Home » cable modems » Recent Articles:

Internal Company Documents Suggest Time Warner Cable Intentionally Deceived Customers

A stack of revealing company documents obtained by the New York State Attorney General’s office suggest top executives at Time Warner Cable were aware the company was intentionally misleading customers and the Federal Communications Commission with broadband performance promises the company knew it could not keep.

Portions of the documents were made part of the public record as part of a lawsuit filed today by New York Attorney General Eric Schneiderman against Charter Communications and Time Warner Cable (now a subsidiary of Charter). The suit alleges that Time Warner Cable systematically and intentionally underdelivered on its commitments to improve broadband service and oversold its network in New York, causing widespread speed slowdowns and performance issues.

The 87-page complaint reveals Time Warner Cable woefully underinvested in its network, leaving customers with poor internet speeds and obsolete cable modems the company leased to customers for up to $10 a month. But a careful review of other statements from company executives also undermines the cable industry’s arguments for data caps, paid interconnection agreements with content providers, the lack of need for Net Neutrality, and the overuse of marketingspeak that allows cable operators to promise speeds they know they cannot deliver.

This two-part Stop the Cap! report analyzes the lawsuit and its offer of proof and will take you beyond the headlines of the legal action against Charter Spectrum/Time Warner Cable and explore some of the cable company’s confidential emails, memos, and meetings.

The documents reveal a lot of ordinarily highly confidential data points about how many subscribers share a Time Warner Cable internet connection, how many deficient and obsolete cable modems are still in the hands of customers, and how the pervasive need to avoid investing in network upgrades caused executives to repeatedly reject spending requests while approving rate increases.

Typical complaints from Spectrum-TWC customers sent to N.Y. Attorney General’s office.

How Spectrum-Time Warner Cable Brings You Broadband Service

N.Y. Attorney General Eric Schneiderman

Time Warner Cable was one of New York’s most important communications companies. At least 2.5 million New York households — one out of three — get internet access from what is now known as Charter Spectrum. Every broadband customer belongs to a “service group” made up of a number of your neighbors who share the same internet bandwidth. In February 2016, the average Spectrum-TWC service group in New York had about 340 subscribers. The range varied widely in practice, from as few as 32 customers to as many as 621 subscribers belonging to the same group. The fewer the number of customers, the less chance they will encounter a traffic-related slowdown caused by using the internet at the same time. For those congested service groups that do, broadband speeds begin to drop, sometimes precipitously.

The amount of total collective speed available to each service group depends on how much bandwidth the cable operator sets aside for broadband. For the last several years, Time Warner Cable typically reserved eight channels of about 38Mbps each for every neighborhood service group. That is equivalent to about 304Mbps — about the maximum speed one Time Warner Cable Maxx customer can get today. If four customers with 50/5Mbps service decided to “max out” their connection each evening, the remaining 336 customers in the service group would get to collectively share about 104Mbps. If six customers did that, the remaining 334 customers would be left with sharing 4Mbps.

Cable operators have always bet customers won’t be online all at the same time. But as internet usage, particularly online video, has grown, customers are increasingly spending primetime hours of 7-11pm streaming high bandwidth video instead of sitting in front of the television. If a large number of customers in a service group purchasing 15/1Mbps service from Time Warner Cable happened to be viewing HD video at the same time, the speed in that neighborhood could drop to as low as 1Mbps, a far cry from what customers were paying to receive.

Time Warner Cable customers that used to experience nightly slowdowns were told “your node is congested” to explain why speeds were dropping. The engineers that developed the cable broadband standard we know today as DOCSIS, envisioned that upgrades or “node splits” would be periodically required to deal with customer growth and increased traffic. Newer DOCSIS standards also give providers the option of enlarging the amount of shared bandwidth by adding additional channels. In the past, Time Warner Cable performed node splits, dividing up congested neighborhoods into multiple service groups. But with the advent of DOCSIS 3 and 3.1, Time Warner Cable also began expanding the number of channels devoted to broadband, enlarging the amount of shared bandwidth available to customers. Unfortunately for customers, Time Warner Cable was among the slowest of the nation’s cable operators to adopt this strategy.

Delivering Slow Speeds for High Prices

As a result of Time Warner Cable’s lack of investment, the company had to manage its bandwidth limitations in other ways. The documents from the recent lawsuit helped adds to our knowledge of how the company tried and often failed to manage the problem:

  1. It avoided regularly increasing internet speeds for its customers. Time Warner Cable customers in most cities were limited to a maximum of 50/5Mbps until the Maxx upgrade program began. Other cable operators were selling speeds several times faster, but Time Warner risked a handful of internet enthusiasts utilizing faster available speeds to consume the bandwidth available to the neighborhood service group. Slower speeds mean fewer upgrades.
  2. It advertised speeds and performance company engineers and executives admit in confidential documents they could not consistently deliver (or deliver at all in some instances).
  3. It continued to rely on outdated and obsolete cable modems that severely limit subscribers’ speed, regardless of what level of service the customer subscribed to.
  4. It avoided network investments for budgetary reasons, even when severely congested neighborhoods exceeded 80-90% usage of all available bandwidth, causing noticeable performance problems for customers.

The lawsuit alleges Time Warner Cable consistently sold internet speed tiers that did not or could not deliver the advertised speeds to consumers. The lawsuit points to three reasons why customers don’t get the speeds they paid for:

Deficient Equipment: Spectrum-TWC leased older-generation, single-channel modems despite knowing that such modems were, in its own words, not “capable of supporting the service levels paid for.” Over the same period, Spectrum-TWC also leased older generation wireless routers to subscribers despite knowing that these routers would prevent them from ever experiencing close to the promised speeds over wireless connections.

Congested Network: Spectrum-TWC failed to allocate sufficient bandwidth to subscribers by reducing the size of its service groups or increasing the number of channels for its service groups. These network improvements would have enabled subscribers to achieve the fast Internet speeds that they paid for. Results from three independent Internet speed measurements confirmed that Spectrum-TWC consistently failed to deliver the promised speeds to subscribers on its high-speed plans.

Limitations of Wireless: Spectrum-TWC misled subscribers by assuring them that they could achieve the same Internet speeds through wireless connections as with wired connections despite knowing that accessing the Internet using wireless routers would sharply reduce the Internet speeds a subscriber would experience

A key goal for Time Warner Cable executives was to push consumers into broadband upgrades that increased the average revenue they receive from each of their customers. A 2013 internal company presentation called broadband upselling a “strategic pillar” to “capture premium pricing.” If customers endured pushy sales pitches, it may have been because the company tied customer service representative compensation to increasing monthly revenue received from subscribers. If the representative sold you more, they earned more.

Although it sounded good on the surface, internal company documents also show there was pushback from company employees who feared aggressive sales pitches would only further alienate customers.

“Our customers NEED to be put into the proper packages so that we are conducting business with integrity,” wrote one employee in a presumably anonymous employee survey. “It seems as if this is a hustlers job trying to out hustle everyone else trying to make the most money WE can and not doing the right thing . . . By operating like this, customers laugh at our integrity as a company.”

Time Warner Cable Accused of Supplying Obsolete Cable Modems at Prices Up to $10 a Month

Your speed: as slow as 20Mbps

Assuming a customer did upgrade their internet speed, the Attorney General alleges at least 900,000 of those customers were given older generation single-channel DOCSIS 1 and DOCSIS 2 cable modems the company knew were incapable of delivering the speed the customer signed up for. Even worse, the company began charging monthly fees up to $10 a month for equipment the rest of the cable industry deemed obsolete.

A February 2015 email written by the former head of corporate strategy suggests senior corporate management knew they were selling broadband plans to customers that would never perform as advertised.

“The effective speeds we are delivering customers in a 20Mbps tier when they have a DOCSIS 2 modem is meaningfully below 20Mbps,” the email read.

The following month a company engineer sent email explaining the company’s network utilization targets would result in customers using older single-channel modems receiving speeds below 10Mbps during peak utilization times, even if they paid for 50Mbps or faster service available in some markets. The engineer recommended only allowing customers subscribed to internet speeds below 10Mbps to have a single channel modem if absolutely necessary.

A year later, Time Warner Cable executives admitted to the Office of the Attorney General of New York that customers with internet speeds of 20Mbps or higher needed a DOCSIS 3 modem. But during that same month, the cable company leased DOCSIS 2 modems to over 185,000 customers on plans of 20Mbps or higher, for $10 a month. Even worse, almost 800,000 New Yorkers subscribed to 20Mbps or higher speed plans with a deficient modem for three months or longer. And still worse, despite a company directive issued in June 2012 to remove DOCSIS 1 modems from its network, over 100,000 New Yorkers were still leasing a first generation and long obsolete cable modem for three months or longer, again for the same $10 a month. The Attorney General alleges the company knew these subscribers would not get the internet speeds their plans promised and continued to supply deficient equipment for years anyway.

Rate Hikes Yes, Spending Money on Urgent Equipment Upgrades No

DOCSIS 2 modems are largely obsolete, but not at Time Warner Cable.

As customers endured near-annual rate hikes on broadband service, Spectrum-Time Warner Cable refused to launch a plan to recall and replace obsolete cable modems because it was beyond the company’s “capital ability.”

This finding came in response to a confidential June 2013 presentation that included a startling admission: 75% of the cable modems connected to customers with Time Warner Cable’s Turbo (20Mbps) internet plan were non compliant. “DOCSIS 2 modems are still being deployed due to budget constraints,” the presentation stated. An alternate plan suggested postcards be sent to affected customers offering to replace their modems if they returned them because of the speed problems those customers experienced. That plan didn’t get far either.

The Attorney General calls the company’s decision a “self-serving” financial move when it rejected its own engineers’ recommendations to swap modems.

In 2013, company officials did begin prioritizing replacing the modems of a select group of their customers — those volunteering for the FCC’s ongoing Sam Knows broadband speed test program, designed to verify ISP performance. Realizing Time Warner’s speed rankings would be in jeopardy if panelists were still using DOCSIS 2 modems, it made a deal with the FCC to have the agency temporarily exclude slower speed results obtained from customers with DOCSIS 2 modems until they were replaced. Customer Service Representatives were instructed to treat all FCC panelists with “VIP treatment” and provide them with the “best in class devices.” (Full disclosure: Stop the Cap! is a broadband customer of Spectrum-Time Warner Cable and serves as a FCC/Sam Knows panelist.) Spectrum-TWC promised after those customers were upgraded, all others with older equipment would receive replacements as well, a commitment the Attorney General claims the cable company broke.

Even after Time Warner Cable launched its Maxx upgrade program, offering speeds up to 300Mbps, the cable company was still dealing with a sizable number of customers still using DOCSIS 2 modems that could not deliver anything beyond 20Mbps. In 2014, the company promised it would supply new modems to all subscribers with older equipment at no charge. An experimental “Ship to All” plan would have automatically sent the equipment to every affected customer. Management rejected the program as too expensive and replaced it with a “Raise Your Hand” plan that required customers to self-identify obsolete equipment, contact customer service and wait through long hold times or go to the inconvenience of visiting a Time Warner Cable store. In the notice to subscribers, Time Warner never disclosed the most important reason they needed a new modem — without it they would receive one-tenth or less of the speeds they paid to receive. Customers who failed to return their DOCSIS 2 modems in good condition were also penalized with an unreturned/damaged equipment fee, even though the equipment is now deemed obsolete across the industry.

Company officials admitted internally that “Raise Your Hand” was a plan destined to fail, with large numbers of customers not bothering to take the bureaucratic steps needed to exchange modems. Customers in upstate New York received no notification at all. It was a financial win for the company, which collected $10 lease payments on obsolete equipment it did not have to spend any money to replace. The company celebrated the savings, noting in a January 2015 internal presentation “[c]hanging the Maxx [Ship to All] approach to a Raise Your Hand approach (65% of subscribers take an active swap, with passive swaps for the balance) helped us reduce our capital budget by $45 [Million].” Later in 2015, the company internally reported the savings were even greater than expected — only 25% of customers responded to the offer to replace their modems.

New York’s Secret 20Mbps Speed Cap

For reasons unknown, Time Warner Cable also quietly began secretly locking down obsolete DOCSIS 2 cable modems with a speed cap of 20Mbps while not informing customers or customer service that the account should not have or be sold a higher speed plan. Nevertheless, Spectrum-TWC continued to charge customers with DOCSIS 2 modems as much as $70 a month for 100Mbps internet access that would never exceed 20Mbps.

Wi-Fi Woes

Time Warner Cable Maxx speeds don’t always do well on Wi-Fi.

Spectrum-TWC’s former vice president of customer equipment observed in an October 16, 2014 internal email to senior colleagues that “we do not offer a [device] today that is capable of the peak Maxx speed of 300Mbps via wireless. Generally a customer connecting via wireless will receive less than 100 Mbps,” using the 802.11n wireless routers that Spectrum-TWC leased to subscribers.

This fact of life affected 4 out of every 5 Time Warner Cable Maxx customers subscribed to 200 and 300Mbps plans who leased a Wi-Fi equipped cable modem from Spectrum-TWC. As of February 2016, that meant over 250,000 New York customers were paying for premium internet speeds they would never get over the supplied 802.11n wireless router. Customers were never informed. But company executives were, and as a result, the executive told his colleagues that “we are going to experience a mismatch between what we sell the customer and what they actually measure on their laptop/tablet/etc.”

A separate Spectrum-TWC technical document discussing wireless connectivity, dated January 2015, concluded that “[i]n a real world scenario, most [802.11n] adapters will produce speeds of 50-100Mbps.”

In fact, a Spectrum-TWC internal presentation, dated June 12, 2014, recommended that the company deploy devices with newer generation 802.11ac wireless routers to all subscribers on speed tiers of 200Mbps or higher because such routers came closer to delivering the promised speed. Spectrum-TWC rejected that recommendation, again for financial reasons.

Coming up tomorrow… advertising faster speeds or broken promises, company executives tell the truth about bandwidth costs, how to grossly manipulate the FCC’s speed tests, throttling your favorite websites for bigger profits, and hassling online game fans.

Arris’ First DOCSIS 3.1 Modem is Coming Soon… for $199.99

Phillip Dampier January 17, 2017 Broadband Speed, Comcast/Xfinity, Consumer News, Cox Comments Off on Arris’ First DOCSIS 3.1 Modem is Coming Soon… for $199.99

The Arris Surfboard SB8200, in white. Arris usually releases identical versions in black and white colors. (Photo courtesy of: Arris)

Arris, the nation’s number one manufacturer of cable modems, will introduce its first DOCSIS 3.1-compatible cable modem as early as this week.

The Arris SB8200 will reportedly cost consumers a steep $199.99 when it goes on sale at the end of this month.

Multichannel News reports the modem box will include the logos of Comcast and Cox, advertising compatibility with Comcast’s ongoing DOCSIS 3.1 trials and the forthcoming introduction of DOCSIS 3.1 to a significant number of Cox Cable customers.

It is capable of download speeds up to 5Gbps, uses up to 32 downstream and 8 upstream channels, and includes two gigabit Ethernet ports.

Customers can begin using the new DOCSIS 3.1 modem as soon as it is available for sale, because it will be backwards-compatible with existing DOCSIS 3 broadband networks. Prospective buyers should check with their cable operator before purchase, to make sure it is officially supported.

As cable operators upgrade to DOCSIS 3.1, the SB8200 should allow customers to immediately take advantage of speed upgrades, which are expected to be dramatic. Many cable operators are targeting gigabit download speeds for their top-tier, although upload speeds are expected to be considerably lower than 1000Mbps.

At least one cable operator has been wavering about whether to move towards DOCSIS 3.1 or switch to fiber broadband technology.

Altice USA, which currently owns Suddenlink and Cablevision/Optimum, has announced plans to scrap its existing hybrid fiber/coax infrastructure and upgrade Cablevision customers to fiber-to-the-home service, which will not use DOCSIS cable modems. Altice has not ruled out fiber upgrades for its Suddenlink systems, but has upgraded speeds in many markets using the older DOCSIS 3 standard. Altice USA is expected to continue acquiring smaller cable operators this year – most likely bidding for Cable ONE and a handful of other smaller, regional cable operators.

Among cable operators that have made substantial investments in DOCSIS 3.1 upgrades and are least likely to abandon the technology include: RCN, Mediacom, and WideOpenWest (branded: WOW!). Charter Communications is also expected to be a DOCSIS 3.1 provider… eventually. The company is likely to be preoccupied over the next few years upgrading Time Warner Cable and Bright House Networks systems it acquired to all-digital platforms before it considers moving to DOCSIS 3.1.

Arris will face competing models including Netgear’s CM1000 ($179.99) and the Linksys CM3132 ($199.99) which should be available by late spring.

Commentary: CPUC Unanimously Approves Charter-TWC-Bright House Merger

charter twcCharter Communications could not have closer friends than the commissioners on the California Public Utilities Commission who unanimously voted in favor of the merger of Charter Communications and Time Warner Cable while some almost apologized for bothering the cable company with pesky deal conditions.

CPUC president Michael Picker quickly dispensed with the glaring omission of a sunset provision on Charter’s three-year voluntary commitment to abide by the FCC’s Open Internet Order by inviting his fellow commissioners to add it back for Charter’s benefit. How nice of him. The cable company lobbyists in attendance at today’s hearing did not even need to ask.

Picker’s review of the merger benefits effectively recited a Charter press release and he seemed genuinely pleased with himself for making it all possible. For example, the CPUC considered the addition of a provision allowing consumers to buy their own cable modems and set-top boxes without a penalty from their provider “unprecedented,” while never mentioning they failed to adopt recommendations that customers be given a discount for providing their own equipment. Score Charter, which can continue to collect modem fees built into the price of its broadband service even when you provide your own.

Dampier

Dampier

New Charter’s “exciting” commitment to upgrade to 300Mbps by 2019 sounds good, until one realizes Time Warner Cable was committed to finishing their own 300Mbps upgrade at least one year earlier, and at a lower cost to customers. In fact, while California celebrates 300Mbps by 2019, thanks to the efforts of Stop the Cap! and the New York Public Service Commission, Charter is required to be ready to offer gigabit service across the state that same year. See what is possible when you actually try, CPUC?

The commissioners repeatedly thanked Charter Communications and Time Warner Cable while ignoring the consumer groups that contributed opposing comments and tangible suggestions to improve benefits for consumers — almost entirely ignored by the CPUC. That will cost Californians dearly and borders on regulatory malpractice. If the CPUC required California to at least enjoy the same benefits other state utility regulators won for their constituents, Californians would get a substantially better deal. Instead, the CPUC insisted on giving California and even worse deal than the FCC, by granting Charter’s right to gouge customers with usage caps and usage billing in three years, even after the FCC agreed to seven years of cap-free Internet. Mr. Picker and the other commissioners owe California an explanation for letting them down, and the scandal-plagued CPUC needs to demonstrate it is reforming after the shameful performance of its former chairman Michael Peevey.

“Today was a travesty for Californian consumers, and frankly we were shocked to watch ostensibly independent commissioners carry water for Charter Communications,” said Stop the Cap! president Phillip Dampier. “We saw clear evidence of a commission more concerned about Charter Communications and Time Warner Cable than for the average citizens of California that will face higher cable bills, time limits on unlimited Internet access, and a longer wait for upgrades as a direct result of today’s decision. Consumer groups like Stop the Cap! brought clear and convincing evidence to the commission that the benefits of this merger have time limits and plenty of fine print. We offered concrete suggestions on how to improve the deal for consumers — ideas accepted in other states, but the CPUC clearly wasn’t interested in anything that might make Charter uncomfortable.”

Stop the Cap! Still Fighting Charter-Time Warner Cable Merger in California

stop-the-capStop the Cap! continues the fight for a better deal for Time Warner Cable customers that could soon end up as Charter Communications customers, if the California Public Utilities Commission (CPUC) approves the merger.

While the Federal Communications Commission formally approved the deal last week, California has yet to sign off on the transaction, giving consumer advocates like Stop the Cap! an opportunity to recommend the state regulator impose stronger consumer-friendly deal conditions that guarantee customers their share of the anticipated windfall in “deal benefits” that shareholders and executives of the companies involved are likely to receive.

Our California coordinator Matthew Friedman has been educating the CPUC about the true nature of data caps and usage-based billing, and sharing our view that Charter’s promised merger deal benefits are illusory, offering little more than what Time Warner Cable already offers its Maxx-upgraded service areas. In fact, Time Warner’s ongoing commitment to not impose compulsory data caps or usage billing is likely to be canceled by Charter Communications, which has only agreed not to impose such billing schemes on customers for three years.

Even worse, future Charter customers are likely to pay higher broadband bills after Charter imposes its regular prices on Time Warner Cable customers — prices often higher than what Time Warner charges for similar services. Although Time Warner customers have been able to negotiate a better deal for themselves after threatening to cancel, Stop the Cap! anticipates Charter will not be as generous with those customers in the future.

At the minimum, Stop the Cap! is recommending the CPUC either permanently ban compulsory usage caps and usage billing from Charter, or add a competition test that will allow such billing only where consumers can switch to a competitor that offers comparable unlimited broadband service.

Charter's broadband "deal"

Charter’s broadband “deal”

The loss of [Time Warner’s] commitment [to always offer unlimited broadband options to consumers] could result in the following harms, according to Friedman:

  1. New Charter’s commitment to provide low cost broadband will become completely voluntary and unenforceable;
  2. increased broadband pricing resulting in decreased demand for broadband;
  3. New Charter will be able to circumvent Net Neutrality rules;
  4. New Charter will be able to engage in a multitude of anticompetitive behaviours, increasing the cost and reducing the attractiveness of competing video content from edge providers, thus lessening the demand for high-speed broadband access to the Internet, and thus running counter to Section 706(a)’s mandate to promote competition in broadband services;
  5. innovation and investment will potentially decrease significantly;
  6. network security can be adversely affected; and,
  7. Californians, especially low-income Californians, may lose access to education opportunities.
We're not drinking "New Charter's" Kool-Aid

We’re not drinking “New Charter’s” Kool-Aid

Stop the Cap! (and the Office of Ratepayer Advocates as well) has offered a reasonable option of requiring a competition test to sunset the prohibition on data caps and usage based pricing,” wrote Friedman. “This suggestion is based on Charter’s own expert testimony and [the conditions] must be rewritten per these suggestions if it is to fulfill multiple statutory requirements.”

Stop the Cap! also advocates that Time Warner Cable customers that purchased their own cable modems to avoid Time Warner’s modem fees deserve an ongoing bill credit for providing their own equipment, because Charter builds the cost of its modem into the price of broadband service.

“Charter already bakes the price of the modem rental into the monthly cost of the plan,” Friedman noted. “New Charter [should be required] to offer a discount to customers who bring their own modems. Charter currently allows customers to bring their own modems… they just continue to charge those customers for a Charter modem that the customer never uses.”

Although Charter’s pledge to increase broadband speeds for Time Warner customers seems laudatory, in fact Charter’s proposed service offerings also represent a significant rate increase for broadband customers who don’t need or want 60Mbps service. They won’t have much choice after Charter imposes its own plans and pricing, which are now limited to 60 or 100Mbps options for most customers, at prices starting at $60 a month.

charter twc“Clearly these TWC customers are materially much worse off under New Charter than TWC,” Friedman told the CPUC. “Equally clear is that Charter’s ‘Simplified Pricing’ (perhaps more accurately described as ‘Fewer Options and Higher Prices’) is far from a public benefit. This massive price increase will affect literally every stand-alone-broadband TWC customer other than the few who qualify for the School Lunch/Senior Assistance plan. While the low-cost School Lunch/Senior Assistance plan is great for the narrowly targeted group of consumers who manage to qualify, roughly doubling the cost of broadband for every other standalone customer more than offsets the combined value of every other ‘benefit’ that the applicants allege will come from this transfer.”

Stop the Cap! also advocates that the CPUC guarantee Charter customers have a choice about the broadband speeds they need and the amount they have to pay for Internet access.

“New Charter should be required to retain TWC’s pricing and plan structure in perpetuity, for both new and existing TWC customers. TWC customers should retain the ability to switch back and forth between TWC’s cheaper, larger variety of plans,” Friedman wrote. “New Charter should be required to continue TWC’s practice of increasing customer speeds as technology advances with no
accompanying price increase.”

Although Charter’s lobbying efforts promote improved service for Time Warner Cable customers, it is our view that once one examines the full scope and impact of Charter’s proposal, customers will be worse off under Charter than they would be staying with Time Warner Cable.

“TWC stands out in its field for its customer-friendly policies such as providing discounts for those who own their own modems, its public commitment to refuse to impose data caps or
usage based pricing even in the face of pressure from Wall Street to do so, and the creation of its TWC Roku App to allow customers to avoid set-top box rental fees,” argued Friedman. “This transfer, as currently conditioned, creates a net public benefit harm, not a benefit, or even a status quo.”

Popular Motorola/Arris SurfBoard Cable Modems Have Annoying Security Flaw

Phillip Dampier April 11, 2016 Consumer News 1 Comment

arrisIf you own or lease a Motorola/Arris SurfBoard 5100, 6121, or 6141 cable modem, security researchers have uncovered an annoying vulnerability that could expose you to a denial of service attack.

David Longenecker first discovered the flaw with the world’s most popular cable modem — the SB-6141, a highly recommended DOCSIS 3 model. The firmware does not password protect access to the cable modem’s configuration menu, accessible by visiting 192.168.100.1 in a web browser.

In addition to technical information about the modem and the cable system’s current cable broadband configuration, there are two user accessible reset buttons, one to reboot the modem and another to reset it to its original factory settings. Rebooting the modem will disrupt your Internet connection for under a minute, but doing a factory reset could bring the modem offline until someone reaches the cable company to request the modem be reauthorized. An individual with nefarious intent can repeatedly reset the modem, bringing the user offline again and again.

arris config

SB6141 is a DOCSIS 3 modem

SB6141 is a DOCSIS 3 modem

The Houston Chronicle explains how this could become a widespread problem:

Included within this interface is the ability to reset the modem. A user can be tricked into clicking on a simple link that will reboot the SB6141, and you can see a proof of concept here. Note that if you have one of these modems with this flaw, and you click the link, your modem WILL reboot.

Normally, you’d have to be sitting at a computer on the same network as the modem to trigger a reboot. But the link above takes advantage of the fact that you can mask a local Web page address as an image file. As Longenecker describes it:

Did you know that a web browser doesn’t really care whether an “image” file is really an image? Causing a modem to reboot is as simple as including an “image” in any other webpage you might happen to open – which is exactly the approach taken on the RebootMyModem.net proof of concept:

<img src=”http://192.168.100.1/reset.htm”>

Of course it’s not a real image, but the web browser doesn’t know that until it requests the file from the modem IP address – which of course causes the modem to reboot. Imagine creating an advertisement with that line of code, and submitting it to a widely-used ad network…

Advanced users can go into their router’s configuration page and block access to the IP address 192.168.100.1 (the modem’s configuration page) for anyone inside their network. That step prevents you or anyone else on your network from accidentally clicking a link that tricks your modem into rebooting. But most users will probably wait until Arris has distributed firmware updates that cable operators will eventually apply to correct this vulnerability. The upgrade will occur in the background and most users will never notice it.

Search This Site:

Contributions:

Recent Comments:

Your Account:

Stop the Cap!