[CrackMonkey] [gkm@petting-zoo.net: 100,000 smart cards were destroyed.]

[Nick Moffitt]

----- Forwarded message from glen mccready <gkm at petting-zoo.net> -----
Forwarded-by: Nev Dull <nev at sleepycat.com>
Forwarded-by: Dave Del Torto <ddt at lsd.com>

http://slashdot.org/articles/01/01/25/1343218.shtml

Posted by michael on Thursday January 25, @09:04AM

from the not-as-think-as-you-dumb-we-were dept.

Belch writes "4 or more years ago DirecTV launched its service. DirecTV was
one of the very first large distributors of smart card technology in their
product. So much so, that Hughes corp. (the primary owner of DirecTV)
decided to create their own smart cards. Each receiver has a smart card
located inside that is keyed to the subscriber, and actively participates
in the decryption of the digital satellite video stream. However,
considering Hughes decided on this technology when it was virtually in its
infancy, they made several mistakes. The hacker community caught onto these
mistakes, and there has been a war between DirecTV and the hacking
community ever since. For the past two or more years, it was apparent the
hacking community would win this war, completely opening the DirecTV
signal. However, over the last 6 months, DirecTV has fought back with a
vengeance, displaying the most extensive technical campaign against the
hacking of their product..." Click through for the rest of the story.

"Allow me to give you some background.

"One of the original smart cards, entitled 'H' cards for Hughes, had design
flaws which were discovered by the hacking community. These flaws enabled
the extremely bright hacking community to reverse engineer their design,
and to create smart card writers. The writers enabled the hackers to read
and write to the smart card, and allowed them to change their subscription
model to receive all the channels. Since the technology of satellite
television is broadcast only, meaning you cannot send information TO the
satellite, the system requires a phone line to communicate with DirecTV.
The hackers could re-write their smart cards and receive all the channels,
and unplug their phone lines leaving no way for DirecTV to track the abuse.
DirecTV had built a mechanism into their system that allowed the updating
of these smart cards through the satellite stream. Every receiver was
designed to 'apply' these updates when it received them to the cards.
DirecTV applied updates that looked for hacked cards, and then attempted to
destroy the cards by writing updates that disabled them. The hacking
community replied with yet another piece of hardware, an 'unlooper,' that
repaired the damage. The hacker community then designed software that
trojanized the card, and removed the capability of the receivers to update
the card. DirecTV could only send updates to the cards, and then require
the updates be present in order to receive video. Each month or so, DirecTV
would send an update. 10 or 15 minutes later, the hacking community would
update the software to work around the latest fixes. This was the status
quo for almost two years. 'H' cards regularly sold on eBay for over
$400.00. It was apparent that DirecTV had lost this battle, relegating
DirecTV to hunting down Web sites that discussed their product and using
their legal team to sue and intimidate them into submission.

"Four months ago, however, DirecTV began sending several updates at a time,
breaking their pattern. While the hacking community was able to bypass
these batches, they did not understand the reasoning behind them. Never
before had DirecTV sent 4 and 5 updates at a time, yet alone send these
batches every week. Many postulated they were simply trying to annoy the
community into submission. The updates contained useless pieces of computer
code that were then required to be present on the card in order to receive
the transmission. The hacking community accommodated this in their
software, applying these updates in their hacking software. Not until the
final batch of updates were sent through the stream did the hacking
community understand DirecTV. Like a final piece of a puzzle allowing the
entire picture, the final updates made all the useless bits of computer
code join into a dynamic program, existing on the card itself. This dynamic
program changed the entire way the older technology worked. In a masterful,
planned, and orchestrated manner, DirecTV had updated the old and ailing
technology. The hacking community responded, but cautiously, understanding
that this new ability for DirecTV to apply more advanced logic in the
receiver was a dangerous new weapon. It was still possible to bypass the
protections and receive the programming, but DirecTV had not pulled the
trigger of this new weapon.

"Last Sunday night, at 8:30 pm est, DirecTV fired their new gun. One week
before the Super Bowl, DirecTV launched a series of attacks against the
hackers of their product. DirecTV sent programmatic code in the stream,
using their new dynamic code ally, that hunted down hacked smart cards and
destroyed them. The IRC DirecTV channels overflowed with thousands of
people who had lost the ability to watch their stolen TV. The hacking
community by and large lost not only their ability to watch TV, but the
cards themselves were likely permanently destroyed. Some estimate that in
one evening, 100,000 smart cards were destroyed, removing 98% of the
hacking communities' ability to steal their signal. To add a little pizzazz
to the operation, DirecTV personally "signed" the anti-hacker attack. The
first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".

"For more information, visit http://www.hackhu.com."

For archives see: http://www.interesting-people.org/


----- End forwarded message -----

-- 
You are not entitled to your opinions.
 
	01234567 <- The amazing indent-o-meter!
        ^	    Matt McIrvin: the Nikola Tesla of tab damage.