FBI Arrests Another Cable Modem Hacker > Crack down

reply to gatorkram

Re: Crack down

reply to amigo_boy
actually, cable companies do secure there network. Its based on a handshake type system. When your cable modem powers up, it sends a request for access to the network, the CMTS (the computer at the cable companies headend) receives a bunch of information from the modem in this file including the modems mac address, if that address isn't in the CMTS the modem gets denied access. Its actually the best security one can use. However, when one hacks, or mods a cable modem, your basically tricking the cable modem into thinking it has been granted access to the network. Each company has a unique config file, which is why when the modem is hacked it will only work on certain cable companies. The hacker has basically installed the config file in modems flash memory, and they change some hardware programing so that the modem loads up that config file, when it request an ip number from the CMTS it sends the handshake information proving its ok, and its given the ip address. There is really nothing a cable company can do to stop it, the same way dish network and DTV cant stop people from stealing sat. service. They can change security measures, but someone will end up figuring out a way to get what they want for free.

well DBS is very difficult to steal anymore, what with the current generation of access cards out there.

DBS by its very nature is a mostly 1-way system: the majority of the signal is sent to every single customer in the country with locals being spot-beamed regionally. the access card authenticates the receiver and the receiver in turn displays the A/V signal to the end of the chain (tv, audio, etc.). in the past it was very easy to reprogram an access card to access 100% of the signal instead of what it was originally intended to decode.

current generation CATV by its very nature is a 2-way system: every CPE (consumer equipment) is connected to the CMTS with updates being made constantly. Cable Modems in particular have been 2-way for a long time. The boot process uses MAC authentication and allows the modem to access the various portions of the network and then the Internet if it's a legit CPE.

saying that the cableco can't stop it is like saying the highway patrol can't stop people who don't pay to access toll-roads. there's simply too many places to stop the process from progressing. I have to agree with amigo_boy here - no company should be allowed to use our tax dollars to protect their investments. I realize that it may be too late for this ethical issue, however, what with the corporate bailouts and the precedent they have seemingly set.
--
"I saw Matlock in a bar last night; the sound was off, but I think I got the gist of it..."

reply to rstrandb
Leave your front door unlocked and wide open....see how quick the FBI or locals are to help you out after your place is cleaned out......The cable companies are letting us shoulder the tax burden of securing their money making network. At a certain point they need to at least close the door.

Also this is only rounding up the criminally stupid.....advertising that you are breaking the law is not the best way of avoiding interest. Concentrating more of our tax dollars on violent or higher cost crime would seem to be more effective use.

reply to amigo_boy
Really? It's hard for you to get worked up about theft???

This is network hacking.. they're stealing access and as long as there are laws on the books, they need to enforce them.

It has NOTHING to do with cable companies wanting to defer theft to um, law enforcement... it has everything to do with people breaking the law.

I assume that in your eyes that if someone steals a car from a car lot, that the lot should do more to secure their cars? I assume that if you steal a TV from a store, the store should do more to stop theft? I assume that if someone breaks into your house and kills someone in your family you should do more to secure your house?

Get real on this one Amigo...

Law enforcement is enforcing the laws as requested and required.. period. I'm sorry, but I find your post a load of donkey dung.

You, being on this site, should know just as anyone else where.. you can secure your network all day long but there is a constant war between hackers and network operators.. nothing is 100% secure nor will it ever be.

I think you need to seriously re-check yourself.. your post is pretty clearly another "I hate cable, so screw them.. this is their fault"... kind of post.

I have NO patience for thieves one bit.. they know that hacking a modem is wrong.. period. And, besides, if this is no big issue, the fact remains, ... someone who steals a dollar will likely steal $10.. they are then likely to steal $100 and more.. so where does it stop? Simple... don't break the law.. and hacking into a network, which this is, for access (which circumvents the system - ie: hacking) is illegal. They break the law, and law enforcement did their job. Good for them!

reply to kba4
nowadays you dont need to even reprogram an access card to steal dish or DTV for that matter, with the advent of the internet, its called card-sharing, and its available and about 7 FTA receivers, you load in 3 party firmware, plug your FTA receiver into an Ethernet connection, or configure wireless connection give the box a minute to connect to the card server, and your getting free Dish Or DTV. If there is a service someone wants badly enough they will find a way to get it for free. Yea the boot process does use the mac auth, but they still hacked the modems for free service, and they do work, I've seen these modems in action when i worked for a cable company, I've also seen the process of hacking them to work with out being put in the CMTS, and uncapping, you only have to use 2 programs, that run under windows and you can configure your modem to access the network. its so simple, that a 50 year old could do it. I was going to put 12 year old, but we all know most 12 year olds are who are figuring stuff out these days.

reply to amigo_boy
When I worked for a unversity ISP you could easily detect duplicate mac addresses??? Why can't the cable companies do it?

These people are only doing what the cable company allows them to do, they did not hack anything. They are not hackers.
--
Republicans: less fiscally conservative than that other party.

reply to fiberguy
I have a problem with the FBI wasting valuable resources on tracking a cable modem hacker and not doing a better job of securing the USA.

reply to rstrandb

reply to amigo_boy

reply to rstrandb
rstrandb

It takes about ten minutes to grab a usable profiles off of another head end (the same two macs cannot run on the same head end at the same time). It does NOT take a lot of hacking or anybody with specialized knowledge to use a hacked modem(just as difficult as installing a new driver). It really does not drive up the cost of service significantly either (which is why the ISPs just ignore them). While the ISPs could prevent a single mac from being used twice (system wide) they do not do so becuase of the cost benefit ratio.

I think it is highly likely that someone other than the ISPs was the reason behind the FBI doing this. The FBI needs to go after criminals who actually causing real harm. This is not entirely their fault, after 911 the white collar crime division was virtually stripped of all personnel (reassigned to terrorist watch). It has just been in the last year (or so) that a significant amount of personnel has been reassigned to this section (due to Madoff?).

reply to rstrandb

reply to CatchingSpy