What Software Do Cable Installers Place on Your PC?

{e}N0S asks: "The cable guy came over to install a cable modem at my Dad's house. As I watched him do his stuff I noticed he was installing something called Broadjump Client Foundation. I know you don't need software for a cable modem to work so I asked if it was necessary. He said he had to do his list of things, and we had to sign that he did his list of things, otherwise he couldn't leave it with us to use. Since I can always remove the software, I agreed, but I noticed while he was flipping through the install, he was clicking 'agree' on every EULA that came up. Doing a search on Google for 'Broadjump Client Foundation' comes up with some pretty scary stuff as far as what it does, like: 'Builds a database of subscriber demographics and buying behaviors to help evolve and refine marketing efforts.' Now, how does this affect us? Neither myself or anyone in my family agreed to the software; the cable guy did. And is there anyway to get cable companies to stop doing this as I can imagine since the cable company is a monopoly in this town, that the percentage of people who still have this software on their computers is pretty high."

he installed

[stratjakt (596332)]

nothing.

he did nothing. i wouldnt let him. i just signed as if he did, to keep him outta shit.

Re:he installed

[AlgUSF (238240)]

Even better yet, I have DSL. It came as an self-install kit.

1) Plugged DSL modem into the telephone line

2) Plugged DSL modem into network hub

3) Connected filters to telephones

4) Threw install CD in the trash

Who cares about YOUR experience...?

[glesga_kiss (596639)]

I think most folk are missing the point here. No disrespect to those who posted their ways around the problem. Kudos to you for knowing how to set up IP.

The point is that most internet users don't even know what an IP is. They don't care about linux, and they probably aren't even aware that there could be software doing "bad things" on their PC. These users are having spyware forced upon them in two ways:

• The tech did the EULA for them without consulting them
• The contract demands the software to be installed

This is a serious problem. Let's actually discuss ways to resolve it for everyone, rather than trying to make ourselves look clever.

Missing the point?

[scoove (71173)]

The point is that most internet users don't even know what an IP is

This is true, and I'll play devil's advocate a bit (since I don't see many arguing the service provider's view - even though I personally and professionally object to this level of intrusion, and also perceive an EULA to be rather unenforcable).

They don't care about linux, and they probably aren't even aware that there could be software doing "bad things" on their PC

Exactly. In fact, it gets much worse. They will demand you do things to them that are fundamentally bad... such as a medium-sized business we recently switched over that had been running a T1 with public addresses on every desktop, confidential filesharing servers (with public IPs) with IRC, RPC, NNTP, and thirty other services running, and absolutely *zero* firewalling/security/etc.

They got replaced with a rackmount Mikrotik router system and were immediately firewalled, RFC 1918 standard private IP network, etc.

Their response? Forget about thank you - nothing about complaints that they can't see things from home anymore (no, they won't buy VPN software - think cheap), can't run personal websites on desktops, open relaying on their Exchange server was "broken", etc. Oh, and to explain this to them? "We don't want to know about those details. We just want it to work the way it did before without spending more money."

Users will insist on being stupid about IP, security, etc. (I only mention this because it is part of the mindset you need to understand to see where the service provider is going to come from).

The tech did the EULA for them without consulting them

Come on... do you expect these folks to be experts about business policy? We train our guys to provide option A or B - A = installed our way, B = no install, goodbye and good luck. 90% of the customers are never an issue, but the 10% "I design websites, so therefore I'm a networking expert" types micromanage everything and work hard to screw it all up.

The contract demands the software to be installed. This is a serious problem.

Yes, and back to my clueless business example, here's why they insist upon it:

"Every time you users download something, reconfigure something, whatever, you dick up your IP settings and make me spend $50 per customer service telephone call to fix it."

By loading this software, I ensure that my configuration will probably stay on top of all the nonsense you put in there, and I can actually have a clue what is going on when you manage to screw it up still.

The alternative is $500/month broadband (minimum...), or zero support (which doesn't work, btw - people would still blame the service provider when a tornado obliterates their home, destroys their PC, and "their Internet doesn't work.")

Let's actually discuss ways to resolve it for everyone, rather than trying to make ourselves look clever.

It really comes down to one of two options:

1. Do it yourself. Know how to do all of this stuff as good or better than the service provider (and fake like you're an idiot customer with the spare Wintel box next to your connection for when you have to demonstrate the service provider has a problem).

2. Let your service provider do it all for you. Don't care to learn IP? Don't want to accept responsibility for screwing up your IP service when you load that stupid "dialup optimization" software you saw in a pop-up box, on top of a broadband PPPoE connection? (usually also spyware... ugh) Be my guest... but understand that decision comes with a price. And understand that price usually includes your service provider getting to capture all that data on you, in exchange for protecting you from your own stupidity.

The only other solution I can see is a Spyware-Free certification standard for service providers and software vendors. Establish a neutral entity, develop criteria for membership and verification, and allow people to promote that their product/service is compliant and recognized by the organization. Sort of a BBB approach to the issue...

*scoove*

Re:Missing the point?

[aborchers (471342)]

Extremely insightful post. Thanks for providing a counterbalance to the self-congratulating, elitist zealotry that is rife on this board. As a software engineer and consultant, I am more than familiar with the classic "luser" phenomenon, and sadly we have to assume that 99% of our users are clueless at best, and likely flat out dangerous. On the other hand, as a consumer of technical services (e.g. my DSL line at home) I find that dealing with tech support is uniformly frustrating for the advanced user because the providers are so focused on the clueless.

It would not cost them a $50 support call to answer direct technical questions from experienced users if they would route questions properly based on their content. For example, if a user calls up, explains that he has changed network cards and asks to have the MAC entry changed in their database, it is not effective customer service to work through a thirty minute script only to end with an escalation to second line support when a direct bump to second line could have finished the call in one minute! (Example from my experience, obviously)

Basically, phone centers need to program their script bots with something akin to keyword matching to determine when the caller is not going to be served by a cookbook of click heres and tab theres. In my experience, it is luck of the draw whether you get a first line rep who knows their stuff or is just following the script, and there are a lot of gradations between first and second line that could be subdivided more efficiently. Can it really be that cost ineffective to provide decent, non-irritating support to all levels of users, as opposed to just the clueless ones?

Automatic escalation

[Old Man Kensey (5209)]

aborchers wrote:

It would not cost them a $50 support call to answer direct technical questions from experienced users if they would route questions properly based on their content. For example, if a user calls up, explains that he has changed network cards and asks to have the MAC entry changed in their database, it is not effective customer service to work through a thirty minute script only to end with an escalation to second line support when a direct bump to second line could have finished the call in one minute! (Example from my experience, obviously)

I once got in the middle of a thread on the MindSpring customer-service newsgroups and posted a suggestion that they institute an "experienced customer" line. The idea being you get certified through them that yes, you really know what you're doing (maybe by taking the same tests of proficiency that their employees take?) and after that you're given access to a support line staffed by people who don't insist on going through the "is it turned on?" parts of the script. Who talk to you as though you have a clue, in other words. Hell, they could not only make money on it by charging a token fee (maybe $5 per month), they could use it as a pool to recruit new tech folks.

Basically, phone centers need to program their script bots with something akin to keyword matching to determine when the caller is not going to be served by a cookbook of click heres and tab theres. In my experience, it is luck of the draw whether you get a first line rep who knows their stuff or is just following the script, and there are a lot of gradations between first and second line that could be subdivided more efficiently. Can it really be that cost ineffective to provide decent, non-irritating support to all levels of users, as opposed to just the clueless ones?

It's all about metrics. If you don't force the techs to follow the same script, you can't effectively compare their performance and weed out the ones that aren't making good numbers. (The fact that you can't do that short of actually listening in on a tech's calls from time to time, we'll ignore for now.) ISO 9000 can be a good thing in its place; likewise Six-Sigma. This kind of cookie-cutter tech support is the worst possible application of both, but management just sees a documented, reproducible process and finds it Good.

Re:Automatic escalation

[scoove (71173)]

I find that dealing with tech support is uniformly frustrating for the advanced user because the providers are so focused on the clueless.

Absolutely concur. I'm one of those half-suit/half-geek oddballs and I spend a good amount of time dealing with embedded system projects (miniturization of router systems we put in ugly places like water towers). I've gotten used to simply waiting for folks to go thru their routine - in fact, I usually either get some good reading material out, sort my files, etc. while dealing with the basic questions.

But putting the service provider hat on, I'm not sure there is a good alternative (but I'm looking for one!!!). For instance, Old Man Kensey writes:

institute an "experienced customer" line

but acknowledges the issue with performance measurement. I'll stick to an even more basic concern: cost.

I hate to say it, but most of the 80% category (clueless users) are pretty easy to help. Like my mother-in-law. They'll write down step-by-step instructions and never deviate. They correctly assume that it probably was something they did that made things wrong, and have a much better attitude to deal with.

The 2% elite geeks never even call unless *we* have something wrong, so they're a breeze too (and have managed to evolve in a hostile world and are pretty savvy at handling their service provider).

It's the 18% "sorta knowledgable" users that cost us bucks on support. You know the type, false high self-esteem, marginal competency. Can use Frontpage so they're a self-declared web guru. Knows how to ping, and thinks he's the inventor of IP. Constantly tinkers with his PC and screws it up, but is certain it was the service provider's doing (even though everything worked until that service pack was applied). They start the support call by yelling at people, send nasty emails demanding to receive a personal apology from the CEO and credit for a year's worth of service, etc.

They'll monopolize the phone. Ask you a thousand questions unrelated to their most recent screwup. They'll suck you dry on support. When you finally figure out how they screwed it up (the one thing they are naturally good at), they assume the problem was secondary and the service provider is just covering up the problem. Then they'll break it again the next day.

It would not cost them a $50 support call to answer direct technical questions from experienced users if they would route questions properly based on their content

But how do I weed out the posers - They're 90% of the self-proclaimed experts, and would be nearly all of my calls.

(Incidentally, we keep a record of the 2% on our network and watch for their communications. They also get bandwidth boosts, doubling their rate shaping limits, as a little thank you for being competent. They thank us back by letting us know when they see something we should know about)

Perhaps the only solution is to charge for support like the phone company did - e.g. "if it's not our network, it's your bill."

*scoove*

Re:he installed

[stratjakt (596332)]

The way the guy explained it to me, there are dozens of people who dont want him touching their computer.

Then they cant figure it out (yeah, I know it's just turning on DHCP), and have to call him back to set it up.

If the original work order isn't signed - then there's no proof he ever showed up at all, and the cost of rolling the truck the second time comes outta his pay. If it is, then the customer pays for the second call like he should.

He really didn't care one way or the other, so long as the work order was signed.

No need to dump all the anti-corporate conspiracy theory bullshit on the poor joe who gets payed 10 bucks an hour to hookup peoples homes.

Re:he installed

[Kintanon (65528)]

Just as a note, the cable installer guys get paid per customer, not per hour (based on questions I asked the installer when I had cable from Comcast in baltimore). So they love to get out of there quick.
It means they made 17$ for 5-10 minutes of their time.

Kintanon

Re:he installed

[bheerssen (534014)]

If he wants to install his software, I point to my mandrake box and say "sure have at it." Gets 'em every time.

Forgot to add...

[scoove (71173)]

If you're concerned about spyware, be very careful about who's DNS server you list in your PC.

Should your service provider wish, he can capture Ethernet traffic specific to DNS inquiries and compile some interesting information without even needing you to install and use his client software.

We used this approach at my previous job (dealing with employee security and network use compliance... great job, eh? *sigh*) We had web proxy operating but had an occasional employee who bypassed the proxy and figured he could avoid detection as he surfed his favorite porn or gambling site. By tracking his DNS lookups (many of the sites had hidden references to sextracker.com which made it easy to spot), we'd take his URL of choice and map the DNS to monster.com or hotjobs.com - giving him the clue that continued use might be an opportunity to work elsewhere.

Sniffed properly, your provider will obtain an IP address and the Internet address being looked up (e.g. sextracker.com). He can insert the sniffer in line with the DNS server(s) to simplify data capture (rather than have to deal with inspection on a bigger network).

Should he limit DNS lookups on the same segment as his nameserver, you may be able to avoid this spying by operating your own DNS (e.g. on your dual-NIC Linux firewall) or by using an alternate DNS server.

*scoove*

Have a honeypot

[samjam (256347)]

Have a bogus PC or bogus windows installation for him to install junk on, which you can leave "unused" till you need to call support when you can boot into that partition if needed.

Re:Have a honeypot

[dattaway (3088)]

I did this the first time I got cable. It was a 486 with Windows95 installed on it. Took the guy 30 minutes to install his warez on it. After he left, I got out my real computer and put the garage sale relic back in the attic.

Re:Have a honeypot

[Bobzibub (20561)]

My installer (at&t cable) got confused at lilo.

; )

-b

Re:What happened to Ad-Aware's website?

[CtrlPhreak (226872)]

The Actual Website is www.lavasoft.de which is still up and running just fine.

Re:Have a honeypot

[sckeener (137243)]

More amusing would be a Linux machine. Let him try to figure it out. :)

If the cable company is like my DSL support, then they wouldn't install it. Every time I have to call in problems with my DSL line, I have to lie and say I have a windows 98 pc. They usually then try to get me to do some basic networking troubleshooting. This can be hard to fake if you don't remember off the top of your head what the output is supposed to look like. If they catch me in the lie, I usually play the mad customer (which I usually am at this point) and demand they open a ticket for the issue. :)

Re:Have a honeypot

[clickety6 (141178)]

Good solution because all non-geeks have at least two or three old PCs just lying around the place for emergenices like this!

Self Install Kits

[Rayonic (462789)]

This is why I always opt for the self-install option with any ISP. I don't even like my wife messing with my computer, nevermind some complete stranger.

(Side note: Yes, she does have her own computer. So there. :P)

Don't worry about it

[tkrotchko (124118)]

Do you want theoretical advice or practical?

Theoretical:
If you feel you can't live with the restrictions or you and your machine, then drop the service and use something else.

Practical
Just wipe the stuff off the machine after the guy leaves.

You can only analyze this stuff so far.

Re:Don't worry about it

[windex (92715)]

On top of that, any cable company will let you demand to do a self install, and just drop off the cable modem or ship it UPS.

The worst case scenerio is that you set it up before he gets there and go "I used to have it in my old apartment/house/whatever, it's already setup. Just plug it in and I'll sign your service order". No human cable technician is going to turn down getting out of doing work.

Makes me wonder how old the submitter was to where he couldn't just say "No, thanks, I'll install it myself".

Re:That's great for Slashdot geeks...

[TibbonZero (571809)]

"Scott, your ISP is not quite evil enough. You're semi-evil. You're quasi-evil. You're the margarine of evil. You're the Diet Coke of evil, just one calorie, not evil enough."

Re:That's great for Slashdot geeks...

[mvonballmo (211664)]

You shouldn't be embarrased for that post, it actually is insightful compared to other posts here. Most of the previous posts were of this vein:

I'm an amazingly cool and frood computer dood, so I told the cable company to fuck off and they had to, so there! L00zerz!

Yeah, cool.

The point the previous post made was that there are a lot of people getting this quasi-manipulative software installed on their machines - pretty much without their knowledge. You explain this with:

"99% of the people out there DON'T CARE that it's on there"

I disagree. I think if they knew what it was, they would care. If you told them -- hey, can I install software that will watch your browsing habits in order to better target junk mail to your email address? -- then they would have the chance to say 'fuck off' too.

But the deck is massively stacked because:

1) They don't even know it's going on there
2) They trust their installer because ostensibly he/she should know more about computers than they
3) Even if they installed it themselves, they would click yes because they just want broadband and aren't aware (as many here are) to what lengths corporations will go to take advantage of them for profit
4) EULA language is relatively advanced lawyerese -- again, it's beyond the comprehension of most, so they just assume they aren't getting screwed.

The answer is not scorn for their stupidity, nor "let the company do what it wants, people don't care"...the answer is to use your massive hax0r skills to educate these beknighted souls.

Comcast - Mac OS X

[mcwop (31034)]

I use Mac OS X. The software that Comcast has is incredibly buggy for Mac OS. I refused to install it. I just signed the docs for the cable guy (as if I even needed him to come do the installation in the first place).

Small Claims Court?

[TheBillGates (266114)]

I wonder if you could take them to small claims court to compensate you for the time you spent uninstalling the program?

Sure, it wouldn't amount to much money, but taking them to court would get their attention that people don't want that spyware stuff on their machines.

The nerve they have to install that spyware and not have the decency to even let their customer know. This is a severe abuse of your privacy.

Re:Small Claims Court?

[Angram (517383)]

Sorry, bub, but I'm a trained Small Claims Court Counsellor. You can't sue for emotional, time, or any other non-monetary kind of cost. If it can't be printed on a recipt, you can't sue. You can sue for time if it was part of an arrangement (i.e. plumber not getting paid for the job), but not for your time spent fixing this stuff. Unless he broke the machine and you had to have it serviced or replaced, there's nothing small claims court can do.

Nothing

[Gojira Shipi-Taro (465802)]

"Just give me the network info. I'll do it. You have no business touching my machine"

"but that's what my instructions say to do."

"are you bonded?"

"Whats that?"

"It means are you insured in case I have to sue you personally for screwing something up"

"oh.... Here's the info."

Besides, I connect through a router. What possible good would THEIR software do me?

Didn't have this problem

[TheRealFixer (552803)]

The Time Warner/RoadRunner guy simply came in, installed a new NIC, installed the cable modem, set up the new email settings in Outlook, and changed the IE homepage to their portal. I scoured the system when I got home from work (my wife was the only one here when he did the install) and was quite relieved that he didn't install any software.

They tried.

[MKalus (72765)]

When I moved lately I had a guy come out as they needed to "configure my pc".

I showed him to my Linux firewall, he was surprised about the prompt but figured it was just DOS (ha).

Put in the cd, realised it was not DOS, took the CD out, turned to me and said: "Well, I guess you know what you're doing." And left.

Offically my Cable Provider (Rogers) is not supporting Linux / Unix but if you have a technical issue just bug the Second Line support and 99% of the time you get the Unix guy who answers your questions.

interesting

[tps12 (105590)]

Well, as a very first step, I would recommend against posting this to Slashdot. Let me explain with a little thought experiment. Presumably you are trying to "get the word out" about the Evil Corporate Spyware installed by your cable provider. Suppose you were to succeed, and almost every cable customer were to remove said software from his or her PC. Their demographics database would start to be pretty thin, and suddenly they can no longer use that information to defray some of the costs of running a broadband outfit. Best case, you get a rate hike. Worst case, the cable company goes out of business, and you're back on dialup (which, if you wanted to vote with your wallet against this kind of practice to discourage it, you could have done anyway). A better course of action would be to quietly uninstall everything the cable guy installed and keep it all under your hat.

Re:interesting

[Omnifarious (11933)]

If they can't stay in business honestly, they don't deserve to be in business.

If they wish to collect demographic data on your purchases in return for a decrease in your bill, that's fine. But they should have a contract specificying how much that decrease will be, and exactly what the software will do. You can have it in your service contract all nice and above board, or choose NOT to have it and pay higher costs.

Of course, since they're a monopoly, that will just lead to a $50/mo (or more) difference. But that's easier to point a finger at and complain bitterly about to your local regulator.

investigate your cable connection

[one_who_uses_unix (68992)]

To understand exactly what is happening with your broadband connection follow these steps:

1.Connect PC, cable modem and a second PC (everyone has one :) ) to a simple hub ($20).
2.Run a network capture tool (tcpdump, snoop, ethereal, etc.) on the 2nd PC.
3.Boot your broadband PC.
4.Look at the traffic.

You should be able to recognize the DHCP negotiations and see whether anything unusual is going on. Odds are, all it needs to do is negotiate for an address, everything else is probably frill.

The next step is to install a 2nd NIC in the 2nd PC, load linux, connect the cable modem to that and the other NIC to your little LAN and use IP tables to set up a firewall and NAT.

That's tough

[ONOIML8 (23262)]

If you're going to play with their toys the you have to play by their rules. If their contract/TOS/whatever says you have to agree to have all that software and agree with the licensing to all in order to use their service, then I guess that's what you gotta do. But it's their system, their toys, so if you don't like it then don't play.

Now the installer was wrong. Very wrong. If you're gonna play by the rules then you should have read EVERY word of EVERY EULA and made the determination for each one. Since those are legal documents you would want to read carefully, perhaps consult with your lawyer on a few points. You could tie up that installer for a VERY long time. But for him to indicate that you accepted.....well, you might want to consult with your lawyer now.

What scares me just a little bit...

[writermike (57327)]

... is how when you search for "Broadjump Client Foundation" in Google, the company's own homepage doesn't come up in the early listings.

This says to me that either there are very few links to the company's homepage, or there is no company homepage.

Heh. Conspiracy therories entered here. 10 cents.

Get the local news involved

[Digital Mage (124845)]

I say inform your local newspaper or television news station. As you say, since the cable company is almost a monopoly in the area, I'll bet a number of people would love to know about how their local ISP is "spying" on them without them knowing. Most local news outlets are always looking for juicy stories about companies screwing over consumers.

Cablevision -- no problemo

[nbvb (32836)]

I switched from Speakeasy DSL to Optimum Online when I moved (No DSL in new neighborhood... d'oh!!)

When the Speakeasy guy came out 2+ years ago, I had done all the "inside wiring" myself (this was back in the dedicated-line days ...) The guy just looked at it, and said, and I quote "Damn! You did a better job than I would have." The guy literally handed me the DSL bridge (It's NOT A MODEM DAMNIT!), we plugged it in, he saw the lights "go green" and said "good 'nuff for me."

When the Optimum Online guy came out here (I needed someone to come out since I don't subscribe to cable ... DirecTV [directv.com] rocks), I had my Linksys router plugged into my iBook.

First thing he did was go outside, climb the pole and turn the line on. when he did that, the cable bridge (IT'S NOT A MODEM DAMNIT!) "went green" and that was that.

All he asked was to see me pull up a web page. That was good enough.

Seriously, don't give the guy the old chip-on-the-shoulder attitude. Don't sound like a clueless yutz, either. Just explain to the guy that listen, it's my machine and I'll install all the software on it, thanks. It's already configured for the network -- I read the directions (on the web, in the box, etc.)

The installers are usually _very_ cool about that stuff. In fact, the cable guy saw my Sun Microsystems jacket and started asking me some questions... we had a good long talk about IP networks and stuff, since he was looking to go to some Cisco courses and get outta the cable install business :)

Best of luck with the installs! Remember, don't give them an attitude, just convince them that your machine is all ready to go. Remember, if they get out of there in 5 minutes instead of 2 hours, it means they get to take a long lunch ;)

--NBVB

Re:Cablevision -- no problemo

[radish (98371)]

Why isn't a DSL "box" a modem? It modulates digital data into analogue and pipes that analogue signal out over a PSTN line. Which is exactly what a modem does, just at a much higher frequency. Given that it works in both directions I would say it qualifies as a MOdulator-DEModulator.

I'm not flaming...just curious...it's perfectly possible you know something I don't ;)

Just do the Common Sense thing...

[RobertAG (176761)]

On Windows,

Press START, SETTINGS, Go into Control Panel, Select Add/Remove Software and remove the offending software.

If they complain, invent a ficticious "Computer Guy" who told you it was the reason your system was locking up all the time.

Mention that you have lots of games and Internet Explorer "add-ons" that you have downloaded and installed. Believe me, NO technician will want to muck about through a myriad of windows software installations to troubleshoot their spyware.

They'll go away.

The exact opposite

[radish (98371)]

In the UK when a guy from BT cam around to install my DSL he did the exact opposite. They're specifically not allowed to touch my PC as they're not insured for any damage. So the engineer has a laptop, he plugs in the modem and proves the line works. Then I sign him off, he gives me the modem and a driver disc and it's up to me.

Of course this was 2 years ago, these days the engineer doesn't even come over...

They can turn you off if you uninstal!

[olddoc (152678)]

From this site: http://support.sbcglobal.net/legal/5071.shtml Is the following EULA language: # RIGHT TO TERMINATE NETWORK-BASED SERVICES: By using the Licensed Software, you acknowledge and agree that BroadJump and SBC Internet Services shall at all times retain the right to terminate any and all on-going network-based services that you receive pursuant to your use of the Licensed Software for any reason whatsoever, including without limitation your refusal to allow BroadJump and/or SBC Internet Services to install on your computer any upgrade or modification to the Licensed Software in the future. You better keep that 486 honeypot running with the Broadjump software!

Just say "NO"

[anthony_dipierro (543308)]

The cable guy came over to install a cable modem at my Dad's house. As I watched him do his stuff I noticed he was installing miniature cameras in my Dad's bedroom and bathroom. I know you don't need cameras for a cable modem to work so I asked if it was necessary. He said he had to do his list of things, and we had to sign that he did his list of things, otherwise he couldn't leave it with us to use. Since I can always remove the cameras, I agreed, but I noticed at the top of the camera was a small antenna. Doing a search on Google for 'Comcast minicam' comes up with some pretty scary stuff as far as what it does, like: 'Records toilet breaks and sexual escapades in order to enhance customer service' Now, how does this affect us? Neither myself or anyone in my family agreed to the cameras; the cable guy did. And is there anyway to get cable companies to stop doing this as I can imagine since the cable company is a monopoly in this town, that the percentage of people who still have these cameras in their bedrooms is pretty high.

Some replies

[anthony_dipierro (543308)]

• Have a bogus bathroom for him to install his camera in, which you can leave "unused" 'til you need to call support when you can shit in that bathroom if needed.
• • More amusing would be sending him to your outhouse. Let him try to figure it out. :)
• This is why I always opt for the self-install option with any ISP. I don't even like my wife watching me take a shit, nevermind some complete stranger. (Side note: Yes, she does have her own bathroom. So there. :P)
• Take them to small claims court and sue them for the time you spent removing the cameras.
• They use 802.11 to transmit their signal to the nearest spy truck. To find out exactly what they're doing hook up an 802.11 hub and analyse the traffic.
• If you're going to use their product, then you have to play by their rules. Forget about the fact that the installation guy might not be following the rules, and that as a monopoly service they are highly regulated by the government. Just bend over (for the camera) and take it.
• Tell them your policy does not allow anyone to install cameras in your house without passing an extensive personal background check, signing a non-disclosure agreement, and obtaining a million dollar bond payable to you upon breach of contract. Ask him for his personal address and phone number so that you can contact him when the background check is completed, and have him fill out a form giving you his social security number and permission to use it for the purposes of obtaining the background check.

AdAware?

[grub (11606)]

Perhaps the good people at Lavasoft [lavasoft.de] could add this kind of scumware to their list of Naughties?

Just a thought.

What broadjump does

[Que_Ball (44131)]

Well I work for an ISP that uses broadjump for our client install CD. Basically broadjump as a company specializes in making these CD's that automatically check the system and do any neccesary steps for getting your broadband connection working.

In our case the CD will install a branded internet explorer/outlook express but it's just something they whiped up with the IEAK tools so nothing too special.

The big step on our network is it will register the MAC address on our customer administration webpage. Broadjump basically builds the CD to the specifications the ISP asks for. They are simply an outsourcer that specializes in these things. On our CD there are basically 3 steps. First the CD checks the machine to make sure it meets the minimum requirements. So it checks the basics like CPU speed, free hard drive space and memory. It also verifies there is an Ethernet card and that it's bound to the TCP/IP protocol with the proper DHCP settings. If it finds any problems with these settings it will give the user the opportunity to automatically fix the error or a description of the problem so you can fix it yourself. The next step is it will install the internet explorer software. After this it does a dhcp release and renew to get an IP. It then contacts the customer administration website to register the MAC address so that the computer can get a valid IP. Up to this point the machine only has a 10.x.x.x IP address which only allows you to connect to the DHCP server, DNS server, and the online customer administration servers. After it successfully registers the MAC it does another release and renew which should give you a real IP address and it uploads a text file log of the whole process to an FTP site. The text file doesn't really contain anything terribly useful and nobody on the helpdesk ever bothers with the things. Nothing evil was included in our text file though I'm sure other ISP's may ask broadjump to include some system configuration details in their implementations. Like I said, for us it's just a log file of the steps the broadjump CD completed. If it got to the point where it succesfully uploaded the file then the connection is obviously working and at that point there isn't going to be much to say in the log file of interest.

All the steps this CD takes can easily be duplicated manually. In fact most of the time if a user calls the helpdesk because they cannot get their new connection up and running we just register the MAC address manually on the website for them. Registering this address automatically is the main reason we include the CD in the self install packages. I do recommend people unfamilear with DHCP and mac addresses to use the CD on our system, there isn't anything terribly mysterious about our broadjump cd though who knows what other ISP's ask them to implement.

In general there are only a few methods of broadband client access that users need to be familear with to get up and running manually without these CD's.
1. Plain DHCP or Static address. Most cable modems work on simple DHCP addresses. Usually the cable ISP will hack their DHCP server to only allocate a certain number of unique IP's through a single cable modem. I know the cable ISP I used to work for did this. After the first 2 IP's included in a consumer package it would just keep sending a DHCP offer of the second IP address to any additional computer that sent a request from that cable modem. The system programmer there hacked a neat little system together using SNMP and DHCP. SNMP trap would be sent to the DHCP server with the sequence number of the DHCP request and serial number of the cable modem.
2. DHCP with Mac address or hostname registration. The ISP I'm working for uses the MAC address to limit the number of IP's you can get. A web interface to register these MAC addresses is available and before you register you are assigned a private IP address in the 10.x.x.x range which only works inside a small internal network segment the DNS, DHCP, and registration server are on. I have also seen ISP's that use the hostname as a unique identifier. Usually this involves setting the name of the computer to be your ISP username to get a valid IP.
3. PPPoE. An extention of the dialup authentication model to broadband connections. Usually you will need some form of client software for these though most routers have built a PPPoE clients into their firmware. MacosX also includes out of the box support for this protocol. You will need to use a username and password to authenticate with the network to allow traffic to pass to the internet. Seems to be most popular with DSL providers probably because of their dialup heritage.
4. Custom client/logon. As seen in the roadrunner cable modem networks. A custom authentication method can be used that usually contacts a server to authenticate the user in a fashion similar in structure to PPPoE. In the case of roadrunner their client has been thouroghly reverse engineered so if you are running an alternate OS you should find a client available to keep you logged in. The proprietary method of authentication will probably become extinct as industry standard solutions are cheaper and easier for broadband providers to implement. If you are saddled by this method of authentication just check around for a third party client. It will probably provide some benefits over the standard client like automatic keep alives so your connection doesn't time out.

rabid power-users

[ducktape (178839)]

as an employee of (cable company name removed) i can tell you exactly what it does. it isn't spyware or ad-ware. i predicted when we were first told about this new tool that this story would show up on slashdot. hence i had several questions when i first got it, and even went so far as to contact a member of the development team about it.

the software has 2 major functions-

a) -secure software that allows technical support to connect (by proxy) to a remote machine to perform a myriad of tasks. it can push urls, view TCP/IP related (only) connection info in cases of slow-speed troubleshooting, and even has a function to allow the technician to troubleshoot further by using a remote VNC-like application.

this may sound scary, but read on. the software leaves no open ports, and cannot be remotely-accessed without the user activating the software (at a tech's request). the user must then manually connect to a closed server with an auth code that the tech gives. the tech connects to the server, and may be allowed any of the above tasks if authorized by the user. the customer is told clearly what will be done, and the tech explains what he/she is doing before proceeding. there are strict policies for the use of this software. the technician is not allowed to browse the hard-drive, download/install/troubleshoot any application that is not on the supported list, and is under no circumstances allowed to change anything on the user's computer without explicit permission. i can't stress this enough, in order for any kind of connection or action to take place the software will ask the user if it's ok to proceed with on-screen alerts! the user may break the connection at anytime during the process for any reason by clicking a button on the taskbar.

since the connection takes place through a single closed, proprietary server there is virtually no chance of this application being used as a backdoor. the software is hardcoded with the URL of the server, and can connect ONLY to that server and nothing else. even if someone malicious were to get a hold of the client software, without (password protected) access to the server to generate a short-time auth code for the user to type in, it's useless.

b) -a backup/restore application for tcp/ip and connection property settings. it's configured to save driver files for the NIC and USB modem devices, ip address/subnet mask and DNS property information (in cases where specified), and occasional pings and traces to the dhcp server, gateway, and dns servers along with netstat info. the software catalogues the information bi-weekly, and stores it on the hard-drive. none of this information (save the pings and traces) can be retrieved by anyone outside the system. it's mostly used for cases where the user breaks the connection by altering configuration. the backups allow the user to restore the connection settings to a previous known-working configuration.

that all.

this isn't a data-mining application. privacy was discussed in detail in software-training. i understand being cautious, (hell, i'll admit i was concerned as hell when it was first announced) but i can tell you in all honesty that the bundle on our 'easy installer' cd's contains no spyware. broadjump was contracted to write the software specifically for our use, and no 'add-on' click-tracking or cookie-scouring was allowed.

the client software is ONLY in the hands of tier-2 and above, highly-skilled, highly trained and QA/policy monitored technicians. the broad-jump software is a means to an end for technical-support. if you've had any experience supporting win9x systems you know that windows can be downright retarded when it comes to connection management. it has been an invaluable tool when faced with users who doesn't know their right mouse-button from their left. thus far it's been a huge success, customers seem to love it, it allows us to do all the work, while they just watch and keep tabs or relax as they see fit.

i knew there would be a few who flipped out over this application. but really, the only people who get up in arms about it are those who don't need it. if you're smart enough to understand what this software does, you should be smart enough to understand that there is a genuine need for it. it's the people who call tech support complaining about error 691's with their caps lock key on, or who've lost the address bar in IE who need it. if you're not comfortable with the application, uninstall it.

Never have onsite problems

[macdaddy (38372)]

When I had cable installed, they had to come out and do the install. They didn't have the option. They did support Mac though. Yes, I'm a Mac, Linux, Sun guy. He walked in the to my second bedroom and his jaw dropped. He handed me the box of stuff and said that I probably wasn't going to need any assistance. He then went outside to do something to the cable box, came back in, I said I was on, and he left. Maybe it was the stack of Enterasys switches or the stack of Suns in the corner. Might even have been the Ciscos routers on the corner desk next to the laser printer. Of course I can't leave out the cluster of Mac towers running next to the door. Perhaps the general heat in the room made him weak in the knees. Needless to say I don't normally have trouble with the techs when they come onsite. :)

Now techs on the phone is another problem. Back when I had cable, I quickly discovered that the national helpdesk for RR was staffed by a bunch of dicks. I called them to let them know about a case of router flap that had been going on for over a week. They started giving me the wrong around about my "Windows" box being misconfigured. I informed him that I own no Microsoft products. To that he replied that everyone runs Microsoft. I laughed and said that I was one person that didn't. He asked what I ran and I replied I used a Mac. He then said something to the effect, "don't you know? Microsoft owns Apple". He also said that he couldn't see why anyone would want to use such a worthless operating system. I was starting to get a little pissed at this point. I asked if he'd say the same about my Linux boxes or my Suns. He said Sun is dead. Microsoft was buying them out. He also said that Linux was a hacker's tool and that he could have me arrested for using it. .... Now being a Mac user, I know what it's like to have my OS insulted. You don't insult a Mac guru's OS. You don't insult a Linux guru's OS either. You damned sure don't insult both in the same paragraph. If he had been there in person I would have firmly planted a Sun keyboard in his ass sideways. Since he wasn't all I could do was cuss at him and demand to speak to his super. He refused and hung up on me.

Well, I returned the favor. <g%gt; I always record my tech support calls. I dubbed a couple copies of the tape and certified USPSed them to Cox, RR, and my state AG. I also included a letter that indicated who all received a copy of the tape, summarized the coversation, gave a time and date for the call, back ground to counter the ill-informed knowledge, and finally notified them in writing of the router flap. About 4 days later, I noticed that the router flap had been fixed. A few days letter I received a letter from Cox apologizing for the problems and promising to investigate further. The next day I received a letter from RR apologizing for their employee's action and informing me that the tech was no longer with RR. Oh happy day. :-)

I've found a couple tricks when calling a tech support line that might help you. Always start off the conversation in a calm voice. Don't act pissed. Stay calm and collected. Ideally you would do this even if you felt you needed to ask for the tech's super. State your name, where you're calling from, and on behalf of what company. This is a good thing to do even if it's for you home line. Pretend the loss of access if affecting you at work. "My name is John Wayne; I'm the Network God at Such n Such Unv in Smallville, St; I'm calling to inform of that you have a case of router flap that is causing us problems downstream.". Be concise and to the point. If you think you need to drop some techy stuff to make them feel you know what you're talking about, drop big things only. Don't jargon-drop little stuff. Spend more of your time keeping everything else you say technically accurate. Don't let yourself slip up. Stay calm. Always stay calm. Say "I'm calling to inform you of a DDoS attack coming from one of your customers" not "You're DDoSing us! We're gonna sue! Our routers are melting. We're melting. ARGH!". The latter makes a bad impression. Try to maintain control of the conversation. Don't let them BS you into doing weird shit. State the facts up front. Tell them exactly what you've done to diagnose the problem. This is how I get hard drives replaced without all the reformatting bullshit. When I know the HD is bad I call them and tell them I've low-leveled it, checked jumpers, tried it in another machine, and run two bad blocks checks on it; here at the results. I've covered all their bases with the facts. All they have to do next is RMA it. Good luck!

As a Former AOL-TW HSD Installer...

[ONU CS Geek (323473)]

I know what actually happens when the cable guy comes out to install; as I was the one who was doing it. Here's the run-down:

1.) The Installer checks your cable lines to see what the forward and return levels are, to see if they'll work with your exisiting drop at your house-box. If everything's ok, they'll run an extra outlet, take it to the house box, and split it off as the first splitter in your box. If it's not ok, they'll re-hang or re-bury the drop, then run your AO.

2.) The Cable installer calls in the MAC address of your cable modem, so that DOCSIS can authorise your account.

3.) We plug in the cable modem in, and make sure that the Cable Modem actually lights up. Once that Cable Modem is lit, you can get a DHCP address with any DHCP client.

4.) We'd run the RoadRunner disk...it'd set up the IEAK Customizations, set up email addresses, and then do a series of tests to ensuer that everything was ok. This included a ping test, a DNS test, and tweak your TCP/IP settings for broadband.

Basically, once they bring it in, DOCSIS provides the authentication (if you're on a system that uses DOCSIS). They shouldn't need to run any software on your computer that provides authentication--it's hardware based.

Re:Inquiring minds must know...

[jdreed1024 (443938)]

What cable internet provider was this?

Dunno what this guy used, but certainly ATTBI/MediaOne/whatever does this.

Broadjump is the biggest piece of shit software I've ever seen. It reboots your computer whenever possible (god forbid they should check to see if you're running on 2K/XP which doesn't need to be rebooted to renew DHCP). You also need that program to register your MAC address with them. I could have made a fuss, but it wasn't worth it. I installed, registered, and de-installed. No more problems.

They certainly don't require that you leave it installed, except for Tech Support. Which so far has been easy, because if it's a problem with the line, you simply call and report that cable TV is out. Then they don't ask you to reboot your computer 500 times.

Re:Inquiring minds must know...

[R.Caley (126968)]

They certainly don't require that you leave it installed, except for Tech Support. Which so far has been easy, because if it's a problem with the line, you simply call and report that cable TV is out.

I'd like to underline this. For anyone who hasn't learned by painful experience yet, never report anything to the interent suport people if you have TV from the same source.

Anything which goes wrong is in one of two classes, things shared with the TV operation and things their tech support stands no chance of fixing. The TV operation will be far better resourced, and the support staff know that you may have 5 children demanding cartoon network at your end and so not fixing things may result in you being driven insane and turning up at their call center with a chainsaw. Nerds just don't carry that fear factor:-)

Certainly when I had a problem which seemed to be at my end, my cable suppler (Telewest) quoted a couple of weeks for an engineer from the internet side and day and a half for a TV bod.

Re:Nothing.

[Skirwan (244615)]

Screwed the cable line into the modem, turned it on, attached it to the Linksys router, turned it on, attached that to the LAN port on my Mac, turned that on, and presto! A working internet connection!

Step three... There's no step three. There's no step three!

:)

--
Damn the Emperor!

Re:Did you agree? Yeah, kinda.

[John Hasler (414242)]

Such an agreement would not be binding unless it included the texts of all the EULAs.