Security Focus on Cable Modem Uncapping 489
Anonymous Coward writes "Cable modem uncapping allows broadband customers to boost their bandwidth to 6 or 7 times what they're paying for, by spoofing their modem's TFTP client into downloading a hacked DOCSIS configuration file. Kevin Poulsen at SecurityFocus reports that a new underground program called OneStep makes the process easy and fun for the whole family. Broadband companies are cutting off the uncappers that they catch, but things could get out of control soon."
Fun? Yes. Legal? Questionable (Score:5, Insightful)
Re:Allows? Not really, it's a bug (Score:5, Informative)
Re:Fun? Yes. Legal? Questionable (Score:4, Insightful)
Americans, in particular, seem to have trouble with that one. Brainwashed, the lot of 'em...
You can't successfully legislate morality!
Re:Fun? Yes. Legal? Questionable (Score:2)
lovely (Score:5, Funny)
http://www.dslreports.com/forum/remark,3155491~
But I paid for unlimited access (Score:5, Funny)
When I signed up for service, I knew this hack was available. That means when I signed up for service, I had every reason to believe that I would get unlimited bandwidth forever.
When will these companies get it. They are going to piss so many thieves off that sooner or later they are only going to have paying customers that follow the rules, or aren't heavy enough users to worry about. And then what will they do, besides make money. I mean what good is a network that isn't crawling on its knees from all the MP3 and warez sites. Some people just don't get it.
Someone buy these guys a ticket, so they can hop on the clue train.
Cable Modem Uncapping... (Score:2, Funny)
A new virus... (Score:3, Funny)
Re:A new virus... (Score:3, Funny)
One fact remains: never trust the client (Score:3, Insightful)
IMHO, the operators were just asking for this. NEVER trust the client.
Re:One fact remains: never trust the client (Score:4, Insightful)
This means you get to easily identify, then remove, the buggers who are screwing your bandwidth distribution and forcing you to spend tons in extra capacity. A minor short-term risk for long-term gain.
I have to say I also don't mind that some warez d00d may just finally learn that yes, there are consequences to your actions, even on the Internet.
Re:One fact remains: never trust the client (Score:2, Informative)
The bad part is, the method of enforcing speeds employed by most (I stress MOST, you bet your ass that my methods aren't so easily fooled) cable operators has the same problem. They want to get your speed by SNMP query to your cable modem. Which again puts the trust in the client. While I haven't seen any SNMP faker hacks, I'm sure that they aren't too far behind. Another silly note is that most of those guys are comparing your speed to a list of approved speeds, not to a list of what customers bought what. This includes thier Business lines, which run over the same gear. You won't be able to sneak through with a 2meg/2meg pipe, but a 1.5meg/768k is a service they probobly sell, and would get right through thier checks.
The control method that you will see soon is called "shared secret", and is an encrypted passphrase-type method. Basicly, your cable modem gets a config file that has a key in it, which is basicly a signature of the bin file. It then generates a new passkey based on those two items, and send it to the CMTS. The CMTS verifies that it got a correct passkey, and then lets you connect. The encryption they used is junk, though, and there are efforts underway to break it. This is yet another dumb method that will only work for a short while!
What I will say is that there is a better way, and it is 100% effective. Your cable modem doesn't just "make up" a speed and magicly work, it has to register its rates with the CMTS. This is where the speed is truly controlled. While it isn't likely that Cisco will have a good method for capping individual users at the CMTS level, they are nice enough to tell you what speed someone is registered at. This is the method that I am using, and I *am* comparing speeds against what customers are paying for... So if you live in a town where you can get Imo's pizza, the square beyond compare, this is your warning!
On the flip side, once an abuser is identified, the info gets sent to marketing, and who knows what happens from there. We don't just pull the plug on abusers (yet).
Re:One fact remains: never trust the client (Score:2)
Oh wonderful (Score:3, Insightful)
Actually this reminds me of the a**wipes who used to download pr0n with threaded ftp clients from within the student network. We had a shared 512kbit line and you can see where this is leading to. Ditto for download managers with "segment" support. I fully realize I'm using making the download even slower for everyone else by using Getright to have 4 independent connections.. Some people are just more equal than others, dammit!
Re:Oh wonderful (Score:2, Interesting)
The optimal use would be to find mirrors.
I often download my linux iso's in Windows because I like Getright so much. It can usually find mirrors around the world and I can get an iso in about 45 mins - something almost impossible when new iso's are released.
Re:Oh wonderful (Score:2)
There are also a DOS and Windows versions
[I have become used to get right since i would thrash my linux box and then get a newer version of whatever distro I was using. It's a home/hobby thing.]
Cool hack guys (Score:3, Funny)
Like it matters... (Score:5, Funny)
A program that will cap my CS ping at 10ms.
A program that gets rid of my horrible packet loss.
A program that gives me reliable service without downtime every other day.
A program that will uncap my 1GB/mo limit on usenet download
A program that gives me customer service who knows what they are talking about.
A program that gets rid of my horrible Comcast service and gets my old (more reliable, lower priced, higher bandwidth, more featured) Mediaone service.
funny answsers.. silly questions..... (Score:2)
Doesn't matter, I'll still nail you with my leet desert eagle skillz!
>>>>>A program that gets rid of my horrible packet loss.
install new network cables
>>>>>A program that gives me reliable service without downtime every other day.
OH now that was a funny one!
>>>>>A program that will uncap my 1GB/mo limit on usenet download
How much porn can u look at? I mean
>>>>>A program that gives me customer service who knows what they are talking about.
That would drive the cost of the service up! imagine these companies having to pay intelligent and skilled people to answer the typical question they receive... which any phool getting paid 2 bux over minimum wage can do from a FAQ sheet
>>>>>>
Capped cable (Score:2, Interesting)
Re:Capped cable (Score:2, Insightful)
I easily hit the top advertised speed for my DSL service when I'm downloading from usenet
Only appears to apply to Moto. Surfboards (Score:2)
This vulnerability only exists in Surfboard modems. RCA, who has a HUGE market penetration, especially since they're cheaper, smaller, and better featured (for ISPs anyhow) than the competition, are *not* vulnerable to this, and can't be "uncapped."
I'm really surprised I haven't heard more about what other ISPs who have rolled out more Surfboards plan to ask *Motorola* about this. Couldn't they just turn off the damn ethernet port for the duration of the initialization sequence?
What goes around... (Score:2, Interesting)
Think about it... even if it did get "out of control"... cable providers could simply restrict bandwidth further up the line (someone please explain why on earth it would be delegated at the modem in the first place???).
Anyone remember years ago when the same thing happened with DirecPC's service?
Uncapping (Score:4, Insightful)
A friend of mine, who also uncapped his modem but for a longer period received a letter from the cable company saying "Someone in your household has illegally attempt to modify one of the devices supplied by Telewest. Please desist or your service will be permanently withdrawn" or something like that.
My cable connection ocassionally gets uncapped for random periods, and I don't notice until I start downloading something (e.g. larger driver file) and get 300kbyte/sec.
If more information was available for customers to see how much bandwidth cost the ISP, then perhaps our expectations could be realistically scaled. Is having an uncapped 3 hour period between 2am and 5am feasible? I could simply schedule large downloads for that period. At present, I may as well just download at peak times, which probably is more irritating to the ISP receiving calls about slow web pages, or somesuch.
Re:Uncapping (Score:2)
It is slightly different because Telewest modems are suplpied by Telewest are property of Telewest and you are only leasing them.
So you have actually tampered with telecommunications equipment belonging to the telco which in the UK as elsewhere may lead to a very fat fine.
I am amused by the fact that they only kindly reminded you not to be stupid.
Second:
Your suggestion for gradual QoS and limits polices is nothing new. It has been done in the past (it was casual pricing strategy/practice in 1994-1998). I have recently discussed it with some of my collegues (disclaimer none of us works for a CableCo or DSL provider at the moment) but the overall opinion was that there is no economical drive for such a policy manager. The only way such drive will appear will be to introduce differential prime time/prime bandwidth pricing. In other words abolish flat rates. Otherwise there is no economical reason for developing such software.
Overall: if you want to manage your downloads smartly do not ask for dumb pricing.
Re:Uncapping (Score:3, Insightful)
Reasons:
First it is illegal. Almost anywhere in the world you are violating both laws dealing with property as well as telco regulations. Under both you are legible for both fines and jail terms. You may get some leaway due to the lack of precedent for cable equipment or internet equipment being treated under the telco regulations but this is for a time. This unfortunately is not a game where the user wins. I am not saying that I like it or not I am simply stating the facts.
Second: it is trivial to catch. The bandwidth limit is a parameter which can be polled using SNMP by the telco on regular intervals. I can scribble a perl script to do it in 5 mins. I would not expect someone in NTL to do this (noone with brains left) but there used to be people in Telewest capable of doing it in about the same time (or a bit more). In btw: to the extent of my knowledge that is what ATT does. So all cappers get caught. No exemptions.
This is a typical Darwin Award scenario. Everyone of us does something else illegal from time to time. Speeding is a good example. I break the speed limit from time to time. Everyone does. But I do not do it right in front of a speed camera which I know to be always loaded,perfectly operational and checked by the police for catch at regular intevals.
Re:Uncapping (Score:2)
I've seen this before.. (Score:2, Informative)
-ARP your own IP adress with MAC of cablemodem
-ARP private IP (10.10.10.1) with MAC of cablemodem
-Set your gateway as 10.10.10.1
-Redefine routing table (netmask 255.255.255.0)
Seems pretty straightforward..
What'll happen if it does get out of control... (Score:2, Insightful)
...is that the cable companies will just switch on the encryption and authentication options in DOCSIS, turn off all the non-DOCSIS service on their network, and make it impossible to spoof the config file and still connect to the head-end. End of problem. Of course that'll mean if you have a non-DOCSIS modem you'll have to turn it in for a DOCSIS one if you want your connection to keep working. They'll also probably clamp down on servers and bandwidth hogs while they're at it. Guys, lemme give you a hint: long-term it's Just Not Worth It to play that sort of game.
Re:What'll happen if it does get out of control... (Score:2)
a worthwhile game to play, I should point
out that the Baseline Privacy Initialization
( I believe this is what you are refering to by
encryption ) occurs after the tftp step in
the DOCSIS initialization.
Now if they were to actually start using the
MIC ( message integrity check ) to protect the
CMTS from being spoofed with false COS data from
the Cable modem, then they could stop this pretty
quick. But I have NEVER seen anyone actually use
the MIC.
Changes in speed (Score:2)
February 2000- 3.5 Mb/s down, 1.5 Mb/s up- Price= $49.95/month
January 2001- 3.5 Mb/s down, 128 Kb/s up- Price = $49.95/month
January 2002- 1.5 Mb/s down, 128 Kb/s up- Price= $59.95/month
I can understand how some people would be upset enough to risk losing their account in order to get faster speeds, but I am not one of them. Sure, I have the option to switch to another broadband company, but when AT&T has a monopoly on high speed connections in my area, I'm must endure what they force upon me or otherwise have a very limited connection speed.
Re:Changes in speed - The Carrot and The Stick (Score:2)
I'm not saying it's the company's fault that I'd do something along these lines. They're just not providing much of a carrot for me not to do so. Reliable service is the carrot, cutting off my service is the stick, in this case. It'd be nice if more companies would use the carrot before the stick, but that would mean, I don't know, that they appreciate their customers or something weird like that.
Cox, at any rate, monitors their cox.community news groups closely, and will respond in that forum about issues and try to resolve them. I do feel like I am getting a response, so I'm giving them the benefit of the doubt. For now.
Comcast's published news server rarely works at all, so I can't say the same for them. If there was a broadband option where I'm using Comcast, I'd have taken it long ago.
Re:Changes in speed (Score:4, Informative)
Why (Score:2)
detection by service provider (Score:5, Insightful)
People have done much more amazing hacks than that on DVD players, such as the Apex AD600A, despite the use of a non-standard microprocessor. Hacking the firmware of a cable modem should be quite simple by comparison.
That's the sort of reverse-engineering I used to do quite often, but now I get little opportunity due to the DMCA. It doesn't seem like service provider or cable modem vendor can use the DMCA to ban reverse-engineering of the cable modem, since the features in question aren't involved in copy protection. But the trend seems to be to sue first and try to justify it later.
Eric
[*] Better in the sense of being less detectable. I'm not suggesting that doing this is legal or ethical.
Re:detection by service provider (Score:3, Insightful)
By making it more expensive for them to detect cable modem uncapping, you are probably just going to encourage them to disconnect uncappers rather than just warning them.
Re:detection by service provider (Score:2, Interesting)
if they can easily monitor something like bandwidth usage on a per-customer basis, why the heck can't they also scan for other violations/problems like code red?
I live in the midwestern U.S. (Ohio) and have Time Warner's Road Runner service. To this day I'm still seeing a large number of code red attempts on my router logs - greatly reduced from when it first hit of course, but still quite a few. When I spoke to RR's customer service back when CR first hit (and brought the entire RR network to it's knees) I asked them why they didn't just monitor for the bug and either cutoff or contact anyone with an infected machine. They told me they didn't have that capability.
Now granted, this was just a customer service flunkie, but I still remember thinking, "What the heck?! You guys can't track this sort of thing on your own network?" Apparently he may have been correct, given the number of CR attempts I'm still seeing.
Any idea what the real story is?
Re:detection by service provider (Score:2)
Either they'll have to cut off 20-50% of their customers or they'd have provide technical assistance to that number of people... neither option of which will be palatable to anyone wanting to actually not go bankrupt immediately.
If it annoys you, set up a webserver to answer the code red infection attempts by shutting down or wiping the offending machine. Or pop up a warning for the poor suckers on their display with a pointer to where they can find a cleanup patch, if you're a nice person. It's not very complicated and I think you can find example cgi scripts by searching on google a bit.
Re:detection by service provider (Score:2)
just cause i am counting cans doesnt mean i can read the labels
Re: (Score:2)
Don't bother trying this... (Score:3, Informative)
Unless you want to see how easy it is to produce convicing and very elaborate documentation of a fundamentally flawed exploit.
For those who won't bother reading the link (most of you), the exploit is this:
It looks really pretty until this last point, where it enters the realms of fantasy. The people who wrote the docsis spec [cablemodem.com] aren't idiots. Cable modems will not look on the ethernet side for a TFTP server. TFTP'ing is done just after the cable side network discovery (so you have to have the cable side plugged in when you reset) and the modem knows which side is cable and which is ethernet. No, pinging the modem's ethernet IP from the PC doesn't help. It's just not that stupid; it knows that it has two interfaces, and it knows which one is which.
So go ahead and try this. You won't damage your modem, because it will simply ignore your TFTP server. What will happen is that you'll spend a couple of hours following the steps, getting all excited, then getting increasingly frustrated as you just can't get that last step to work. Rest assured, you're not doing anything wrong, other than following the instructions of a delusional wannabe hacker with a tiny amount of network knowledge and a real problem dealing with reality.
Re:Don't bother trying this... (Score:5, Informative)
I tried it 6 month ago (when my provider switched to DOCSIS), with great success.
Nethertheless I don't do it anymore : capped cable is better than no cable at all...
Re:Don't bother trying this... (Score:2)
Re:Don't bother trying this... (Score:2)
If you're really a network engineer, I hope you're never in charge of my quality of service . . . your stubbornness blinds you to any new information comflicting with your own assertion.
Just admit it. Either your test was flawed, or there exist other configurations that you're unfamiliar with. You don't know everything.
Re:Don't bother trying this... (Score:3, Interesting)
Mine did. They began upgrading the system all over town. Vastly improved. Many new services. They started gradually switching sections of town over to DOCSIS. There was a window of time in which you could use both the old ugly Zenith modems or the new SurfBoard modems. But by a certian date you had to bring in your cable modem and replace it with a DOCSIS modem. Unfortunantly, I had to change all of my static IP's at the same time.
Re:Don't bother trying this... (Score:5, Informative)
Interestingly, The CM100 (BayNetworks by Nortel) does not make that mistake.
Re:Don't bother trying this... (Score:2)
And in the absense of any references, I'll just flatly assert that my Surfboard 3100 doesn't even bring up the ethernet side interface until it's brought up the cable side, been told what docsis to get and where to get it from, and pulled it in on the cable side. Exception, if the cable side fails, the ethernet side is then brought up purely for the purposes of serving DHCP to a LAN, but in this case, the cable side is down and it won't forward packets.
Don't get me wrong, I'm a network engineer, and I fully accept that engineers do make idiotic mistakes like bringing up and checking both interfaces. But I'm saying that in this case, I've never seen it happen, nor have I seen any credible documentation (other than hacker optimism and unfounded assertions) that there are any DOCSIS modems out there that actually do this.
Got references?
Re:Don't bother trying this... (Score:2)
Re:Don't bother trying this... (Score:2)
Unused bandwidth can never be recovered... (Score:5, Interesting)
This would also encourage off peak usage. It'd be far better to squeeze out that 2 gig download quickly when it has no real impact on others versus taking hours due to a cap during peak.
I'm guessing you just can't reprovision the cable boxes that quickly and dynamically everywhere, but damn, it makes sense and I still don't understand why caps aren't implemented using some QOS type service at the head-end anyway...
Re:Unused bandwidth can never be recovered... (Score:2)
I still picture the little old lady who uses a terminal to enter in all my information at the cable company, then presses an 'Enable Service' button, getting paid $175,000/yr for her services (clearly she makes a lot of money if I can be charged a setup fee that's $20-40!). (PS: Yah, not all places charge setup fees anymore, but those that do have just as little justification for it as companies in the past have.)
Re:Unused bandwidth can never be recovered... (Score:3, Insightful)
Owning a very small ISP, I agree with your first paragraph, the larger the comapany the more complacent they seem to be/get. I have to make the extra effort for each customer. It only takes one screwup and you lose a cusomer. The larger companies figure that the ROI for setting up something that takes care of a limited number of customers is not worth it, but they are wrong. You never know who is going to help or hurt your buisness in the future. Treat each customer right and one of them may bring in more buisness to you (and be loyal), treat one wrong and they may single handedly giving you are bad reputation by bad mouthing you to anyone who will listen.
Somewhere along the line the corperate bean counters get in the way and forgot that the customer is the one paying the bills.
Re:Unused bandwidth can never be recovered... (Score:5, Insightful)
Given half a chance, I don't believe most of us geeks are unreasonable. And if variable bandwidth caps were instituted that were raised or lowered based on demand, just like the compression level on a CDMA cell signal is manipulated based on cellular tower usage and capacity, you'd start to see a lot of tools written that would make shifting of bandwidth around available for average users too...
Re:Unused bandwidth can never be recovered... (Score:2)
1) The won't remove the caps for non-peak hours because it will be exploited by DSL and other broadband competitors. You've already seen the ads where they talk about people getting up during the middle of the night just to get a decent connection. It would only be worse for the cable companies if they themselves made it easier to get online late at night. Another example is the cell phone company, I think it's voicestream?, who lords thier "no peak hours" policy over other cell companies. Establishing peak and non-peak times is admitting the fact that they can't handle the desired bandwidth. By having one cap, they can claim that the cap is perfectly fine for any _reasonable_ user.
2) The other thing I could see is that if you uncap the service between 2 and 5 AM say, then your system suddenly becomes overloaded during those hours. You haven't fixed the problem, you just shifted it. I'm not nearly as confident in this argument, but maybe it has some merit.
Creepy stuff (Score:2, Interesting)
onestep == vapourware (Score:5, Informative)
Ok after sniffing around IRC (including the said hackers channel) and various boards this secret "underground" program the securityfocus guy quotes doesn't exist , its vapourware.
what does exist is a kludge of tftp servers,query utils and glorified DOCSIS [sourceforge.net] editors that with 20minutes and a *lot* of messing about you can change your config settings and then only until the ISP check your modem (automated) via SNMP , deny this and your cut off, accept it and it will detect your hacked config and cut you off...permanently
so you are screwed either way.
not to mention that most of the cable modem companies are using MD5 hashes [cisco.com] to validate the config files integrity (MIC (Message Integrity Check)), other than a severe hardware hack your not going to crack much with this verification.
i came accross tco-iso's website quite a while ago and after a few visits over the months it seemed to of ground to a halt when they realised that MD5 was involved, they even mentioned the possibility of brute forcing the hash which raised a smile from a few of us.
They point to their IRC channel for files but the *only* files that exist are just mirrors of the files their site links to, no "onestep" or 30mb files and certainly nothing special in the files (other than someone knows how to use a hexeditor on PD software)
some people dont understand how uncapping really works but i think speedguide's [speedguide.net] article seems to sum it up nicely.
Wow that's pretty stupid (Score:2)
The cable company drives around your city and neighborhood with sniffers looking for illegal cable tv hookups, something that costs them ZERO dollars... the cable signal is already there, they dont lose money with someone stealing it. Stealing bandwidth, that they do see as a dollar amount..
If they will spend millions to snif out morons that steal the cable signal or HBO, you are sure that they are spending as much effort, time, and resources sniffing out for this stuff... hell they already watch for cloned cable boxes and cable modem boxes (Yes Johnny, you can get cable modem service for free, just buy this modified cable modem!)
It's just like real hacking, if you do it from your home then you are really really stupid....
Reaping the fruits of greed (Score:2, Insightful)
say, by a half (a fifty percent increase in performance is not bad by any standard, yes?),
they push for the skies. Skimming off the top goes unnoticed (or even tolerated) far longer
than just taking it all.
The tragedy of the Commons (Score:3, Insightful)
For those who have not studied Sociology, I'll summarise.
In a village, there is a common patch of land. General consences decreed that the land was free for any to graze their animals on. After a while, many people decided to graze as many animals as they physicaly could on the patch of land. Eventualy the commons becomes a muddy barran field due to over grazing. (Note, actualy, in large scale, this can, and has, turned grassland in to wasteland and even desert.)
The point is, many people have been saying 'Its the Internet, you paid for a connection, you have the right to use it to the full!' for so long. (ref, countless slashdot articles) Now people belive that bandwidth restrictions are artificial, that the cable companies are just trying to get as much money as they can. (Actualy, the Cable companies rent bandwidth in turn from companies which did speculative investment in laying high bandwidth cables. So if they need to increase bandwidth, they have to pay more.) This results in people asuming they have a right, and even a moral obligation, to take as much bandwidth as they can and 'share stuff'.
As another example, it would be wrong to take up two seats on an airliner when you only bought one ticket.
This scam is the equivelent of forgeing an airline ticket. Crude, and likely to end you up in hot water.
Re:The tragedy of the Commons (Score:2)
Is it still wrong to take 2 seats if the airline reduced the seat width from 18" to 9" to save money while still charging the same price? I am afraid I would have one asscheek in each seat.
Cable and cable modems are not the commons. They are monoplies run by companies trying to extract maximum profit for minimum work. I do not want to say that bandwith theft is correct, but there are two sides to the coin, and I have a hard time feeling sorry for the 'poor' cable company.
At one point I asked Time Warner to provide free internet service to a community center located in a neighborhood where the median income is $2000 below the poverty line (2000 census). They declined, not because it would be a precident (they provide it to facilities in other communities) but because they were so used to screwing our community they did not feel the need. So much for the commons.
SD
Re:The tragedy of the Commons (Score:3, Insightful)
Sure the companies may suck, and may do bad things like that. But claiming that theft is of bandwidth is deminished in this way is going to backfire and potray those of us looking for 'internet fredom' as swindlers. As I said, the 'Hack the Planet' mentality is doing much more damage than good.
Re:The tragedy of the Commons (Score:2)
Bandwith is limited by infrastructure and bandwidth fees and the company's goal is to spend as little on each as possible. As these are monopolies, unless someone (the government, a class action suit, hackers etc.) force people to take a look at what is happening, things just get worse. I would be very curious what percent of the cable fees actualy go to bandwith vs. profit.
Theft of bandwith is not right, I agree, but abusive monopolies like cable companies are not right either.
Monopolies do not equals Commons
SD
Re:The tragedy of the Commons (Score:2)
You keep using that word. I do not think it means what you think it means.
Re:The tragedy of the Commons (Score:3, Informative)
Main Entry: monopoly
Pronunciation: m&-'nä-p(&-)lE
Function: noun
Inflected Form(s): plural -lies
Etymology: Latin monopolium, from Greek monopOlion, from mon- + pOlein to sell
Date: 1534
1 : exclusive ownership through legal privilege, command of supply, or concerted action
2 : exclusive possession or control
3 : a commodity controlled by one party
4 : one that has a monopoly
Let me know who else can provision a cable modem in a single cable provider community and I will retract my statment. Most communities have a local monoply for cable services. Aggregate these communities together and you have monopolies.
Unfortunatly, the FCC say that communities can not regulate broadband in the same manner they regulate cable. I will go a step further to state that most cable companies provide internet as an unregulated monoply in their respective communities.
My mother lives in a community with a large cable company and a city owned cable provider. The cable company is much more customer oriented and price competitive as they do not have a monopoly.
Re:The tragedy of the Commons (Score:2, Insightful)
Did you ever got bothered by anyone when you took the free seat next to you along with the one you were currently on? I don't think so. It's there, it's available, why not using it if you feel the need to? It's not exactly the same with bandwidth because there's a direct associated cost which is not the case with the free seat (it's likely it will travel with you whatsoever ).
Anyway, I think people just need to be explained things to accept the restrictions. Capping actually helps them having a better service overall, by protecting them from their abusing neighbours. I won't say that I don't find the up speed at 128kbps to be a bit slow, but I used to have 28.8k up so, why complaining in the first place? More is better?
Re:The tragedy of the Commons (Score:2)
Please feel free to code a spell checker for slashcode if you want.
Re:The tragedy of the Commons (Score:2)
Of course, I'm using the best web browser [omnigroup.com] on the best platform [apple.com], so your mileage my vary.
Re:The tragedy of the Commons (Score:3, Interesting)
Check your Library card. Most public libraries limit the maximum amount of books you can take out. And they have fines for late returns.
"Water from a public drinking fountain is free, but nobody sits there all day filling up bottles of water just because it's free."
But when piped water was new, they did just that. It took a lot of teaching to get our curent social stigma of wasting water that comes from a tap.
"Besides, the "tragedy of the commons" is usually used as an example of why government control of something is bad. Yet in this case the connection is owned by a private company, and you're still crying about the 'tragedy of the commons'?"
Er... So, because I dont use the argument in the traditional role, its wrong? And, I seriously think you have the wrong end of the stick there with your given usage too.
"If it wasn't for the shared backbone you wouldn't have an internet connection at all."
Yes. And no. Networking is more complicated than that these days. But I'm not saying a shared escential resource is inherently wrong. (Apart from single point of faliure, but thats a diferent argument all together)
"I find nothing tragic about having this sort of 'commons', it's an enabling device for crying out loud!"
Uh huh? And your point was what exactly?
The 'Commons' example is for an *Uncontroled* and *Unmetered* limited availablity resource. I dont understand how anything you've said is relevent to what I said.
Cheap point-to-point line potential? (Score:3, Interesting)
The config file is uploadable through the ethernet port, and seems to be able to specify the upstream and downstream frequencies, along with the maximum bandwidth rates etc. What would happen if you joined two cable modems with an F-to-F connector cable, and send config files to them so that the receive frequency of one was set to the transmit frequency of the other? And, how far from each other could they be? I know that the sub-headend that supplies my cable modem is only about 1/4 of a mile away, but I'm sure they work over a greater distance.
Any thoughts?
Kill two birds with one stone... (Score:2)
It will cut down on unwanted traffic as the cable company gestapo hunts down those ignorant dickheads who are still running unpatched machines, and sends them back to AOL, where they belong if they can't properly maintain a computer.
~Philly
Even better... (Score:2)
What we really need (Score:5, Funny)
One little observation (Score:2, Interesting)
But how many of you used Napster, and now use Gnutella, Kazaa, Audiogalaxy and the like, and think it's your god-given right to do so?
The shoe seems to be on the other foot when *you* run the risk of losing something. Consider, though, that other than the much closer-to-home personal risk involved in this one, that *both* acts are basically theft.
(As an aside, I wonder, though, how long until the "studies" show that uncapping your cable modem leads to the purchase of higher-bandwidth levels of service.)
Re:One little observation (Score:2)
Erosion of fair use rights is a seriously dangerous thing. Try to at least modify your remarks to take this into account.
Combine this with Brilliant's SpyWare network (Score:2)
Or, maybe they shouldn't.
So what's the problem? (Score:4, Insightful)
This gives them an easy out. If they're able to detect an uncapped cable modem in a matter of hours after its been uncapped, then this is a great way to relieve yourself of a bunch of unwanted customers. And they don't even have to monitor bandwidth content. Just have to check the speed going over the physical maximum.
This should also be a wakeup call for parents who "share" their internet connection with their kids. Better let your children be aware that if ever they do something this foolish there will be serious hell to pay. PAY ATTENTION to what your children are doing. You don't know?? Then don't let them have internet access. When they turn 18, let them get their own account, and they can use or abuse it as they see fit.
Or if you REALLY need that extra bandwidth, pay for an account that provides for it. MOST companies, even cable providers have accounts that provide greater upstream bandwidth, but they don't cost $49, and they're rarely parts of a promotional deal.
-Restil
My suggestion remains... (Score:2)
Dear Sir or Madam:
When i subscribed to your service I was promised "Unlimited" access, however you have limited my upstream connection. When I try to video teleconference with my grandchildren in the hospital, the image quality is extremely poor, and the audio is hard to understand. It is absolutly no improvement from when I had dial-up. I was also promised that I would be able to send video emails, but they take so long to upload, and while they are uploading, it chokes my ability to surf the web. Moreso, when I am trying to upload pictures and video of my family to my website, the connection frequently stalls or disconnects halfway through the upload and I have to start all over. I find this to be very frustrating and stressful, and since my recent heart attack, my doctor has ordered me to avoid stress. Because of this I will be forced to end my service with you.
It never seems to work, but maybe it will get them to stop promissing unlimited access and blazing speed.
(btw, I'm not really old)
My uncap history (Score:3, Insightful)
The Docsis files are md5 signed and if I dont sign them, then I am SOL. I followed the steps, spoofed the tftp, wathced the modem grab the config - but yet my upload was still no better then 256kbits/second
As for the whole legality - All I am going to do is make my cable modem "up to 100x faster then 56k modem" because right now I am @ 3mbit/s and 256k/s. A 56k modem has a limit of 33.6 kbit/s for upload SO 100x faster is 3360 kbit/s second
Discuss.
Re:caps on uploads (Score:4, Informative)
15k is exactly what you are paying for. The speeds that describe your line are in kbit/s, and 128kbit/s turns out to be 16kByte/s.
m
Re:caps on uploads (Score:2)
I've looked at the modems config screens and it shows Downstream: 717MHz, and Upstream: 33MHz. Could it be double-capped?
Re:Easy to catch (Score:2)
You are right though - it just isn't worth losing service over especially if you can't get DSL.
Re:Easy to catch (Score:4, Insightful)
I think we all assume that the download is maxed or we don't care.
It's the limited upload speeds that people want to get around. Now I know that the uploads are sometimes limited to reduce 'network collisions'... but low upload speeds are screwing real users.
You don't need to be hosting pr0n or warez. What if you want to put up a password protected mp3 server so you can listen at work, etc.
Remote desktops in XP - X11/VNC for linux users... there are real reasons.
Browse over to freshmeat and check out all the cool ass servers.
Re:Easy to catch (Score:5, Interesting)
Re:Easy to catch (Score:2)
Why bother? (Score:2)
So, that's at least 18 GB of data I've downloaded in a week, without having to use one of these uncappers and pissing off my cable ISP. Unless you want to uncap the upload speed to run a server, I don't see much benefit. And of course, running a server is a TOSable offense for home cable internet service, so that's a risk that hardly seems worth it.
Re:Easy to catch (Score:2)
I wouldn't complain except that Comcast offers no "power user" service with a more reasonable upload cap (like 384 kb or so) and I live 17km from my nearest CO. I don't understand why Comcast doesn't offer tiers of service like many DSL providers, they could make a fortune off of their artificial scarcity of bandwidth and their monopoly in this area.
Re:Is there anything like this for DSL? (Score:3, Informative)
DSL (Digital Subscriber Line) is not a shared medium: you are the only one that uses it up to the switch. So the switch is responsible for cutting you down. Client side security (okay, capping in this case) has never been a good security.
Anyway, even if I am wrong (which I doubt), I wouldn't uncap my DSL modem. Okay, I have the lowest possible rate where I live, but it's enough for all our family member to surf simultaneously at acceptable speeds.
Re:Is there anything like this for DSL? (Score:3, Informative)
To be more specific, each cable modem in your neighborhood receives and sends all data that goes through your neighborhood.
Each cable modem has a timeslice to pay attention to data being sent to it. When receiving, there are multiple way of multiplexing, be it giving each modem on the network a timeslice to send a burst, or frequency division multiplexing
Re:Is there anything like this for DSL? (Score:2)
Re:Is there anything like this for DSL? (Score:5, Informative)
Second: It should not work on properly designed DOCSIS Cable Modems either. A cable modem should not accept tftp uploads and config from anywhere but its cable interface which is not available to the casual hacker.
Third: It will not work on properly configured newer DOCSIS 1.1 and later networks either.
Here is why:
First: In DSL the speed is largely controlled by the DSLAM. Some modems do some minimal QoS and capping but it is hardly ever used. No need to.
Second: design fault. Typical of telco manufacturing. No comment needed. Can be fixed by a single software upload which the provider can trigger on any software upgradeable modem. As a result it will no longer be possible to uncap it.
Third: You can hog bandwidth in an unlimited fashion only on a DOCSIS 1.0 and incorrectly configured newer networks. DOCSIS 1.1 introduced the concept of a transmit map. The cable modem termination system tells you when you can transmit and when you cannot (it can also slice bandwidth exactly on per consumer/application basis). As a result a properly configured 1.1 or newer network should have no need for CPE capping. Of course, US has a boatload of non-docsis proprietary networks so dunno about these.
Say what? (Score:3, Informative)
Re:Property vs Service (Score:5, Insightful)
Here's another example: you may own your telephone handset, AND it may even be legal to modify it for the purpose of phone phreaking (maybe...DMCA?), but once you plug it into a live phone jack, you've surely committed a crime.
Summary: It's not about how you handle your equipment, it's where you have permission to stick it.
Re:Property vs Service (Score:2)
If it were particularly easy to do this sort of thing, how long do you think it would be before tinkering with this kind of equipment would be illegal too? Or even talking about it, for that matter? Because why make it just a civil matter between business and customer when the goverment can join the party!
It's amazing how proactive the government can get with your rights and freedoms when a big corporation's monoply- I mean, revenues might be threatened. You see, when two individuals or two businesses disagree about how their business relationship is working out, they have to pay for their own day in court. But when it's business vs. consumer, the police suddenly don't mind lending a few billy clubs.
I think if we take the DMCA to it's logical conclusion (since if it's a good law, surely not only copyright deserves that level of protection), we should be setting up "Federal Speech Centers" for citizens to visit before they write or say anything, and everyone can take a number and stand in line and step up to the counter to ask the Federal Department of Speech employees if what they're thinking is OK to talk about, to insure that no one else's government-sponsored "rights and freedoms" get "threatened." I mean, what's the sense in waiting until someone actually comits a crime?
We don't need a Department of Actions Performed in the Privacy of the Home, because it'll be cheaper to just put cameras in every room.
Re:Property vs Service (Score:2)
Re:Property vs Service (Score:2)
Re:Property vs Service (Score:5, Interesting)
Now, the government doesn't supply the car. I went out and bought the car. I have a Citroen, you may have a Ford, or a Vauxhall, or whatever you like. They're all *capable* of going faster than 70mph, but if I get caught doing that, I get a speeding fine, and points on my licence. I can't argue that "I bought the car, I paid for it, so I'll use it any way I want".
Re:OT: Toshiba PCX1100U (Score:2)
i C0/\/nect3d al1 |\/\y wind0z3 b0xen with Us|3.
if you bought a router, or ran the second computer behind the first one, how would that be any different? i have no idea what you are claiming you did.
Re:OT: Toshiba PCX1100U (Score:2)
I hooked up a second box - yes a Windows box considering there is no way to use the USB function of the cable modem.
The second box got the maximum speeds ( 250K down, 45K up ).
My cable access is paid for by my roomate.
I can't afford a router/hub or even another pair of NICs.
This only worked for a certain amount of time.
The cable company "turned off" the USB function from what I can tell since it won't work at all now.
If I used a router or a hub my computers would all share the bandwidth.
Yes, this is all off topic.
Re:OT: Toshiba PCX1100U (Score:2)
I am allowed two IP addresses no problem.
I was getting full bandwidth on both machines.
With a router or hub I would share.
I wasn't fully taking advantage of it at first - at first I was using for in house file transfers only - backups, etc... but then my evil side came out.
Re:Do ISP's know about QoS yet? (Score:2, Informative)
That's why uncapping cable modems is immoral: If you unlimit your rate you are stealing bandwidth from other users on your cable segment and lower the quality of their cable service.