Slashdot Mirror


RCA / Thomson Modem Hack Discovered

An anonymous reader writes "Those un-employed modem hackers are at it again. The group known as TCNiSO has released a very interesting hardware modification for RCA / Thomson cable modems. The modification is done by grounding the bus clock on the serial EEPROM which throws the device into a diagnostic panic mode. Then by using the debug tools from the embedded console to reprogram the EEPROM, a user can permanently enable a developers menu which gives complete control of the modem, such as modifying the hardware addresses or flashing new firmware. Now if only these guys can figure out how to enable the Bluetooth features on my v710 phone..."

7 of 182 comments (clear)

  1. Re:How long... by garcia · · Score: 3, Insightful

    Until they are discovered and those modified cable modems are de-serviced?

    I was wondering if people could use a modified firmware that would report a valid modem config file back to the ISP when the ISP scans for ones that were not sanctioned.

    The ISP could powercycle the modems remotely and push new firmware to all the modems rather easily. I would assume that the pushed firmware would include a way to block unauthorized firmware from connecting to the network.

    Who knows if they'd be that interested though?

  2. Re:Don't fuck around w/your modem's MAC. by Saxton · · Score: 4, Insightful

    That, and is there any real functionality you are able to get from this hack? Didn't seem like it. I am guessing for 95% of the people that do it are going to follow the directions, say "yay I did it" and then forget all about it other than being able to tell their friends that they owned their own cable modem.

    *yawn*

    -Aaron

    --
    My name is Aaron Landry, and I approve this message.
  3. Hacking cellphones by null+etc. · · Score: 5, Insightful

    Now if only these guys can figure out how to enable the Bluetooth features on my v710 phone...

    Try the discussion forums over at wirelessadvisor.com

    I posted a teaser message there once regarding the Motorola T720. By using the USB modem cable and a COM port sniffer, I determined that extended AT modem commands were used to synchronize the phone with the desktop. By posting my findings, someone took the initiative and started a Yahoo! group for hacking the T720. Within a month, the group had 400 members and within five months the group had collectively hacked the T720.

  4. Re:Don't fuck around w/your modem's MAC. by Jeff+DeMaagd · · Score: 3, Insightful

    Uncapping or raising your cap is likely in violation of your contract and grounds for termination. Basically if you did this, you could be charged with theft of service.

  5. Great way to lose your service. by papasui · · Score: 4, Insightful

    This violates most acceptable use policies, regardless if your own the cable modem or not changing your modems mac address would fall under hacking as your could cause service interruptions on your network segment for other people. Your paying for internet service not the right to fuck around with a companies million dollar network. We had a kid get arrested for this, changed his modems mac everyday but never changed his nic's. Pretty trivial to track him down.

  6. Re:Cue FBI raids in 5...4...3.. by Vo0k · · Score: 3, Insightful

    Resident sniffer/logger.
    Simple Firewall.
    Monitor, blinking LEDs on certain kinds of packets arriving.
    "Wake on ring" if not present by default.
    "extra secret storage" in unused flash.
    Changing MAC address...
    *less* bandwidth (throttling your uplink, etc)

    --
    Anagram("United States of America") == "Dine out, taste a Mac, fries"
  7. Re:Don't fuck around w/your modem's MAC. by Sc00ter · · Score: 3, Insightful
    Some versions of the firmware won't allow bootp files to be recived from the ethernet interface. This hack lets you change the firmware to a version that does allow it. So it may still be a required step.