Digg this story   Add to del.icio.us  
Cable Modem Hacking Goes Mainstream
Kevin Poulsen, SecurityFocus 2002-05-08

An ambitious hackware project promises to bring illicit broadband "uncapping" to the masses, and with it the risks that come with high-speed hijinks.

From a pitiable 56kbps AOL dial-up somewhere in suburban Colorado, 19-year-old Myko Hein would like to tap out this sad, regretful message to the powers-that-be at his former cable Internet provider, AT&T Broadband: I was wrong. It'll never happen again. Please take me back.

Just last month Hein thought of AT&T's service as unbearably slow -- acceptable, perhaps, for sending e-mail, but pure molasses when it came to trading software in Internet chat rooms. Hein's thirst for speed finally drove him to employ a sophisticated hack that "uncapped" his cable modem, obliterating the bandwidth limit imposed by the company, and granting him speed beyond the dreams of hotwired youth.

But it only took six hours for AT&T to catch Hein, cut him off, and ban him from their network for life. "They said they considered it theft of service," recalls Hein. "There were no second chances."

It's easy to see the hot rod appeal of tinkering with one's cable modem to tap into ridiculously high data speeds, and uncapping has become a popular exercise in the bandwidth-hungry "warez" and movie-trading underground. Today, the most common target is Motorola's popular Surfboard line of cable modems. Hackers generate a replacement configuration file for the modem that omits the capacity limits installed by the service provider. They then trick the modem into accepting the bogus file.

In addition to violating the typical broadband service agreement, there can be an anti-social aspect to uncapping. Providers put capacity limits in their subscriber's modems to prevent each user from taking more than their fair share of the bandwidth available on each node. In other words, if a user uncaps his or her modem and starts hogging bandwidth during peak hours, neighbors will suffer reduced performance. Uncapping sometimes robs Peter to pay Paul.
OneStep Cable Modem Uncapper


Instructions for pulling off the configuration file hack have been on the Web for at least a year, and chat rooms and Web boards are crowded with uncappers trading tips and experiences. But AT&T Broadband describes it as a minor problem, at worst. "I don't think it's something that's rampant," says spokesperson Sarah Eder. "It's not widespread."

Uncapping Prometheus
If cable modem hacking hasn't become a huge problem for service providers, it's probably because the process remains intimidating for non-technical users. The subscriber has to program a DOCSIS configuration file with a special editor, run their own TFTP server, change their IP address and run an DHCP server that tricks the modem into pulling the config file from their host. Dedicated hobbyists have refined the procedure and written tools to automate key portions of it, but pitfalls and caveats abound.

But that's all about to change, with the pending release of "OneStep," a user-friendly all-in-one tool that promises to make cable modem uncapping a point-and-click sport.

The work of a dangerously unemployed U.S. coder who calls himself "DerEngel," working with a colleague named "Byter", OneStep is described as a 30 megabyte monster of a program that rolls up all the various servers and spoofers needed to pull off a cable modem hack. It then hides it all behind a pretty interface with pull-down menus for selecting your service provider, modem make and model, and even the new speed limit you'd like to put on your modem -- in case you don't want the full 10 Mbs Ethernet speed.

So far, the beta version is closely held, but few in the uncapping scene dismiss OneStep as vaporware. DerEngel is already famous as the underground Prometheus of super-broadband -- the author of several publicly released programs that automate some of the steps in the uncapping process, and the host of a popular how-to site and chat system dedicated to uncapping. In an IRC interview, DerEngel said he plans to release OneStep in late May, and he expects it to open up the arcane art of uncapping to the masses. "It will be the first program of its kind," says the coder.

Speed Kills?
But what about the consequences? Myko Hein suffers a low-bandwidth exile as a result of his six hours of living dangerously. His father, who shared the household cable modem, now has to slog into work every day -- the dial-up is too slow for telecommuting. The only other broadband available in his neighborhood is IDSL service from the phone company, which would break his family's budget at over $100 a month.

Hein insists he didn't even know he was violating his service agreement, and claims the uncapping was done by an automated script passed to him by a friend on IRC -- a kind of OneStep Lite, written specifically for his service provider, modem and operating system, which he mistook for a perfectly normal connection optimizing tool. Without commenting on any particular case, AT&T Broadband claims it doesn't automatically ban a user for uncapping, and wouldn't have cut Hein off without warning unless there were aggravating factors. "We handle this on a case-by-case basis, and if someone is uncapping their service they could have their service terminated," says AT&T's Eder. "But there are all kinds of things that we have to take into account in an investigation."

DerEngel says smart uncappers know how to avoid detection. In any case, OneStep will provide disclaimers and warning statements so that the easy-to-use program will not tempt the truly innocent. Hein, who wanted more and wound up with far less, offers this advice: "Don't uncap your stuff," he says miserably. "Just don't."

    Digg this story   Add to del.icio.us  
Comments Mode:
Cable Modem Hacking Goes Mainstream 2002-05-09
Anonymous (6 replies)
Yeah well... 2002-05-09
Myko (8 replies)
Yeah well... 2002-05-09
Anonymous (3 replies)
Yeah well... 2002-05-09
Anonymous (3 replies)
Yeah well... 2002-05-10
Anonymous
Yeah well... 2002-05-10
The Midnight Runner
Yeah well... 2002-05-10
Anonymous
Yeah well... 2002-05-09
Anonymous (5 replies)
that's weird 2002-05-10
Anonymous
You are idiots!!!! 2002-05-10
Anonymous (3 replies)
Re: You are idiots!!!! 2006-12-06
Anonymous (1 replies)
Re: Re: You are idiots!!!! 2007-08-02
Anonymous
Re: You are idiots!!!! 2007-01-10
VoIP
Re: You are idiots!!!! 2008-02-20
the keeper (1 replies)
Re: Re: You are idiots!!!! 2008-07-21
Anonymous
Yeah well... 2002-05-10
Mike Barnhart
Yeah well... 2002-05-10
Etymologist
Yeah well... 2002-05-10
Anonymous
Re: Yeah well... 2005-06-01
DeF-CoN (1 replies)
Re: Re: Yeah well... 2008-07-21
Gunshinzero
Re: Yeah well... 2002-05-09
Tornberry (2 replies)
Thanks, but... 2002-05-09
Myko (8 replies)
Thanks, but... 2002-05-10
ov3r (2 replies)
Thanks, but... 2002-05-10
Anonymous (1 replies)
Re: Thanks, but... 2008-05-09
Sol
Holy Ones.... 2002-05-10
Anonymous (1 replies)
Re: Holy Ones.... 2007-05-03
Rita G
Thanks, but... 2002-05-10
Anonymous
Myko the tragic 2002-05-10
Anonymous (2 replies)
Re: Myko the tragic 2005-10-02
Anonymous
Re: Myko the tragic 2006-10-22
Anonymous
Thanks, but... 2002-05-10
Nathan Woodruff (1 replies)
Re: Thanks, but... 2006-12-06
Anonymous
Thanks, but... 2002-05-10
Medievalist
Thanks, but... 2002-05-10
Anonymous
Thanks, but... 2002-05-10
Spectrum
Re: Yeah well... 2002-05-10
LimboBoy
Idiot 2002-05-10
Nagora
Yeah well... 2002-05-10
Anonymous
Yeah well... 2002-05-10
Anonymous (1 replies)
Re: Yeah well... 2006-12-12
Anonymous
RE: Yeah well... 2002-05-10
Medievalist
Re: Yeah well... 2008-07-21
Anonymous
Re: Yeah well... 2009-10-06
Anonymous
Cable Modem Hacking Goes Mainstream 2002-05-10
RayReis (at) aol (dot) com [email concealed] (1 replies)
Cable Modem Hacking Goes Mainstream 2002-05-09
Anonymous (2 replies)
Cable Modem Hacking Goes Mainstream 2002-05-10
Anonymous Ranter (1 replies)
Cable Modem Hacking Goes Mainstream 2002-05-09
Anonymous (1 replies)
Why is this even a story? 2002-05-09
Anonymous (2 replies)
Why is this even a story? 2002-05-10
Anonymous
Why is this even a story? 2002-05-10
Anonymous
Cable Modem Hacking Goes Mainstream 2002-05-10
Anonymous (4 replies)
Cable Modem Hacking Goes Mainstream 2002-05-10
Anonymous (9 replies)
re: 2002-05-10
Petester (1 replies)
Re: re: 2007-04-05
Weasel
Cable Modem Hacking Goes Mainstream 2002-05-10
Seamus McBlrfl, a long-time Network Professional
Cable Modem Hacking Goes Mainstream 2002-05-10
The Midnight Runner
Cable Modem Hacking Goes Mainstream 2002-05-10
Anonymous (1 replies)
Your All Wimps Own Up To Your Actions 2002-05-10
NonovUrbizniz
Cable Modem Hacking Goes Mainstream 2002-05-10
LiquidX (2 replies)
Cable Modem Hacking Goes Mainstream 2002-05-10
Rob (9 replies)
bandwith uncapped by ISP 2002-05-10
t0rm3nt3d
Clarification. 2002-05-10
Myko
Re: System limitation 2002-05-10
Jeremy
they brought it on them selves 2002-05-10
Anonymous ISP Net Eng.
Using What's Paid For 2002-05-10
Anonymous
Take back whats ours 2002-05-10
Anonymous (1 replies)
Re: Take back whats ours 2005-08-28
Anonymous
Cable Modem Ethics 2002-05-10
DerEngel
help! my ISP is a thief!!! 2002-05-10
SiX6SiX
Cable Modem Hacking Goes Mainstream 2002-05-10
A Network Administrator
A Win-Win Solution 2002-05-10
BAShMaster
propaganda 2002-05-10
wes-side
This Is Why DSL Rules 2002-05-10
Anonymous (2 replies)
This Is Why DSL Rules 2002-05-11
Anonymous (2 replies)
This Is Why DSL Rules 2002-05-12
Anonymous
This Is Why DSL Rules 2002-05-13
Anonymous
This Is Why DSL Rules 2002-05-12
NetworkStud
Cable Modem Hacking Goes Mainstream 2002-05-11
Nephilm (1 replies)
I hope the ISP's cut everyone off - then what? 2002-05-11
Grouchy (4 replies)
Uhm 2002-05-11
Myko
Answer to all postings 2002-05-12
Last1standing
u guys are a bunch of goodie-goodies 2002-05-11
wat kinda threads are these
Cable Modem Hacking in Germany 2002-05-11
Anonymous (1 replies)
Cable Modem Hacking in Germany 2002-05-13
Anonymous b
The Future 2002-05-11
Anonymous
Potential Virus Flaw here 2002-05-11
Anonymous
Cable Modem Hacking Goes Mainstream 2002-05-12
Me, Myself and I
Just my opinion 2002-05-13
SDVN
Imagine every idiot having 8mbit at home... 2002-05-13
max at kirgizia dot net
an interesting question of ethics 2002-05-13
sephalix (1 replies)
Let me sum all this up 2002-05-13
Anonymous
DOCSIS fundamentally flawed 2005-06-12
Anonymous
Cable Modem Hacking Goes Mainstream 2007-07-29
Anonymous (1 replies)


 

Privacy Statement
Copyright 2010, SecurityFocus