27-10-2011, 02:22 AM
Anyone running a SB5100 modem with custom firmware (SB5100MoD.1.0.4, SIGMAX-BL_v2.6-LITE, etc) booting a business config image from flash, will soon realize that TWC is now using DOCSIS 1.1 (Baseline Privacy Plus Interface 56-bit dec encryption (BPI+)), and that simply telneting and dis/enabling BPI+ in the modem is pointless.
By linking digital certificates to the modem's key and mac address, this effectively stops cloning hfc macs since it does not pass authentication (Reject(pk), Reject(kek) or Reject(tek))
For some great info on this:
http://docsis.beckitrue.com/documents/ci...lchart.pdf
http://www.defcon.org/images/defcon-16/d...6-self.pdf
I'm guessing there will be a surplus of cheap modems out there now, and armed with a jtag adapte, can the hardware be repurposed for something else? Is there a processor/fpga that can execute custom logic?
By linking digital certificates to the modem's key and mac address, this effectively stops cloning hfc macs since it does not pass authentication (Reject(pk), Reject(kek) or Reject(tek))
For some great info on this:
http://docsis.beckitrue.com/documents/ci...lchart.pdf
http://www.defcon.org/images/defcon-16/d...6-self.pdf
I'm guessing there will be a surplus of cheap modems out there now, and armed with a jtag adapte, can the hardware be repurposed for something else? Is there a processor/fpga that can execute custom logic?