RCA / Thomson Modem Hack Discovered 182
An anonymous reader writes "Those un-employed modem
hackers are at it again. The group known as TCNiSO has released a very
interesting hardware
modification for RCA / Thomson cable modems. The modification is done by
grounding the bus clock on the serial EEPROM which throws the device into a
diagnostic panic mode. Then by using the debug tools from the embedded console
to reprogram the EEPROM, a user can permanently enable a developers menu which gives
complete control of the modem, such as modifying the hardware addresses or
flashing new firmware. Now if only these guys can figure out
how to enable the Bluetooth
features on
my v710 phone..."
Don't fuck around w/your modem's MAC. (Score:5, Interesting)
Personally, don't fuck around w/your cable modem. It works just fine the way it is. Hacks are a wonderful educational/mental exercise but I wouldn't exactly be trying this if you don't want to lose connectivity to your ISP.
How long... (Score:2, Interesting)
Kenny P.
Visualize Whirled P.'s
Cue FBI raids in 5...4...3.. (Score:5, Interesting)
Question (Score:3, Interesting)
Re:Don't fuck around w/your modem's MAC. (Score:2, Interesting)
On the topic of MAC addresses, i'm not sure if enough people treat it as a privacy issue. AFAIK, MAC addresses are globally unique, thus uniquely identifying an individual user. Even IP addresses are sometimes dynamic (depending on the ISP), and can be "masked" by using a suitable proxy. MAC, OTOH, is almost like a digital fingerprint.
Does anyone else share the same concern? Or am i missing something here??
Re:Don't fuck around w/your modem's MAC. (Score:1, Interesting)
Or allow you to access the internet with someone elses credentials. I am not familiar with how a cable internet system works and I doubt you could get lucky enough to guess someone elses MAC but wouldn't the other CM's in your area or "node" have their MAC flying around the wire and ripe for capture? At least the initial requests looking for the routers and DHCP server.
I was wondering. (Score:3, Interesting)
Changing tha MAC address will effectively cut off service to your modem. Being able to update the firmware sounds nifty but, do you have new firmware that you need to install? Is there some service that you need so badly, on a cable modem, that you would spend your time writing new firmware for it?
I just don't see the advantage to this hack. I can see the advantage of previous hacks to uncap a modem but, even those hacks put you at risk of having your service terminated or worse, criminal charges being brought against you.
Re:Don't fuck around w/your modem's MAC. (Score:4, Interesting)
spoofing? (Score:1, Interesting)
great for deniability in court (Score:3, Interesting)
Explain this to me, please? (Score:3, Interesting)
So, if you are not uncapping it, then what's the point? It's not like you are going to add any badly missed features, or make a linux print server out of it. Maybe it's just my lack of imagination, but I just don't see any practical uses for a hacked cable modem. I mean, other than getting the inner satisfaction from proving that you are actually able to read and flash the EEPROM:-). But then, you could just use a screwdriver and an EEPROM programmer...
Re:Don't fuck around w/your modem's MAC. (Score:1, Interesting)
Comment removed (Score:5, Interesting)
Uncapping? No... (Score:3, Interesting)
What about the more legit uses? (Score:5, Interesting)
Back in the day... (Score:5, Interesting)
We discovered and hounded the vendor relentlessly about the fact that the modems had a serial port for dial-upstream service. If you jumped a couple pins on the serial port, reset the modem, and plugged in a serial line 9600/8/n/1 you'd get the modem's diagnostics (password protected, albeit with a very weak password).
The things you could do from the diag screen were downright scary. All this and more. You could determine the downstream and upstream freqs; you could also set the modem to transmit on any upstream frequecncy at any level up to 60dB. We played around with it for a bit. We set up a test modem and had it transmit for a second at 60dB on one of our upstream freqs; it took out ~400 users' service for about a half hour. Had we done it on the PPV freqs, it would have taken out PPV for a few thousand people. Fun stuff.
And to my knowlege, they never fixed it.
Re:Don't fuck around w/your modem's MAC. (Score:2, Interesting)
It's a good thing that spoofing a CMTS system to the modem and giving it new BIN files, and then the new software lying to checksum/CRC tests is a tricky operation. But don't assume that it's impossible.
Re:Question (Score:3, Interesting)
Re:Great way to lose your service. (Score:3, Interesting)
Re:Back in the day... (Score:1, Interesting)
, the look on her face was priceless. HAHA