Hacker News new | past | comments | ask | show | jobs | submit login
Comcast modem activation bug potentially exposed customers’ private data (2018) (vice.com)
146 points by apsec112 63 days ago | hide | past | web | favorite | 133 comments

Recently, Cox had an outage in the city where my parents live. My dad, close to 70, misconstrued the situation and though it was just our modem being slow. He drove to a brick & mortar Cox shop, where a rep promptly sold him on leasing a gateway for $10/mo that would be (and I quote) "25 times faster" than the speeds we were currently getting (roughly peaking at 250 Mbps down).

Of course, my Dad, not knowing too much about this stuff, rents the new router. And of course, it doesn't solve the fact that there was an outage in the first place. I tested the new connection and while I could see _rare_ instances of faster peak speeds, for the most part it was not much faster than the old setup when sampled over time.

I really hope there comes a day when companies can be held accountable for straight up lying and taking advantage of customers who simply don't have the technical means to know any better. It really, really bothers me when my parents get taken advantage of like this and I know I'm mostly helpless to prevent it without micro-managing my dad's tech purchasing decisions.

I sometimes think that the _core_ reason companies like this take advantage of people is because people don't usually care enough to do anything about it; in other words, to care enough to help _other_ people out. I envision that in the future there will some kind of easy to use "web of trust" that people will look up before deciding to do business w/ someone. Review sites like Yelp/Facebook are just the start of this concept but I think it could eventually turn into something more robust.

Employees get incentivized to upsell customers, and some just run with it gleefully. If they were paid by the hour regardless, and actually chewed out pushing things on people they don't need, things would be very different, but the fish stinks from the head. I once worked in a call center for a shitty ISP for a little while, based on that one sample, I say the core reason for these shennanigans is solely to be found in corporate sociopathy, that is, the kind of people that attracts and who climb those ladders. They grin from ear to ear so much, they know exactly what they're doing. And wherever you find people who exploit customers you will also find people hating customers, since they project their own evil. It's gotta go somewhere and looking into the mirror is not an option for them.


Older way of showing bold or italics.

It's also how _Markdown_ shows italics.

HN already has italics. It shows up "like this" if you use asterisks

Markdown italics maybe.

Consider the word that has it around to be underlined.

It's hard to be critical of your dad for this. If you told me that for only $10 extra per month, I could increase my download speed from a mere 250 Mbps to 6.25 GIGABITS per second, well of course I would sit up and take notice.

Who wouldn't?

(While they are at it, do you think they could boost my 90 Mbps connection to 2.25 Gbps? I have $10/month burning a hole in my pocket!)

...well, a counterargument would be, if you never do anything that requires such fast speeds, the extra $10 per month isn’t worthwhile regardless of the percent increase.

By extension, if the customer increased their speed and didn’t notice a difference, than either the speed is the same OR the extra speed was never needed to begin with.

Mind you, none of this excuses Comcast! Also, the placebo effect is powerful. I recall a time my father upgraded his internet plan, and then marveled at how much “faster” Google Chrome’s new tab page opened...

>I really hope there comes a day when companies can be held accountable for straight up lying and taking advantage of customers who simply don't have the technical means to know any better.

The situation is genuinely pretty grim but there is the occasional bright spot. If you google "australia nbn false speed claims" you can read about how half a dozen Australian ISPs had to pay penalties, change their advertising and refund NBN (national broadband network) customers who paid for speeds that were not possible on their home Internet connections.

There is the occasional win for individuals but its mostly when large numbers of people are affected all at once.

Caveat Emptor

Your dad has been around for 70 years. How has he not figured out not to trust a salesperson and do independent research or consult an expert (literally YOU, his son, one phone call away).

A mix of stubborn dad syndrome and not wanting to "bother" me (even though of course it doesn't), shrug. I doubt my dad's stubbornness is the core problem here though, there are countless Americans being taken advantage of by our ISPs, stores like Best Buy, etc. on daily basis.

Reminds me of Ma Bell's descendants still renting out rotary telephones to their customers into the 2000's.


People actually get more trusting as they age, putting them at even higher risk of behind taken advantage of.


Culturally speaking, I've noticed that older people tend to be much more trusting. I expect part of this is an expectation of mutual respect between parties -- effectively "why would they lie?". A lack of knowledge of the technology and an unwillingness to "be a burden" by asking someone more knowledgeable probably factor in too.

See also "why older people tend to get scammed more often than younger people"... certainly for the family members I've helped, all three of the above were factors to some degree.

Not everyone enjoys the task of performing extensive research, and perhaps a 70 year old might value their time doing something else? I've also met more than one 70+ year old person who was convinced that they understood how things worked, and to admit otherwise was to display weakness/lose credibility (despite that not being the case at all). The point is, what is obvious to you may not be obvious to others, and you have no idea why they chose the route they did.

So he decided not to do the research because it's not worth his time and therefore he made a suboptimal purchase.

He made his bed and lay in it. Im saving my tears.

> and perhaps a 70 year old might value their time doing something else?

They should be content with their inferior choices then.

> I've also met more than one 70+ year old person who was convinced that they understood how things worked, and to admit otherwise was to display weakness/lose credibility

These people deserve it.

Note, I certainly do think that there should be more regulation on lying salesmen, but these are kind of bad examples imo.

I hope in your old age you never have to interact with people as devoid of empathy as yourself.

I have empathy. I also have a brain, which I used to come to the conclusion that you either have self-agency and therefore you are liable to the consequences of your actions or you do not have self-agency. If a person chose to not do research, then he is liable to the consequences of his ignorance.

Neither of these are a property exclusive to old people though - why should I have empathy for people who mess up while they pretend to know everything?

Why should I have empathy for people who have chosen to invest their time in some other way? I do not have empathy for them just like I do not have empathy for people who have chosen to not do their homework and end up getting a low grade.

If I do end up being like that however, then I will fully deserve it. I can only hope that the people around me will try to put me in a straight path then.

Is it perhaps a skill that is lost with age? Everyday I see online posts made by old people that show a complete lack of critical thinking ability. These are all relatively successful people, I imagine they couldn't have made it so far in life without critical thinking.

And that raises the question, should people above a certain age stop being considered as adults and have their adult privileges taken away? Just like children who tend to lack critical thinking can't vote then why should people older than a certain age get to do it?

Note, this is not something that I necessarily agree with, especially because I know quite a few of old people (my ex-professors) who seem quite good with critical thinking.

If you want to ban people who can't think, add tests on thinking abilities. Age is a terrible proxy.

I totally agree, which is part of why I believe that age limitations on people who can vote is a bad idea.

Possibly because that person was supposed to be tech support, not sales. He came in with a problem, not looking for a purchase.

Warning for anyone using a customer owned modem with Comcast: Be sure you keep your receipts and original packaging.

I recently canceled service and switched to AT&T Fiber. It was actually an unexpectedly easy process. But when I dropped off my cable box at a Comcast store, they asked me for my modem. The one that I bought myself. The person taking receipt of my equipment was fine when I said I owned my modem, and just "put a note" on my file.

... then I get a collections letter, explicitly related to the "unreturned" modem. Despite having no history of receiving a rental modem, and no monthly surcharge for modem rental on any of my years-long billing history, they refused to budge. I happened to still have the original box with the serial number on it and that combined with a printout of my Amazon order from back then was enough to at least to successfully dispute the debt on my credit reports. But it wasn't enough for Comcast, and I'm sure I'll still have to pay that bill and put down a giant deposit if (when) I move somewhere that forces me back to Comcast.

They did something similar to me too. I dropped off the modem, with my two small kids on hand, and forgot to grab a receipt. I figured dropping it off in person would leave no room for doubt. That was not correct.

A few months later, I'm getting threatening calls that I need to return the modem. I call them and the rep says "Oh, thanks, we will note that you returned it." So, they just send a collection notice and don't actually keep a record you have returned it inside their own systems.

In my case, it was the HD receiver. The Comcast guy was surprised I asked for a receipt, and was shocked when I checked the serial number on the modem vs what was on the receipt. They matched, as they should.

Then they still tried to ding me for an unreturned equipment and when I called they said 'it takes 2 - 3 months for it to come off your account'. It eventually did fall off, but was insane for hand delivering it to Comcast/Xfinity.

Had an almost identical experience to this. They seem to have no communication between their departments that sell you the product and those that collect it when you're done using their services.

> They seem to have no communication between their departments

I wonder what's more profitable.

they did this to me, too. Comcast truly is the worst company in america.

I wonder how much longer we'll even have the option to use our own equipment. Late last year I briefly tried AT&T fiber, and it was required to use their hybrid modem/router monstrosity. It didn't even have options to disable the router functionality, the best you could do was turn off its WiFi networks and disable its firewall. Even after setting all of my own passwords on it it was still possible to access settings through my AT&T account online, telling me that the thing is backdoored all to hell. TBH that thing was a big factor in me canceling the service after 5 days (also the service was mediocre and they tried to screw me on pricing).

I had a ginormous AT&T router/modem (pace 5268ac) with a set of static ip addresses and a few times, AT&T just stopped routing traffic to it.

It had happened before and then magically fixed itself a few days later.

One time I had a week of outage with AT&T basically said the problem was on my side. They could ping the modem, and then punted. I had several truck rolls. The techs were really nice guys, but were basically cabling guys, better for finding a bad cable than debugging a packet loss. The problem for me was that my ipv4 static ip addresses would not receive traffic.

I was at wit's end after a week and I debugged the thing myself. By looking at EVERY bit of data on the router, I found mention of the blocked packets in the firewall log. I would clear all the logs, and found even with the firewall DISABLED, the firewall log would see and block incoming packets I was sending using my neighbor's comcast connection.

I called AT&T, but this time mentioning "firewall is completely off, but packets are blocked by the router and showing up in the log" was concrete enough for them to look up a (known) solution.

The fix was to disable the firewall, but to enable stealth mode. wtf?

To be clear, this was a firmware bug, and caused dozens of calls to AT&T, lots of heartache and finger pointing always in my direction.

I should also mention at the start of this fiasco, I checked the system log and noticed they pushed a firmware update to the modem at the time the problem started. Strangely after one call to the agent, that specific line disappeared out of the log file, but other log entries remained. hmmm.

What is old is new...

You used to not be able to own your phone - it was leased from AT&T. That was the only option until Ma Bell was broken up in the early 80s.

Fiber doesn’t use a “modem” so I’m a little curious what you’re talking about. As to “backdoors”—all fiber CPE has to have the capability to be managed from the provider side. A lit fiber is like an Ethernet cable plugged into the provider’s switch. Nobody would be crazy enough to not control both ends of that connnection. Even if you spend thousands of dollars a month for a business grade Metro Ethernet connection, the provider will install CPE that it can manage remotely, usually an L2 switch.

AT&T's fiber service comes with two pieces of hardware: the ONT and a "residential gateway" that, in addition to being a router, is a terminal for the VoIP service and also has some guts for facilitating their UVerse IPTV platform.

Officially you can't opt out of using the RG. This differs from, say, Verizon's FiOS, which allows customers to just plug their own router straight into the ONT if they don't want the phone company's router.

You can put the RG into a "passthrough" mode that gives a downstream client the public IP address, so a router thinks it's bridged, but under the hood the RG is still maintaining all the connections in its own NAT table.

You can't simply plug a router into the ONT and have it work off the bat, as the RG has necessary 802.1x certs burned into the firmware. What you can do is use the eap_proxy tool mentioned in this same thread. I ran it on an EdgeRouter, and it essentially MITM'd the 802.1x handshaking and delegated that to the AT&T-provided RG, then once the 802.1x was dealt with, the EdgeRouter could get an address via DHCP.

There's apparently nothing customer-specific about the 802.1x certs; there's a thread on DSLReports about people buying old AT&T RG's off eBay and rooting them to extract the certs to use on their own router.

At the end of the day AT&T still owns and manages the hardware at the customer's end of the fiber (at the ONT level), they just also enforce usage of the router plugged into it too.

I think the issue is with the fact that it also forced you to use their router as it was built in, as I'm pretty sure all fiber providers require you use their hardware.

Good to have a service from a proper and somewhat local ISP. They set us up initially with a DASAN fiber->WiFi router completely administered on their end, but at some point I called them with the request to replace it with just a fiber->Ethernet bridge. They complied without a problem, replaced the box, and gave me the PPPoE credentials with a warning that past the bridge's Ethernet end, I'm on my own.

Frontier FIOS keeps trying very hard to charge me a rental fee for a router. That I specifically declined at the initial installation, and do not have, and do not want. And periodically, that fee comes back, and I get to spend a while on the phone with Frontier until it goes away again. (They always give some kind of "hard-wired into our system" excuse.)

Anyone have similar experiences with Frontier to report? I'd be interested in collaborating on potential actions.

Same here. I've researched the issue far enough to know that others have contacted state authorities (I'm in California) and been told that since the up-front advertising for Frontier's service lists the rental fee and states it is mandatory even if you don't use their hardware, there's nothing illegal happening and nothing that can be done.

I think it's disgusting and if anyone does hear of something that can be done, I'm in.

You can bypass the AT&T RG:


That said, I haven’t had any trouble with it as a router.

When I had at&t fiber, the residential gateway couldn't be convinced to let my he.net IPv6 tunnel through. I also shaved off a few tenths of milliseconds off my pings! (Not particularly useful, but it was consistent and measurable). I think it did one or two other things I didn't care for, but I can't remember what.

AT&T has roled out dual-stack in most places by now. But... I ended up disabling it on my home network because whenever I’d have a network issue it was just another thing I had to worry about debugging. I feel bad about it but I’m not switching to dual stack till there are sites I care about that are only IPv6 reachable. I feel shame admitting this publicly.

Oh, that was the other thing, the residential gateway wouldn't allow me to host anything on IPv6; so the natural solution is to use my he.net tunnel (it's nice that that also has a static IP), which wasn't possible either (until I started bypassing the gateway)

> I wonder how much longer we'll even have the option to use our own equipment.

Comcast already made it very nearly impossible to buy your own ATA for phone. I figured out how to do it. You had to go IN PERSON to a Best Buy with an Xfinity center (there was one about an hour away in my state). There you would pay and place your order. You would have to return in person to pick it up, then setup a provisioning appointment. As far as I could tell, aside from having an insider this was the only way they would allow you to provision your own device.

Oh yeah, and if it breaks you're out the cost.

They list a number of them on their website that you can buy.


If you want 1Gbps and phone service, they support one device: Netgear CM1150V

If you're ~400Mbps, they support four more devices:

   ARRIS SBV3202
   Netgear C7100V
   Motorola MT7711

Maybe they backed off the policy, it's been around 4-5 years since I last used them for business phone. Thanks for the info.

Apparently its due to ATT using custom authentication:


It’s not custom. It’s a standard 802.1x certificate.

Last month we made a decision to buy our own router and not rent from Comcast (Xfinity). Then I started doing the math, and soon realized at the end of the day it might be that much better.

1 - It's unclear which is the best modem/router by doing research. Gives you the maximum speed, etc. 2 - You start reading reviews on Amazon around reliability and you see a lot of comments that basically give you doubt. It falls in two ways: A - the model/router stopped working after a 12-18 months so they had a buy another one. Put it at same price as renting. B - the firmware upgrade path was unclear and it could only be initiated through comcast (in some instances). Making you worry about upgrade support using a third-party product.

C - Overall issues with support. Tech support is already a pain, again as above is going to be worse with third-party products.

With modem/router price ranging from $100-200. Renting from Comcast at $120/year it means that you always have a de facto warranty. Something goes wrong with the modem/router call comcast they'll send you one or just drive to the local store and get a new one. There is probably some savings if it all goes well. But then again is it worth my time?

> 1 - It's unclear which is the best modem/router by doing research.

Comcast actually has a page for that: https://mydeviceinfo.xfinity.com/

> With modem/router price ranging from $100-200. Renting from Comcast at $120/year it means that you always have a de facto warranty. Something goes wrong with the modem/router call comcast they'll send you one or just drive to the local store and get a new one. There is probably some savings if it all goes well. But then again is it worth my time?

How often do you actually think modems fail? No seriously, I'd really like to know the numbers. I bet failure rates are well under 1% annually.

So what this amounts to is enabling Comcast to sell fraud. It's not a warranty, you're getting a replacement to fix an issue the modem didn't cause. You can't tell me it's much of a time saver when local stores sell modems or you could order same/next day from Amazon.

> Comcast actually has a page for that

That page doesn't give any info other than "sign in", "type in your address" (lol), and "consider paying us rent for hardware, learn more".

> That page doesn't give any info other than "sign in", "type in your address" (lol), and "consider paying us rent for hardware, learn more".

Put a zip code in, no login. It will work.

I would argue that the majority of the comments/reviews are probably not made by the most informed people (just informed enough to buy their own modem). Since they're installing their own modem they may have unaddressed issues such as needing a coax amplifier, not having the modem on the right coax jack (i.e after a couple splits). They may also be complaining about WiFi speed, etc. Reading a couple independend reviews and benchmarks by reputable blogs/fourms is probably a much better bet.

Tech support is going to always suck so it's probably a better bet to just invest the upfront time to understand how _your_ modem & router works over one weekend/day and reap the time savings not dealing with support over the rest of your life.

Getting a seperate router+modem will push the cost to $150+ for the combo but you'll be able to upgrade the router independently in the future which greatly increases the number of routers you have to choose from.

Exactly, as long as you buy a router compatible with your ISP's networking and you configure it correctly, you will need to deal with less if not zero tech support compared to using a provided router

Fwiw I was able to get significantly (2x) faster speeds using a fairly standard SB6141 instead of the junk shipped by Comcast, even when using a wired connection (no wifi). Their own modem was not capable of reaching top speeds provided by their plan.

I never once had problems with my own cable equipment. Can't say the same for the rented garbage Comcast provides. Not to mention using the built in WiFi is like burning money because it's so slow. It takes less than five minutes to pick out the right modem for one's connection. I'd say it's more than worth it over throwing away money for no reason.

A - If your router only lasts 12-18 months you need to reevaluate your purchasing decisions. Unless you manage to break a router more frequently than once every 2 years (which is abnormally high failure rate) buying is far cheaper than renting.

B - Firmware upgrades are only controlled by ISPs when you're renting the hardware from them. Your ISP has absolutely zero bearing on whether or not you can upgrade firmware on your own router

C - Your only reasonable point, and in my personal experience I've had more difficulty with ISP tech support fixing their included router than configuring my own

B is incorrect

With Cable/DOCSIS networks. Any device you plug in to the coax line is managed by your ISP. Even if you buy your own modem, the ISP are the ones who dish out firmware updates for it

The modem is "yours" in the physical sense, but they do control its internal software. The device that you run an ethernet cable into from that modem is yours however

Another gotcha can be speed. When I was on a 50 Mbps plan I bought a 160 Mbps modem, not wanting to pay extra for the 320 Mbps model. Then Spectrum increased my speed to 100 Mbps but for some reason they would only provision 70 on my four-channel modem. Since then they must have changed their mind since I'm getting over 100, but when they bump the standard plan to 200 Mbps one day I won't be able to get it.

One of the biggest lost opportunities for the robustness of the Web has been people not running servers at their homes, even though they do have a connected computer running 24x7 - the Router. It will probably take a Google or Apple to turn routers into standardized platforms with its own "app store", but by then it will be too late.

I know people who are literally rocket scientists (most of them actually work on fighter jets) that have trouble correctly configuring video game servers. In my experience for most people trying to run any sort of server themselves is quite a hassle (I mean my work has a lot of experts whose sole job is to make sure the servers are all running correctly and they still get it wrong sometimes).

> for most people trying to run any sort of server themselves is quite a hassle

Yet we run background apps on our phones quite easily.

I know a few people who work on fighter jets. They have nothing good to say about most of their coworkers.

I agree that it would be awesome if running servers at home would be commonplace. I think two main obstacles are (1) getting a static IP address, (2) ISPs terms forbid business use. But for personal sites, I guess both can be overcome.

I think I disagree that the router is the best way to do this. Keep components of the system simple and modular - a Pi type computer plus 'dumb' router seems like a better choice to me.

Many of the most used online services like email and dropbox and maybe even federated social media alternatives amongst others could be well handled by home servers. I suspect they made it hard so they could be something more than dumb pipes, but instead they ceded those opportunities to google and other SaaS providers.

I've ran servers at home since I had a BBS in the mid 90s. I'm not even sure how many computers I own these days...

Can OpenWRT not run containers? I’d argue that’s be an amazing use case similar to how my Synology NAS has a GUI and cli for running containers.

Open source router firmware having the ability to run persistent containers would be a powerful feature (such as an IPFS node).

OpenWRT routers may not have enough power (RAM/CPU) to run complicated server software. Also the router may be running MIPS which is not that well supported by many apps and containerization is not going to solve that problem.

Admittedly, it was a few years since I last tested this. These days I try to run any apps on a Raspberry Pi connected to my OpenWrt router

My ISP (Altice/Optimum/Cablevision) makes it very hard to use your own router or modem, despite Federal laws empowering customers to buy their own equipment if they want to. For starters, their techs will not install new service with your equipment; you MUST have their equipment installed, set up your equipment, and then travel to nowhereville to return their equipment. After doing this, I’ve had my modem bricked by Optimum for not having “the latest firmware.” No explanation given beyond that. There is no justifiable reason whatsoever to permit ISPs to rent equipment at all. The only reason they do this is so they can advertise cheaper service prices. Altice/Optimum/Cablevision markets a “$99 per month plus taxes and fees” bundle that actually comes out to $145 per month once you have added the equipment fees and taxes. They should also have to advertise total price. Good thing that the Democrats are fighting so hard for “net neutrality” which would solve this. Oh wait, no it’s wouldn’t. It just makes Netflix slightly cheaper. Great priorities!

Well, if they are obviously violating a Federal law, then it sounds like lawsuit time. They clearly aren't going to change by themselves.

Considering that ISPs insist on being monopolies (in the US), it shouldn't be too hard for any competent law firm to make it into a class action lawsuit.

They aren’t violating the law as one can still buy. They just make it really really really hard to buy. They should be banned front renting outright.

Why would ISPs violate the laws written by their own lawyers?

People who write this kind of article grotesquely underestimate how hard these companies make this task.

I use centurylink DSL, mainly because the local cable monopolist is mediacom, and I tried mediacom for two weeks of downright insulting lack of service[1], it was the only alternative.

This[2] is the information centurylink provides about what modems are compatible with their service. Do I know whether I have ADSL, ADSL2, VDSL, GPON, or whatever the hell any of those other acronyms mean? No. Does it say so on the bill? Who knows, I haven't seen a paper bill for years, no idea when they stopped sending them. I suppose I could dig up some three-year-old piece of paper from a kitchen drawer somewhere that might say which, or that might say the unused landline number they hooked the DSL to so I can maybe try to figure out how to get into some online account (lord knows I've tried to find a username that they'll recognize to get a password reset). Or I could call them, and talk to a minimum wage, probably offshore, customer service person in a call center who might maybe give me accurate information as to which acronym I have.

Or I could not look a gift horse in the mouth. Right now, I'm sending someone a not huge amount of money per month, and I actually have residential internet service that kinda works (and when I actually need reasonable speeds I can bring my laptop to the office). Relative to the standard condition of life in our third-world situation in the United States with crooked monopolists charging people for service they don't actually provide, I feel lucky being charged for service I actually do receive. And don't feel particularly inclined to rock the boat on that.

I rather suspect a similar calculus is going through the heads of millions of American households. What we need is regulation for the monopolists, not more articles scolding captive consumers about buying their own goddamn modems.

[1] This letter sums it all up. http://paul-gowder.com/pgmediacom.pdf Needless to say, after receiving a "this is a lawyer who is clearly insane and extremely angry" letter they sent me my money back.

[2] https://www.centurylink.com/home/help/internet/modems-and-ro...

If you really wanted to buy a modem for CenturyLink, the best thing to ask about technology is the current modem -- it will tell you somewhere. But you'll notice that almost all of the listed modems are customized for CenturyLink, that's what the C in the name means (and presumably the other letters too). That means you're more than likely stuck with whatever customization that you might have liked to get rid of, or features you might like to add. (Like a bridge mode that actually works).

Not being able to realistically do better than what equipment you already have, you could probably just buy a new one of the device you already have, but then again, it's hard to predict how long that will be useful. If you move or by some miraculous force, CenturyLink offers an upgraded service, your device may be useless.

Comcast has a site to help determine what 3rd party modem will work with your Internet package:


Sign in, it takes a look at what speed/connection you have and then will recommend a list.

Or don't sign in and just specify your address. It'll tell you the speeds available at your location. Select the speed and it'll list out the modems they officially support, including ones with phone support.

The ones that everyone I know has is the ARRIS SB8200 or the Motorola MB8600. Both support Docsis 3.0 up to something like 1.4Gbps. They're $150 or so, so you'll break even in a little over a year.

My cable ISP makes it hard to use your own by refusing to use just any DOCSIS 3 modem and not publishing an approved list. It would be nice if regulatory policy changes would force the industry to accept all standards compliant modems.

I tried. The modem didn't work. It was on the approved list. Had a tech come out, he installed a Comcast router and it worked. They waived the rental fee for 6 months. As much as I hate Comcast, I hate not having internet more.

It all ends up back as a problem of that monopoly.

Here in Australia, while we have our own problems, you could just switch ISP if they're playing shenanigans like that.

In America, don't like your ISP? Guess you're living without internet then!

It always surprises me how the US, as the paragon of the free market, is so comfortable with a lack of meaningful competition.

I think it's something like 70% of US households have only one 'choice' for ISP.

Then there was the discussion[0] here the other week about blitzscaling, and how it's basically "borrow money to do a land grab for monopoly, then use your money to stifle competitors".

Even the lack of preferential[1] voting contributes to a lack of choice - either vote for a major party, or your preference is irrelevant.

[0]: https://news.ycombinator.com/item?id=19094703 [1]: https://en.wikipedia.org/wiki/Instant-runoff_voting

Unfortunately unless you live in a metro area your options in Australia aren't much better. Most rural or country areas and even some suburban zones are only serviced by a single ISP who may decide you don't need internet.

I lived in Ipswich for 1.5 years, prior to moving in I signed up for ADSL2 (no NBN available in the area yet) with Telstra as they are the only ISP servicing the area.

I was told that the local exchange has no available ports, and that I would need to go on a waiting list to be given a connection.

I was periodically getting their "Sorry we can't provide you usable internet yet, how about ADSL1 or some 4G data at rip-off prices?" for that entire time, until I moved out and cancelled the still-pending service.

That's specifically due to Privatisation of Telstra though, which is exactly the monopoly being talked about.

NBN was supposed to fix this, not sure if it still will though with the neutering of it.

>Here in Australia, while we have our own problems, you could just switch ISP if they're playing shenanigans like that.

We have multiple ISPs in Germany too, but unfortunately they are all crooks. Sure, it beats a monopoly, but the problem is far from solved.

I thought your choices in Australia were Telstra or rebranded Telstra?

Not since the NBN came about. Infra is owned by NBNco after they bought out Telstras infra (forced).

Before that Telstra owned an ageing, choppy and slow copper network and that was your monopoly unless another ISP decided your area was populated enough to set up something.

I admittedly have it much easier living in a metro area, but I have about 80 ISPs to choose from. But my relatives are all over Australia and the majority of them have at least a FTTN network to use now.

I still suspect it will be sold back to Telstra and/or privatised and it'll go to hell again, it's already been majorly neutered.

I forget how lucky we are in Minneapolis compared to the rest of the USA to have 3 ISPs and also have fiber as an option.

I’ve had multiple broadband choices in every metro area I’ve lived in, too (now on my fourth in the US).

Of course, I’ve lived in parts of those metro areas that were densely populated. I.e., where a competitor could reasonably expect to recoup the cost of overbuilding. In less dense areas, the economics would be far worse.

Counter anecdote: I live in Manhattan and have only one broadband option: Time Warner, a.k.a. Spectrum.

Verizon offers 5/1 "broadband" DSL for twice the price, and the other two regional providers (Optimum, RCN) don't service my neighborhood (which is by no means sparsely populated).

Nonsense! America has plenty of options for Internet, and with blazing fast speeds like 54kbps!

Yeesh, tough crowd.

In the early 2010's we had their piece of shit rented SMC D3G modem for static ip's at our office. We couldn't figure out why the net would stall and we'd get huge packetloss. Dozens of support calls, lots of finger pointing. Years later, it would come out Intel was incompetent at designing modems [1]. (as shown again with the more recent iPhone designs)

This rental was required as even the approved modems couldn't be provisioned for statics, later on at other locations we just bought Motorola (now arris) SB6121's since dynamics were all that were needed for those locations and really never had an issue.

[1] http://badmodems.com/

Get a new modem before getting rid of your old one. Plug it in, call up Comcast and give them the MAC address, see if it works. If it doesn't work, return the modem to Amazon or wherever and order a new one. If it does work, give Comcast's modem back.

With Comcast Business, they insist on making you rent a router if you have static IPs. It irks me knowing I could be using my own hardware if I gave up my IPs, which I can't see doing.

I guess we can all collectively hate the lack of competition even more

This is a topic that is near and dear to me - last year I attempted building my own router/firewall on an ARMv8 board (the espressobin) and I've been extremely happy with it as a DIY router solution [1]. While this sort of approach doesn't solve the larger problem of non-technical folks being fleeced by Comcast and other ISPs en masse, maybe with gradually-increasing tech literacy, projects like loading up an espressobin with a pre-imaged SD card for a home router will be a tenable option someday for more people.

From a hobbyist perspective, the router has been a dream to work with, and you can do some really weird stuff when the router is a Linux box you're in complete control of (DNS tricks, packet scheduling experiments, et cetera.) I always get a kick out of updating it periodically and seeing the latest mainline kernel loaded up (it's on 4.20.10 at the moment).

I've never studied up on home-brewing the modem/DOCSIS 3 aspect, but realistically I don't know how feasible that is in comparison to the relatively more simple DHCP/DNS/firewall parts of a typical home router.

[1] https://blog.tjll.net/building-my-perfect-router/

I'm actually just about to replace my 6-year old RT-N66U - the Merlin firmware I use (based on Asus's FW) dropped support [updates] for the N66U a long time ago, and the flash process for DD-WRT seems sketchy. The Asus official firmware is missing some advanced features that I need, so doesn't help even if it is getting updates.

I looked into making my own router (actually stumbled across your writeup a few times), but didn't want to mess with ARM boards - they have limitations with the speed of connected network interfaces (ethernet/wifi), and just seem complicated to deal with. I researched making a x86 system, but the price would have been ridiculous.

I haven't purchased it just yet, but decided on the Linksys WRT1900ACS router. It runs OpenWRT, which is a full blown configurable Linux system (even has a package manager). But installation and updating is simple and straightforward. OpenWRT obviously isn't officially supported, but Linksys and OpenWRT seem to have some collaboration going on. At the very least, they don't program any 'protection' from custom firmwares into the router, and the SoC runs well off of free software (as opposed to many routers which only work with DD-WRT due to needing proprietary Broadcom drivers).

The OpenWRT configuration web interface seems 'good enough' to let you set up 99% of use cases easily, but it's just a normal tweakable Linux system underneath. At $160 the router is a bit on the expensive side given the hardware, but the great compatibility with free software is worth it IMO.

However, I discovered that the WRT32x (gaming-skinned but hardware equivalent to the much faster WRT3200 [1900/3200 are combined 2.4GHz and 5GHz bandwidth]) is available from multiple sellers on Amazon for the suspiciously cheap price of <$130, so am going to buy one next week when I'll have time to set it up.

Side note: The cheaper TP-Link Archer C7 is another popular router for custom firmwares, but installing on the latest hardware revisions is not as straightforward, and the hardware is much weaker than the Linksys ones: https://openwrt.org/toh/linksys/wrt_ac_series. Aside from that I haven't found any good-performance FOSS-compatible routers, except for a D-Link one which compares unfavourably to the WRT1900.

Hey, did you try the fix from http://espressobin.net/forums/topic/which-pcie-wlan-cards-ar...?

Globalscale definitely did something wrong with the PCIe setup on that board.

I wonder whether it's fixed in the new revisions?

I haven't had a chance to revisit the issue after my initial post, but some of the replies since my last attempt look hopeful. After failing to get any PCIe card to work, I've just been using an Ubiquity AP-AC Lite and called it good.

Given the cheap barrier to entry for the boards, it's probably worth another try with a later revision, particularly given that the espressobin can follow mainline fixes rapidly. If I do make any progress on that front, I'll certainly update the forum topic/any blog posts.

ARM boards tend to be bad wrt getting timely security patches because they don't run the mainline kernel, and don't run a mainstream Linux distribution with a paid security team. Even relatively well supported ones like Raspbian have this problem.

My advice is to rather get a low end x86 device.

While I've absolutely had this experience with some of my ARM boards (notably, most of my ODroids are stuck on some variant of the 4.14 kernel with vendor patch sets), the essential parts of the espressobin are in mainline, device tree and all.

The larger problem of developer/security team time and effort is still there, though. Arch Linux ARM and Armbian are active and well-maintained, but I do find myself running into problems that indicate that the community of active users for this type of hardware is vastly smaller than a traditional architectures.

Marvell are better than most re: upstreaming code.

I returned Comcast's modem because:

1) I wanted better control of routing (have a bunch of wireguard tunnels). I want all the IOT-crap on a separate network, etc.

2) Whenever there is a transient link connectivity issue on the cable side it seems that the comcast modem tries to "fix" this by rebooting itself which takes a good 5 minutes.

I got a Netgear CM700 which is basically just a DOCSIS / Ethernet -bridge (you just get the public IP using DHCP on the ethernet side).

The cable modem connects to a homegrown Linux ARM based router and then I use Unifi PRO Access Point from Ubiquity Networks for Wifi. Never looked back since. The Unifi AP have multiple SSID's configured which is separated on different vlans on the way back to the router. The Netgear modem have so far never had a single hick-up from what I can tell (about six months in now).

OpenWRT certainly is an option, but unfortunately getting high performance wifi out of it is a bit of a dice roll in my experience. I've tried a few hardware variants but eventually gave up and bought the Unifi PRO instead. Also I'd just rather have separate things that do each thing well.

Where I live, we have Frontier FIOS. Frontier FIOS _requires_ you to get their "wifi router" for $10/mo even though, I quote, "you don't have to use it". There's simply no option to not get it with a new subscription, not online, not on the phone. How this is legal, I don't know.

I would love to stop renting Comcast's over-priced modem, but those fuckers' gigabit service is extremely unstable in my area and causes both my Arris SB8200 and NetGear CM1000 modems to constantly hang. I have to reboot my modem at least 2 or 3 times a day, no matter which one I use, and sometimes every 20 to 30 minutes. I haven't tried the Motorola MB8600 yet, but I'm kind of weary of dropping another couple hundred dollars on a modem that isn't guaranteed to work.

Comcast's router at least stays up for more than a day at a time, but of course I'm only getting 400 to 500 Mbits down on my gigabit service. I'd leave Comcast in a second but the only other option in my area is CenturyLink, with their whopping 20 Mbit speed.

I just signed up for a CenturyLink connection in Seattle. CenturyLink feels like they're playing catch-up to Comcast, and thus are sort of on the humble end of the arrogant-to-humble pendulum of monopolies. They are giving me a per-month service that can be cancelled any time, "no price-hikes" (though how can that be possible, am I going to get the same price in perpetuity into the future?), and I clicked the "I will install my own router" option, and there are no extra installation or equipment fees. My Ubiquiti Edgerouter Lite is in the mail.

We'll see if there's another shoe to drop.

Not sure why you wouldn't. Modem rental costs, what? 5 or 10 bucks a month? Just buy a modem and it pays for itself pretty quickly. I'm honestly surprised that they let you do it.

Say rental is $8/month and approved docsis 3.1 modem is $180 to buy outright. Buying doesn't really make sense unless you will be sticking with the same ISP for at least two years. (And in two years, you might take a promo deal and sign up with another ISP; or move to a different apartment building which doesn't allow your current ISP; or your roommate or SO might decide to take care of connectivity; or technology will advance and you would want a different modem anyway.)

If you quit the ISP in under two years, you can still sell your used modem for a decent chunk of change. If you actually own, you can resell it. I've done this both ways, selling one I no longer use but also buying one used from someone else. So, there's no actual reason for most people to ever pay $180.

Unless you're paying for more than 500mbps internet, you can pay $60 for a docsis 3.0 16x4 modem that will pay itself off in 6-10 months (depending on rental fee). And you can sell it if you move.

ISPs in Australia give the router out for free as long as you agree to a 1 year contract.

Is there an option to not get their router and thus waive the 1-year clause?

Otherwise what you mean is "it is mandatory to lease their router even if you have your own, and you are forced to enter a 1-year minimum contract.".

> Is there an option to not get their router and thus waive the 1-year clause?

Yes. you also have the option to just pay for the ISP router outright.

Oh that's nice! I asked because here in Spain they advertise the same, but you cannot opt out of getting the 1-year lock-in in any way.

I switched from Comcast's router to a Ubiquiti Edgerouter 6p. It's fast, easy to configure, flexible, and gets regular security updates. Overkill, but still cheaper than renting a comcast router. Adding QoS really helped as well. In particular I wanted a VLAN/dedicated port for untrusted consumer widgets (TV, Stereo, fitbit, etc).

Even if you use an "approved modem", their support will not by any means help you unless you're using the official rented modem+gateway. You end up having to lie about using the rented one they give you (they don't check if you're actually paying for it) to get any actual support.

I've got no love for Comcast but I've never had any issues with this. Just yesterday I called about connectivity issues and they agreed to send a tech out, never asked what modem I was using. Setup with my own modem was always surprisingly easy to, just read them the MAC and was all set.

I have to mention, I've been on the other side of this, albeit with Time Warner.

I'd just moved into my first apartment and had bought my own modem. Tech comes, sets up the internet, the internet doesn't work. Tech blames my modem. My response is something to the effect of "give me a break", but ultimately do order a new modem from Amazon, if only so I can show the tech that two different modems both don't work.

Turns out, the first modem was defective. The second one worked fine and my internet has been great. I felt kind of crappy for arguing with the tech, when it absolutely was my hardware at fault.

I've always had my own modem and I've never had a problem with Comcast/Xfinity not helping me. Maybe I'm the exception.

Recently they updated my area to DOCSIS 3 (or 3.1, not sure). My DOCSIS 3.1 Motorola modem (found this out later) has a firmware bug that causes random modem lockups. Comcast went as far as replacing the cable from the telephone pole to my house in the middle of winter (it was ridiculously cold that day), running signal analyzers, and various other things before looking into the modem.

Also, Motorola Modem customer service was shockingly good as well. They sent me a free replacement modem while they worked on the firmware updates. Provisioning that temp modem was as simple as using the online provisioning.

Now, it would be nice if I didn't have to set annual calendar reminders to call them for when they increase my monthly price by 40%...

Which modem do you have? I have a motorolla modem and my service has gone to shit recently

Nope. That doesn't even work as they can see the MAC address of the modem on the network. For business class customers it basically means: "fuck you, you caused the problem with your equipment, we will send a tech next day when the problem stops happening and bill you $100 for the visit."

Just ask them to tell you the settings, it's way faster than following along with their silly step-by-step walk through anyway.

I went from having to restart the FiOS router all the time to fix the WiFi to never restarting with the edgerouter/unfi ap.

Buying your own hardware cost more up front but over the course of a 2 year contract you're paying over $240 ($10 a month) for something that barely works from Verizon.

I'll rent you modems and routers for $8/month.... you'll save at least $5/month.

When I worked there we only guaranteed speeds coming off a Comcast router/modem.

"Over time, users wind up paying Comcast significantly more money than the modem or router is worth."

It's not really the cost, probably for 90% of users, it's more your average soccer mom doesn't want to deal with owning, updating, and maintening networking gear. So the service has some value to people.

For the love of God, can the titles remain consistent with the posts?

We should sue those


Most users, consumers, on Comcast do not have a choice, next election go out and vote rather than stating the obvious.

That's strange, I've had cable internet through Comcast at four different houses and have always used my own equipment, didn't rent theirs at all.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact