What Software Do Cable Installers Place on Your PC? 973
{e}N0S asks: "The cable guy came over to install a cable modem at my Dad's house. As I watched him do his stuff I noticed he was installing something called Broadjump Client Foundation. I know you don't need software for a cable modem to work so I asked if it was necessary. He said he had to do his list of things, and we had to sign that he did his list of things, otherwise he couldn't leave it with us to use. Since I can always remove the software, I agreed, but I noticed while he was flipping through the install, he was clicking 'agree' on every EULA that came up. Doing a search on Google for 'Broadjump Client Foundation' comes up with some pretty scary stuff as far as what it does, like: 'Builds a database of subscriber demographics and buying behaviors to help evolve and refine marketing efforts.' Now, how does this affect us? Neither myself or anyone in my family agreed to the software; the cable guy did. And is there anyway to get cable companies to stop doing this as I can imagine since the cable company is a monopoly in this town, that the percentage of people who still have this software on their computers is pretty high."
Have a honeypot (Score:5, Insightful)
Self Install Kits (Score:5, Insightful)
(Side note: Yes, she does have her own computer. So there.
Don't worry about it (Score:5, Insightful)
Theoretical:
If you feel you can't live with the restrictions or you and your machine, then drop the service and use something else.
Practical
Just wipe the stuff off the machine after the guy leaves.
You can only analyze this stuff so far.
Inquiring minds must know... (Score:4, Insightful)
Small Claims Court? (Score:5, Insightful)
Sure, it wouldn't amount to much money, but taking them to court would get their attention that people don't want that spyware stuff on their machines.
The nerve they have to install that spyware and not have the decency to even let their customer know. This is a severe abuse of your privacy.
Re:he installed (Score:5, Insightful)
1) Plugged DSL modem into the telephone line
2) Plugged DSL modem into network hub
3) Connected filters to telephones
4) Threw install CD in the trash
IANAL but... (Score:4, Insightful)
Unfortunately, he left with a valid signature, which legally means you have accepted the service as is, software and all. You may be able to remove the software, but at this point, all you can do is complain about it. But once you sign the sheet saying the work is done, you've essentially stated that the contract (or that portion thereof) has been fulfilled to your satisfaction. I know it's a hassle, but if you have serious misgivings about it, the proper procedure is to decline signature and say you never authorized this software installation, and allow the tech to remove the modem. Then deal with the sales department. If you paid by credit card, remember that you can put a hold on that payment until it is resolved to your satisfaction.
Re:Don't worry about it (Score:5, Insightful)
The worst case scenerio is that you set it up before he gets there and go "I used to have it in my old apartment/house/whatever, it's already setup. Just plug it in and I'll sign your service order". No human cable technician is going to turn down getting out of doing work.
Makes me wonder how old the submitter was to where he couldn't just say "No, thanks, I'll install it myself".
Re:That's tough (Score:2, Insightful)
Maybe he wasn't necessary for the EULA's of this Broadjump kit.
Get the local news involved (Score:5, Insightful)
ATT in richmond (Score:2, Insightful)
Just about all of my friends have that broadjump shit on their computer and willingly dont mind. Thats how the American public is, they dont care about privacy, all they want is thier cnn.com and marthastewart.com. They think that loss of privacy is what you give up when you go online.
Look at the millions of AOL users, who PAY, i repeat PAY, to be advertised to. They see like TV, the Ad's come with the territory.
Missing the point (Score:2, Insightful)
The installer has acted as their representative without their knowledge or consent. While the EULA would easily get tossed out if they wanted to fight it, they wouldn't know there was anything to fight and they would have already been monitores/etc already.
And yes, I know the ISP monitors traffic anyway, but it is different when they are installing software on your computer and agreeing to a EULA for you.
Charter installs VNC (Score:1, Insightful)
In short, don't install cable modem software. Get an external cable modem, an ethernet card, and a Linksys router. That should be all you need.
That's great for Slashdot geeks... (Score:4, Insightful)
Re:ATT in richmond (Score:2, Insightful)
Somebody, (I'm 99% sure that this was Bruce Schneier) summed this up by saying that if McDonalds offered a free Big Mac in return for a DNA sample, then there would be queues round the block.
Re:Small Claims Court? (Score:3, Insightful)
There are several programs (aka Gator) that don't
verizon DSL (Score:2, Insightful)
Don't give these techs a hard time, they have to assume that you're a beginner and they probably need to install certain software by contract with some other software company (as a previous post supposed). We've all been support techs at some time in our lives. Just tell him you'd be happy to sign the agreement without him installing the software, and that way you both win as he can lower his average time-spent-per-incident rating.
What if you weren't running Windows? (Score:2, Insightful)
Maybe what you were signing said that you agreed to all of those EULA's that has clicked on your behalf?
Not an Issue (Score:2, Insightful)
Charter, while not everyone's favorite service, has been very cool about helping me reset my hosts file on the cable modem and trying to see my router to help me trouble shoot the system. Their official policy is that they don't support networks which makes you on your own if you have trouble. In practice I've found that if you know what you're doing and the techs aren't swamped at the time, they'll work with you and tell you what they're seeing from their end and give you some pointers. Just don't expect them to walk you through it.
Bottom line is that there really is no need to install anything other than maybe a driver for a usb connection to the cable modem. I'm not impressed that people that don't know any better are being taken advantage of by people like your provider. I can only hope that someone does that to their mom, dad, brother or sister sometime.
Re:interesting (Score:5, Insightful)
If they can't stay in business honestly, they don't deserve to be in business.
If they wish to collect demographic data on your purchases in return for a decrease in your bill, that's fine. But they should have a contract specificying how much that decrease will be, and exactly what the software will do. You can have it in your service contract all nice and above board, or choose NOT to have it and pay higher costs.
Of course, since they're a monopoly, that will just lead to a $50/mo (or more) difference. But that's easier to point a finger at and complain bitterly about to your local regulator.
Re:interesting (Score:3, Insightful)
Why should the cable companies need to start doing this sort of thing in order to make money? I'm sure there are better ways. How about offering decent service and some other products (such as spam filters) that we can pay additional for? Why do they have to be so sneaky? I feel sorry for the poor AOL converts that have no clue about what is being installed on their system- they are just innocent victims. They may not even know how to uninstall something- so they have no choice.
This kind of behavior is unethical, especially if the customer doesn't know what is going on. If privacy or high speed connection were mutually exclusive, I would choose privacy and I think a good percentage of others would also. It's bad enough with all the other crap that seems to fill up your hard drive when you're on the internet, we don't need the ISP doing it as well.
Re:That's great for Slashdot geeks... (Score:4, Insightful)
Fact is, there is nothing illegal about them installing software on your computer with your consent. Their software isn't breaking the law and it isn't hurting your computer. You are requesting a service from them and, as part of that service, they are installing additional products as they see fit. Opt out, it's quite easy, I wouldn't let a cable installer within 10 feet of my computer ("Just hand me the cat-5 and nobody gets hurt...")
I'm embarassed that the parent post got modded up as Insightful.
--trb
Re:he installed (Score:5, Insightful)
Then they cant figure it out (yeah, I know it's just turning on DHCP), and have to call him back to set it up.
If the original work order isn't signed - then there's no proof he ever showed up at all, and the cost of rolling the truck the second time comes outta his pay. If it is, then the customer pays for the second call like he should.
He really didn't care one way or the other, so long as the work order was signed.
No need to dump all the anti-corporate conspiracy theory bullshit on the poor joe who gets payed 10 bucks an hour to hookup peoples homes.
Re:Cable Moron (Score:2, Insightful)
i used to work at a phone company and the product managers there could talk to death about frame relay lines, phone switching equipment, etc, and they really knew what they were talking about. but they couldn't figure out how to log into their machines or how to change their password.
Re:interesting (Score:4, Insightful)
First off, I notice you're assuming that they need this money to defray the cost of providing broadband. I suggest that any business using this model doesn't deserve to stay in business long.
Secondly, you seem to be someone who thinks we should all be very happy with the "opt-out list" mentality because we're somehow "saving money." Businesses need to be taught that abusing and not respecting their customers is a Bad Thing and I for one wouldn't mind paying a little more for a business that actually gives a damn about me (but I have yet to be forced into that decision... seems some enterprising business is always there to provide to us somewhere). And I have the feeling that I'm not alone in feeling this way.
"A better course of action would be to quietly uninstall everything the cable guy installed and keep it all under your hat."
You're part of the problem, then, not the solution. I'm simply not going to just sit there and take this sort of abuse from anybody.
Re:Small Claims Court? (Score:2, Insightful)
Re:interesting (Score:3, Insightful)
Keep in mind that 99% of cable users don't read slashdot or tech forums in general. The posting here will only serve to inform those who can put the knowledge to good use and protect themselves. The resulting dent in the demographics databases as a result of this will be very small, and the cable companies probably will not bat an eye.
DNS is down (Score:2, Insightful)
Oh Puh-lease!!! (Score:3, Insightful)
Look, the cable companies enjoy their quasi-monopoly status and they seem quite happy to abuse their position, and with the law makers pockets lined well, they will have no worries. What worries me is the lack of FULL disclosure. If I'm going to be screwed in such a way, I think you should at LEAST know what's going on. I want a legal form that people read with glazed over eyes and initial parts to show them EXACTLY what information will be collected and used against them. However, as long as Michael "nepotisim" Powell is the chairman of the FCC to serve interests of the greatest donors and not the people, we might as well get used to saying, "Thank you sir! May I have another!"
Re:Self Install Kits (Score:2, Insightful)
I've had the cable guy over here a few times to check my lines (once when the idiot landscapers chopped the cable to bits at the box outside). I told tech support and the cable guys that I use Linux. Best I can tell, they don't particularly care, especially since my machines are behind a router anyway. One of the cable guys might even be using Linux now. He was so impressed with my setup I let him play around with it a few minutes.
Anyway, were those the United States he was talking about? I don't think so. Comcast would rather you self-install, at least here
Back to the actual topic: the Comcast CD in the self-install kit is crap. Pretty much wrecked my roommate's XP box with its custom IE install. I didn't notice any spyware, but I was deleting everything and starting over, so I didn't really pay attention. When I showed him he didn't need it in the first place (despite what the kit says) he wasn't very happy.
Re:DNS is down (Score:4, Insightful)
Duh.
They're called "Root nameservers."
Here's a list (from my /etc/dnsroots.global file)
Re:They can turn you off if you uninstal! (Score:2, Insightful)
Re:That's great for Slashdot geeks... (Score:5, Insightful)
I'm an amazingly cool and frood computer dood, so I told the cable company to fuck off and they had to, so there! L00zerz!
Yeah, cool.
The point the previous post made was that there are a lot of people getting this quasi-manipulative software installed on their machines - pretty much without their knowledge. You explain this with:
"99% of the people out there DON'T CARE that it's on there"
I disagree. I think if they knew what it was, they would care. If you told them -- hey, can I install software that will watch your browsing habits in order to better target junk mail to your email address? -- then they would have the chance to say 'fuck off' too.
But the deck is massively stacked because:
1) They don't even know it's going on there
2) They trust their installer because ostensibly he/she should know more about computers than they
3) Even if they installed it themselves, they would click yes because they just want broadband and aren't aware (as many here are) to what lengths corporations will go to take advantage of them for profit
4) EULA language is relatively advanced lawyerese -- again, it's beyond the comprehension of most, so they just assume they aren't getting screwed.
The answer is not scorn for their stupidity, nor "let the company do what it wants, people don't care"...the answer is to use your massive hax0r skills to educate these beknighted souls.
Doesn't it matter who clickes "yes" on the EULA? (Score:4, Insightful)
I think that if a company needed to wriggle out from under an overly-restrictive EULA they could certainly use the defense: "None of our people clicked on that agreement... it was a contractor and he didn't have the authority to bind us to a legal contract."
Re:That's great for Slashdot geeks... (Score:3, Insightful)
Nice. Way to work that gratuitous sniper reference into a completely unrelated discussion. So what's you're criterion for being evil? Killing people? Killing people without justification? I think there's room for different levels of evil here. Score one for the pedants.
Telling someone that they need this software installed in order to use their cable modem and then installing spyware is not exactly with their consent. You might want to read the Constitution sometime. Start with the fourth amendment.
That poor joe (Score:3, Insightful)
I agree. We're always bitching at the poor telemarketing sales reps, when they're not the ones who set their hours, you know? It's not the installer's fault he's got this list from the main office.
If you use a little common sense and explain yourself rather than going ballistic, the installer's going to maybe be won over and give other people options, too, rather than "just doing his job." Alienate him, and he'll start thinking of his customers as a bunch of hassles to be gotten through. That's no good for anyone.
(Seems like cable installers really run a range of attitudes, though. Companies hire out during big install promotions, so you could be dealing with anyone.)
Re:Have a honeypot (Score:2, Insightful)
Re:That's great for Slashdot geeks... (Score:2, Insightful)
Doesn't this give them the opportunity to watch your browsing habits to better target junk/spam also to your physical address and phone number, through correlation with your modem's EA/MAC address? Yikes!
Are there prohibitions on them doing this? How about prohibitions on the third-party spyware doing this? All it would need is the number.
PPPoE is a wasteful protocol (Score:2, Insightful)
Who cares about YOUR experience...? (Score:5, Insightful)
The point is that most internet users don't even know what an IP is. They don't care about linux, and they probably aren't even aware that there could be software doing "bad things" on their PC. These users are having spyware forced upon them in two ways:
This is a serious problem. Let's actually discuss ways to resolve it for everyone, rather than trying to make ourselves look clever.
How to explain this is a Bad Thing to non-geek (Score:3, Insightful)
Say you stop at AM/PM, they know that you are a user of Arco gasoline. Say you stop at a Michales craft store, they know that you are into crafts. Perhapse you stop at Costco - they could surmise that you have a large family.
This, along with the ability to record your conversations in the car are used to find out what your into, but its anonymous, of course. All that they use that information for is to customize advertisements on your car stereo just for you.
They also track who is in the car with you, because they is useful demographic information to help them with their targeted advertizing.
You don't have anything to hide, so that wouldn't bother you, would it?
So - are you wondering when you can get one of these new Hondas?
No?
Aunt Mary, just replace Honda with Microsoft and/or your Internet service provider.
You DO know that you've ALREADY agreed to this on your computer, right?"
This has worked for me 100% of the time. They get creeped out every time.
Re:Who cares about YOUR experience...? (Score:4, Insightful)
Aarrrrggg!
We technical-aware people are our own worst enemy, and we ought to *know better*.
This kind of advocacy only sets up false economies (read about rent control in NYC, please) which skew supply/demand to an extreme, and also subvert our rights to an administrative authority who has ulterior motives (e.g. king/emperor/dictator).
There's a really simple model that is well communicated in Ed Yourdon's book, Deathmarch Projects, and the model works well for technical and nontechnical decisions - even deciding what to have for dinner.
Here's a summary of the model (apologies to those that get this and find it redundant - you're not the ones I'm trying to help):
RULE 1: You have three variables: Time, Money, Functionality.
RULE 2: You can solve for one variable as your primary focus, and maybe a second one as a secondary emphasis.
RULE 3: You cannot solve for all three.
Examples:
I've only got $3. I need my lunch in 5 minutes. (1-Money, 2-Time. Don't count on a 5-course meal prepared just for you.)
I want $30 broadband. I want someone to deliver it to me and have it working quickly. (1-Money, 2-Time, prepare to sacrifice functionality)
I need a T1 yesterday. It's gotta do all sorts of VPN, firewalling, filtering, etc. (1-Time, 2-Functionality, open your wallet up!)
I need a very fancy house. I'm pretty short of money right now. (1-Functionality, 2-Money, better get your work clothes on...)
So... what do you make of:
I want cheap broadband. It should come in a convienent package and be installed this week. But it had better not have any spyware, had better work just the way I want, with my OS of choice, allow me to do whatever I want and have no limits.
Solving for all three... if the last two are important to you, you can have it. But count on $75/hour or more...
*scoove*
Whose Eula is it anyway? (Score:4, Insightful)
Possibly the cable installer has actually broken the Eula by transfering the software to someone else.
Eitherway you haven't agreed to not reverse-engineering the spyware. It would be nice then to keep sending them back reports on your computers activity that are completely bogus if enough people did this then all their data would be pretty worthless.
I'm sure most people dmake up names etc when they are asked to give out personal information (income gender age job etc) to get a service.
The general tactic is its even better to give wrong data than it is to refuse to give any at all. As this way you are invalidating anything other people are conned into giving.
Automatic escalation (Score:5, Insightful)
It would not cost them a $50 support call to answer direct technical questions from experienced users if they would route questions properly based on their content. For example, if a user calls up, explains that he has changed network cards and asks to have the MAC entry changed in their database, it is not effective customer service to work through a thirty minute script only to end with an escalation to second line support when a direct bump to second line could have finished the call in one minute! (Example from my experience, obviously)
I once got in the middle of a thread on the MindSpring customer-service newsgroups and posted a suggestion that they institute an "experienced customer" line. The idea being you get certified through them that yes, you really know what you're doing (maybe by taking the same tests of proficiency that their employees take?) and after that you're given access to a support line staffed by people who don't insist on going through the "is it turned on?" parts of the script. Who talk to you as though you have a clue, in other words. Hell, they could not only make money on it by charging a token fee (maybe $5 per month), they could use it as a pool to recruit new tech folks.
Basically, phone centers need to program their script bots with something akin to keyword matching to determine when the caller is not going to be served by a cookbook of click heres and tab theres. In my experience, it is luck of the draw whether you get a first line rep who knows their stuff or is just following the script, and there are a lot of gradations between first and second line that could be subdivided more efficiently. Can it really be that cost ineffective to provide decent, non-irritating support to all levels of users, as opposed to just the clueless ones?
It's all about metrics. If you don't force the techs to follow the same script, you can't effectively compare their performance and weed out the ones that aren't making good numbers. (The fact that you can't do that short of actually listening in on a tech's calls from time to time, we'll ignore for now.) ISO 9000 can be a good thing in its place; likewise Six-Sigma. This kind of cookie-cutter tech support is the worst possible application of both, but management just sees a documented, reproducible process and finds it Good.
Sheesh (Score:2, Insightful)
I worked a short stint installing hsi back in the day, and I had to deal with smug pricks like the lot of you every goddamn day. Here's a few tips:
1. The installer doesn't give a fuck about how many computers you have.
2. The installer could care less about your 31337 Sun cluster or god damn Univac in the garage.
3. The installer gets really annoyed when self-righteous geek zealots make their jobs difficult.
"Hey, lets all guffaw at the college kid who can't figure out my ereet customized csh shell on my fucking VAX". Oh, wait, what's that? You want broadband? You're tired of dialup? Well then leave me alone and let me do my job, or next time do a self-install. Don't need a NIC? Tell me. Would rather configure the system yourself? Fine, tell me. I'm not out to cripple your machine, I am trying to get you connected to teh intarweb. The faster I get the hell out of your house, the faster I can get to the next unfortunate ex-AOL schmuck running WinME on an E-Machine whose hand I'll need to hold for three freaking hours because they can't figure out god damn Outlook Express.
Don't try to impress me with your gigabit switches or Cisco PIXes. I've seen it all and could care less. If I could have tied a cable modem to a brick with a length of cat5 and hurled it through some of your living room windows with a note reading "Self Install Kit", I would have.
Oh! Guess what else??
I'm a geek too. I run fourteen machines in my bedroom. Five FreeBSD servers, two Windows 2000 servers, two OpenBSD firewalls, a Sun box, and an array of Linux, W2K, and BSD workstations. I loved turning the tables on Slashdot-esque geeks who thought they could get a kick out of playing 'confuse the installer'. Some of my peers were even geekier, and have since moved on to real jobs maintaining the fat pipes companies like Comcast, AT&T, etc. rely on to move their bits.
Moral? Give the installers a break.
END RANT MODE
Re:Missing the point? (Score:3, Insightful)
The problem is the "other" stuff that is bundled along with it. When spyware started to become bundled along with free downloads, roughly the same time that download.com got crap, it was accepted that they needed to generate revenue somehow. Basically the same reasons we tolerate ads on the net, TV and radio.
However, spyware has become endemic. Everything seems to have it. What I object to is the inclusion of spyware not for monetry reasons, like we are discussing here. What's more, putting aside the morality of hiding the spyware in the EULA (which is basically lying, your are trying to deceive someone), here we are talking about forced installations.
Sure, you don't have to accept the deal, but you've waited weeks for the taxi to come and take you away from 56k land, and the last thing you are going to do is say, "sorry, I'll get the next one". That's even if you are one of the enlightened few who realise what's going on.
If I download a free tool to do a specific task, I might get spywared. That's a part of the game. However, when an ISP starts using it, then it becomes worrying.
I'm sure many companies don't understand the meaning of what they are doing. They see it as an opertunity to understand their customers better. They just can't seem to see through the end-users eyes and realise that what they are doing is wrong.
Re:Automatic escalation (Score:5, Insightful)
Absolutely concur. I'm one of those half-suit/half-geek oddballs and I spend a good amount of time dealing with embedded system projects (miniturization of router systems we put in ugly places like water towers). I've gotten used to simply waiting for folks to go thru their routine - in fact, I usually either get some good reading material out, sort my files, etc. while dealing with the basic questions.
But putting the service provider hat on, I'm not sure there is a good alternative (but I'm looking for one!!!). For instance, Old Man Kensey writes:
institute an "experienced customer" line
but acknowledges the issue with performance measurement. I'll stick to an even more basic concern: cost.
I hate to say it, but most of the 80% category (clueless users) are pretty easy to help. Like my mother-in-law. They'll write down step-by-step instructions and never deviate. They correctly assume that it probably was something they did that made things wrong, and have a much better attitude to deal with.
The 2% elite geeks never even call unless *we* have something wrong, so they're a breeze too (and have managed to evolve in a hostile world and are pretty savvy at handling their service provider).
It's the 18% "sorta knowledgable" users that cost us bucks on support. You know the type, false high self-esteem, marginal competency. Can use Frontpage so they're a self-declared web guru. Knows how to ping, and thinks he's the inventor of IP. Constantly tinkers with his PC and screws it up, but is certain it was the service provider's doing (even though everything worked until that service pack was applied). They start the support call by yelling at people, send nasty emails demanding to receive a personal apology from the CEO and credit for a year's worth of service, etc.
They'll monopolize the phone. Ask you a thousand questions unrelated to their most recent screwup. They'll suck you dry on support. When you finally figure out how they screwed it up (the one thing they are naturally good at), they assume the problem was secondary and the service provider is just covering up the problem. Then they'll break it again the next day.
It would not cost them a $50 support call to answer direct technical questions from experienced users if they would route questions properly based on their content
But how do I weed out the posers - They're 90% of the self-proclaimed experts, and would be nearly all of my calls.
(Incidentally, we keep a record of the 2% on our network and watch for their communications. They also get bandwidth boosts, doubling their rate shaping limits, as a little thank you for being competent. They thank us back by letting us know when they see something we should know about)
Perhaps the only solution is to charge for support like the phone company did - e.g. "if it's not our network, it's your bill."
*scoove*