Cable modem hacker busted by feds

IDG News Service -

An expert on cable modem hacking has been arrested by federal authorities on computer intrusion charges.

According to the U.S. Department of Justice (DOJ), Ryan Harris, 26, ran a San Diego company called TCNISO that sold customizable cable modems and software that could be used to get free Internet service or a speed boost for paying subscribers.

Harris, also known as DerEngel, was charged on Aug. 16, but the grand jury indictment was not unsealed until Monday, several days after his Oct. 23 arrest. He faces a maximum sentence of 20 years in prison and a $250,000 fine, the DOJ said. The six-count indictment charges him with conspiracy, computer intrusion and wire fraud. He was charged in U.S. District Court for the District of Massachusetts.

The arrest follows a November 2008 undercover sting operation, where a U.S. Federal Bureau of Investigation agent bought modems and a book by Harris about cable-modem hacking. "These modems were capable of hacking a cable network and obtaining free Internet service," the indictment states.

Hackers have known for years that certain models of cable modem, such as the Motorola Surfboard 5100, can be hacked to run faster on a network, a process known as uncapping. However, the question of whether uncapping a modem is illegal is "not clear," according to Bill Pollock, founder of No Starch Press, which published Harris' 2006 how-to book, Hacking the Cable Modem.

Pollock said he published the book to give Internet users good information about how to tinker with their modems and get diagnostic information, some of which is blocked by Internet service providers. "If you buy a modem and you can hack the firmware, it's your piece of hardware," he said. "If you use it to steal service, you're breaking the law."

Cable modems can also be configured to use a paying customer's MAC (Media Access Control) address to steal service. According to the indictment, Harris helped develop tools that could be used to sniff MAC addresses in order to get on the network free.

Using a fake MAC address can also make Internet surfing untraceable, a feature that could help criminals hide their footsteps from law enforcement.

In January, Harris told Wired.com that changing MAC addresses in order to get free Internet service was "morally wrong and probably illegal."

"There's a gray area there, but theft of service is a crime no matter where you're at," he said.

Authorities say Harris' company, TCNISO, made more than $1 million selling cable-modem-hacking materials between 2003 and 2009, according to court documents. The company distributed cable-modem firmware called Sigma, along with a version of the Surfboard 5100 modem and some hacking software called Blackcat.