Man Criminally Charged for Selling ‘Hacked’ Cable Modems That Can Steal Broadband

November 10, 2009 by David S. Seltzer

As a criminal defense attorney and a South Florida cyber crime criminal defense lawyer, I understand that there’s a fine line between a tool and its uses. That’s why I was disappointed to see a post on Wired’s Threat Level blog Nov. 2 about a man from Oregon who was criminally charged for selling “uncapped” cable modems and software that helps customers use those modems. Ryan Harris is accused by federal prosecutors of conspiracy and aiding and abetting wire fraud and computer intrusion. As Wired notes, however, he is not accused of directly breaking the law -- just of helping customers and Internet users to do so.

“Uncapping” cable modems means removing the limitations on maximum data speed that come with the modems, as well as other default settings. Brand-new cable modems typically limit upload and download speeds, but technically savvy owners can change the configurations to achieve much faster speeds. By itself, this is perfectly legal -- after all, the modem is the user’s own property. However, Internet service providers don’t like it because a large number of bandwidth hogs can disrupt their networks and undermine the market for faster, “premium” plans. They typically ban users they catch with uncapped modems. In addition, a user with an uncapped modem can use the modem to steal Internet service by spoofing a paying neighbor’s hardware address. Harris, who goes by DerEngel, is part of a band of cable modem hackers at, which sells uncapped modems, uncapping software and his book Hacking the Cable Modem.

According to Wired, Harris has made it clear that he and his colleagues do not condone using their work to steal from ISPs. Nonetheless, that is the accusation federal prosecutors made when they indicted him and TCNiSO Aug. 19 (with help from a grand jury). He is accused of knowingly helping at least one unindicted co-conspirator steal Internet services. By selling their hardware and software and providing support, the indictment said, Harris, TCNiSO and two unnamed employees conspired to help a customer steal Internet service. They are also accused of aiding and abetting the alleged co-conspirator, a teenager from Massachusetts known online as DShocker. DShocker pleaded guilty last year to hacking-related offenses, Wired said, but prosecutors don’t allege that Harris was involved in those offenses -- just that he sold DShocker hardware and software. The indictment also mentions that Harris and his company sold modems and a copy of his book to an undercover FBI agent.

Not surprisingly, Harris told Wired that he intends to plead not guilty. As a Fort Lauderdale cyber crime criminal defense attorney, I wish him luck. Judging by the indictment, all of the accusations against Harris have to do with other people’s actions -- he is accused of conspiracy and aiding and abetting. By contrast, the actions attributed only to Harris by the indictment -- selling some modems and a book -- are all legal. As he noted in the post, hacked cable modems have legitimate uses. And even if those legitimate uses aren’t what attracts users -- and Harris knew it -- it does not automatically follow that hacking and selling cable modems is itself a crime. After all, auto manufacturers aren’t criminally charged every time someone drives drunk in Florida, nor are firearms manufacturers charged when someone commits a weapons crime.

As a former prosecutor, I understand that prosecutors want to stamp out crime -- and theft of services is a crime. But as a Miami cyber crime criminal defense attorney, I believe it’s essential to distinguish between a tool itself and its uses. The law puts responsibility on the person who uses a tool to commit a crime-- not the person who provides that tool. To protect our freedom, we must continue to observe that distinction.