Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
DirecTV foils crackers

By _peter in MLP
Thu Jan 25, 2001 at 04:13:00 PM EST
Tags: News (all tags)
News

The original article DirecTV's Secret War On Hackers at slashdot tells the story of a company using technology rather than lawyers to prevail over people who would crack their system and steal their content. The resolution apparently came this past weekend.


The introductory text as posted to slashdot follows:

Belch writes "4 or more years ago DirecTV launched its service. DirecTV was one of the very first large distributors of smart card technology in their product. So much so, that Hughes corp. (the primary owner of DirecTV) decided to create their own smart cards. Each receiver has a smart card located inside that is keyed to the subscriber, and actively participates in the decryption of the digital satellite video stream. However, considering Hughes decided on this technology when it was virtually in its infancy, they made several mistakes. The hacker community caught onto these mistakes, and there has been a war between DirecTV and the hacking community ever since. For the past two or more years, it was apparent the hacking community would win this war, completely opening the DirecTV signal. However, over the last 6 months, DirecTV has fought back with a vengeance, displaying the most extensive technical campaign against the hacking of their product..."

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Slashdot
o DirecTV's Secret War On Hackers
o slashdot
o Belch
o Also by _peter


Display: Sort:
DirecTV foils crackers | 16 comments (11 topical, 5 editorial, 0 hidden)
Yeah, right (2.87 / 8) (#2)
by Signal 11 on Thu Jan 25, 2001 at 01:35:36 PM EST

Oooookay, I'm reminded of a quote by Bruce Schneider:

It might be a bitter pill for the entertainment industry to swallow, but software content protection does not work. It cannot work. You can distribute encrypted content, but in order for it to be read, viewed, or listened to, it must be turned into plaintext. If it must be turned into plaintext, the computer must have a copy of the key and the algorithm to turn it into plaintext. A clever enough hacker with good enough debugging tools will always be able to reverse-engineer the algorithm, get the key, or just capture the plaintext after decryption. And he can write a software program that allows others to do it automatically. This cannot be stopped. - Bruce Schneider, cryptome.org

This applies to hardware too. If I can take it apart, I can figure it out and produce a crack.


--
Society needs therapy. It's having
trouble accepting itself.

You miss the point. (4.16 / 6) (#6)
by trhurler on Thu Jan 25, 2001 at 01:47:27 PM EST

The point is, while you cannot make a content protection system invulnerable in theory, you can make it so tough to crack that hackers working in their basements simply won't have the resources to do it. And, as it turns out, that isn't as hard as the open source copyright is evil kill corporations Linux r00lz d00d crowd wants to think. Sure, some guy with lots of money might crack it and distribute the crack - and then he and all his money will be seized, and he will be put in prison. Not likely that he's that stupid, if he accumulated all that money. Therefore, he'll do it, but he won't distribute it except privately, and it won't matter because most people won't have access to it.

Not that I approve of this whole thing, but in general, combining technology and law can achieve things neither has any power over individually.

--
'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
Did you read the article? (4.50 / 4) (#8)
by Anonymous 242 on Thu Jan 25, 2001 at 01:53:37 PM EST

In this case, DirecTV created a program which destroyed the cards that were hacked.

The sword cuts both ways. The hackers have to continually fool DirecTV's programmers.

This is a Cyberpunk drama in real life. Watch it unfold before you very eyes.



[ Parent ]
Could. Should? (4.66 / 6) (#9)
by leviathan on Thu Jan 25, 2001 at 01:58:22 PM EST

This cannot be stopped. - Bruce Schneider, cryptome.org

You've hit the nail right on the head. That's exactly what this article is about - the fact that it looks like DirecTV might be stopping the crackers. I'd be as surprised as you are if it's not perfectly possible to work around their new system - but it's going to take a long time and may never happen if they've nuked a big enough proportion of the cards owned by those inclined to 'beat the system'.

Or are you implying that because it could be done, it should? Do you live in a world where people's rights suddenly cease to exist as soon as they form a company? Taking it apart and working it out is one thing. Publishing a crack using this to bypass required payment is quite another, and this latest attack from DirecTV looks both masterful and morally on the higher ground.

--
I wish everyone was peaceful. Then I could take over the planet with a butter knife.
- Dogbert
[ Parent ]

It's War! (4.50 / 2) (#14)
by inpHilltr8r on Thu Jan 25, 2001 at 06:37:37 PM EST

> I can take it apart, I can figure it out and produce a crack.

...and then they change the software again, so it detects your crack, and kills the box. So you go nuclear, and emulate the whole thing, and they release a new card, with some new hardware embedded, that you can't emulate. Yet. Eventually you crack it, and for a while you're ahead of the game again. For a while...

This isn't a stand alone package that you can attack in isolation. This isn't a DVD with the keys hard wired into a million players that no-one can afford to recall. This thing phones home, and is reprogrammable by it's very nature. It's pointless without those features.

You can crack away, but there's a full time staff of fully tooled up professionials dedicated to fighting back the horde.

Fun though, isn't it? I mean, at least in this war, no-one gets hurt, (unless you work for the mafia ;)

[ Parent ]
infowar at its best (3.83 / 6) (#7)
by Anonymous 242 on Thu Jan 25, 2001 at 01:49:02 PM EST

The write up doesn't even begin to do justice to this article. This article is a must read. As far as I can tell, this is the first major infowar. I know of know other case of a coporation using IT to destroy hardware designed to hack the system.

To add a little pizzazz to the operation, DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".

The first major battle goes to the corporation. Will the hackers dare to be as destructive when (not if) they retaliate?



I knew a guy... (3.66 / 3) (#10)
by delmoi on Thu Jan 25, 2001 at 02:22:09 PM EST

Who had a hacked dish. It was really amazing, asside from all the pay-per-view for free, he was also able to get local channels from all over the contry, something really cool if ever there was one.

And I always found it facinating, the war between the hackers and DTV, the ECMs they would send, etc. I'm pretty sure they were able to build 'unloopers' or machines that would remake the cards. Another cool thing was using a PC to emulate the smart card. This didn't work after DTV started using more advanced cards with ASICs, but I wouldn't be surprized if a modern PC with a 1ghz athlon/p4 could do it though. Of course, that would cost thousands of dollars, but...
--
"'argumentation' is not a word, idiot." -- thelizman
Mixed feelings (4.00 / 2) (#12)
by jabber on Thu Jan 25, 2001 at 02:58:09 PM EST

I have very mixed feelings about this development. Personally, I don't steal cable or service of any sort. My parents have a subscription to The Dish Network, so I've seen what satellite TV has to offer, and I'm not impressed - cable is adequate for me. Now...

On the one hand, I share in the hacker ethic. I think that information ought to be free (blah, blah, blah) and tend to view governments and corporations that seek to control content, media or IP, with a significant distrust. Thus, I find myself cheering for the hacker, and even the cracker in many cases.

On the other hand, this is such an elegant and skillful hack against the h|crackers, that I can't keep myself from wanting to congratulate the techs at DirecTV for sticking it to those who were exploiting their livelyhood.

And on the gripping hand, this isn't that far removed from the issues of music piracy and the RIAA. And my feelings on that are even more mixed. Further, I hope that Microsoft doesn't get too good a whiff of this approach and apply it to the copy protection scheme on Whistler.

I guess I'm just a ball of unresolved references today.

[TINK5C] |"Is K5 my kapusta intellectual teddy bear?"| "Yes"

Very cool move by DirecTV (3.66 / 3) (#13)
by Mantrid on Thu Jan 25, 2001 at 03:28:34 PM EST

I read this over at Slashdot earlier today (why do you guys hate /. so much anyways?). I was totally amazed by the way DirecTV did this, sending seemingly random information down, which gradually constructed a whole new program, then bang! the pirate cards are physically damaged and rendered unusable. It's all so...crappy-tech-movie-like, but here it is, working IRL.

What's really entertaining is the pirates trying to complain somehow about DirecTV's actions. I don't see how theft is justifiable. I guess if you built your own decoder from the ground up you could somewhat justify it -"but i just found these signals floating through the air", just don't complain when DirecTV beats you! It's not like they sent down an EMP or anything; It may be your right to decode the data, but it's their right to change how they use it!

Score one for DirecTV!

Slashdot (none / 0) (#16)
by kostya on Fri Jan 26, 2001 at 10:01:23 AM EST

I don't think everyone "hates" slashdot, but there is a general feeling that whatever slashdot "used to be", it isn't anymore. And a lot of people miss that.

Reasons as to why things changed are usually "all those losers joined in". Which is true and false. As slashdot got larger, the signal to noise ratio got pretty unbearable. If you look at the average K5 story, even the "1" posts are probably equivalent to the average slashdot "2" comments. And they are rarely more than 10% of the posts at 1 on a K5, most being a 2.5 or greater. But look at an average slashdot story. If you cruise at "2", you get something like 30% of the comments, meaning that over 70% of the stuff is deemed "chatter" at best.

It's not that slashdot sucks. It's methodology is different. Sure, karma is abused. But if K5 had as many active users/readers as Slashdot, it would be probably just as ugly.



----
Veritas otium parit. --Terence
[ Parent ]
DirectTV did *NOT* foil the hackers. (4.00 / 2) (#15)
by WolfWings on Fri Jan 26, 2001 at 12:42:15 AM EST

It foiled those that weren't going the full route and properly cracking the protection on their hardware. It foiled those that only spent $200 or so for a "quick fix" that let them run the cards for free. It has left most folks that spent the full $500 or so to get a fully emulated access card unaffected.

The entire "trick" was that the internally-uploaded code wrote to a write-once area on the cards. The cards have been found to be still active, but the write-once area is now used as a "vital" section of the card on all current and future cards apparently, so since it's already been "burned" it cannot be used anymore. It's all very esoteric, and my hats off to the white hats at DirectTV for this trick, but sadly it's already being worked around for those that did get hit by it. The solution apparently will be a simple module you plug your card into, then plug into the DirectTV box. Read: They'll prolly just stop the hackers from watching the super bowl, but not much more.

And how did some folks remain unaffected by this? Simple. They payed the $500 or so to get an access card that looks much like the credit card used in Terminator 2, hooked up to a computer, which is in turn hooked up to an access-card reader/programmer loaded with a specially-hacked access card. (The difference between this and the cheap route? a 486/50 emulating the card and the computer-linked access card. Some folks spent cash to build this into a single case-enclosed module even, so they just have a Borg-like wart on the front of their DirectTV box, or just on top and jacked in, etc.)

So has DirectTV won? No. The code was known about in the cards for a while now, just nobody knew for sure when they were going to trigger it or how they were going to use it, as the initial parameters passed to it would be code it would run, as the "weapon" code was actually dynamic morphic code. It was a VERY elegant counter-hack by the DirectTV reps, but the damage is quickly being repaired by the hackers, and will end up just fueling the sales of "pirate" DirectTV hardware in about a month.

My personal feelings about this? Satellite TV just isn't going to be possible to fully protect, any more than radio is. Not when you have hundreds of thousands of subscribers. And should it do? Considering that the hardware often costs hundreds of dollars, with further hundreds being spent to "foil" the protection? That's a question left for debate, and one I honestly don't know the answer too.


"How good an actor do you have to be to play God?" - Bob Dylan
DirecTV foils crackers | 16 comments (11 topical, 5 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!