redirecting on my firewall to access my home systems to avoid problems (people scanning for common open ports and my ISP blocking them). That coupled with dynamic DNS works pretty nice. Of course they could block obscure ports like 39492 (not the one I actually use, wouldn't want to give away my top secret network secrets!), but why would they (other than to be evil)?
Of course... I don't use their service (TimeWarner owns the cable around my house)... but I have friends that do.
Casual Games/Downloads
Man, I wish my comcast was that nice. Last time I checked, my local Comcast office was still charging $10 per additional IP. Naturally all of my boxes are behind a NAT box since there is no way I want to pay Comcast an additional $10 a month for a fileserver that is only available on the LAN anyway.
I read the internet for the articles.
There is a nice *NEW LAW* going around state houses that makes it illegal to plug anything into a cable companies network without their permission.
I forget what it's called (probably something like the "Save the Children From Predators Act"), but it has been reported here before. IIRC, it carries big fines, civil penalties and jail time.
Comment removed based on user account deletion
I see things differently. Consider this: Big companies don't _want_ technically knowledgable users as customers. They're too much trouble.
Nerds tend to think they can get away with paying a flat rate for basic service and then actually using it. They don't buy extras like additional email addresses, they don't pay for a service that blocks all incoming packets with the evil bit set, they won't bring their computers in twice a year to have the hard drives rotated and they keep harassing the monkeys on tech support with awkward questions and don't accept that every network outage is really their fault and can be fixed by just turning their modem off for long enough.
The kind of customer a company like Comcast wants has no clue what he is doing but only that he has to pay for it. He believes that if he pays an extra $10 a month for a 3Mb connection instead of 1.5Mb then his instant messages will come in faster. When programs like Kazaa stop working for him because his ISP is blocking ports at random without telling anybody he will think it's his own fault. And he'll probably be too embarassed to say anything about it.
I don't think that Comcast as a company would be shedding any tears at all if they drove away all of the technically knowledgable trouble-makers and were left with nothing but clueless users who don't know what they're doing and don't complain about anything.
I love how you can characterize anyone who isn't intimately familiar with wireless networking hardware and protocols "dumb" and get modded up for it on Slashdot. I have friends who are doctors, lawyers and some who hold doctorates in engineering fields, yet they give up on setting up wireless networks after about maybe 10 minutes of trying and being frustrated. Do you know why they don't persist? Because the world is full of high school dropout IT monkeys like yourself to do this, so that the truly smart and educated can concentrate on important problems in society and science.
It won't happen. That's just wrong. Everyone hates Comcast; that's what's going on.
Please remember that there are people who use Comcast on a daily basis and by targeting Comcast with these nonsensical imaginary worst-case scenarios that everyone does, the end-users of Comcast are being taregeted as well.
So while you may not like Comcast, you should respect that many people who use Comcast don't have a choice in the matter ATM.
Linux is OK. Home networking is OK. If you go to Comcast's home page, and if you go to their online forums, you will see that these things are widely talked about and widely discussed. Comcast encourages and enables it.
Remember, when you "bash" Comcast, you are also affecting the users of Comcast, many of which don't have a choice.
I just try to encourage everyone to chill out and not over-react, like everyone does, when it comes to Comcast. Everyone hates Comcast, but most of the people that use it don't have a choice! That's what really kind of makes it a bad situation.
On the one hand, "bashers" expect Comcast to "get a clue" about respecting other people's privacy, but while "bashing", these folks don't respect that people who use Comcast DON'T, often times, have a choice. So it's like getting reamed twice: Once by Comcast, who insist on providing everyone the "broadband for dummies", and don't "officially" recognize that there are non-dummies out there who can't get DSL, and twice by the "bashers", who try to imagine the worst horror stories imaginable in order to prove how awful Comcast is. What they don't realize is that many folks just DON'T HAVE A CHOICE.
Like it or not, what most users want is broadband. With Comcast, that's what you get. It's fast, it's reliable, and it kicks. Home networking, no problem. Linux, BSD, no problem. Gigs upon gigs upon gigs of download, no problem.
Now, OK, they don't allow servers, but most ISPs don't allow servers.
Comcast is OK. I think what's going on is that it's just such a huge company that one hand doesn't realize what the other is doing sometimes, so they come up with stupid policies like "no VPN" or trying to set bandwidth limits that don't exist, stuff like that. But in both of those cases, they backed down. So it's a bumpy road, but overall, the worst thing is having to try to get the facts when everyone is trying to scare the living daylights out of you with doomsday scenarious. Honestly, it's other people's posts that have to be the worst thing about being a Comcast customer not by choice. Seems like it, anyway.
I encourage everyone to monitor your own state legislatures and make sure this kind of thing isn't happening behind your back. If it is, several groups have formed in opposition to this type of legislation [TNDF]. While your cable company may not be able to force their particular brand of device down your throat, they can ban devices that don't use their "let me snoop" technology and criminally prosecute you if you use a device to filter their snoops. Check out the TNDF site and see what the Tennessee version will do to violators.
"They can't make you use any specific modem, but they CAN mandate that your modem must have certain "features" and "standards" under the guise of helping you out."
Obvious answer # 642: Decline the help.
"Then, they can push that this tech gets standardized and start requiring it for new connections."
Obvious answer # 638: Decline their service, and let them know why.
"Never underestimate the power of a monopoly to get it's way when it comes to raping consumers."
Obvious fact # 243: Never underestimate the power of NO!
Do you think that Comcast is trying to control WiFi sharing? Some people are not as tech-savvy, but wish to share their connections with the world. Now I could be totally off-base here, but if you happen to share your cablemodem connection with your neighbor, then they can "disable" that LAN segment...
-- Friends don't let friends buy Nokia.
Yeah - I did the same.
:P
Speakeasy even allows you to sell wi-fi net access to your neighbors and gives you a 50% discount to run it and provide the support. I wonder what they'd do if I paid my neighbor $20 monthly to do this, tho - thus decreasing my net cost from $90 to $65 and giving him access for free
You have a good point. As there are always legitamate uses for most types of router configurations. However, the scope of my argument addresses the network installations put forth by unknowlegable end-users who either dont bother to secure their networks or just flat-out don't care.
This is why there is a "vacuum" so to speak in the industry for cable administered wireless routers for home users. Which at the same time allows for the "give them an inch, and they will take a mile" ability of the major carriers controlling these devices.
This could be solved, however, by the Netgears, Lynksyses, and D-links, to put more emphasis on security on their products. And have the installation wizards start out secure and open up with installation, not close down with installation if you follow me.
....move along....nothing to see here....
Just to clarify, what I mean by "doesn't fluctuate at all" is I have all my bandwidth, all the time. I downloaded the 4 GB DVD image of the latest Fedora Core 2, and it was solid at 240 kbps, give or take just a few kbps, from start to finish.
My dad has standard Roadrunner consumer service, and while I have seen speeds on his network far higher than mine (sometimes over 400 kbps, and often over 350, during off-peak hours), I have also seen speeds far lower.
While I suppose I could live with fluctuation (I've never seen a speed below 100 kbps down on his network, and even that is rare), I do also like having a global static IP and no restrictions (save those imposed by law) on what I do with my connection.
There is something seriously wrong if you are paying for business class and only getting 240Kbps. I have regular plain-jane RR and get 366kbps constantly. Perhaps you should use that schnazy support to resolve that problem because for 90 bucks, it is a serious problem.
I've looked at the issue a *lot*, and it appears the nastygrams really have been in what even I would categorize as extreme cases. NO service would let you soak up 100% of your bandwidth all of the time and not come knocking on your door about setting up a business-class service. Most would just kick you off and cite abuse clauses in the contract. The biggest problem with Comcast's policy is that they don't give specific limits- it's a "we'll send you a letter when someone else on your block complains" policy.
Sadly, in a market when there are maybe only one or two players, your choices are often too limited for real competition to occur. I'm not any more excited about using Comcast for internet access than I am about using DirecTV for video content, but they're the best options I have.
My alternative broadband service was/is Covad IDSL. I'm willing to bet I can use Comcast's service just like I was using my Covad service without getting close to the nasty-gram limit. Even WITHOUT getting my video via Comcast ( they tack on an extra ten bucks if you aren't a cable subscriber ), their cable internet is over $10/month cheaper than the Covad IDSL price... cheaper and at least 6-10 times faster.
As much as I'd love to stick with Covad, I just can't justify doing so given Comcast's service being _both_ cheaper _and_ faster.
I'm a few blocks out ( seriously only a few hundred feet ) of SBC DSL range, or I'd get that; as utlimately evil as SBC is ( really, really, really evil ), $25/month for dedicated DSL would do just fine, I'd really rather save myself on the monthly fee rather than have the faster cablemodem service. But SBC is *so* evil that they don't want to build out their network ( ?!? ), their stated reason being that companies like Covad would just leach of it, except, wait, they get to charge Covad a premium now and they're _still_ not building out their network... which reveals that the *real* reason they don't need to invest in their network is that they're a monopoly, but I digress.
Seriously, my choice is IDSL (144Kb/sec) with Covad at $65/mo. or this "3Mbit/sec" Comcast service at $55/mo... you're seriously telling me I should keep the Covad service? Tell you what, you pay for it, I'll keep it...
Oh, an interesting note... apparently you *can't* currently buy the Covad plan I have now, it'd be an $80/mo. service...
In the exceedingly unlikely event that I do get a nasty-gram from Comcast, I think it'd be easy for me to cut back enough to keep them happy... also I know too many people who are happily using their Comcast internet service *a lot*, without issue, to think that I'm going to have problems. My household's use is probably going to be well within the limits, even with my son downloading flash games from noggin.com and my wife downloading gnutella content and myself downloading usenet binaries and OS X updates. We'll see... but from what research I've done into the subject, the folks getting letters really were saturating their connections in a big, big way... I'd have to buy some serious disk arrays to store half GB I'd have to download before getting in trouble with Comcast.
I have been using Comcast cable modems in Brick NJ for 3 years. Before that, I used Charter in Monroe Michigan for 2 years, then before that it was Comast in North Plainfield NJ for 4+ years.
... so I can test some of my projects in many different enviroments.
Guess what, never had a single issue with Linux. In fact, I have noticed an amazing increase in performance by using Linux as my gateway. Typically, some cable providers will install client side software which will slow down connections and cap them at certain times. I am not sure if this is very common anymore, but I did have a problem with this 2 years ago.
Since that problem, I never install there software. Which is mostly useless anyway.
Comcast has a big problem with there DNS servers. They are slow as shit. The response time on them slows the connection to a crawl durring peak time. My answer to this, was to use either
a) My friends DNS server which is located on an OC-12.
b) Run my own local DNS server, which speeds results even faster.
In regards to the topic, I am disapointed at Comcast and Linksys "spying" on there customers from inside the LAN. This is just another reason I will use a Netgear Access Point and my Linux server as a gateway.
At sometimes, you would see 15 computers connected on my LAN. I only own 4 physical boxes. (Linux dedicated server, Linux workstation, Windows workstation and my laptop which is dual boot).
Why 15 ? Vmware
Thats all I would need is Comcast complaing about seeing 5+ computers and claiming I must be providing service for the neiborhood. Those vmware installs only really talk to each other.
until (succeed) try { again(); }
Short answer... of course not.
Comcast sent out a tech to install this stuff, but they never gave any indication to my dad that he was now hosting free internet access to the neighbors, et al. Warchalking, here we come!
but seriously... you'd think that Comcast would ensure that their techs left a secure configuration, with SSID/WEP or some other form of security enabled on a customer-specific basis, instead of just leaving the default "linksys" configuration (not to mention admin:admin password on the box itself).
Fixed that little issue quickly. If for no other reason that to avoid a panic phone call 3 months from now when my Dad finally reads an article about how folks can steal internet access through an unsecured WiFi gateway, and calls me in a panic that someone could be breaking into the home computer and stealing his high scores on solitaire and copies of the letter to Aunt Edna.
Sigh... the things we do for our parents. Grin.
The last time I wrote code, it was Morse