# How Bandwidth Caps Force Us All to Become Network Cops

This isn’t a post about an industry issue so much as it is a post about my personal experience with ISP bandwidth caps — which are commonplace in Canada, where I live — and how easily they can turn you into a network administrator and traffic cop, whether you like it or not. It all started simply enough a couple of weeks ago: I got a notice from my broadband provider, Rogers Communications, that I had hit my bandwidth cap for the month, which is 95 GB. Like some other providers, Rogers pops up a notice at the top of a browser window letting you know that you are either getting close to passing or have passed your limit.

No big deal, I thought — I’ve hit the limit before, although not often. I download movies and music from time to time, and I have three teenage daughters who also download music, TV shows and so on. I figured someone had just gone a little overboard, and since it was close to the end of the month, I thought it wasn’t anything to be worried about. The next day, however, I went online and checked my usage (Rogers has an online tool that shows daily usage), and it said that I had used 121 GB more than my allotted amount for the month. In other words, I had used more than 100 GB in less than two days.

I just about spit my coffee all over the computer screen. How could I possibly have used that much? According to Rogers, I owed $181 in overage charges. Luckily there is a maximum extra levy of$50 a month (just think what it would cost if I was subject to usage-based billing). When I called a technician, he said my wireless network was open — that is, unlocked. I recalled having switched routers after one went bad, and thinking (stupidly, I admit) that leaving the Wi-Fi unlocked wasn’t such a big deal. I live in a residential community and everyone has wireless networks; I figured the odds of someone piggybacking on my network were slim.

So that was it, I figured: someone had downloaded a ton of movies or whatever using our wireless. So I immediately set up WPA-2 encryption, the highest level my router allows, and set a strong 64-character password.

Fixed, right? That was a week or so ago. The other day, I got another popup from my provider, saying I was over my limit for the month again. This was just six days into the new month, and I’d already somehow used up 95 GB of data. What could possibly have happened, I wondered. Had someone cracked my wireless password already? Had one of my machines been hacked and turned into a zombie on some spammer’s bot-net? I reset my router’s password and checked the firewall for suspicious activity but couldn’t see any.

Just to be on the safe side, I logged out of Windows on two machines (I have seven in the house, including laptops, desktops but not including iPads and smartphones) and booted into Ubuntu, which is less prone to attacks.