For those broadband subscribers who are uncertain about the legalities of tinkering with MSO-leased hardware in order to boost bandwidth performance, here's a helpful hint: If the FBI comes bursting through the door, putting the kibosh on your Matrix II download and confiscating your modem and hard drive, then it's safe to say you've broken the law. Such was the case last week in Toledo, Ohio, when federal agents and members of the city's police computer crimes task force served warrants at 13 residences as part of an antitheft sting operation.
According to Toledo Police Detective Bart Beavers, the investigation, which began in early February, focused on Buckeye CableSystem customers who are believed to have altered their cable modems, allowing them unauthorized access to enormous amounts of bandwidth.
?The most egregious offender had altered his modem to handle 100 megabits per second, up and downstream,? Beavers said. Buckeye Express, the division that offers Toledo residents high-speed bandwidth service, sets its upper limit at 1 meg per second both ways.
The investigation will continue throughout the coming months as the MSO looks to ferret out other bandwidth thieves. ?So far we have seized a total of 35 computers and 14 modems,? Beavers said. ?We've also dug up an array of questionable copyrighted materials?pirated movies and things of that nature. But we're not done here yet. This is a work in progress. These are felony offenses we're dealing with here.?
Modem uncapping, the process by which a user hacks into his or her home modem in order to gain access to untapped bandwidth, is on the rise ? and doesn't require an advanced degree in computer science. According to Carlos Oliveira, principal engineer of Toshiba's network products division, the process is less esoteric than some MSOs have been led to believe. ?Basically, hackers just need to generate a replacement configuration file for their modem that does away with the capacity limits set by the service provider,? Oliveira said. ?Then it's just a matter of fooling the modem into accepting the fake file.?
Detailed instructions for engineering the uncapping hack have been readily available on the Internet for at least a year, and chat rooms and message boards are teeming with hackers swapping tricks of the trade. The larger MSOs don't appear all that concerned about the matter, however. A Time Warner Cable spokesperson characterized modem uncapping as little more than a minor irritant. ?These people are mosquitoes,? said the spokesperson. ?They're aggravating, and we'd all be better off if they weren't around; but they are too small to do any real damage.?
Paul Shryock begs to differ. As Buckeye's director of information services, he has a vested interest in bringing the malefactors in his service area to justice. ?We've estimated the damages from the seizures of the past few weeks alone at $250,000,? Shryock said. ?We don't fully understand how they're pulling this off just yet, but we're learning more every day.?
As are the hackers, it seems. The San Mateo, Calif.-based security management group SecurityFocus recently warned its customers of the emergence of ?OneStep,? a new hacking tool that ?promises to make cable modem uncapping a point-and-click sport.?
An automated program that combines all of the steps necessary to successfully pull off the uncapping process with a user-friendly interface and a chat system, OneStep could very well bring the uncapping hack to a widespread audience looking for light-speed bandwidth access. If that doesn't sound ominous, think of Shawn Fanning in his dorm room, cobbling together a search engine, a file-sharing program and chat functionality to create Napster. Then think of what that did to the record industry. Yipes.
Jupiter Media Research analyst Joe Laszlo believes that MSOs may confound the bandwidth bandits by setting monthly caps and strictly monitoring users who consistently approach the upper limits. ?Rogers Cable has had success in limiting the amount of data customers can download each billing period,? Laszlo said. ?While uncapping is never going to be a problem in terms of the sheer number of people with the necessary technical skills to do the job right, the ISPs have got to take this seriously.?
Oliveira said that an ounce of prevention is worth about 100 megs of cure. ?When it comes down to it, the firmwear has to be upgraded by the MSOs. It's simply a matter of the MSOs taking the time to upgrade, and until they do they will remain at risk.? One solution is for operators to make the jump to DOCSIS 1.1 products. Toshiba has had great success thwarting bandwidth theft with its line of DOCSIS 1.1 modems; in fact, Oliveira says that any 1.1 modem, regardless of make, should do the trick.
Some models may be more susceptible to this particular hack than others. SecurityFocus's Kevin Poulson said that Motorola's Surfboard modems are ?the most common target?; whether this is because they are some of the most widely deployed units on the market or because their design is inherently flawed is not entirely clear. (Motorola reps were unavailable for comment.)
The predominant modem in the Buckeye system happens to be the Motorola Surfboard, although Shryock said that would change with time. ?The only modem we are installing now is Toshiba,? Shryock said. ?Don't get me wrong ? Motorola has served us well ? but that's just the direction we are going in as we learn more about this bandwidth monster.?
Still, Shryock suggests that it would be folly to believe that going forward with a new manufacturer will put an end to uncapping: ?I'm not that naive,? he said. ?It's not a matter of winning the battle, because we can't. It's a matter of ensuring that we're one step ahead of these guys.?
Back to this issue
