Feds Charge Cable Modem Modder With Aiding ‘Computer Intrusion’ [Wired - Threat Level]
Thinking about hacking your cable modem to squeeze a few more megs out of your broadband connection? Based on the experience of one Oregon hacker and writer, you might want to think twice before modding your modem. Ryan Harris, the 26 year-old author of a book entitled Hacking the Cable Modem, has been indicted by a federal grand jury in Boston on charges of conspiracy and aiding and abetting computer intrusion and wire fraud. The six-count indictment charges Harris with providing other hackers with the instructions and hardware to steal broadband service from their Internet service providers.
According to this article, in addition to writing the book on modding Motorola Surfboard modems, Harris is the project organizer of a group of hackers named TCNiSO, that specializes in selling users pre-hacked modems. Harris himself is alleged to have sold an FBI agent two hacked modems through TCNiSO's web site.
The hacked modems allow users to either steal broadband service by spoofing another legitimate user's cable modem MAC address or provide the user of the hacked modem access to uncapped broadband speeds. At least one of the users that TCNiSO and Harris are alleged to have aided in stealing broadband service has plead guilty to computer intrusion using a modded modem.
The moral of the story when it comes to experimenting with your cable modem - it's a lot easier and cheaper to simply upgrade and pay for your broadband speed legitimately. Using network management systems, cable operators can easily track and trace spoofed MAC addresses and modems that are eating more than their fair share of bandwidth. According to Broadband Reports, Harris faces a maximum sentence of 20 years in prison, to be followed by 3 years of supervised release, a $250,000 fine and restitution on each of the six counts.
Was that really worth avoiding paying $30, $40 or even $50 per month?
So if it is stealing from the cable companies when a user recieves more bandwidth then they are paying for (Which I agree 100% is stealing), are the cable companies stealing from consumers when they are not delievering all the bandwidth its customers are paying for?
I only ask because this was my reason for cancelling Insight 10.0 several years ago. I never recieved the full 10.0. Most of the time I would only pull 3.0-6.0. occasionally I would hit 7 or 8.0 but that was rare. When I called Insight customer care I was advised this is normal because there may be many users in my neighborhood online and its normal to see congestion on the network around 3-7 PM. Customer Care's technically advise. Wait till later in the evening after 10PM when there is not so much Network traffic.
I paid for 10.0 but only recieve 50-60% of those speeds. Did Insight steal from me?
Posted by: Jeff | Tuesday, November 03, 2009 at 06:29 PM
He should be supervised for a while, but prison, that's totally ridiculous. How is the little bit of damage he caused worth 20 years in prison, it's not.
This sounds like the Kevin Mitnick case where Adobe claims he cost them millions of dollars in software sales even though they never reported the loss on their taxes. People who downloaded the software would have never bought it.
This guys hacked modems went to people who weren't going to pay for internet. They got something for free but the ISPs didn't actually lose anything.
Where's the logic?
Posted by: Rob Jones | Tuesday, November 03, 2009 at 07:38 PM
In reference to all the articles I have read on about this, he sold hacked modems and information on how to hack the modems. This would be like going to the owner of a gun store and charging him with murder because a gun from his store killed someone. - Or blaming all you can eat buffets for obesity. If someone used a modem from him to get free internet - they need to be held liable not him.
The individual in question spoke at conference I was at a few years back and has stated that there is more the cable companies can do to prevent people from stealing internet, but they don't do it because the cost of implementing the security are usually more than the cost of the internet that is being stolen.
Posted by: Jeff | Wednesday, November 04, 2009 at 02:52 PM
Honestly, I'm surprised the EFF or ACLU isn't on this case. Four wire-fraud charges are based entirely on the fact that a juvenile computer hacker known as “Dshock” downloaded TCNiSO’s firmware and used it to steal broadband? Where's the justice in that? Why don't you go after Dshock on theft of service charges?
Posted by: sineswiper | Friday, November 06, 2009 at 01:56 PM
sineswiper, dshocker is already doing prison time on unrelated charges.. :)
Posted by: Consumer | Monday, November 23, 2009 at 04:46 AM