[bri3d]

DOCSIS is the standard for IP networking over cable TV infrastructure. An open source modem can't be built because there's a huge certification / documentation fee from CableLabs and part of the requirements involve the cable carrier being able to control/update the modem at their whim.

Putting your router behind the DOCSIS modem lets you firewall the modem the same way you'd firewall the Internet at large - that is, an attacker who compromises the modem wins the ability to specifically monitor your traffic, but does not immediately gain free access to your local network.

[Igglyboo]

Would it be possible to just fake the cert or generate your own, in the same way that some people self sign SSL certificates instead of paying Verisign?

[blinkingled]

Parent wasn't talking about SSL certificates - you need to certify both hardware and software and pay a fee and the ISPs generally don't let you run your own firmware on the cable modem - heck they don't let the OEM update it either.