Source: Tom's Guide US | Keywords: broadband, theft, hacked, modems | Themes: The Internet, Networking, Desktop Computers, Business
The selling of hacked or ‘modified’ electronics or hardware is nothing new, but when the intent behind selling them is geared towards malicious activity, your sales numbers will take a beating.
Recently, Thomas Swingler over at CableHack.net, wound himself into the midst of a legal issue regarding the sales of his ‘modified’ broadband cable modems. CableHack.net has been hit with a lawsuit claiming the sale of his modified modems are sold on the basis and intent to illegally obtain free internet access.
Regardless of the disclaimer on CableHack.net, there is apparently enough evidence that contradicts the disclaimer from his own website--mainly his customer testimonials. The following paragraph on the front page of CableHack.net may also be bad news for Swingler :
“We currently offer a large variety of Premodded modems for you to choose from, Ranging from docsis 1.0 to docsis 2.0 compatibility. All of our modems are thoroughly tested and brought online to ensure 100% customer satisfaction in hardware performance. We are constantly adding new products to our inventory list.”
The only way to actively test if these modems do work as advertised is to put them to work before actually selling them, an act in itself which may very well be against terms and conditions of Swingler's internet provider (if he even has one?).
The hacked modems that Swingler offers are modified in a way that allows the user to change the MAC (Media Access Control) address of the modem. A MAC address is essentially a serial number that is hard coded to a network capable device that under normal circumstances cannot be changed. MAC addresses are used primarily for the tracking of devices, it is also how internet service providers track their customers and ensure the authenticity of devices on their network (to some extent).
With the ability to change the MAC address of the hacked modems, customers could easily obtain the MAC address of someone else on the network and pretty much ‘clone’ their modem and cause grief and/or steal internet services. This would also provide a means to commit fraud or terrorism while someone else potentially takes the fall for it.
CableHack.net is not the only place you can obtain modified modems from. TCNiSO also offers hacked devices, but they do it from an educational and hobbyist stand-point of view--they also express very strong condemnation of the use of modems for illegal purposes.
-
Previous News Article
Report: Nintendo DSi Hitting... -
Next News Article
The First LEGO-brick Digital Camera
Is this really a case of hacking? I thought it was rather common if you own your own cable modem (as opposed to renting it from the cable company) to have an option to put in a 'custom' MAC address.
..not that you should or that it's even a good idea, but I didn't think it was something most people couldn't already do if they own the modem (and hence know the login name/password.)
Is this really a case of hacking? I thought it was rather common if you own your own cable modem (as opposed to renting it from the cable company) to have an option to put in a 'custom' MAC address...not that you should or that it's even a good idea, but I didn't think it was something most people couldn't already do if they own the modem (and hence know the login name/password.)
You are probably thinking of the Router, which is a device that plugs into the cable modem and provides firewall and connectivity distribution services. These devices are common to interchange, however the cable modem itself needs to have a stable MAC address or else your provider will not be able to properly maintain your connection (for lack of a better term.) Cloning a cable modem would let your modem look just like your neighbors' modem, so your traffic would look like their traffic. And, since the cable company has little control over the final distribution (for most neighborhoods there is the equivalent of a big ol' RF splitter covering a dozen or more homes) there is no easy way to determine exactly where all those cable modems are. Hence, the problem.
90% of the internet networks in the US put down by the government and is being used for profiteering by a handful of ISPs with government ties. We paid for that 90% only for a profiteer to make us pay again.
There is nothing illegal about selling a cable modem, firmware updated or not..it wont get online out of the box, it can even be used to replaced a broken subscribed modem. If the end user wants to change settings or software there isnt anything stopping them.
There is nothing illegal about selling a cable modem, firmware updated or not..it wont get online out of the box, it can even be used to replaced a broken subscribed modem. If the end user wants to change settings or software there isnt anything stopping them.
Perhaps it's not illigal to buy the said device, but it certainly is against the terms of use, to use a device with an intend to manipulate the isp's network.
And the whole problem for the company pentioned, is that they confirm they're testing their devices before selling them. Thus they must be breaking terms of use for their particular provider. That is illigal.
The real question here is how the ISP can allow multiple copies of the same MAC. It's a simple measure against these kind of hacks.
"90% of the internet networks in the US put down by the government".
Not even close. The government was involved in the early days but the Internet we use today was paid for by private corporations.
Also... you're talking about the internet backbone, this article is talking about stealing service from the ISP's, the companies that connect your home TO the Internet.
Consumers have no valid reason to change the MAC address of their modem, if they have a legal connection to their ISP then the fixed MAC address of their personally owned modem will work just fine. If the only valid use for an item is to break the law and sleazily steal service that one of your neighbors is paying for... then I have a hard time being sympathetic for you.
Zoonie, no, there's no simple measure against it - if both are on the same subnet.
Anyway,
dude...you don't know what you're saying...let me put it this way:
US Law allows their citizens to have guns for defensing purposes, right? Now what do you think it would happen if someone used it to kill another person for personal gains (money, whatever)? Do you think that it would be legal?
Same thing here. If you modify your product with the intent to inflict "damage" to someone (ISP - theft of service), that is illegal, no matter whatever you say.
I think you could detect multiple MAC use based on Signal Strength Heuristics... but that wouldn't help you find the LOCATION of the modified modem. If you disable that mac address the thief will just switch to the next valid address it can find.
Now with FTTH that all changes since each home is uniquely identified on the network. It's going to take some time for FTTH to get decent penetration though - infrastructure is very expensive.
Good luck. They are charging him with conspiracy to commit fraud based on a CI's testimony. The CI was convicted of fraud had used one of the modems and testifying to get a reduced sentence. The CI should be responsible for his actions. This case is bunk.
The real question here is how the ISP can allow multiple copies of the same MAC. It's a simple measure against these kind of hacks.
How are you going to discern from where the Ethernet packet came if your only clue is the source address field (which is obviously the same for both devices)?
He could have just had a coax router purchased from ebay or something and set up a small cable network in-house for testing. That is by no means illegal, however if he connected out to an ISP then he could be in for some trouble.
Set up a cable network in house? Why would anyone want to do that even if you managed to put together all the hardware and software required to build and configure it? It'd be Slower than gige, with clunky wiring and no real purpose.
Even if for some weird reason you DID want to set up your own Cable Modem based network... you'd still have NO reason to change the default MAC address on the modems.
You can test the modems to go online via a CMTS and all isp's bring modems online by default .. Go learn what a Walled Garden is for.