Slashdot Mirror
DirecTV's Secret War On Hackers
"Allow me to give you some background.
"One of the original smart cards, entitled 'H' cards for Hughes, had design flaws which were discovered by the hacking community. These flaws enabled the extremely bright hacking community to reverse engineer their design, and to create smart card writers. The writers enabled the hackers to read and write to the smart card, and allowed them to change their subscription model to receive all the channels. Since the technology of satellite television is broadcast only, meaning you cannot send information TO the satellite, the system requires a phone line to communicate with DirecTV. The hackers could re-write their smart cards and receive all the channels, and unplug their phone lines leaving no way for DirecTV to track the abuse. DirecTV had built a mechanism into their system that allowed the updating of these smart cards through the satellite stream. Every receiver was designed to 'apply' these updates when it received them to the cards. DirecTV applied updates that looked for hacked cards, and then attempted to destroy the cards by writing updates that disabled them. The hacking community replied with yet another piece of hardware, an 'unlooper,' that repaired the damage. The hacker community then designed software that trojanized the card, and removed the capability of the receivers to update the card. DirecTV could only send updates to the cards, and then require the updates be present in order to receive video. Each month or so, DirecTV would send an update. 10 or 15 minutes later, the hacking community would update the software to work around the latest fixes. This was the status quo for almost two years. 'H' cards regularly sold on eBay for over $400.00. It was apparent that DirecTV had lost this battle, relegating DirecTV to hunting down Web sites that discussed their product and using their legal team to sue and intimidate them into submission.
"Four months ago, however, DirecTV began sending several updates at a time, breaking their pattern. While the hacking community was able to bypass these batches, they did not understand the reasoning behind them. Never before had DirecTV sent 4 and 5 updates at a time, yet alone send these batches every week. Many postulated they were simply trying to annoy the community into submission. The updates contained useless pieces of computer code that were then required to be present on the card in order to receive the transmission. The hacking community accommodated this in their software, applying these updates in their hacking software. Not until the final batch of updates were sent through the stream did the hacking community understand DirecTV. Like a final piece of a puzzle allowing the entire picture, the final updates made all the useless bits of computer code join into a dynamic program, existing on the card itself. This dynamic program changed the entire way the older technology worked. In a masterful, planned, and orchestrated manner, DirecTV had updated the old and ailing technology. The hacking community responded, but cautiously, understanding that this new ability for DirecTV to apply more advanced logic in the receiver was a dangerous new weapon. It was still possible to bypass the protections and receive the programming, but DirecTV had not pulled the trigger of this new weapon.
"Last Sunday night, at 8:30 pm est, DirecTV fired their new gun. One week before the Super Bowl, DirecTV launched a series of attacks against the hackers of their product. DirecTV sent programmatic code in the stream, using their new dynamic code ally, that hunted down hacked smart cards and destroyed them. The IRC DirecTV channels overflowed with thousands of people who had lost the ability to watch their stolen TV. The hacking community by and large lost not only their ability to watch TV, but the cards themselves were likely permanently destroyed. Some estimate that in one evening, 100,000 smart cards were destroyed, removing 98% of the hacking communities' ability to steal their signal. To add a little pizzazz to the operation, DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".
"For more information, visit http://www.hackhu.com."
They killed my H card!
The bastards!
(Guess I'll have to use cable to watch Comedy Central now...!)
The real "hack" is emulation where the smart card is emulated with a PC, and the actual card is protected from writes and other malicious mischief.
There is a deliberate disinformation campaign being waged along with the electronic counter-measures.
not much grounds/damages to sue over.
Ummm... bullshit! I know more than one legitimate DirecTV subscriber who was knocked off by these ECMs.
Taking out the hackers in only one of Hughes goals with these ECMS. The other was to destroy ALL H-cards, thus forcing their paying customers into upgrading to the HU cards.
But I'm sure they're _real_ sorry for whatever inconvenience they've caused people.
To understand what is possible, you need to understand how the unloopers work. Normally a smart card is reset and activates an ATR signal. The ATR provides information such as baud rate, voltages required, etc. It then jumps to the main-line program code. In a looped card, after the ATR, the card goes into an infinite loop. (In Basic, "10 goto 10") What an unlooper does is provide a power glitch at a precise time after ATR. This can have the effect of corrupting the program-counter, and making the mainline program execute. Once the mainline program is executing, the flash can be re-written, and the infinite loop removed.
The code that Direct TV used here over-wrote an EPROM area that is checked before the ATR signal. However, since the hackers already know what data-specs the card requires, they don't actually need an ATR. A glitch a few uS after power is applied could corrupt the program counter and allow the mainline program to execute. The problem is that a receiver will automatically reset and ATR the card when it is put in.
The possible answer is a wrapper card that glitches the H-Card and allows the main-line program to execute, while it intercepts the reset request and provides it's own emulated ATR to the receiver. The same wrapper card could be used in an emulator. The trick is that the check happens at $003Fh, VERY early in the process. The card could be glitched this early, but not easily.
Remember, this is a game to most people involved. It's not really about free TV (although that is a nice addition) but about doing something "dangerous" and illegal. Think of the pirates as script kiddies with money.....
What I think we have here is a perfect example of technical skill and ingenuity on both sides of the battle. One side beat the other.. Then the other side fought back using a method that was pure genius to say the least.
But what it comes down to is loving the hack but hating the kiddie. Lets face it, there's nothing wrong with anyone going out and pushing the limits that are laid out in front of us. That's how this whole thing got started. That's how this whole thing ended up finished. But lets remember, the bad guys aren't the people developing these hacks, but rather the ones using them.
On one side are the pirates who use a hack to get free TV.. On the other side is a corporation who uses a hack to destroy a few thousand smart cards. In both cases, the hacks aren't the problem. Hell, technology is very rarely the problem, it's the usage that is.
You'd be surprised at some of the emulators around. They emulate pretty much everything, down to the most obscure bugs around. Look at any of the Commodore 64 emulators. The demo coders used to use every trick in the book to get the last bit of performance out of the machine, and it's all be emulated..
BTW, my card was one that got hit but I'm not trying to defend my actions as right. I was stealing. Congrats to DTV for beating me at my own game.
Actually, the cards state very specifically that they are the property of News Data Corp and must be returned on request, or something to that effect. You buy the receiver, but the card itself is on loan.
Yes, it is wrong to simply "listen in" to an encrypted broadcast (which DirecTV is). Is it wrong for me to come into your house and listen to what you say in private? The lock on your door is, after all, just another piece of technology. Wouldn't it bother you (or any number of people) if I figured out how to come into your house. I may say that I will never do it, but I might tell everyone else how to. And if you move, or get new lock, or new security system, wouldn't it bother you if I decided to figure out how to tap your phones and bug your house? So what if I'd like to figure out how to unlock it. And hey, houses are all over the place. Is that right? No. Is that moral? No. Simply because something can be done does not mean that it should be. I'm sorry if this comes off sounding like a troll. That isn't my intention. I simply feel that people do not think when they look at technology. Some idiots believe that they should be allowed to do things simply because they can and the measures taken against them are not strict enough. If that logic were to hold in other aspects of our society, a killer should be allowed to walk free if they were successful simply because the other person did not have enough "personal protection". Mike Broadwater rasputin@bcl.net
What amazes me is the authors complete lack of knowledge on this subject and the even more pathetic responses from people congratulating Directv. 1. We have hacked more than the H card, actually one previous to this called the F card and their latest the HU card. We also employ these techniques to also hack Dish and a few other types of satelite systems out there. 2. Unfortunatley we did know this was gonna happen, but we roll with the punches so to speak and YES we will be remedying this situation in the coming weeks. 3. This was not some great effort of Directv engineers beating countless thousands of people who enjoy the hobby of TESTING as we refer to it, but Directv's forcing of one of our top minds to cross over otherwise face extreme financial loss and prison time. 4. To insist that we are rednecks barely capable of this. I would invite you to possibly fathom the massive untertaking involved in reverse engineering a chip on one of these cards. The comittment of hundreds of thousands of dollars in materials, the countless man hours in a sophisticated lab under extreme pressure by law enforcement to remain secret, and a rally of thousands of individuals working together to keep it all going. I for one have never replied on anything I seen here. But I felt I needed to check these people who apparantly have no clue but just like to see their opinions pasted on a web page. Because their waiting for the porn page on their other open browser to finish downloading. Well have a great day, I must get back to my Freetv now, and always remember...Tis better to be thought a fool....than to speak and remove all doubt.
I have to disagree here.
While I do maintain that using their signal for its intended purpose without paying for it is morally reprehensible, it is clearly not stealing. For example:
Suppose that DirectTV makes $100 million dollars a year from subscriptions. Suppose that I then start using their signal to watch TV. Guess what? They still make $100 million dollars a year. I have not decreased their revenue by a single penny. Furthermore, I have not increased their broadcast, marketing, or any other expenses.
Since their situation is unchanged, then I have not stolen from them.
But my situation is changed. I now have a service that I did not have before. Where did I get it? The answer is that I literally pulled it out of the air!
Actually, their situation is slightly changed. By using their service without paying for it I have removed myself from the pool of potential paying customers, and thus their potential income is lowered.
I maintain that this changed in potential is not of sufficient ethical concern to merit that label of "theft". After all, I could lower their potential income by moving to another country, or using a different service, or simply not watching television. Should I be punished for those acts as well?
No. Changes in potential income should not be considered criiminal.
At the beginning I stated that I believed that using their broadcast was wrong, and the reason I said that is simply that by doing so I am using a service without offering any compensation to those that created it. Free Software users do this all the time, but then we are explicitly given permission to do so. DirecTV expects to be paid, so if you don't want to pay them, then you just ought not to use their service.
Nonetheless, if I did use their service, I would not be stealing any more than if I used a different service.
At least, that's my opinion.
Eris
If you want to read that deeply into the article and actually believe that the cards that were hit will never work again that's you're error...a "hardware fix" which emulates the damaged part of the cards is already being designed and the dead cards WILL be "re-born" for future use...Don't take my word for it now...Just wait and see when it happens....Combine the use of a modified receiver, the "hardware fixed" h card, and an emulator setup and the games goes on....
see this
Unfortunately the smart cards weren't quite "Hal", otherwise we would have heard
I'm sorry Dave, I can't do that
last Sunday night.
You make a number of good points, but they don't apply here. Sure, you have a right to receive and decrypt any of the electro magnetic radiation coming your way. But they also have the right to change the encryption system. They did that and in a very cool way. They didn't run off to Washington and beg for nasty, fascist laws like the DMCA.
Lastly, DirecTV also hit many, many paying subscribers running legit cards with their attack on Sunday. You can be certain that this attack cost them quite a few dollars in terms of cards needing to be replaced as well as the loss of subscribers that they have managed to piss off once again. This is not necessarily true. I sell RCA DSS systems, and about 6-8 months ago, DirectTV started saying that all users had to upgrade to new access cards (i.e. smart cards), that they were going to send out replacements for the old ones (namely the very very old ones, etc). I have not had one complaint yet from anyone that did this upgrade, however, I have had many complaints from users that had old access cards, or 'hacked' cards. This was planned by DirectTV, they just used this ECM as a forced-upgrade option to those legit users who had not already upgraded.
There is so much disinformation in article I just read I can't believe it. Where did you guys get your info? Allow me to put on my shit kickers and point out several flaws with your article.
1. "So much so, that Hughes corp. (the primary owner of DirecTV) decided to create their own smart cards" (They do not create anything NDS is the creator of the card, they were contracted to produce and maintain the security and encryption systems. But you would have know that had you bothered to look on the back of the damn card.)
2. "One of the original smart cards, entitled 'H' cards for Hughes" (The F card was around long before the H card came out. There was a limited number of G cards then came the H it was named H because it was the next progression in the naming cycle. Not some great naming conspiracy.)
3. "The hacker community then designed software that trojanized the card, and removed the capability of the receivers to update the card" ("Trojanized" you make it sound as if condom man invented it, the correct term for what you describe (write protecting the card) is "stealthed")
4. "Each month or so, DirecTV would send an update. 10 or 15 minutes later, the hacking community would update the software to work around the latest fixes. (Some 3ms were up for years without being touched)
5. "DirecTV sent 4 and 5 updates at a time"
(Actually there were up to 9 at 1 time)
6. "Many postulated they were simply trying to annoy the community into submission" (Dynamic code updates were recognized long before they were fully active (C2 and D9 nano). Everyone knew it was coming.)
7. "Some estimate that in one evening, 100,000 smart cards were destroyed" (It was a hell oh alot more then that if you include all the VALID subscribing customers that were effected by there botched attempt. You fail to mention that there were almost as many vaild subs taken down as well.)
8. "removing 98% of the hacking communities' ability to steal their signal" (I'm still up and running, emulation is uneffected (Thanks PGM))
8. "To add a little pizzazz to the operation, DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER" (WRONG, don't know who was feeding you that line crap (oh, yeah the same moron that told you the "H" was for Hughes) the actual code is below)
So get your facts straight, I would've expected better from you guys.
Magician is one of the best in H card modifications. This is what he had to say about what was written to the write-once area starting at address 8000. "Reset the stack to 16h and RET, to resume execution at 0400h to load "00 04 00 09" into EEPROM write register which RETs to 01AFh to enable EEPROM write mode which RETs to 0399h to write 00 04 00 09 to 8000-8003h." Since 00 04 00 09 is not even close to 47 41 4D 45 4F 56 45 52 (the hex version for "GAMEOVER"), and since it was 4 bytes, not 8 bytes, and since the article didn't even discuss emulators, I'm beginning to think it's purposely slanted. For those who give credit to DTV ECM people, they had help from Eddie of Northsat as part of the deal for being busted (in Canada). He has made good progress hacking the HU card.
but stealing tv is wrong
I am so sick of this attitude! It is not "stealing TV". When you steal something, the person that you stole it from no longer possesses it. An example of stealing TV would be smashing a shop window, grabbing a television set under your arm, and running. This is by no means the same thing.
DirecTV are broadcasting their signal over satellite. Whether you pay for their service or not, it gets beamed into your property. If you have a dish, you will pick up the signal. If you happen to have the means of decoding this signal, you can watch their TV shows. How is this stealing? This is no more stealing that watching the Superbowl at a friend's place because he has DirecTV and you don't. Are you "stealing TV is wrong" advocates suggesting that DirecTV should send agents round to their subscribers houses to issue them with an extra pay-per-view bill for any of their friends who happen to be parked on the couch with a bag of doritos watching the game?
No, this is an outrageous abuse. If DirecTV don't have a business model which can earn them a profit as they beam their signal into EVERYONE'S airspace, then they shouldn't be in business, end of story. Or, as they would say, "game over".
Please consider this for a moment: Hughes is bombarding us with their electromagnetic emissions... why shouldn't we be allowed to receive and decrypt them?
I really don't see how this is much different than DeCSS, which seems to enjoy the support of the Slashdot community.
So... stealing motion picture studios' work is OK, but it's wrong to intercept and decrypt electromagnetic signals broadcast through the air? Signals that are being absorbed by our bodies, with still unknown effects.
I'll buy the idea that people shouldn't 'steal' DirecTV's signal when DirecTV allows me a way to opt out of being hit with their sattelite beams. (Please don't suggest that I wear a tinfoil hat. ;)
LASTLY, I haven't seen any mention of how these counter measures have affected paying customers. I know several legit DirecTV subscribers who had their cards stop working after Black Sunday. How does anyone feel about that?
Is it OK for DirecTV to inconvenience paying customers in the course of their battle with the hackers? How many 'civilian casualties' will be tolerated? And is DirecTV going to be giving these people refunds? Probably... if they spend an hour or two on the phone. The customer's time isn't important anyways, right? As long as they're paying their bill...
Most of the comments see to be along the lines of "kudos to Hughes/DTV for beating the hackers at their own game and not resorting to lawyers"
. ht ml
Well, That may not be how it actually went down.
In October the guy who ran Northsat in Canada got raided. There was a consent decreee, and as part of his plea bargain he agreed to act as a consultant to DirecTV.
Although DTV had already been busy implementing the dynamic code, many old timers claim that they see dean's hand in the 4 (that's right 4, not one) ECM's that came down starting last sunday.
So it would seem that the legal system allowed DTV to force a hacker to destroy part of his own creation. Not a clear cut case of DTV defeating pirates with their own engineers. Guess he shouldn't have have a bunch drugs and cash in his house when they raided him hehe.
http://www.legal-rights.org/northsat.html
http://www.legal-rights.org/newspapers/northsat
In fact since most of us DONT get DirectTV and are STILL constantly bathed in its RF emissions Hughes is in the wrong, if anyone is. Mind you, I don't have a problem with them sending the bits to their own subscribers. The fact they they chose a CHEAPER method of distribution to increase their own profits opens them up to this.
Anything being broadcast non-interactively(not two-way like say, a cordless phone), whether tv, radio, or otherwise, is like air as far as I'm concerned. i.e. Not any company's but the peoples.
If the company doesn't like that, make their own customers use over priced less effective measures, like cable, spread spectrum, or other methods.
If the cost of that makes it unprofitable, so be it. The Constitution (Sorry, US centric) gives the right to the PURSUIT of happiness, not the right to it. THere is a difference. Similarly, Hughes can try to make money by giving a service worth paying for. They're not entitled to just because they spent a lot of money.
Think about it. If I fire radiation at your home 24/7 without you asking for it (paying subscribing whatever, and that IS what radio/broadcast energy is) you should have the ability to do whatever you want with it.
They are NOT STEALING. Stealing implies taking something away from someone else. As in they no longer have an object they previously did. These peeople went out and bought their own satellites, smartcards and gizmos. They can fdo anything they want with them.
Xerox did not have to pay all the scribes who were put out of work by copiers, nor did the guy who came up with carbon paper. Just because you used to be able to make money doing something once does not mean you are entitled to keep making money off it forever.
It's a great game they're playing, and I respect the way they're playing it. All the slashdroids whine that companies should use technical means to secure information instead of legal means. DirecTV did just that, and they caught most of the people.
As for my perspective, I have a DirecTV platinum subscription, or whatever they hell they call it, yet I hack my service. Why? Because it's fun.
They got one of my cards, and didn't get four others. This wasn't the final 'game over' for everybody, just for the script kiddies of the card hacking world.
As for the legality of it all... who cares? This shit is fun!
--
"Don't trolls get tired?"
Nerd
Jock
I'm not from the US, so I don't know how the set top boxes are sold in the States, so ignore me if I have things wrong...
Where do these people get the STBs to watch DirecTV from? Generally cable/satellite/etc operators will sell their STBs as a loss leader, aiming to get their money back from subscribtion charges over a lengthy period of time.
Assuming this is how DirecTV is sold in the states, that sounds pretty close to theft to me...
...j
Riiiiiiight....
Your attitude disgusts me. Stealing is not a matter of what is done to the original owner, it is a matter of the act itself. DirctTV is a product that the company that owns it has chosen to charge money for. If you want DTV, pay for it. If you don't want to pay, do without it.
Whatever ethical tricks you try to use, you have stolen from DTV the money your subscription would have given them, and that's wrong.
Stealing and Invading Privacy are two different things.
You should also note that until just a few years ago, it was indeed perfectly legal to listen to any radio transmission you could receive, as long as you didn't divulge the contents. That meant that, yes, you COULD listen to cellphone calls. You just couldn't tell anybody else about the contents. Then, one of the first content-protection laws, ECMA, was passed making it illegal to listen to cell phones. This was a law passed purely for the convenience of the cell-phone companies, so they could say "Yes, we're secure - it's against the law to listen in." It was and is still technically feasible, however. Even old televisions that went above channel 70 could hear cellphone calls. (Note: this law is rapidly becoming moot, since most cell companies are switching to digital as fast as then can go. You could still scan the digital cellphone bands, but it's much harder to listen in. )
I have phone lines that cross my propery, does that mean I can hook into them and get free long distance?
No, because now you're not passively intercepting the radio waves. You're taking active steps to steal service.
You're letting your indignation take over your higher thought processes, plus you have forgotten recent history. Calm down.
As far as I know, according to the law you can still listen to cordless phones, which is nearly as entertaining. And, for a really good time, try scanning baby monitors.
...phil
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
\/\/3 0\/\/n j00! D1r3ctTV ru1ez!!
Sooo...
You wouldn't care if I set up a listening post to hear any wireless stuff going on in your house, right? You probably don't care about Echelon and various Internet-based listening posts monitoring your e-mail and where you surf, right?
After all, you are sending your data out over shared space, and if I feel like manipulating it *however I want*, that should be my right.
Yes, no more mobile phones.
That doesn't mean they did anything wrong.
Well, I guess there's at least one company with hackers of their own. Incredibly beautiful hack, especially the hackeresque text "Game Over" in the end. All in all, a hack worthy to become classic.
It's how you play the game. Hughes deserves props for doing this the right way - by outsmarting the pirates. Unlike some other industries who combat piracy by buying laws that take away everyone's freedoms just to protect themselves, or force everyone to sell crippled hardware so that their precious media can't be used in a way they don't approve of, these guys stayed with an existing technology and made it work in the face of rampant piracy. My hat's off.
Forcing me to uninstall and reinstall the game IS harm. It's a big waste of my time.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
It is not "stealing TV". When you steal something, the person that you stole it from no longer possesses it.
Consider the infrastructure. Those satellites are expensive. If you are grabbing the service for free, who's paying for the infrastructure and operating costs? Hughes is not the bad guy here. They don't circumvent fair use rights in any way, they provide better service, pricing, and quality than local cable providers and their pay per view is cheaper than (and higher quality than VHS) video rental. Their business practices are not monopolistic (in fact, they have several competitors)
The manual that came with my reciever even listed details of channel allocation, packet format, etc.
This is no more stealing that watching the Superbowl at a friend's place because he has DirecTV and you don't.
That's not stealing because they contracted with your friend to provide the service in exchange for a fee (which was presumably paid). They got theirs and your friend got his. If they decided to bill by the eyeball as you suggest, I would switch to another service immediatly. If they took steps to make sure there wasn't another provider, then I would agree with you.
Punishing the bad guy like the MPAA and RIAA who circumvent fair use rights and play dirty games to kill off competition won't work if they know they'll be punished even if they play the good guy.
If DirecTV don't have a business model which can earn them a profit as they beam their signal into EVERYONE'S airspace, then they shouldn't be in business, end of story. Or, as they would say, "game over".
O.K. they and the regular cable operators should shut down immediatly. You can go back to a glorious 3 channels of $hit mixed with snow to choose from.
There may be some ground to say that DirectTV overstepped its bounds to destroy cards that were at one time rightfully sold.
I imagine that DirecTV's response to a claim would be "Fine, you pay for the service you stole from us, and we'll replace your card". Somehow, I don't think there will be many claimants.
For starters, H cards are damn near indestructible. I've seen one go through a washing machine and still function.
How can a virus wipe out my flash BIOS? After all, it survived a trip through the washing machine! They blew a few fusable links using a charge pump on the chip.
Secondly, even there would be no need to add the offending code bit by bit, you could just send 1 update.
And the pirates would just block it. First, DTV had to get the pirates to accept the updates rather than block them.
Thirdly the destruction of the cards would force Hughes to replace them. Not a cheap move. They'd be opening themselves to a lawsuit from everyone who was willing to say "I hadn't modified my card, honest" otherwise.
And if DTV could prove otherwise (such as the defendant's lack of a DTV account and no history of payments to DTV), the court records will prove that the plaintiff committed a felony. Sort of like the things you see in the dumb crooks shows.
The reason you have never seen an individual (someone not reselling their copied/"stolen" material) is because of the need to prove a loss. This is a major issue surrounding MP3's and the like. Just because a person has copied/decoded/viewed commercial data, it does NOT mean they would have ever paid for it. You can NOT prove a loss of profit, because you can't prove that the person would have ever paid for it at all.
That is true for content protection. However, DTV is a service and so the laws are a bit different.
They are running a commercial enterprise, it's the responsibility of them to come up with a business model which at least covers their costs... It's certainly not the responsibility of any other party to support anyone's business model.
They do that by charging for the service (which wouldn't exist at all if they couldn't charge for it). They also accomplish it by things like the subject of this story. It's not like they're trying to get a TV or VCR tax like some cartels we know. Or like they're trying to sue competing technology into the dirt. They also don't try to squeeze out more than their due by circumventing fair use rights. If they were, I would agree that they failed in their responsability to have a profitable business model.
We need to strongly promote a word or phrase that implies that that person is not one that hacks to undermine a system, but to learn and possibly improve a product. "White hat hacker" I've heard used, but it still has some negative connetation. Of course, even if we come up with such a word, we need to inject it into the mainstream press somehow, and that can only be done by groups that are leading the hacking effect, include Linus, Red Hat, and other distros.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
Then don't be so stupid as to sign your property rights away. Your property values are actually MUCH safer if they aren't in the hands of some homeowners association.
A Pirate and a Puritan look the same on a balance sheet.
Actually, when you sign up for the service, you have to sign a nice piece of paper saying that card belongs to DirecTV. So, no, they didn't destroy personal property, the destroyed their own.
Why post a story that sounds like Evil Corporation is battling innocent hackers, when in reality it's a company fighting THEFT of service. If this were on the cable side of things, it'd be illegal. Amazing how people can forget the ethics of things.
Ahh but look at the comments: almost everyone is congradulating DirecTV -- they pulled off a riteous hack and deserve praise here. I'm sorry to say that if I were one of the DTV hackers I would have fallen for this lock stock and barrel too. I'm up in Canada and actually subscribe to Bell ExpressVu (similar, almost identical tech, different satellite and programming) but I know a fair number of people around here who will be bit by this.
Kudos to DTV engineers. Get rid of a few lawyers and give these guys a big raise!
Couldn't you argue that DirecTV hacked their own subscribers and destroyed their property? Some of these cards were bought and sold on E-Bay, so it's clearly *owned* by the subscriber.
Not too bright today, are ya...
Those cards are property of DirecTV and Huges. Whoever sold them had no right to sell them and whoever bought them bought stolen goods. Last I checked you can't (or at least it hasn't been tested that you can) buy stolen goods and then sue when the rightful owner "reclaims" them, so to speak.
Remember, Huges OWNS those cards. You own the receiver. The receiver's fine; just call Huges and get their defective card replaced.
but should Microsoft be able to self-destruct your PC if they discover you stole a copy of Windows?
Microsoft doesn't own your computer. They could destroy the CD you installed from since that is (supposedly) theirs but the situations are completely different. If Microsoft LEASED the computer to you then they could nuke the hardware at their discretion... If they hosed your data then that's another story.
Rob and the gang,
Congratualations on a well-written, engaging news story. Clear, concise, interesting with thrilling narrative, factually informative. This entry is a model for all good Slashdot entries.
Thanks.
Wordnik, a dictionary project which aims to collect
The battling tape robots actually happened. There was one model of this library I think in the late 70's or early 80's which had one failure mode where the two arms would get out of sync and start throwing tape cartridges at each other. Dont remember the model number, but the tapes were held in tubes a little bigger than a D cell battery. About as heavy too, made a really loud THUNK sound as they went whipping about the room...
You think emacs is evil?! You've never used VM's XEDIT have you?!! That's evil, baby!
Actually, playing Quake 3 online is a service.
It's a free service, but you do need to check in at id in order to play (cd key, et al).
--
I don't like DirecTV much. I don't agree with the proprietary signal DirecTV uses. I also just plain don't like the service as well as I liked my old Primestar (dammit; why'd DirecTV have to buy them out?)
Neither do I support stealing channel access by the hackers, though. This isn't a fair use issue; the difference is the same as copying a book from a library (fair use) vs. stealing it from the bookstore (shoplifting). Frankly, I think this was an unbelieveably cool move by DirecTV. I do find it somewhat scary that they were actually able to make this work, but what they did is truly an ingenius anti-hack method.
Now, the next question is, when are the hackers going to run around this system too?
----------
actually you can get sued for "protecting" your property/goods by dangerous means.
A liquor store owner was sued (successfully, and for a load of cash) because he put an electrified fence piece over a skylight that was used a large number of times to rob his store during the night.
IANAL, but the law is called something like the "pull-string trigger" law. (i.e. you can't rig a gun to your door so when it's opened the gun fires.)
There may be some ground to say that DirectTV overstepped its bounds to destroy cards that were at one time rightfully sold. I would suspect that their legal department has some sort of "appropriate use" clause. Besides, any one with a functional frontal lobe knows that people were stealing. Those who had their cards fried should think fondly on their time of beating the system, but above all they should respect that DirectTV outsmarted them.
Of course... this assumes that someone isn't right now figuring out a way to reverse the process or come up with a new way of hacking the system. Any way you cut it, this is one of the most interesting and impressive reactions in years. Maybe the cuecat people could take a hint and decide to get smarter instead of making legal threats.
-- Solaris Central - http://w
No, this is an outrageous abuse. If DirecTV don't have a business model which can earn them a profit as they beam their signal into EVERYONE'S airspace, then they shouldn't be in business, end of story. Or, as they would say, "game over".
This is the main problem, not just with them but with the MPAA and the RIAA. Economics is how to allocate scare resources amoung various competing consumers. Technology enables us to achieve an almost utopian state with some products, 0% scarcity. These companies are trying to apply old-world economics to new-world goods and servicies by creating an artificial scarcity. If evil exists, this is it.
"I don't know that atheists should be considered citizens, nor should they be considered patriots." George HW Bush
Tricky. In general, I'd agree with you, but current law doesn't seem to be on the side of Hughes.
*I* think that if you have a computer which you allow to run non-trusted software, and can recieve such software independently of what you do, you're asking for trouble. (although there should still be some kind of minor trespass violation - it's illegal to enter a house with an open door if it's not yours, just not as bad as if you had broken the door down)
On the other hand, it's illegal to hack computers, no matter what sort of crappy security they have. While no intelligent US hacker is going to step forward and sue Hughes for hacking (as they'd quickly get counter-sued for watching it) Canadians may have better luck. I think that it would be rather funny for them to start a class-action suit, as their watching is quite legal but Hughes' hacking still isn't.
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
I disagree.
As others have pointed out Hughes is sending the signal to hackers. In fact, they want to send it to nearly everyone, ideally. Furthermore they're sending it as a broadcast radio signal, and that's a public resource.
If you proceed with your logic, you imply that it would be illegal to read billboards on the side of the road (ideally for this argument in the state-owned right of way) if the whim of the owner was that you weren't allowed.
Just as there is a right to free speech, there MUST be in order to actually have such a right function, an equally absolute right to listen. Otherwise you're supporting the opinion that you have a right to free speech, but if the government finds it inconvenient, people who listen can be arrested. (despite the speaker going free) This is a nonsensical propisition you're making, I think we'll all agree.
If a communication is privileged or there is an expectation of privacy (e.g. whispering, talking in a way that cannot reasonably be intercepted outside your home, lawyer-client discussions) I can see making that a minor crime. Generally one that's worse for the government (e.g. tapping w/o a warrant) than individuals.
But sending data across a public medium to virtually the entire continent does not strike me as private. Even the Internet is not private - it's a network of other, smaller networks, and it's hardly possible to believe that communications across it are automatically private. Certainly the most esteemed privacy/encryption experts on the net don't think so.
Once someone recieves such a stream - particularly if it was sent so that they, their neighbors and their countrymen could recieve it - I don't see how it's Hughes' business what's done with it. If they wish to prevent people from seeing it, the best way is to not send it to them at all. The second best way is to heavily encrypt it, but encryption is not a guarantee. It also means that Hughes' business is not TV but decryption software. If someone manages to put out an RE'd version w/o infringing on patents, then that's their right too. We rely on that right to have microcomputers that aren't all sold by IBM.
And furthermore, in Canada, which is what we're discussing, the people there explicitly DO have the right to watch broadcast signals. There's just no two ways about it there. If the law in Pottsylvania were that TV broadcasters had to give out free TV sets to people in order to have a license to broadcast then Hughes would have to either stop broadcasting to them, or start handing out the sets; it doesn't matter if the law is different than US law, sovereign states have the right to have different laws.
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
They got a dish and decoding equipment from DirecTV, and presumably (correct me if I'm wrong) signed an agreement not to hack that equipment when they did so.
If you feel like putting up a dish to capture that satellite's signal, go ahead. Manipulate it however you want, too. But unless you can brute force the encryption keyspace or you the transmitting company, your manipulations are not going to get very far.
The question then becomes "what do DirecTV subscribers actually sign to, under what conditions, and when?" I don't use the system, so I'm not going to speculate... but I will point out that their ongoing, "you must communicate with our modem to get the latest decryption firmware updates" service could make it real hard to decode their signal without their help, even if you can purchase the system (with original firmware) while avoiding signing away your rights to hack it.
The difference is simple: DirectTV can beat hackers technically; the recording industry cannot.
DirectTV sends broadcasts over the airwaves, and can send encryption keys for those broadcasts over phone lines on a separate, authenticated channel. Although they cannot prevent legitimate subscribers from recording and sharing the broadcasts they paid for, they can easily prevent pirates from accessing broadcasts they have not paid for (without getting a copy of the frequently changeable keys or a tape/CD-R of the desired program from a legitimate subscriber.)
This is not possible with the recording industry, because they cannot change encryption keys on the media they sell, and they must include those keys with the media or with the players in order to allow the media to be played back even once. At this point it isn't encryption, it's scrambling. And scrambling can always be defeated, as long as we control the hardware. For any non-interactive media that can be played back on a general purpose computer or a sufficiently hackable electronics device, it is simply impossible to enforce "pay per play", "do not copy", etc. with technological measures. Despite SDMI, I think most of them know they can't beat copyright violators technically, and know that the only way to beat violators in court is to with unconstitutional laws like the DMCA that hurt non-violators as well. It's not just evil we're dealing with here, it's desparation.
Click-through agreements have loads of legal, ethical, and practical problems (they aren't made until after you've purchased the product, they aren't an actual signature, the product isn't necessarily run the first time by the owner, it is possible to bypass them by hacking the product before running it and agreeing not to hack it...)
With our cable modem service, at least, there's something like four pages of fine print that they got us to put a physical signature on during installation. I made the (apparantly incorrect, according to other posters) assumption that DirecTV would have their bases covered that way.
Alright, while the story above is 'correct', it's something like reading chapter 6 of a 12 chapter novel, and claiming to understand everything. Alot more has been going on than is shown here. In the beginning, as it were, was the F card. This card was a dumb eeprom, and was hacked so fast it must have made DTV's head spin. The video stream at this time was un-encrypted, and you merely had to convince your receiver to show the channels. This lasted about a year or two, and then a new card began appearing, this was the H series card. This card had a dedicated ASIC on it for decryptiing scrambled content. It was also a 'smart' smartcard, in that it tried to think about commands that were sent to it, and had some basic functions (read, write, compare, etc) that could be called on. Eventually, DTV mailed out new cards to all valid F card owners, and completely removed the older card from service. They also switched to an encrypted video stream, and that was the end of the F card. This new H card was trickier to deal with, but at this time Hughes, who owned DTV, had made another mistake. This was the same card used in some european digital satellite systems, and a great deal of information was alreayd available on it. Hacking it (and these people were hackers, in that they had to reverse engineer a 'black box' device only by watching how DTV interacted with it, even if they used their knowledge for less than stellar purposes.) took less time than DTV would have thought. This is what went on for the years leading up to this story, in that the hackers would enable some new security hole, and DTV would send down an update to close it. Eventually though, DTV realized that there were an unlimited number of holes that could be opened, due to a flaw in the memory checking on the card, (large values would roll back over to zero) and that the programming hardware needed to work with these card had become cheap enough to be a mass market. About this time, DTV went quiet, and the community that hadgrown up around priating DTV satellite signals began to get fat and lazy. When DTV started up again, this time patching the firmware in the receivers to test the H cards unique ID against a list of known bad ID's, and to lock out bad cards if they were found, alot of people were caught by surprise. It was easy enough to overcome this problem, in that you could copy a valid, subscribed cards ID onto an unsubscribed card. Called cloning, this technique had definciecies that had been known for some time, in that part of the cards unique ID was stored into a write once area of the cards EPROM, and couldn't be changed, only masked. Since DTV seemed to have stopped sending down card updates, cloning became popular. In fact, it became the way of doing things. Looking back, it is easy to see how DTV set everyone up for this, allowing cloning to become rampant, because they knew how to kill it. When DTV started up the updates again, some of the original hackers warned heavily against cloning, saying this was tge beggining of the end. Most people, however, were content to simply update to the latest way of activating their cloned card, and content to ignore the number of updates piling up on their card. Once the updates were complete, those early hackers really began to scream about what was going to happen, but still no one listened. And, in the end, it did happen. What DTV did was send down a packet of information, that said: Take this address, and store it in this new location. Then, using the basic features of the card, compare that adress we just stored to an adress at this memory location. If they match, do nothing. If they don't match, set this memory pointer to location X, instead of location Y, where X is a specific part of WRITE ONCE memory. Another packet came along, and said, write some stuff to this memory location (the 'GAME OVER' in this case). If the memory pointer had changed to a write once area, too bad. If not, it was harmless. What was the card comparing? the ID reported by the card and the ID actually valid for the card. This type of kill was instant and deadly. It was also 100% safe, in that anyone using a clonned card was garunteed to be priating the service, and the packet would not, under any circumstance, hurt a valid subscribers H series card. It was so deadly because the area written too is part of the cards boot process. When it first receives power, the card no longer starts in a valid state, instead spitting out useless garbage. There is no way to write to this memory location again, and there is no way to change the cards boot process, because it happens before the interface comes up. I don't believe a magic bullet killed kennedy, but this magic bullet certainly killed all these cards. Well, all is not lost, because a while back, DTV ran out of valid ID's for a H series card, and had to make a new card, dubbed HU. This card is much trickier and much smarter than the H card, but it may also have flaws that can be exploited. Only time will tell, but in a sort of ironic twist, this is again a card from europe. Maybe the american hackers will get another helping hand from oversees, and maybe not. Primitive hacks for it have already started appearing, and the game of tit for tat is already being played out, as DTV shuts down early HU hacks. Don't hold your breath though, the card has remained unhacked in europe for some time. I hope this clears up some mystery. AS DTV did well this time, but they've made huge mistakes int h past that onlye ncouraged hackers to use their knwoledge to priate the system, it was, if you will, a sort of contempt. It was so easy, it was like DTV was daring you to do it.
If you buy a book, that doesn't give you the right to duplicate and distribute that book. What the GPL does is to give additional rights that copyright doesn't give you, but places conditions on the exercise of those rights. What I get annoyed about is stupid click-throughs that profess to take away my rights under the "first sale" principle without giving anything in return.
Uh. Except of course that you only sign the contract stating that the equipment is theirs when you sign up for their service. When you purchase the hardware you don't sign away any rights, you purchase the hardware.
Regardless of what weasel lawyers are trying to say, until the dumbass, oops I mean consumer, signs a contract they are simply governed by property laws already on the books. Yes, the contract makes you give up those rights and only gives you "license to use the equipment", but if you don't sign the contract... you're not bound by the terms. Get it?
Don't let the SPA lawyers convince you differently - shrinkwrap contracts ARE unenforceable, you must sign a contract in order for them to extend/reneg existing property/copyright laws (and even then, like contracts to limit liability, they're usually nonsense pieces of paper to give someone touchy-feelies). If you don't sign, you're not bound. At least until our laws are furthercorrupted by greedy corporations looking to increase profit margins (Lucent employees know what I mean).
Personally I'm happy with the situation. Script kiddies got burned like the pigs that they were, while hackers marvel at the technology - watch, then learn...
Moof!
I can just see it now. Some pople may think this is extreme, but if they broadcast a signal they can do whatever they like to it, but it's still my right to scan, record and alter any signal being sent to me.
Those pesky humans had no right to scan the electromagnetic spectrum for our signal, that's illegal! Those pirates will be unted down and killed!
Actually, these are hackers. They are also crackers. The had an amazing grasp on the technology, and used that knowledge. In fact, it was kind of interesting, because this was a hacker/hacker war. There is a big difference between crackers who are hackers and crackers who are script k1dd13z. Not that cracking is okay if you are a genious, but that even if you don't agree with what's being done, you can at least appreciate the skill with which it was done. This seems like quite an amusing little war, and I'm sure the hackers working for DirecTV got a kick out of it (especially the "GAME OVER" part).
Engineering and the Ultimate
My computers are the reason for my TV viewing going down the can. I can count the number of hours I've watched TV in the last 6 months on ONE HAND. :o)
--
--
Me spell chucker work grate. Need grandma chicken.
I doubt that's a very large group of users (there may well be a decent number of people who can't get a channel they want, but not that many are willing to mod their receiver over it), but I would be inclined to feel sympathetically towards them. What channels do they lock out geographically (besides local network affiliates)?
- -Josh Turiel
-- Josh Turiel
"2. Do not eat iPod Shuffle."
If you want to design and build your own DirecTV-compatible dish and receiver from components, and write software for it that decodes the video stream, then hooking it up to your TV set and watching for free is not theft in my book. The signals are, as you point out, passing through your property, and you were smart enough to figure out how to do something with them. Enjoy. Hell, get Dish Network too, while you're at it.
But taking DirecTV's own receiver, only made for the purpose of viewing their service by subscription, and then modifying it for free service is theft, plain and simple. By your standard, there should only be free broadcast service (over-the-air commecial TV), because anything else is and should be open for the taking to anyone who can hack a receiver or get their hands on a modded card.
If that's the case, forget pay-per-view (what - life without Wrestlemania?), forget all the premium commercial-free services like HBO - and forget pretty much any reception at all anywhere other than in and near urban areas.
There's a big difference between fair use and theft of service. I should be able to record off my DTV, time-shift as I like with my VCR or Tivo, and not rely on analog streams to do so if everything I have is digital. But there's nothing inherently wrong with paying to get that signal into my house to begin with, so long as I can re-use what I paid for. A different point entirely.
- -Josh Turiel
-- Josh Turiel
"2. Do not eat iPod Shuffle."
On one side, you have folks who hack the hardware to get free service.
:-)
On the other side, you have a company that sells a dish and programming, at pretty reasonable prices compared to cable rates, and wants to get paid for their goods.
Given that's it's at an interesting intellectual game at best to figure out how to hack a DTV smart card system, and theft of service at worst, it just appears that DirecTV has figured out how to win the cat and mouse game once and for all. Good for them. If DirecTV was the only form of television service available (ie., a monopoly), I'd look on theft of service a little more tolerantly, but there's all sorts of TV alternatives out there - broadcast, cable, and other satelite providers.
This is different from, say, the i-Opener hack because the i-Opener hack was fundamentally about hardware. Buying the box did not incur an obligation to use the service (due to a mistake on Netpliance's part), and the hack didn't allow you to steal their service - it allowed you to re-purpose the hardware. That would be like hacking a DirecTV box to work with Dish Network instead. A cool, "because it's there" hack.
So if DirecTV won the war, more power to them. There may be a fine line between hacking and theft at times, but hacking a DTV smart card for free service is definitely on the wrong side of that line.
Besides, stuff like descramblers and smartcards are usually what spammers are filling my emailbox with, and I hate spammers!
- -Josh Turiel
-- Josh Turiel
"2. Do not eat iPod Shuffle."
I agree. This attack is nearly the work of science fiction (think Independence Day and similar). Hughes showed an incredible ability to run the attack stealthly and brilliant without ever hiding anything. This was amazing.
You realise, of course, that that would be the equivalent of tapping into the cable feeding the transmitting antenna on their satellite. What's going on here is more like you arguing with your wife at the top of your lungs and then complaining because your next door neighbor can stick a microphone out his window and feed the resulting signal to a machine that translates the obscure language that you're shouting in into something that he can understand. If you don't want your neighbor to know what you're arguing about, don't let the sound waves propagate across your yard and into his.
I'm not advocating "theft of service" here, just pointing out the flaw in your analogy.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
If your cable company inadvertantly gives you HBO, that's their screw-up. If some mail-order outfit sends you something that you didn't order, do you feel obligated to pay for it or even pay to ship it back to them? If anything, the cable company should pay you damages for putting offensive material where you or your children might be exposed to it.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
It's in the books, and I'm trying to find the applicable law, but google is a harsh mistress today. There is a lot of rumor that states that it's a grey market, or perfectly legal, but it ISN'T.
That said, I'm not saying I wouldn't install one in order to get HBO; I'm just stating that the assumption that it's perfectly legal is misguided.
--- http://foo.ca
If I read the words "hacking community" one more time today, I'm gonna barf!
I find this story quite funny and amusing, but it's playing up the 'noble hackers fighting for TV freedom' bit a little too much. These guys just want free movies....
Cheers,
Vic
As a DirecTV subscriber (who pays for the stuff) I agree 100%. Obviously the Hughes engineers are some damn smart guys, and the TV pirates (let's use the right terminology here - /. gets caught up about "hackers" not being evil enough that it's ridiculous to call the pirates that) are not as smart.
I have zero respect for these pirates. They could be applying their skills to the next piece of free software, while instead they're just trying to get free TV. What a waste.
It's just that all people who had their cards ECM'd chose to manipulate the signals in such a way that it destroyed their equipment....
;-)
Damn but it's nice to see a company that's willing to fight on the technical ground rather than running to its lawyers at the first sign of trouble. That's downright brave and honourable, there.
Say what you may about the real and supposed sins of DirecTV and its crackers, they were fighting the war on its technical merits rather than with hordes of lawyers. That's good stuff. It's nice to see a company with the integrity to defend itself within its market and its product rather than look for protection from above.
--G
This leaves me wondering who works at DirectTV! Obviously some very smart people at that company. Personally I think the people who hacked DirectTV to get free service got what they deserved to a degree. Of course now they can figure out how to hack the next generation (if possible). Dynamically updating the code in the receivers is a brilliant strategy... Chalk one up for DirectTV. Lets see if the hackers (crackers) can get their TV back!
Nice to see that Canada applied a little common sense in making it's laws. Here in the US, listening in on cellular phones is illegal, as is modifying a radio to pick up cell phone signals. Still, there are a lot of radio enthusiasts who have modded scanners that can operate in the cell phone band.
0 1 - just my two bits
They tried to get DirecTV without paying, but they've been outsmarted. The hackers at DirecTV are more l33t than the hackers with these "H" things.
... but the article didn't elaborate on that. Can anyone back this up?
The only thing that bothers me, is the part where DirecTV was going around intimidating people who discussed it
And if they are able to technically outsmart you, then it's your problem you can't get free sattelite TV. :-)
> Hackers are not Crackers
The way I see it, *some* hackers are crackers. Whether it's for good or bad doesn't make a difference, in my opinion. If you're a hacker, you're a hacker. Saying no crackers are hackers, simply because they're "evil", is just a silly way to discredit them of their ability.
I have a feeling that this way will probably make them more money when people go out and buy cards in time for the superbowl.
Just-a-hunch.
P-p-p-p-p-pickup a penguin
(http://www.debian.org)
Let's not make the same linguistic mistake we despise when the average reporter gets it wrong.
[ObDisclaimer: my employer has business relationships with DirecTV, but I do not speak for them]
...it is a thing of beauty... Not because of who won or lost, but because of the elegance with which it was done!
[someone should forward this article to the "Beautiful code" guy!]
Yesterday, we were discussing how we can hack new DirecTV tuners to allow HDTV resolution on analog ports.
Does anyone else appreciate the irony of both events happening in the same week?
Ever surfed the web using your cell phone as a modem?
Work is for people who lack the imagination to play.
that someone pointed this out. give it a rest.
True, but then, isn't DirecTV also entitled to broadcast whatever they want? If you just happen to be foolish/1337 enough to be running a hacked card, well, thanks for coming out, better luck next time.
I don't know how it applies to a satilite broadcast, but isn't there an FCC rule along the lines of:
This device complies with part 15 of the FCC rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) This device must accept any intereference received, including intereference that may cause undesired operation.
Certainly their transmission counts as harmful.
DirecTV didn't physically destroy the cards, so I don't think the hackers have any grievance in that respect...
I believe the article clearly states that the cards themselves were likely permanently destroyed
It sounds like a pretty cool escalating technology war though. Reminds me of the thumb in the Hitchhikers Guide.
They ARE saving money by buying a hacked card. Hacked cards give you PPV movies, Pr0n channels, Football games, etc. Channels that can cost upwards of 35-50 bucks for just one event, for one day, like a boxing match. And of course Local channels from East Coast or West Coast time zones that you can't get even if you are paying.
Either way, I'm sure most hackers just love a good challenge.
...you rock!
---
Sig Return: 204 No Content
Just realized I should have changed the subject line on that posting. Oh well, consider it retroactively changed. :-)
Deven
"Simple things should be simple, and complex things should be possible." - Alan Kay
Well, I am a legit subscriber with a valid H card, and it was not only knocked out, DTV wants $89 US to replace it!
Well, I didn't say that the ECM didn't knock out any legit subscribers, only that they didn't knock out all of the 'H' cards, legit or not. Perhaps some (but not all) valid subscribers were hit by the ECM, but you wouldn't think they would try to charge you to replace the card! Does DirecTV believe you have a hacked card?
Deven
"Simple things should be simple, and complex things should be possible." - Alan Kay
Watch out - the DirecTivo does not record your OTA broadcast signals. It only records the channels you get from the satellite. So, if you don't get the network channels from your dish, then you won't be able to Tivo them (or, I assume, use the Tivo remote to change to the OTA channels).
True, but that's not as bad as it sounds. I don't really need the OTA broadcast signals, since my local stations (Cincinnati area) are available off the satellite. (Same for 30-40 other local markets already.) Of course, they don't carry the local PBS station, but the national PBS feed is available. They don't carry the WB station, but I never watch that anyway!
Once I found that out, I ended up getting the Sony DNR Tivo system. It interacts perfectly with the Sony SAT-B2 receiver, and my OTA channels. In fact, there is a cable that plugs from the Sony Tivo unit into the Sony sat receiver to control it. My one Tivo remote is thus the only one I have to use to get all the channels. Works perfectly.
I've heard a lot of people complain about picture quality with this kind of setup. When the standalone TiVo records something, it does its own MPEG encoding. MPEG is a lossy compression algorithm, and I've heard that re-encoding a decoded MPEG stream tends to exaggerate that lossiness. I'm told that the quality of TiVo recording from OTA broadcasts is better than the quality of the satellite broadcasts.
With the combined DirecTV/TiVo box, it's true that you no longer have an MPEG encoder, but it's recording the MPEG streams as they come off the satellite, without modification. That means no loss of quality playing back the TiVo recordings as compared to watching the content live -- either way, the exact same MPEG data is being decoded for viewing. Even if your setup looks good to you, there's unquestionably some loss of quality inherent in using multiple passes of a lossy compression algorithm. (But if you don't notice it, that's lucky.)
More significantly, DirecTV probably does a better job of MPEG compression than your standalone TiVo can hope to. They've got professional-grade MPEG encoding equipment, and a strong financial incentive to get the best compression possible. (It's a lot cheaper to get expensive encoders than to launch new satellites!) Also, I've read that DirecTV does MUCH more intensive encoding on pay-per-view movies because they don't have to do it in real time; they can really optimize both quality and compression when it's done in advance. (I don't know if they do the same thing with other movie channels like HBO or not.) DirecTV also knows (more or less) which content needs to have more bandwidth (e.g. sports) or less (e.g. talk shows), and can optimize compression that way. What's it mean for me? In addition to having better quality for the TiVo recordings, it also means that it's probably going to use the available disk space more efficiently, and without my needing to make any decisions about what quality settings to use. I see this as a good thing.
The one bad thing is the lack of an MPEG encoder for recording sources other than the satellite, but this is not an unreasonable tradeoff. Adding that encoder back in might cost another $200 in the unit price, and I'm not sure it's that important to me right now... But if it's important to you, then it sounds like you have the right setup for your needs.
I had thought that having the satellite receiver and Tivo all in one unit would be a good thing, but I've had absolutely no problems with the setup I've got. If you don't yet have a Tivo system, get it! My wife thought we didn't need it at all, but she is totally convinced now.
My wife was adamantly opposed to it; she considers it a waste of money because it seems no better than a VCR to her, and she's tired of clutter around the house (my fault) and the plethora of electronic devices (also my fault). So I've had to lobby for it for a while now. I think she'll let me get it when I'm done cleaning up the house, which I'm almost done with... (Having invested a good 30-40 hours into this project!)
Assuming she relents and lets me get it, I won't be a bit surprised if she changes her mind and becomes a TiVo convert; I've heard of it happening to other people often enough...
Deven
"Simple things should be simple, and complex things should be possible." - Alan Kay
Ummm... bullshit! I know more than one legitimate DirecTV subscriber who was knocked off by these ECMs.
Taking out the hackers in only one of Hughes goals with these ECMS. The other was to destroy ALL H-cards, thus forcing their paying customers into upgrading to the HU cards.
But I'm sure they're _real_ sorry for whatever inconvenience they've caused people.
I don't know where you get your information, but they did not destroy all H cards last Sunday. My trusty old Sony SAT-B2 receiver came with an H card, and it still works fine. But I'm a legitimate paying DirecTV customer. Are you sure your friends were really legit?
As soon as I can convince my wife to allow it, I'm gonna upgrade to the Sony SAT-T60 receiver with TiVo -- recording the MPEG streams straight off the satellite is very cool, and I'm dying for that 14-day advance program guide. (I was very annoyed with DirecTV for cutting the guide from 3 days to under 2!) Maybe I'll sell the old Sony receiver after that; the remote codes may conflict with the new Sony, plus the SAT-T60 actually has two DirecTV tuners in it! (But the second one won't work until TiVo gets their act together and updates their software to handle it...)
Deven
"Simple things should be simple, and complex things should be possible." - Alan Kay
Ever here of the FCC? It's the people's airwaves, and the people here in the USA elected politicians who put the FCC in control of regulating communication over those airwaves.
No, it is not stealing. It is the unathorized use of communications resources set aside for others. Just because something is not stealing does not mean it is not illegal.
Actually no. A few years ago there was a lawsuit in PA over a guy whose front lawn was an absolute mess filled with all kinds of crap, like furniture, broken car parts, things of that sort. His neighbors sued him, and the court found that it was his property and he had the right to put whatever he wanted on it. I'm sure it would have been different if it was food stuffs and other trash that could create a hazardous situation, but since it was all stuff that wouldn't rot and leave a smell or provide food for foraging animals it was ok. A sattalite dish would definately be ok in that situation.
Now if you live in a town-home community with one of those neighborhood commities it might be a different story. Even though from what I understand those commities have no legal power either, they enforce their decisions because people believe they are legally binding.
-matt
It's nice to see a company that tries a more novel approach to fighting media 'piracy' than just herds of lawyers.
(Which, as we see in the RIAA and MPAA cases, doesn't really *do* anything at all, aside from annoying people.)
They solved their illicit reception problem, while at the same time gained some respect from the 'hacker' community.
Now the question is, will the blackhats try to crack the new firmware, or will they look for a new target?
--K
The point is that the signal is broadcast to *everyone*, not just paying customers. /stealing/ it, you're merely using a signal in a way that goes against what the originator intended.
You're not
I don't see this as 'theft' in any way - denying *potential* profits, yes, but not theft.
IMO, Hughes did the Right Thing.
The crackers cracked their signal, so they cracked the crackers cracks. I think that's pretty nifty.
--K
I wouldn't disagree with that - such has been the case with other famous "hack", like the i-opener, the TiVo, etc. There's always a few smart people who figure out how to do it, and a bunch of other folks who just follow the trail that was blazed.
But to really answer the issue, even if it does take hardware to decode the bits, does that really change the issue? The bits are present inside your home (or at least outside at your satellite dish) 24 hours a day, whether you want them or not. DirecTV is constantly bombarding you with them, on the theory that you'll be too lazy or stupid to decode them. Sure, you're getting something for nothing (or at least much cheaper) if you decode them, but I still haven't heard a good argument for how this constitutes stealing from DirecTV, whether you're a master hacker or just saw the plans in an electronics magazine.
A relevant example: if Digital Convergence sends you a CueCat on your next issue of Wired, is it stealing to open it up, figure out how it works, and use it for non-Digital Convergence-approved uses? As far as I can tell, the analogy is exact - a company pays to saturate the country with something, said company makes it somewhat difficult to use this thing for uses that don't make it money, but somebody with too much time on their hands hacks it anyway. The only difference is that Digital Convergence sent you plastic, wire, and silicon (with information encoded), and DirecTV sent you modulated electromagnetic waves (with information encoded). The personal use of either free gifts is entirely ethical IMHO.
True, it's not what I would have done. But to the hacker belong the spoils , and sooner or later information on how to do this for only the cost of materials will get out, and then anybody can do it given enough time. I wouldn't characterize the current set of DirecTV hackers as particularly freedom-loving, simply because if they really believed in free speech rather than just free beer, they would publish their plans on the 'net.
But ideological differences aside, I do defend the right of the average citizen to decode any stray RF that wonders across or through their property or person (in fact, my neurons are probably soaking up DirecTV as I type) with whatever legally-obtained hardware or software they need. And if that runs up against the DMCA, well, the more civil disobedience in that regard, the better!
Your right to not believe: Americans United for Separation of Church and
IMHO, hacking for hacking's sake would end with publishing all the details on your web site (soon to be taken down by your nervous ISP, of course), but I digress. I'll agree that the hackers in question didn't have motives most pure.
But I disagree that this is stealing. Today, Hughes and DirecTV are spending "huge $$$" to send their signals to my house, even though I'm without one of their receivers. Tomorrow they will be doing the same thing at the same cost. If tomorrow I have a hacked receiver, how am I stealing from them? They aren't out any more money from my deeds, and (unlike one of the reputed costs of stealing cable) my neighbors' DTV feeds are unaffected. They will send me the exact same bits (well, hopefully not the exact same bits :) as the day before, so their costs haven't changed one iota. DTV has no less property (intellectual or otherwise) as a result of my actions than they did before, so while my actions are certainly something, they are not stealing.
Your right to not believe: Americans United for Separation of Church and
Actually, DirecTV is a service provided all the time to everybody. The only question is whether you feel like paying Hughes to make use of the service, or prefer to put in the time, money, and effort to make use of the service without Hughes' help.
Your right to not believe: Americans United for Separation of Church and
Actually, it's more like you wrote a program for your clients, encrypted it, and hired the Goodyear blimp to display the encrypted program for your clients so that they could write it down, decrypt it, and use it. Is it stealing for anyone else to write it down and decrypt it? Maybe you should choose a more secure delivery method if it's that valuable. Of course, that raises the cost of the service for everyone, so in the end it's probably cheaper to live with the hackers and zap them from time to time to get rid of the dumb or lazy ones.
I'll agree that if DTV owners agreed to a contract which forbade them to modify or resell their cards, then they are guilty of breaking that contract. If they didn't sign anything, though, the cards are theirs to do with as they please.
Your right to not believe: Americans United for Separation of Church and
I don't see how that's any more theft of service than before - they have already paid for those channels and flung their encoded representation across the aether (I'm getting more poetic as I post more replies to this story, don't ya know). If broadcasting those extra channels wasn't worth it to DTV, then you wouldn't be able to decode them because they wouldn't send them to you. My argument would be that if decoding any channels is OK, then how can paying for some channels and decoding the rest be less OK? At least that way DTV gets some money (not that the goal here is for them to get money (well, that's their goal), but it doesn't hurt).
I don't see how you could make a reasonable argument in court that decoding some channels is bad, but decoding all channels is OK. According to other posts, decoding all of them in Canada is OK, so there are apparently some courts which disagree.
Your right to not believe: Americans United for Separation of Church and
If you found a DVD laying in the road, then it would still be reasonable to play it via DeCSS, right? It's a disk that you own, by right of salvage.
OK, now what if Jack Valenti sent you a promo copy of a movie on a DVD as a free gift in the mail. Still OK to DeCSS it, since it's your disk now, right? We'll assume you're just watching it, of course.
OK, now imagine Jack Valenti sending you the bits from the DVD via normal analog TV signalling. It's free, you have a TV, and you watch it. Not a problem. If he didn't want you to see it, he wouldn't broadcast it, right?
Now the easy part. Jack sent you the movie's bits again, but since he's none too quick on the telegraph switch any more he messed up the signal. How is it not right to decrypt the signal he sent you for free, and watch it?
Rebroadcasting it would fall under copyright law, of course, just like if you copied the DVD with DeCSS and sold it. But viewing your free DirecTV broadcast after decrypting it is just the same as viewing your free DVD after decrypting it. I don't see how you can defend one but not the other on the grounds that it's "just plaing stealing".
Your right to not believe: Americans United for Separation of Church and
Ah, that's a good one. But in that case such a transformer is a theft of electricity, because it saps energy off of the power company's lines. The mere fact that they could detect it indicates that something really was stolen from them (although I'm amazed that he could draw enough from such a system that they would notice it above normal transmission losses). If it were just EM losses into the environment, I assume that their detectors wouldn't have seen anything.
In the case of DirecTV, there is no way for them to detect any energy losses from their system, because the impact of having a receiver pointed at their satellite would be just the same as if their satellite was pointed at the metal side of somebody's house, a garbage can lid, something like that. After all, if DTV could tell where the pirate receivers really were, wouldn't they just send out the lawyers to that location? DirecTV isn't out any energy, your neighbors' DTV broadcast isn't affected, nothing is any different. So I would still contend that it isn't stealing.
Your right to not believe: Americans United for Separation of Church and
Good point, you're probably not within the law on the whole DTV issue if you signed anything. And considering the difficulty of hacking their signal completely from scratch, my claim to the bits that they're sending me will likely remain a hypothetical one.
Your right to not believe: Americans United for Separation of Church and
Hmmm, I think we are bothered by different facets of the spam problem, then. Most people that I've talked to are unhappy that they have to pay their ISPs more to receive junk email that they don't want. Sure, there's also a time cost in deleting it, but it seems like the money bugs most people, and is the issue on which most anti-spam laws and lawsuits have proceeded.
If bandwidth were free, spam would be just like getting junk snail mail. It sounds like this bugs you more than me; I just toss it in the recycling on my way to the couch. It takes me maybe 10 seconds a day to deal with junk email, so I don't consider it a great loss.
Your right to not believe: Americans United for Separation of Church and
Um, no. No single entity "owns" any RF spectrum in the U.S. The RF spectrum is a public resource (like a national park) that is administered by the government because it's a scarce resource and because (although I don't totally buy this) if you let everybody transmit wherever they want, the spectrum will be useful to no one. The portion of the spectrum that DirecTV uses is leased to it by the FCC and gives DirecTV broadcast rights on that band. As far as I know there is no regulation of who can receive on what band, because unlike multiple transmitters, multiple receivers can't really hose the public RF spectrum for everyone else.
True, there are laws about decrypting phone calls but other than that receiving is legal. I don't believe the phone laws apply to DirecTV, unless you know for sure that they do?
As an aside, I don't agree with laws against phone decryption because whether or not there is a law, anyone who is sufficiently motivated can monitor your transmissions. The law provides only the appearance of safety; it doesn't really give you any privacy. Plus of course you sent me those signals onto my property, but that topic's been covered already :)
Your right to not believe: Americans United for Separation of Church and
It's true that DirecTV doesn't have as much money as they otherwise would; but it does not necessarily follow that anything has been stolen from them. Many other events could result in them not getting as much money - an economic slowdown, a competitor with a better product, or even a nasty rumor that their satellites are really being used to track people for the sinister purposes of Major League Baseball. Just the fact that they don't have as much money doesn't make it stealing.
In the normal understanding of a "theft of service", somebody is still out of some physical quantity that they would otherwise have charged for and that they do not just hand out to all and sundry. Theft of cable TV service, for example (and according to the TV industry at least) steals from your neighbors by degrading their picture quality (a measurable, quantifiable thing). Spam is a theft of network resources and hardware resources on a mail server that your ISP charges you to maintain. Trojans or worms are thefts of service in almost the same way, by consuming network bandwidth and host processing power which somebody paid for and somebody else is getting charged for.
But receiving unauthorized satellite broadcasts doesn't deprive anyone of something they are being charged for. Your neighbor's signal is not any more degraded, DirecTV doesn't have to spend any more money than they would have otherwise to achieve national coverage, and the producers of the TV content are already getting paid by DirecTV under terms that were mutually agreeable to both of them. From all of these people's perspective, things are just the same as if you didn't have a DirecTV at all.
This doesn't mean that I disapprove of Hughes' actions in this case - I think they are entirely within their rights to police their hardware under any means that are permissible under the contracts they have with DirecTV subscribers, assuming that they have such contracts (although I don't think they have the right to modify the customer's lawfully purchased software or hardware without the customer's permission in the absence of a contract allowing it). I just don't think Hughes should be surprised when other individuals make use of the bits that DirecTV is flinging around so profligately, considering that those bits would just "go to waste" anyway.
I have to add, though, that it's nice to see a company whose initial response was not "send in the lawyers". Duking it out hacker a hacker is the way to go on this, and so much more entertaining for the rest of us without DirecTV or the inclination to hack one.
Your right to not believe: Americans United for Separation of Church and
I'm curious as to how this is really a theft of service. When that term is applied to spam, for instance, the theft occurs when spammers use up the bandwidth of their relays and the time and hardware of the targeted ISPs. In that case you can point to the extra costs that were required based on the actions of the thieves.
However, this satellite broadcast is streaming through all of us all the time. Does just possessing the knowledge to decode these ambient bits somehow make a person a thief? I'll agree that it's unfair to the legit DirecTV subscribers to have to pay for a service that some are getting for free, but I don't agree that decoding bits that are normally present in the environment is theft.
Your right to not believe: Americans United for Separation of Church and
too cool. So the hackers who hacked the cards graduated college and were hired by....hughes. clever
Yes, I would care if you set up a listening post in my house, as your comment implies. However, I think what you meant is would I mind if you set up a listening post in your own house. That's fine with me. And if EMI from my cordless phone or 802.11b LAN reach into your house and you receive them. that's cool too. I don't talk about things on the cordless phone that I don't mind having the whole neighborhood hear. If I'm doing anything "sensitive" over the LAN it's double encrypted (SSH inside of WEP).
So, to answer your question, yes it is your right to listen to any radio transmissions that travel thru your house. At least in my opinion. Current US law does not reflect my opinion.
I find the whole idea that somebody can broadcast information over the radio waves to their whole neighborhood (or in the case of DirectTV, a whole continent) and have any expectation of privacy with respect to that information. That's just stupid. It's like claiming you have an expectation of privacy for a classified ad in the paper.
You don't OWN software, you have a license to use it. Even with so-called FREE software. I can't do whatever I want with GPLed software. I have to abide by the terms of its license. Even if you're just using no-CD cracks, you aren't licensed to do so. You might as well say, "Well, it's INCONVENIENT for me to abide by all of the terms of the GPL so I just won't redistribute my modificiations. After all, I BOUGHT these Red Hat CDs."
The original message was correct: this was a nice piece of reporting for /., although I wouldn't have minded some more technical details.
Even a superficial analysis of the issues surrronding intellectual property makes it clear that those issues are far from simple, and that the current attitudes towards IP in the legal and commercial sphere are often hard to justify. In many cases, especially related to patent law, those who benefit from intellectual property law do so at the expense of the public domain, and could just as easily be labeled pirates.
In this specific case, I agree that what Hughes did was perfectly acceptable and well within their moral, ethical, and legal rights. However, so were the actions of the original hackers of the system. Things get a bit more questionable when it comes to people simply buying a hacked chip to avoid service fees, but even there, "piracy" is not the appropriate term.
Cutting into their profits is not stealing from them, any more so than grilling my own hamburgers is stealing from McDonald's. A business does not have a right to make a profit. See previous rant.
So are you saying that you have the absolute right to listen to my cellphone (assuming I had one) conversations?
Yes. And how would you stop someone from doing that, anyway? If you're crazy enough to send private/sensitive information over a public phone line (let alone a cellular phone!), you're likely to get a rude surprise one day.
Take photographs of me through my windows? (My image is traveling onto your property....)
Oh, this one's the killer. You see, this already happens all the time. There was a famous case a few years ago (which, regrettably, I cannot find now) in which a Florida couple were arrested for having sex in their own home with the blinds closed. Apparently, someone snuck up to their window and videotaped them through a hole in the blinds. Because their home was within a certain distance of a public school, it was felt that the children at the school could have seen them. (And that somehow, seeing people having sex is wrong... but that's a different rant.)
Use shotgun mikes to record everything that goes on in my house?
I don't feel qualified to answer that one, as I don't know anything about these "shotgun mikes". Is their use permitted by law? If so, then I'd say yes.
why should descrambling (stealing) unpaid-for content be any different?
Suppose I hand you a piece of paper on which there is some writing (6 paragraphs). I tell you, "You are allowed to read the first two paragraphs, but not the third paragraph. You are also allowed to read the fourth paragraph and the last paragraph, but not the fifth paragraph."
Do you really think I have a right to tell you which paragraphs may read, and which you may not? Do you really think that, if I learned you had read one of the "forbidden" paragraphs, I could win a lawsuit against you?
If I don't want you to read something, I'd better not hand you a paper with those words on it.
If I don't want you to watch a video stream, I'd better not broadcast that video stream into your house.
When you lessen the value of something you are likewise stealing.
When Ford Motor Company started to mass-produce cars, they lessened the value of horse-drawn carriages and accessories. This was not stealing.
We are a consumer based society, and while I will scream about corporate abuse as much as anyone, in this instance we have to protect the rights of the company [...]
This is one of the most depressing things I've read so far this millennium.
A company has no right to make a profit. They especially don't have the right to make a profit by requiring people to pay them money for things that they're giving away to those people.
I know it's fairly common for people to make money this way. In NYC, at least according to some TV shows I've seen, people on the street will wash your car's windshield while you're stopped at a red light, then expect you to tip them. Human nature is such that we will feel some obligation to give these people money (for various reasons which I won't go into here). But there is no legal obligation to pay for this service, because you did not ask for it ("enter into a contract").
Now, to the best of my knowledge, DirecTV hasn't done anything wrong. But neither did the H-card hackers. Nobody was stealing here, and nobody has broken any laws that I know of (apart from the DMCA, but that's not Constitutional... it's an abomination).
Microsoft doesn't own your computer. They could destroy the CD you installed from since that is (supposedly) theirs but the situations are completely different.
The answer to this is still pending. UCITA was an attempt to provude companies like Microsoft with the legal right to remotely disable their software on other people's computers, in the event of lapsed contracts, unregistered copies and the like. At least one state has passed a UCITA-inspired law, but it prohibits the "self-help" (ECM) in the case of "mass-market" software. (You can only use the ECM option if you entered into a contract with the other party.)
So, to the best of my knowledge, Microsoft can't legally destroy your installed copy of Windows ME.
Yet.
You have no right to make a profit.
Nobody can steal that which you have given them for free.
Just because you came up with some "clever" business model that involves charging people money for services, that does not entitle you to compensation from people who figure out how to provide this service for themselves.
I am deeply disturbed to see this bullshit perpetuated by someone outside the US. Previously, I had been operating on the assumption (obviously false) that "the right of a business to make money" was confined to the US.
Once again, for the slow ones: you do not have a right to make a profit, no matter how clever you may think you are, and no matter how long you've been making a profit in the past. If someone out there catches on to your scheme and bypasses it, you lose.
(With all that said, I have to applaud the hackers who work for DirecTV. Unlike certain other industries, they didn't resort to dirty tricks or underhanded legislation -- they simply used what they had, and ingeniously too. I'm not ranting against DirecTV here -- I'm ranting against all those who thought that the H-card hackers were "stealing".)
I bought a used system a couple of years ago, and it's been sitting unused, ever since.
And yes, it has an H card, and it's for sale, since I'm a legal and paying subscriber to Dish Networks/Gilat.
I love slashdot.
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
Don't believe everything you read.
/. community.
For starters, H cards are damn near indestructible. I've seen one go through a washing machine and still function.
Secondly, even there would be no need to add the offending code bit by bit, you could just send 1 update. The only reason to send it bit by bit is to save bandwidth and this isn't a concern. Sounds mildly improbable eh?
Thirdly the destruction of the cards would force Hughes to replace them. Not a cheap move. They'd be opening themselves to a lawsuit from everyone who was willing to say "I hadn't modified my card, honest" otherwise.
Finally, the site Michael linked to requests financial support by clicking a paypal link. Sounds like an elaborate setup to fleece the
Way to go Michael.
--Shoeboy
Because it's NOT "hacking for hacking's sake". It's "hacking for stealing's sake". "hacking for hacking's sake" would be hacking the cards and keeping it to yourself, satisfied in overcoming the challenge. Maybe even informing the company of the hole in their security, in which case you've accomplished a challenging hack and done a good deed. But stealing services that cost huge $$$ to provide is cracking, not hacking.
Ignorance is the root of all evil.
As I see it, it comes down to this:
For someone to provide such services, it costs A LOT of money. If they cannot make the money back, plus a profit (for themselves and the stockholders), no one will do it. That's capitalism, nothing wrong with that on the face of it. So SOMEONE has to pay for it. You're fine with the idea of SOMEONE ELSE paying for it, just not you. So my (serious, not argumentative, I'd like to know) questions is: Why are you different from the rest of us? Why should we pay to keep alive a service that you enjoy and don't feel obligated to pay for? If we all did as you did, the service wouldn't exist at all.
Ignorance is the root of all evil.
For all the noise that /. makes over the user of Hacker vs. Cracker, one would think that stealing services would fall into the latter category. While I think that the reverse engineering and cleverness involved in cracking the smartcards is quite impressive, I see no noble motivation, just stealing a service that is quite expensive to develop and provide. The real Hackers in this story work for Hughes.
Ignorance is the root of all evil.
Well...with the card toasted and the fact that they mentioned their $400 price tag on Ebay, I think alot of people will be a bit hesistant about it. $400 bucks makes for one expensive game!
"Whaaaaah!! all of the evil-hacker-pirates(tm) are putting us out of business. Boo hoo hoo...."
That is just absurd! First thing - movies and music sales are at an all-time high! Nobody is putting these robber-barons out of business anytime soon. Secondly - by convincing the courts to support them, they are stealing your rights!
So, Mr. Anonymous Coward, since you own those DVD's of yours why don't you give us a little demonstration of your "fair-use" rights?
What's the matter? Can't do it? But, you *OWN* those DVDs... and it is within fair-use rights and your Freedom of Speech to sample small clips to use for non-commercial purposes.
So! guess who's screwing who? I'll give you a hint - it's not the evil-hacker-pirates(tm).
Should you not be saying 'If you broadcast data into the ether, but I dont want anyone listening to it, then you use encryption. If they break it, good for them'.
So... over time, we update our encryption methods to make it more and more difficult for more and more powerful computer system to crack. Isn't that exactly what DirectTV are doing? I think its commendable that they weren't trying to knock down people's doors to prevent abuse, but they were being clever with the method on how to piece together a new encryption scheme to prevent abuse.
I think it was a brilliant masterstroke. They should make a movie out of it. I have no sympathy for the hackers/crackers out there; they had their free-run, and they've been beaten.
Oh... in that case, I agree with that completely.
:)
(Sorry for the 'me too' post
Agreed! Begining hacking - to increase the capability or features of your system - is one thing, but out-and-out theft is another thing entirely.
I, also, applaud DirecTV's actions and I rejoice at the thought of all those poor, poor little crooks missing the Superbowl. Awww, I'm playing a teeny violin for them.
No mercy for thieves.
The airwaves may be public, but the content of what's carried on them is not. If you make a speech in public, does anyone have the right to record your words, type them up, and sell them as a book?
If you want to recieve the signal without paying for it, it's dishonest, but you can try. The sattellite company, however, also has every right to stop you from being able to *use* what you recieve. I say, good for them. This is what a free market is all about.
Absolutely! NO argument here...
No.. not the same thign as a public building.
I am not 'using' the public airwaves for anything. transmission is licensed.
I don't dispute that there are laws regarding crypted signals..
I'm saying that it's absurd that I am not permitted to, in my own home, receive a signal being broadcast to me and do *anything I want to it*.
Oh.. I'm not criticizing DirecTV whatsoever! What they did is commendable, for exactly the reasons you stated. They play the game right, they don't try to re-legislate it so that people get the death penalty for decrypting (so to speak).
I have no sympathy either for the hackers.... I'm not at all implying they have a 'right' to the TV broadcast... only implyign that they should be free to attempt to decrypt it if they want to.
Just like 'fair use' laws and copyright... see... what they've done is, insetad of making any and all copyign illegal, they simply said 'it's still legal', but managed to obscurely (at first) make it so that any technical means to defeat their encryption is illegal... which has the same effect as simply making copying illegal.
I think it's about time we had laws that actually state some things as irrevocably LEGAL, rather than simply the opposite.
What do you mean?
I'm referring to DVD as an example. Software that breaks it's encryption, to allow you to make a 'legal' copy under fair use is in itself illegal.. so there is no way to make a legal copy.
So rather than attack the right of people to record at home, they make it technically hard, then make it illegal to break that technology, effectively doing the same thing.
That's what I'm trying to say. This had little to do with DirecTV.
To answer your questions.
YES.
1) yes. Actually, I am 100% allowed by law, in Canada, to listen to your analog cellular calls. Cellphone companies tried to change this, but the crtc was firm: you have no reasonable expectation of privacy by transmitting on public airwaves using standard modulation.
Now.. with Digital phones, and specifically, with Encryption this changes. Under Canadian law, encryption wrapping the conversation indicates that you have a reasonable expectation of privacy, and someone violating that woudl be violating your rights.
Note that the only reason it's protected is because it is encrypted AND because it is a conversation. Satellite broadcast is not the same thing.
Taking photographs, again. If what I see is visible from somewhere I'm legally allowed to be, I'm allowed to take photographs of it. I can photograph anything that can be seen from somewhere I'm allowed to be, especially a public street or my own property.
And regarding 'shotgun' mikes, it depends. If I can hear the conversation of you yelling at your wife, and I'm simply using the mike to amplify it, then I am within my rights to record it. If I can't hear you at all, and use the mike to snoop on you, then that's illegal, because you have a reasonable expectation of privacy.
Sorry... I have to draw a line here. Perhaps it's my Canadian blood talking.. but...
I respect that they put up the satellite, and started the TV service.. however....
THey are broadcasting signals over PUBLIC airspace, including INTO MY YARD. If I feel like putting up a dish to capture that signal and manipulate it *however I want* within my own property, that should be my absolute right (though the law may not agree). If they don't want me to receive the signal, don't broadcast it into my yard. PERIOD.
THe airwaves are PUBLIC.
It's a case of the cure being worse than the disease--akin to shooting a petty thief in the back as he's running away, unarmed. I don't think it's ethical to steal cable/satellite, but should Microsoft be able to self-destruct your PC if they discover you stole a copy of Windows? How about the MPAA inserting malicious code in all DVD players that allows them to melt down your DVD and/or the player if they detect you trying to play an illegally copied DVD or just because you tried to by-pass the region encoding?
This sets a dangerous precedence and I hope DirecTV gets their ass sued class-action style.
Shon
>! It is not "stealing TV". When you steal something, the person that you stole it from no longer possesses it. An example of stealing TV would be smashing a shop window, grabbing a television set under your arm, and running. This is by no means the same thing.
That is not actually correct. When you lessen the value of something you are likewise stealing. DirecTV is in the business of satellite broadcast television, they hope to make money from this venture. If people begin to acquire their service without paying, they are reducing the value of the service. We are a consumer based society, and while I will scream about corporate abuse as much as anyone, in this instance we have to protect the rights of the company, since to do otherwise would be tantamount to telling DirecTV to get out of business.
-Shieldwolf
just = (My)Opinion.toCents();
There -was- an interruption in service. Upon waking last Sunday, I found two of my DirecTV recievers (both Sony SAT-B1) non-functional, with a notice on-screen to contact Customer Service (extension 721, IIRC). While calling did clear the problem up, it was somewhat disconcerting to have the system in such a half-broken state. I pay for TV, like a good boy, but that doesn't seem to matter. Interestingly, the third reciever (a SAT-A1) survived the hit without episode.
Kid-proof tablet..
Does this explain all the commercials with Johhny Cochran and the guy from "America's Most Wanted"?
It doesn't matter if there's a computer involved or not, it's still stealing.
I didn't sign a contract when I bought my dish, or when I ordered service.
I ordered over the phone and they didn't inform me of ANY restrictions, let alone ask me to agree to them.
So, the only thing I'm prevented from doing with my Bell ExpressVu dish is that which is prevented by federal law.
It's a service that id software doesn't provide.
So gracious of them to force me to use their validation service when someone wants to play on a server I host.
So I cracked the server. Now it doesn't check.
In a forum on Scary's, one of the id guys claimed I was breaking the law when I mentioned this, yet he was curiously silent when I asked him which law... All I'm doing it modifying software that I own, it's like writing in the margins of a book that I own.
Did anyone tell you, at the store before you bought the dish/box/card, that would didn't own them, that you were only 'renting' them?
If not, you own it.
They can't tell you afterwords that you don't own something which you paid money for.
And offering to let you return it is *not* enough. If they sold it, you own it. Offering an 'out clause' is worthless.
It's not valid in click-throughs, it's not valid in shrink-wrap licenses, it's not valid in anything.
As a cable subscriber, I never really consider picking up signals in the air theft of service. If a company is willing to send the signal everywhere, and I go through the trouble of decrypting it, then why can't I go read it? I can't say I don't want DirecTV signals sent to me. DirecTV is sending them no matter if I like it or not. With cable I don't have to have the signal sent if I don't like it. I could go rip the cable out of our yard and cut it off at the box.
Would I be a pirate if I bought a DirecTV dish and reciever and then never used it? Maybe because the sale means they need to see another subscriber added to the quarterly report? Is it theft because they sell the equipment at a loss? If so, what about hacking all the other set top boxes and not getting their service? What if I built a receiver without their box, would that be OK?
Some people are saying it's worse to pickup DirecTV then it is to hack into somebodys computer. I don't think so. Picking up a signal from a satellite would be more like picking up packets on the internet. Listening to DirecTV is more like packet sniffing. Soon that will probably be illegal as well.
Irregardless, what DirecTV did sounds like a cool hack. It even has rumors like "98% of the hacked cards were destroyed..." I just picture all these recievers suddenly smoking all at the same time. Sort of like "Lawnmower Man" ringing all the phones in the world at the same time.
So the people that are using the CueCats sent to them in the mail for catologing their books collections are thieves also? How is that different from decoding the signal that is being forcefully beamed at me?
I don't know what contracts you sign when you get the serivce, but buying the dish dosn't require service. and if you're hacking the system, you don't need it.
ReadThe ReflectionEngine, a cyberpunk style n
In fact, I believe that this kind of action on the part of Hughes is the best, when dealing which hackers or whatever. Instead of brining in lawyers, and making laws that stifle freedom, big corporations should hack back. Hughes was a company with enough technical talent to pull this off, but unfortunately the record companies and other media conglomerates were not.
ReadThe ReflectionEngine, a cyberpunk style n
By circumventing DirecTV's security measures one is depriving them of income that is rightfully theirs.
How so? I would never pay for television, and if I were to get one of these devices (as some of my friends have) it wouldn't change the amount of money flowing into DTV one bit. They get Zero dollars from me whether I watch the signal or not.
ReadThe ReflectionEngine, a cyberpunk style n
That dosn't sound anything like Gibson, I'm not saying it isn't interesting, but there is no way it come close to something from the keyboard of William Gibson.
ReadThe ReflectionEngine, a cyberpunk style n
What a great summary ya fucking thief. Excuse my French, but stealing is stealing. Pirates like you are a pretty sad breed indeed.
I was with NewsDatacomm (a subsidiary of Newscorp, Ruert Murdoch's gang) when DirecTV was first setting up the system. The fab plants in Mexico with Thompson, and we handled the crypto on servers that sit inthe racks for each uplink channel in the Castle Rock Colorado facility (its south of Denver). Very high tech, and high security - but at the time, nothing but a long dirt road winding back into the woods east of I-25 past the 7-11, the first winter was a fun one, security sometimes patrolled the road to rescue people who got stuck in snowstorms, or to thelp the Hughes guys in the Sat Control station "next door". There was a nice kitchen and everything in the crypto office downstairs (we got DTV all channels naturally, great for late shift folks), some good HP workstations, and the linkage to the cust care sites in Minn (at the time) and Texas, as well as the standby stuff in LA. Anyway, thats enough background to prove to anyone that works there that I was there way back when.
Due to stupid US laws in place at the time, the crypto work had to be done overseas. It was handled by Adi Shamir and his team in the Weizmann Institute in Israel. So now you know who the crackers were up against - and why the crackers lost.
I left after a less than a year they went live (development is fun, deployment too, but day-to-day operations is boring). Were the so-called "hackers" the same Irish bunch all along?
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
Honestly, DirecTV is very cool about this situation. They even have a guy on alt.dss.hack that TALKS to the hackers and actually goes about in conversation with them. They truly look at this as a game of chess, and I was always intrigued by the complexity of the "war" at times.
To show you how cool things have become... The latest trend in DSS is using emulation software on a PC to intercept the signal and then sending it to your reciever. It truly is an innovative solution!
I swear, words like ECMs (Electronic Counter Measures) that literally destroy cards, and Unloopers (thinks that fix "looped" or destroyed cards") really make this feel like some hollywood hacker movie. But it's not. It's for real! Damn, that is just too cool!
-Nick
There are lots of digital signals on C-Band, many of them using DigiCypher technology, which is basically an MPEG stream, similar to the pizza dish technology. People don't seem to realize that the digital signal is only a digitized version of an analog signal pulled off some other satellite, so how can it possibly have better quality than the analog signal? In my experience, I have never seen a better picture than an analog signal off my 10' dish. That includes pizza dishes, cable, antenna, VHS, and DVD.
I hear that if the battle heats up and Canadian crackers gain the upper hand, Hughes will resort to poisoning the backbacon supply.
the way i understand it, the people with the hacked cards weren't paying for service, that is, they HAD NO CONTRACT.
nothing was signed by them.
so if they had to sign it to agree that the card was actually not theirs, or if they got the card from a 3rd party, then that would probably mean the card was really theirs.
i may be missing something as i don't know a whole lote about the cards or directv but thats what seems to be the case from the little that i have read.
-=[ http://www.legos.org ]=-
There is no real skill involved in what the Canadian hackers are doing. DirecTV was just toying with the hackers, inconvienencing them with looping the cards while they devised the latest scheme.
Hughes are the real hackers ... they were sending packets you couldn't figure out until the damage was done ... and they did it right before the biggest viewing time of the year. Bravo to Hughes ... they beat the "hackers" at thier own game.
You can justify your acts anyway you want, I suppose. But calling yourself "hackers" is an insult to those that truly do possess the skills. Just because I can take someone else's code and write it onto a CD doesn't make me a hacker. Just because you can take someone else's code and write it onto an H-Card doesn't make you a hacker either.
Ok, so what makes a hacker a hacker? IMO, a "script kiddie" is someone who uses a tool to "mostly" auotmate the "hacking" and has a moderate amount of knowledge to be able to use it effectively. They may know how the tool works, but could NEVER make the tool to do it. Hackers make the tools. Hackers have the skill to know how to fix a problem, and make the tools to make that job easier. If you didn't make the tools, you are NOT a hacker. If you can't write code, you are not a hacker. I say this because in your statement, you say that we "have no idea the amount of skill it takes to crack cards." Wrong. I've cracked them myself, using scripts and programmers. But I don't know HOW they work, even if I know WHY they work. Just because I can use those tools effectively doesn't mean that I am a hacker.
The FCC is a US body, and has no jurisdiction over, say, Canada. That's the point of this battle ... most of the so-called "hackers" are in Canada, because they cannot legally pay for DirecTV due to stupid Canadian legislation. But since they can't pay for it, it's technically legal (if not morally ambiguous) to "steal" the service.
Still, everything else you said is right on. Hughes handled this PERFECTLY. Just because Canadians are allowed by their law to "steal" the service, doesn't mean Hughes has to lay down and take it. Fight, man!
Now THIS is the way to handle hackers. Screw high priced lawyers.
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
actually, the name "football card" comes from the primary use of these things - getting all the football games for free.
If it's encrypted, how do you know it's a conversation until you've decrypted it? I'd like to know exactly what kind of signal would go back and forth between a cell phone and cell tower that does not qualify as some sort of conversation. You can't reasonably defend listening in on scrambled phone conversations by saying that you were looking for the few that weren't conversations. It's a silly argument. You're still invading someone's privacy.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
If they can't convince us their service is worth paying for, then
they'll just have to arrest us and throw us all in jail; because I
really don't care about the interests of every large company and its
consumers who defend it like mindless drones.
So if they can't convince you their service is
worth paying for, it's OK for you to just take it?
If I want to charge you 50 bucks a night for
a hotel room, and you don't think it's worth it,
are you then allowed to just take the room?
And don't even try to compare my use of the word
'kids' to racism. That's ludicrous on face value
alone.
This is the perfect solution to a nagging problem.
Direct TV sells a service. They make money from
the sale of this service, and they provide the
infrastructure, the broadcast, the hardware, etc.
Then, a bunch of kids decide that they want what
DirectTV has, but not at their terms. So they steal
the service. Yes, they stole it. Hell, they
admit it in the article.
So what does DirectTV do? They beat the hackers at their
own game. They outplay, outsmart, and outfox them.
Bravo. They protected themselves and their market
share in the best way possible. In the end, we
can all appreciate the beauty of this particular hack.
No. That's NOT the same, since by not eating there you are statistically still useful to them. ie:
McD's Marketing: Only 58% of the populace likes our burgers. Huh. How 'bout that. We should fix that.
If you steal dish, they don't know you exsist in any way, so they assume that you don't like thier service. Nevermind that you're raping them for it every time you flip on the tube... so at the very least what you're doing is dishonest regardless of it being theft. Which I still hold it to be.
Dirk
I keep trying to pick fights, but I can't shake this Excellent karma.
Buddy, you missed my point. And I miss yours. El fin.
Dirk
I keep trying to pick fights, but I can't shake this Excellent karma.
Actually, you *are* taking something from them. If you subscribe to thier service, they know what channels you are capable of watching, and can tell the actual HBO people (for instance) that they have 18 million viewers and want to be billed as such (I can only think that as the number of viewers increases the actual cost to the provider decreases due to an increase in effectiveness of advirtising). So its not JUST your monthly billing statement that they are losing out on.
So if they increase thier profits by having more subscribers, you *are* stealing from them, in a very real sense.
Dirk
I keep trying to pick fights, but I can't shake this Excellent karma.
I'm a legitimate subscriber to DirecTV and my channels went flaky over the weekend. Further investigation revealed that I'm only picking up odd-numbered transponders; specifically the odd-numbered transponders would have a strength of 79-82, where the even numbered transponders would have zero strength. The DirecTV tech support person said this is a classic symptom of LNB failure up on the dish itself, but I find the timing of events to be suspicious. Is it possible that DirecTV's ECM over the weekend is responsible for this malfunction? My dish is only four months old, so I sure hope it's not the LNB.
--
whuppy enjoys smelling like diesel fuel
It appears that hackers are now considering a piece of hardware that sits between the DSS receiver and the smart card. It would emulate the damaged area of memory and, presumably, prevent that area from being written to again. You didn't really think the game was over, did you?
Your design to a real part online: Big Blue Saw
Now wait a minute, I agree it is immoral. But you have to keep in mind the legal aspect attempting to push a piracy charge.
The reason you have never seen an individual (someone not reselling their copied/"stolen" material) is because of the need to prove a loss. This is a major issue surrounding MP3's and the like. Just because a person has copied/decoded/viewed commercial data, it does NOT mean they would have ever paid for it. You can NOT prove a loss of profit, because you can't prove that the person would have ever paid for it at all.
Until mind-reader machines become (a) a reality and (b) legal testimony, this won't happen =).
Ad addendum: Such bastardized pieces of legislation as the DMCA appearently could allow prosecution for this. I think the DMCA though, if it ever reaches high courts, will probably crumble.
Actually... As of the 24th of january (last night) Most of the Hu cards were "Looped." This includes the "dealer" cards, and the one or two semi public scripts that were floating around.
Allot of popular speculation in the DSS hack community is that when Northsat of canada was busted.. (They reportedly had the most advanced HU hack at the time of their bust..) They cut a deal with the guys at northsat, to get all of their HU hacking info, in exchange for lesser prosecution. Mind you, this is complete speculation.
As of right now, its really not worth it to "hack" Dss.. You now need to have a valid emu setup (PC with 2 serial ports running dos, card programmer with a Hcard with a valid Subscription on it , Emu card/wedge to slip in the receiver, and the approproate serial cables.) Plus, theres a nice artifact that causes the loss of 1-2 seconds of video every 30 minutes or so.
I went the paying route a long time ago with my DSS setup, less headaches for me. Many of of Hacking friends lost all of their Hcards in this past sundays ECM. I'm paying the same price for DSS that I would pay for digital cable, and I get more channels.
As a side note, the way the specifically did it. (Way over simplified explanation follows) Was changing the Boot Proms.. They're kind of like a fuse.. they expect X (forgot the #) fuses total, and 3 of the "fuses" to be broken, thus rendering a value of 33 for boot. The ECM broke all of the fuses on the prom and it now has a value of 00, thus rendering the card unbootable, and now totally unfixable.. (It really it, unless you have an electron microscope, and can manipulate gates at an atomic level). These cards cannot be "unlooped" in any capacity.. short of ripping the card apart, and replacing the circuitry.. (a very expensive task, at best..)
No matter how you chalk it up.. (pro DSS, or anti-DSS) you have to admit that Directv exhibited some pure genius with the anti-hacker-measure. And if you're still hardup to get free satellite.. there's always Dish Network.. You need an older receiver, and you have to send it off to a 3rd party for them to extract keys, if I recall correctly. But I think it still works.
http://thepoliticalgeek.com/blog/ Politics for Geeks.
this story is very exciting, i could have sworn it was written by william gibson. i was just thinking of "Burning Chrome", amazing! :-)
------ Curiosity killed the cat. {satisfaction brought it back | it didn't die ignorant | lack of it is killing mankind
if you read a lot, you will see that there is a way around this, emulation, basically what happens is that a PROM gets written to, by using emulation to emulate that PROM, we can reverse all the bits DirecTV's toggled back to the original, it is not theortical, it is already out there, those who were smart to get it early are not crying now. But I am sure DirecTV will come up with a smart idea, in the console world, it is possible to write game that can detect different kind of emulators. So they might write code that can detect an emulator. i.e, Emulators usually don't emulate bugs in hardware. ;) It is amazing how a bug in hardware can be used for useful things. :D
------ Curiosity killed the cat. {satisfaction brought it back | it didn't die ignorant | lack of it is killing mankind
I would argue that you should have the right to examine thouroughly anything that enters your property and/or your body. You can't have a more basic right than to examine what you are subjected to.
That being said, I don't disagree with what Hughes did. It was very creative, very ingenious, and technologically genious. Had they pursued a legal case over this, I believe they would be in the moral wrong, but the legal right.
Someone will bypass this. It's a new challenge. The DirecTV hack bug has been relit.
Linux - Because Mommy taught me to Share.
At one time in America, it was legal for you to hack and decode any signal that was sent onto your property. I can't remember the name of the act that allowed this, but if an electronic signal was sent onto your property, and you could decode it, listening/watching it was your right.
This is why the old C-band dishes never had prosecutions for descrambling, or why you could listen in to Cellular Telephone conversations. And this would apply to DirecTV too, except it didn't exist when this law did.
Sometime in the mid 90's, a new Radio Telecommunications Act was passed which banned the eavesdropping on cellular telephones and any other signal entering your property that needed to be decoded. Thus, now the old C-Band hackers had become pirates, and the new DirecTV decoding was illegal.
The question is this - do you have the right to translate signals that are travelling onto your property - signals which you did not request?
The old law said yes. The new one says no.
Linux - Because Mommy taught me to Share.
This is true hacker war at its best. The DirecTV hackers vs. the DirecTV programmers. I bet both sides had a great time, and enjoyed the game. The "GAME OVER" message was an especially nice touch.
Someone said that they're within their rights to "illegally" descramble DirecTV's content, because it's broadcast over public airwaves. True, but then, isn't DirecTV also entitled to broadcast whatever they want? If you just happen to be foolish/1337 enough to be running a hacked card, well, thanks for coming out, better luck next time. DirecTV didn't physically destroy the cards, so I don't think the hackers have any grievance in that respect...
Nicely done, on both sides. I think this deserves an entry into the hacker hall of fame.
and this should not be ignored, next time somebody wants to prove that there do exist communities of ethical hackers.
i can't decide i'm surprised or relieved, but i think at heart i'm neither. it is nice to see proof of my central belief that people are mostly good, and that the computer hacker community is no different.
all that being said, kudos to DirecTV for the elegance of their solution, short-lived as it will be. boos to the thieves, who while certainly clever, could better be using their energies to other purposes.
stored on computers from birth to the grave
People providing a service deserve enough to be able to cover the costs of their operation and to make a reasonable profit.
Not in any kind of capitalist free market economy. Here the principle is that both businesses and customers will be self interested. If a business comes up with a good idea they will make money, otherwise they won't and will go out of business.
It is a lot of the same problem...how do you prevent a given behavior when all the resources of that behavior are in the hands of or are accesible to your enemy.
It's also not unknown for a major arms exporter to end up fighting wars against places they previously sold weapons systems to.
What is scary about this is that Hughes is taking the law into their own hands. It seem innocuous enough - they just "destroyed" several thousand bits of hardware
However they destroyed their hardware...
but what is to stop large companies in the future from "arresting" people for doing things they don't like?
That sounds like a rather different behaviour.
DirecTV are broadcasting their signal over satellite. Whether you pay for their service or not, it gets beamed into your property. If you have a dish, you will pick up the signal. If you happen to have the means of decoding this signal, you can watch their TV shows.
What they are doing is both broadcasting the signal and selling a service in decrypting the signal.
It's in their interests to try to ensure that they sell as much of the service as possible. One way of doing this is to make the encryption complex (so that it's difficult for third parties to decrypt, history shows this is difficult in practice) another way is to lobby for the state to grant a legal monopoly on the process of decoding. (And spread FUD about it being "stealing").
Since their situation is unchanged, then I have not stolen from them.
But my situation is changed. I now have a service that I did not have before. Where did I get it? The answer is that I literally pulled it out of the air!
Except that you didn't pull it out of thin air. You either paid another party or applied some skills you had.
Is there a way to direct the signal only to the homes that have valid DirecTV smart cards? I doubt it. This isn't the same as a radio signal where all you need is a mast at your station, this requires an enormous initial investment to send satellites into orbit.
Putting up a mast isn't cheap, putting up the number of masts (including paying rent to all the land owners, all the RF and microwave kit, electricity, etc) you'd need to cover the same area as a satellite probably costs more than using a satellite.
If setting up a transmitter network was cheaper then the company would have set up a transmitter network...
Consider the infrastructure. Those satellites are expensive. If you are grabbing the service for free, who's paying for the infrastructure and operating costs?
They are running a commercial enterprise, it's the responsibility of them to come up with a business model which at least covers their costs... It's certainly not the responsibility of any other party to support anyone's business model.
DirecTV has two things- customers and potential customers. When you pirate their signal you deny them a potential customer- obviously the person pirating is interested in satellite tv- thus meeting your criteria of the person(company) no longer poessing it
Assuming that the "pirate" is actually a potential customer. Maybe they wouldn't buy it anyway. Maybe they could not buy it, e.g. the Canadians.
Also the assumption here is that DirecTV should have a monopoly on these "potential customers".
You are assuming that people who have pirated something would have otherwised purchased it. This may be more so the case with DirecTV than with software. DirecTV is pretty cheap for the most part, but software is not.
Also in this case there is a catagory of people who could not buy the service in the first place. It's only sold to people in the USA (possibly except Alaska and Hawaii) but broadcast to all of North America. You can't get a satellite footprint to cover stop at a line of latitude... (As most of the US/Canadian and US/Mexico borders are simply lines someone drew on a globe.)
What the poster fails to mention is that the "hacker community" (as he calls these crackers) had a regular little cottage industry going selling hacked H cards and then fleecing their costumers for upgrades each time the card got ECMed.
Sounds like a simple case of commerical competition. So far as the "fleecing" goes, maybe this still has a lower average cost than paying DirecTV.
We are all applauding Hughes for their cleverness. What are we going to say if Microsoft gets this clever?
Be amazed, if it's done by their DNS administrator be astonished...
This may be true in the US, but it's not true in Europe. Sky Television has been using smart cards to control access to their DTH channels since it launched in the early 90's (The company was founded in 89, I belive it started transmitting the next year).
Sky also has had it's battles with pirates breaking their encryption, and periodically have to send out new cards to their subscribers whenever the losses become too high.
You used a very poor example. The H-card crackers aren't stealing anything as far as I'm concerned. They are listening to something that is braodcast to them. They aren't breaking into a bank or running over an ATM for its cash. You sending me data. If you don't want me to do anything with that data, don't send it to me!
--
First of all, let's point out here that what this little story refers to as "hackers" are actually "pirates".
I would be willing to bet that there were only about 10 or so real crackers who would actually reverse engineer the cards, build the smart card writers, and update their programs. The rest of the 100,000 or so "hackers" were probably just script kiddies who were doing what script kiddies do best. You know the kiddie mentality, some kiddie found out about what a few guys were doing and immediately started blabbing it to all his kiddie friends and claiming he was a w00t 31337 h@X0r d00d.
The article says: Some estimate that in one evening, 100,000 smart cards were destroyed, removing 98% of the hacking communities' ability to steal their signal
Most likely, the 2% of the cards that survived were by some of the original crackers who were smart enough to see it coming. (or they just went to bed early and shut down their system.)
----------------------
Opportunities multiply as they are seized. --Sun-Tzu
Whether the usage was correct, I don't know.
IANAL, but I play one on
Errm, in the UK certainly, TV licence.
US & UK cellular phones
Any military traffic (In the UK certainly, dunno about the states)
I disagree completely with this analogy.
If someone throws bricks through your window, have you stolen their bricks?
Erm, listening to cellphones, or even selling an scanner capable of doing so IS illegal in the US...
So THAT'S why the satellite system gakked out during the WWF Royal Rumble match at the bar I was watching it at!
Man, I was so pissed, I missed Drew Carey going into the ring by the time I found a new place to watch it!
Does it make you happy you're so strange?
This was a good hack and all, on Hughes' part. I followed this scene for a little while, but quickly became disenchanted when I saw how much time, money and effort was involved, to get free TV, essentially - seemed out of whack to me, so I dropped it long ago (though now I wonder where you can buy just the smart cards to play with - not to steal DSS, but to actually integrate in things - I mean, I can buy the slots all I want from Digi-Key... Anyone have links to real distributors who would sell to individuals?)...
What is scary about this is that Hughes is taking the law into their own hands. It seem innocuous enough - they just "destroyed" several thousand bits of hardware - but what is to stop large companies in the future from "arresting" people for doing things they don't like? How far can this warfare go, when corporate Amerika is able to push through laws like the DMCA, the UCITA, etc? What happens when corporatism becomes the LAW?
This is just the first step - look for M$ to try doing something similar in the future - look for other large companies to try this as well, with all sorts of products - then look for them to really start coming after people...
Worldcom - Generation Duh!
Reason is the Path to God - Anon
That other $5 is for recouping the costs of dealing with pirates. In The Hacker Crackdown Bruce Sterling mentions the costs of credit card fraud in higher credit card fees. Certainly the people who figure out how to crack the DirecTV system are hackers. The rest of the people using those hacks, probably the 98% who lost their cards, are just script kiddies. I respect the hackers, have only disdain for the kiddies.
Best Slashdot Co
Radar detectors are illegal in Virginia.
Best Slashdot Co
I wanted to dispute that radar detectors have no legal purpose.
Here is a scenario: A officer of the law doesn't like me and intends to pull me over for 'speeding' as a form of harrassment. I'm driving down the highway maybe with 2 or 3 passengers when my radar detector lights up. When the said officer gets to my window and trys to write me a ticket for doing 20 MPH faster then I was really going, I now have access to evidence to the contrary. Granted, how I present that evidence is a bit tricky as I'm sure Mr. Policeman would be real open to the standard "But I thought I was doing the speed limit!" line. Knowing when his radar was on and using that to double check your speed is a valid defense against townships that use Speed Ambushes as an income source.
I can hear it know, "Don't you mean a Speed Trap?" No, a trap is something you leave and come back to see if it has caught your prey. An ambush is where you sit, usually in hiding, and wait for your prey to come along so you can pounce. So, anytime you see Mr. Radar (or laser) gun on the side of the road, remember, you were *AMBUSHED* not trapped.
We the Sheeple...
How was Hughes able to distinguish a hacked H-card from a non-hacked one. If the non-hacked ones had to accept the same instructions that the hacked ones did, I still haven't seen how they kept the legit H cards from being affected by the ECM.
We the Sheeple...
If you can make an exact (as in bit-for-bit copy) of the Quake CD then it would be awful hard for any pirate hunting patch to differenciate between legal and illegal but perfectly copied installations.
What Maxis has done with The Sims is a better analogy. Making it hard to produce an exact copy puts them in a position of being able to detect valid installs from pirate ones.
We the Sheeple...
Correct me if I'm wrong as I only read the slashdot article and the website linked.
>H cards are damn near indestructible.
Irrelvent to this issue. DirectTV wrote on a WriteOnce part.
>you could just send 1 update
Regardless if they need to to it or not changing their tactics is brillent. It called psycological warfare and will now keep hackers (doesn't crackers apply here since what they were doing was stealing?) on their toes.
>the destruction of the cards would force Hughes to replace them
Most likely not. I haven't read the EULA but I'm sure that this is covered. Besides DirectTV will just point to the physical evidence of the card being hacked. The customer just has his word. Which one would hold in court?
>the site Michael linked to requests financial support by clicking a paypal link
Oh please. Slashdot has banners. And the paypal is _optional_.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
Comment removed based on user account deletion
Comment removed based on user account deletion
Both the hackers and DirecTV seem to be on sound ethical footing in this particular case. I salute the ingenuity of both sides.
Tom Swiss | the infamous tms | http://www.infamous.net/
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
If you're interested in actually hacking these boxes as opposed to blatant theft of service (not much of a distinction, but, hey, we all gotta rationalize), then you probably don't have much to worry about. I suspect that the 2% that weren't affected were using emulators of the smartcard, quite likely running their own software that they themselves wrote to hack the dish.
*grin* There's gotta be one helluva pissed pile of pirates out there though. The GAME OVER thing is just classic, too, eh! heh heh.
..don't panic
You're saving lots of money.
You pay for the card once, let's say $500. From then on, you receive all their channels. Although your initial outlay for the card is higher, there are no more cash outflows.
You can theoretically pay DirecTV in perpetuity for service. Plus, the more channels you want, the more you'll have to pay per month.
So while the net present value of cash outflows for the card is $500, the net present value of cash outflows for paying DirecTV can be damn near infinite.
Personally, I am a paying subscriber to DISH Network.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
Imagine you had a really good idea at work for improving some process. You tell your coworker about it. He goes and tells the boss. Boss likes the idea and gives the coworker a promotion. You still have your idea. You can still use it. But I bet you'd be pretty ticked off.
The other 2% were saved because either 1) they were a backup; or 2) the "hacker" used an emulator, where he would hook up a computer (running special code from a DOS boot disk) to his receiver and H-card, so the computer would, in essence, take the hit instead of the H-card.
This isn't a hack. It's a crack. Please don't besmirch the honorable term "hacker" by associating it with this kind of theft of service.
--
Disinfect the GNU General Public Virus!
Agreed.
They pulled off a hack that consisted of technical and social engineering. And it worked perfectly. This is a great beginning to "Greatest Hacks of the century"
They guys who actually hack DirectTV are probably fascinated by this, and are examining everything the best that they can. Joe Sixpack who bought the illegal device is probably pissed off and out of luck.
Later,
ErikZ
Democrats or Republicans. They are both taking us to the same place and they are not afraid of us anymore.
majestic
so does that mean that McDonald's can accuse me of theft because I don't particularly care for their hamburgers and never eat there...thus costing them a bit of their profit because i'm not patronizing them?
Wow. Interviewing the folks from Hughes that pulled this off would be an awesome slashdot interview.
How 'bout it?
I have a theory, hypothesis whatever.
You see Hughes is a defense contractor. The defense industry is all worked up about Electronic Warfare against our national infrastructure, which now includes the Internet and other telecommunications services. They want to know what if anything they can do about it.
I believe Hughes has been tolerant of this game because it is a testing ground for them. I don't think they are testing their best technology at all, but rather practical technologies that are like the infrastructure already deployed.
It is a lot of the same problem...how do you prevent a given behavior when all the resources of that behavior are in the hands of or are accesible to your enemy. The entire Internet is really this way. Yeah Yeah firewalls blah blah. If you have any IP path out to the net or in to your computer, you have the same problem Hughes has with DirecTV. If you happen to be AT&T, WorldCOM, Sprint, UUNet or somesuch it is a big problem. If you use electricity then you have at least one path to attack the electric company.
If Hughes can solve this problem against a motivated enemy (people who want DirecTV for free) then they have a valuable solution that every government wants to buy. And governments have more money than all possible direcTV subscribers are likely to spend even over a very long time.
Well, there it is, a crackpot conspiracy theory. Worthy of Slashdot IMHO.
Don't post innacurate information
If you do, I swear by my pretty floral bonnet I will end you.
So by this logic, If you are using a Cell phone and I evesdrop on your conversation I'm not invading your privacy? Your Phone is broadcasting out and assuming you're close enough its on my property. I'm not paying for cell phone access, so I can listen to your conversation cause its on my property, right?
Its just like me listening to a friend talking on a cell phone cause he has one.
I have phone lines that cross my propery, does that mean I can hook into them and get free long distance?
11 was a racehorse
12 was 12
1111 Race
12112
No, because now you're not passively intercepting the radio waves. You're taking active steps to steal service.
Ummmmm... Isn't hacking a smart card taking active steps to steal service? Just a thought.
11 was a racehorse
12 was 12
1111 Race
12112
Those little "lawn jockies" are a memorial to a hero of the US revolution. To understand this, you need to know about mounted infantry.
Mounted infantry consisted of infantrymen who ride their horses to the battle, then dismount and fight on foot. This means they get the mobility of cavalry, but don't require the training, the special equipment, and the well-trained horse that won't shy on the battlefield. Mounted infantry were a major component of the revolutionary war, because a lot of the militiamen knew how to ride.
When mounted infantry arrive at a battle, they typically dismount in groups of four. Three go to battle, the fourth holds the horses. Typically it's the least-trained fighter in the group.
Holding the horses is very dangerous. They might panic at the sounds and smells of the battle and trample the soldier. Or the battle might spill over to where they are being held and the soldier (with his hands full of paniced horses) is not able to defend himself.
Even when the bulk of the army is straight infantry the field officers and staff were mounted, and the same principles often applied there: Some of them just held the horses some distance from the battle, just as if the officers were a small detachment of mounted infantry.
Among General Washington's staff was his groom, a black man. (Note that not all American blacks at the time were slaves - far from it.) I don't recall his name just now, but it is well documented. This man had VOLUNTEERED to go to war with Washington. In one of the battles he was killed while holding the horses. The tradition of the "lawn jockies" began as a memorial to his heroism, bravery, and sacrifice in the war for independence.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
watch out, the software enabling concurrent recording (two signals) from the directv stream is NOT CURRENTLY ENABLED!
you will still only be able to record one show at a time...
signatures are for fools with hands
Your analogy is wrong. This is theft, clear and simple. Not that I am climbing onto my moral high horse. However, to argue that it isn't theft is ludicrous.
Here's why:
DirecTV transmit their signal to paid subscribers. PizzaMax deliver their pizza to paying customers. DirecTV loses money when you intercept their signal. PizzaMax loses money when you ambush their driver and "intercept" their pizza. The product, whether a signal or a pizza, isn't important. The medium - the method of delivery - isn't important. However, the loss of profit _is_. DirecTV spent time and money for the sole purpose of making money by delivering a product to a paying customer. PizzaMax did the same thing, but decided to sell a different product. Neither operate out of benevolence. Without a profit, their services and products would not exist.
This, in effect, means that you are also stealing from me. If I must pay more to watch my chosen programming because, out of 2 million viewers, only 1 million are honest, then you have taken money out of my pocket.
If you are too stupid to understand this, I pity you. If you are too immoral too care, fuck you.
Neopets - the best free game on the Int
Absolutely brilliant! Kudos to the DirecTV engineers who devised this fantastic plan. They're worthy of the true hacker title in this particular war.
It turns out that there's an area on the smart cards that is 'write once', kind of like an EPROM, which they probably wrote garbage into.
Brings up the image of a card smoking and slowing curling up inside your receiver, doesn't it?
Would these people have the same cavalier attitude with their private cell-phone calls, their packets on a wireless network or their baby monitors, since their signals most likely pass through other people's property? How about if those signals passed through a corporation's office? How about if those signals passed through government property? Given the strong privacy and crypto bent that most /. readers have, I doubt it.
This kind of back-and-forth battle is between Hughes and some crackers today, imagine a time in the very near future where 802.11 wireless networking and P2P file-sharing and communication are mainstream. Suddenly everyone's a broadcaster as well as a receiver, and everyone's signals cross a lot of backyard. The "back yard" argument may not be as compelling to a lot of people anymore.
Sounds like something Gibson would write.
C'mon, guys, we're dealing with the original dark organization here. These guys hacked the CIA, surely they can take a hack.
Nice touch on the "game over" though...
Also forgot to mention that the H cards that were "damaged" this past week may still be salvagable via a hardware setup similar to emulation called a bootloader. The bootloader can basically redirect any packets that are trying to look for this "write once" area on the card that has been closed, essentially building a bridge over the hole that has been blown on the card.
The intelligent members of the community did catch this new code in the stream very early on and had been warning the community for months that the only safe way to survive an ECM was to go to emulation.
With a hacked card, you get unlimited viewing of pay-per-view movies (which cost $3.95 each), unlimited viewing of the sports packages such as NFL Sunday Ticket (which costs $169 per season), unlimited access to the premium channels such as HBO, and unlimited access to the porn channels ($5-8 per movie). A standard subscriber package that includes every channel except for any pay-per-view or sports packages can cost upwards of $80/month. A hacked card that can stay active for several months easily pays for itself. And having the ability to choose from multiple timezones for network programming (NBC, ABC, CBS, FOX) is very convenient for solving schedule conflicts and is not available through legit subscriptions thanks to the ridiculous laws surrounding distant locals.
Nice to see that such an intelligent comment gets a +1 Bonus.
Anyways, where in my summary did I mention that *I* was using any of the systems that I described? Not one single place. As someone that does have some knowledge about this topic, I obviously was able to shed some light on the other side of the story. But then again that would just get in the way of the DirecTV engineers and the holier-than-thou people here that are high-fiving each other and patting each other's backs from the FUD that DTV is spreading. If one were to replace "DirecTV" with "Microsoft" in this story, I can guarantee that attitudes would be different.
And for your info, I was one of the subscribers that had 2 cards knocked out, spent 3 days with busy signals and on hold before I could talk to a CSR, and am now watching OTA broadcasts until my new cards arrive, which I'll be paying at least $78 for. And if I want a refund on any portion of my bill while my service is out, I get to go through the whole process again in order to talk to someone in accounting. While I'm all for companies combatting piracy, it certainly shouldn't happen at the expense of someone who is paying $55 month for the service. And no, I do not blame the pirates. That would be like blaming the pirates for the upcoming "anti-piracy" registration features that MS is including in Whistler. If my local cable company did't suck eggs and if it wasn't too difficult to get on the roof in the dead of winter to remount the dish to be used with Echostar, you can bet I'd fall into the category of disgruntled customer that cancelled. This certainly wasn't the first time I've lost legit subscriptions due to DTV's inability to specifically target their ECM's.
Very interesting theory. I did know that Hughes is a defense contractor, but never really thought to connect the two together. If your theory were true, it certainly would explain some of the very careless and lax actions they've taken in the past when combating piracy.
Secondly, the new HU card has recently been hacked to allow for the "3M" scripts that open all channels. DirecTV launched their first attack against hacked HU cards this past week as well, but the community actually learned quite a bit about the HU card from this attack. This HU hack is only available through "dealers" for several hundred dollars, but I'd expect the necessary scripts to become freeware over the next few months. DirecTV will have their hands full once an emulation script is created for the HU.
Lastly, DirecTV also hit many, many paying subscribers running legit cards with their attack on Sunday. You can be certain that this attack cost them quite a few dollars in terms of cards needing to be replaced as well as the loss of subscribers that they have managed to piss off once again.
if you read the article correctly, this last act effectively destroyed the smart cards.
I have a kind of philosophical question here. Was it right (and possibly legal) for DirecTV to physically destroy someone else's property? Yes, it may have been bought at a loss for DirecTV, but in the end, the purchaser still owns it. This seems like DTV took justice into their own hands. Even if you believe in the old 'Eye for an eye', that only gives you a right to punch someone that punched you, not break both of their legs for punching you.
Ah, that is different from cable were you (can) buy the converter box. If that was such the case, then no harm has been done.
Even though you bought it, you don't own it.
I would hope that would not be the case. Its odd that you would buy something yet not own it; i don't think any contract would make that legal either. You probalby therefore only bought the other pieces of equipment, and were not forced to 'purchase' (and if you don't own it, that term doesn't even work) the card.
The only problem with that is if you had infact bought the card, it would not be stolen. I mean, that would imply DTV stole the card the sold you, which is ubsurd, since they are the ones that made it to begin with!
DirecTv does deserve kudo's, esp the 'game over'. superb and deserving
:) I admit i laughed and thought that was damn smooth.
Oh i agree. That was very classy, and since the cards still were the property of DTV, there was no wrongdoing on thier part. Who owns the card makes a difference
Ya, well i don't care what the hell the EULA says, i own the damn thing, and will proceed to do whatever i want with it. I also don't think these have been challenged in court.
That doesn't fly to well with me. when i get a sub made, the service is someone making the sub. I still pay for the food itself, and when the sub is made, i own it.
In that case i would have to point out there is a difference between illegal hardware, and using the hardware for illegal purposes. I wouldn't say that the hardware is illegal, however using it to get free service would be. Just like owning a crowbar would not be a crime in inself, using it to break into a house would be. I would hope the law distinguishes from that as well.
Dude, you really need to get a fucking life, ok. Obviously you are way more dim then i am, since you cannot find anything better to do then point out a simple typo. My god...
Heh..if i'm not gonna own it, i should not pay for it.
And i'd have to agree w/you on the brand name thing, people need a clue.
Your washing machine anology isn't quite right. Suppose that you did modify the washing machine as you said. Now say it works differently, but the manufactor comes and destroys it with a sledge hammer. Actually here's a better example; you use your computer to hack someones site. Do they have a right to hack your computer and format your hard drive? Probably not. And i don't think they could say 'Well if you hadn't cracked us your computer would be fine.'
At any rate the point is moot since the chip never left the ownership of DTV. The only question is if they still had to 'buy' it but not really get ownership rights.
If you get caught with a radar detector in my state, and it has batteries in it or is plugged in, even if it is not on, you are guilty of a crime. I don't remember the severity off-hand, but it IS a crime.
Just a note:
In my state (NM), last I checked, radar/LIDAR detectors/jammers (yes, jammers), are legal. So, YSMV (your state may vary) :)
-- Bill "Houdini" Weiss
This seems like an ingenious counter attack only a hacker could think of. I bet DirecTV knew they were losing the war against hackers and went onto the IRC to get in contact with them and hire them to fight other hackers.
Jason
Yes, the card is free/negligible.
Just gotta call and ask for a new one.
I mean it must have been a pisser if you were getting free TV but still, that was quite a cool plan.
Can we set-up an interview with the techie that planned it?
I'm sorry, but I found the horribly negative tone of this article very offending. It seemed to imply that you should have the right to steal satellite television. If I ran a company and people found a way to get its services for free, I'd probably be pissed too.
I am a moral person, and I hope you are too. Pay for things you want.
Kspett
Kevin "Cash Money" Spett
Ignore your rights and they go away.
When my parents purchased their DirecTV system, there was something in the literature that they would receive a new card every month to keep their subscription current, but to this day they have never received another card beyond the original. Always thought that was curious, I guess now I know why.
My 2 cents.
-----
"Defenestration" is to throw out of a window; what's a word for throwing 'Windows' out of something?
...but I wouldn't make the claim that it's RIGHT to watch their content for free. Just because it's digital does't make theft of service (or whatever you want to call it) moral.
Evan
As to whether or not what they were doing should be called and what term best describes them, careful consultation of The Jargon File seems to indicate that they were, in fact, cracking the system, not hacking it. At the same time, however, it's clear that they (mostly at least) weren't script kiddies or warez d00dz. Perhaps more terminology is in order. Maybe hacker-cracker? (Just kidding)
Furry cows moo and decompress.
FreeBSD is free. Linux is freer. And NT is worth less.
Huh? How is Linux "freer" (more free)* than FreeBSD? Are you saying that a license that REQUIRES people to do something in order to use some code (GPL) is somehow less restrictive than a license that effectively lets one do whatever he wants with the code (BSD)?
The GPL is one of the most restrictive open source licenses out there. Come on people, get a grip and stop swallowing the GNU propaganda.
Oh, and your sig's not funny.
*Of course, the very concept of "more free" is absurd, so for the sake of argument (something I am admittedly quite fond of) I will assume you meant "less restrictive" when you said "freer".
DirectTV and all the other satellite broadcasters have all bought into the anti-fair-use agenda of the MPAA and the RIAA. DirectTV has recently issued a statement embracing the DVI spec which limits the quality of output to anything other than a display device with an encrypted datastream. They may even go so far as to cripple the over-the-air HDTV receivers that some DirectTV boxes come with in order to be compliant with that spec. Boxes that people paid good money for with the expectation that they would perform the same function tomorrow that they do today.
Furthermore, all the satellite broadcasters have made it clear that they will sue the pants off any company that would dare to make a card for your PC that could receive and decrypt the digital video stream from the satellites (even with appropriate access control). This interefers with my fair use because I could really use such a card in my home-theatre pc (htpc) to digitally scale the video up for better display on my hi-def television.
I, and hundreds if not thousands of others, already use htpc's to scale DVD's up with a quality beyond what any consumer-grade DVD player can do. Some of us also have HDTV tuner cards from companies like HiPix and Hauppauge that let us do the same and time-shift with hi-def tv broadcasts. Then there is the audio-scaling software that will resample 44KHz 16-bit cd (and mp3) audio up to 192Khz 24-bit audio for better playback via high-quality DACs.
I guess my point here is that an htpc is a very functional piece of hardware today, but DirectTV and co are actively preventing people like me from using that functionality with their product.
Sure, it is their choice, but it is an assinine choice and they do not deserve any false accolades for being "fair-use friendly" when they really aren't.
PS, so what if the infrastructure is expensive? Nobody made them put those satellites up there, and there is no god-given, nor government-given right to make a profit just because you spent a lot of money yourself.
When information is power, privacy is freedom.
Wow... it looks like the best hack in this case was pulled off by the DirecTV engineers. Kudos.
people on the street will wash your car's windshield while you're stopped at a red light, then expect you to tip them.
In fact coming across the border from Mexico into San Diego they do this even if you say no, usually leaving your windshield dirtier than when they started.
---CONFLICT!!---
On the surface (especially through the looking glass created by MPAA/RIAA/etc), it would seem that we should be in favor of the crackers and against Hughes/DirecTV. But that isn't so...
The crackers (in that they cracked the smart card system)in this case have steped over the line into stealing. They are stealing something they did not pay for (the DirecTV service).
On the other hand, with DeCSS, the hackers (in that they wrote the DeCSS hack) are doing noting more than allowing a DVD that they paid for on a system or device that does not have a commercially available DVD player (or has one but they want to write their own).
If this was a story about a hack for a digital video out feed (or something to that effect), that would be different since you are still paying for the video signal. The difference is that the DirecTV card crack is just plaing stealing.
I began following the internet underworld of DSS hacking in 97 when a couple of my older blue collar 'non-tech' friends bought DTV receivers (with fully hacked cards, no less) from one of our towns tv/stereo shops. That was the early days before the RCMP began gestapoing DSS equiptment dealers (shutdown raids with all equiptment confiscated) on behalf hughes/nds.
The DSS hacking scene has a fairly interesting history when you line up the countermeasure events history. There is definitive cycle that has occurred and will continue.
So, did DTV shake off its fleas with this impressive demonstration?
There is hardware available to allow these 'unrepairable' H cards to continue to be used. Supplies are/will be limited but the dealers with this tech are going to make a hugh pile of cash, over the next few months.
Card cycle 3 - HU Card (just beginning) This ECM will push the commercially available HU hack into the mainstream. The future of DSS piracy will likely become a more complex affair especially if DTV continued to develope it's security enhancements when design the HU card. The HU is currently a black box to hackers with only one group widely offering a sucessful hack. This hack was sucessfully ECMed on Sunday so individuals who shelled out the $500usd for a hacked HU are no further ahead. NDS, the company who actually manufactures and developed the F through HU cards, are reportedly on the hook for the cost of a full card swap, if/when the HU card's security is compromised. Sounds like good motivation to learn from the past and anticipate the future.
Most H card emulation systems didn't even blink during the ECM. Those system that encountered problem were easily update to function correctly. The software that is used to facilitate the H card emulation system requires access to the unhacked ASIC on an H card to retrieve decryption packets. Its actually a quasi man-in-the-middle hack with a computer program emulating all the functionality of the H card except for the generation of decryption packets. These are retrieved from a specially programmed H card that has been set up for that purpose alone. The H card is kept in a card programmer and is completely out of reach of DTV. Contrary to most conservative opinions, I suspect this system will continue to sucessfully hack the DSS system until DTV shuts off the H card data stream and switches entirely to the HU card.... Just like it did with the F card.
The software used to emulate the H card was created by one hacker/programmer. This individual also created the original emulation software for the F card. The F card emulator was a true emulator... no smartcard required. The F card emulator worked until DTV shut down the F card datastream. Although far too premature, an HU emulator of sorts can probably be expected in DTVs future.
DTV is gradually improving their security with each success cycle which will probably keep piracy rates in line. Unfortunately, they bought a dog with fleas when they decided to implement their system using tech that was proven hackable years earlier when it was employed in europe by SKY DSS. There are many millions of dollars at stake for both DTV and commercial hackers so its likely this battle will waged for a few years to come yet.
...but that's a superb piece of engineering work on their part, don't you think? In fact, a superb piece of hacking. ;-)
~~~~~ BigLig2? You mean there's another one of me?
this ofcourse kills the card because in the ROM there is a beginning look that looks to the address of the PROM and if it's not equal to 33 then then goes into an infinate loop. I'm sure someone will come of with a way to cloak the Ram section over the PROM so the card will be read as valid.. it will just take some time.
Also for those who think that any sort of satellite hacking is done by kids in basements while mommy and daddy are asleep, well, that's just ridiculous.. this isn't some ddos hack, little bit of code and your linux pc and you are elite haxor. No, to do this you need both money and some brainpower.. there are only a few key people that understand this and supply the community with the software tools and scripts to crack the signal...oh..and you need to drop cash on either a ISO7816 programmer or unlooper just to get started.. after that you can get your hands on a whole array of equipment to work with the data stream.. and it's not cheap.
hacking satellite was a fun game.. looks like i'm going to have to get a new hobby..
-b
ps... no i don't really know how any of the stuff works. i'm the equiv of a script kiddie in the satellite world.
"bright enough to reverse engineer"?? Well, I don't recall if it was DirecTV or EchoStar, but for one of them, the original smart cards has symbol names embedded in the code. As you can guess, this makes it substantially easier to reverse engineer!!! jbx
(sig) The last bug isn't fixed until the last user is dead. (/sig)
ummm...I have an H-card, still works just fine. I had dabbled in the hack-the-h-card thing a bit,but it turned out to be to much effort, with unlooping, keeping track of new hacks, etc. - so I went back with the pay service. Old card still works, tho.
Winter is Coming.
Obviosuly written by someone that didn't completly understand what was going on.
The 'hacking community'? I've NEVER heard to it refered to in that why. Satellite Pirates have been around since the 80's with C band dishes and cracking the VideoCiper.
The 'H' card was one of the original cards? No it was the first wide spread card swap DirecTV did. The F series was the original, and popped wide up for the longest time, however dealing with periodic attacks. H cards had both and F series and H series processors, and when DirecTV made sure all their customers had new cards, they switched the data stream to H, and of course everything F based went down. Then they cracked the H cards...same story all over again, except the crackers got greedier, and didn't put any good clone software out. (Which is near impossible to defeat if done right. If I'm wrong email me cause I want it... : >) Now we are in the midst of the 'Football' card distribution. Someday all H cards will go down, and within 6 months from that day the footballs will get popped.
DirecTV destroyed the cards? Who wrote this fucking article? A moron or the DirecTV propaganda machine? Huges can not pump a powersurge through the air to fry a card. What they can do, and have done all the way back with the F and now H cards is to send updates down that perform checks for reprogramming, and if found, activate dorment code putting the card into a hard loop has soon as they are powered up. (Known as 99'ing, since back when they first did this to the F cards, the card would continully transmit '99' if read on a programmer.)
But they beat that and with a really cute concept too. Unloopers worked by a series of timed voltages dips forcing the microcontroller to 'skip' the commands that put it into a loop and proceed to the normal programming there by allowing the card to be cleaned and reprogrammed.
So the H's went down hard (again), just before a holiday or event (again) and DirecTV was cute about it (again). Unless they moved to the 'Football' data stream, H cards will be back up in less then a month. No story here....
I can't believe how carefully this would have had to be planned. Sending a few bytes at a time to form a program? And nobody in the DirecTV cracker community caught on? If they were bright enough to reverse engineer the smartcards themselves, in addition to the code on them, you'd think at least one of them would have analyzed the "random" bytes coming through the satellite dish and noticed a program being formed. After all, they did code workarounds into their cracks (which probably included the parts of the program that had come down the "wire").
Unlike the broadcast medium, the signal belongs to DirecTV. They do have the right to control how it is used, if they can. Just like the signal going over your phone line belongs to you.
The airwaves are public, yes, but that doesn't give you the "absolute right" to do whatever you want with the signal. Roads are public but there are limits on their use. BTW, IIRC, you do not own the airspace above your property. Further, if powerlines or water mains go through your backyard, that doesn't make them yours. Just because it's _within_ your property doesn't make it yours.
"This message is composed of 100% recycled electrons."
I'm not looking to start any trouble but I'd be careful when putting words into others' mouth. They simply made use of their technology to make it more difficult to make use of their services at no cost. Sure it's possible "they" might be thinking what you've just stated; but they obviously discovered the economic advantage of putting their technology to work without hunting down and prosecuting violators.
O'Really[?].Net
Watch out - the DirecTivo does not record your OTA broadcast signals. It only records the channels you get from the satellite. So, if you don't get the network channels from your dish, then you won't be able to Tivo them (or, I assume, use the Tivo remote to change to the OTA channels).
Once I found that out, I ended up getting the Sony DNR Tivo system. It interacts perfectly with the Sony SAT-B2 receiver, and my OTA channels. In fact, there is a cable that plugs from the Sony Tivo unit into the Sony sat receiver to control it. My one Tivo remote is thus the only one I have to use to get all the channels. Works perfectly.
I had thought that having the satellite receiver and Tivo all in one unit would be a good thing, but I've had absolutely no problems with the setup I've got. If you don't yet have a Tivo system, get it! My wife thought we didn't need it at all, but she is totally convinced now.
Yeah, good luck with that. Maybe you and your family should look into zoos, museums and parks, and rely less on the tube to bring you meaning in life.
-Legion
It is easier to create a new DirectTV reciever than to hack DirecTV ones. I've done it with roughtly 200 bucks.
RIAA, MPAA, and all the other content "owners" out there could learn a lot from this.
Software Darwinism Rules
People who bite the hand that feeds them usually lick the boot that kicks them
Dish Network/Echostar issued an ECM just a few days later that shut down all but cloned cards. Expect that they will also have new ECMs to defeat any major piracy effort. Dish's engineers are also monitoring the pirate boards for all the info they need to issue meaningful ECMs.
The wait for tech support doubles every 18 months... Any likelihood they can solve your problem halves. Foosters
...I hope I don't have to listen to a bunch of people whining that they can't use something they have been stealing.
If you think education is expensive, you should try ignorance -- Derek Bok, president of Harvard
A company gets it right. Fight back with technology, not lawsuits. I'm impressed with their technical fortitude, and the manner in which they did it. The "GAME OVER" comment in the first 8 bytes was especially showing of a good attitutde towards the whole event.
Of course, it's just a matter of time till the crackers redouble their efforts and beat the new system... "GAME ON"
-Josh
What a beautiful hack.
This is the way to "defend" against software piracy. Defeat the hackers in a struggle through technology. Litigation in the courts is just not the way to stop people in the end. I have no problem with people wanting to have their customers pay for their product. I like how DirectTV responded to the piracy. Corporations (RIAA, MPAA, etc): BEAT US TECHNICALLY, NOT IN COURT! It means SO much more.
belive me, such stuff is far more fun than playing normal games ..
;)
It's the best game, because the enemies are not a stupid AI, but humans!
Before you email me, remember: "There is no god!"
This is good to see as far as I'm concerned. I like to see a company "fight fire with fire". They started trying to sue everyone they could, which seems to be a knee-jerk reaction nowadays. When they saw that wasn't getting them anywhere, they fought back.
Do I think that this is the end of the situation? Nope. But it certainly makes things more interesting.
How you see the world is how the world sees you.
Of course I have no sympathy for the people who have been conned by H card scams. It's easy to con someone who wants something for nothing.
THIS is how you defeat crackers - you don't go after them with lawyers, you defeat them at their own game.
Of course, how long again do we have until they repeat the process all over again? :)
"Evil company X is threatening to restrict our rights! Let's all get together to stop--OOOH! SHINEY!!!" -- AC
NO WAY!
Having nearly not noticed when the Royal Rumble was on (as it was not a Sky Sports event they wern't constantly advertising it on their own channels :-) I was sitting in front of the TV half an hour before the show started (01:45) when our entire service went (all channels).....but the service was ok 20 minutes walk away (Dublin 6w)...I waited....I waited....and 20 minutes later I got on my board and did it in about 5 to enjoy the show in plenty of time.
So, can anyone confirm if the time could be a connection, cause I love to freak out the call centres of places like this who don't like to be helpful. I'll just add it to my next call to try and find out where I can find a cable modem service (soon I will be listing addresses from the phone book out to them cause they'll tell you if an address can get it or not, just not where you can get it) and when it'll be where I want it!
Never underestimate the dark side of the Source
Man, it must be pretty cool to work for DirectTV now. Being able to say: I was the one who came up with the plan to lure a whole community of hackers.
Those first bytes should have read: "DirecTV is the ueberhacker! Bow before us".
<grub> Reading
I've heard that Dish Network has always been harder to hack. But haven't heard any recent updates on its status.
these posts don't have anything about Dish Networks either.
Gee... DirecTV does it with flair. I really like the "Game Over" bit.
TW
Television is dead. Long live That Weasel Television
This is just too interesting to let pass. I think I'm going to have to get back into the community again. I don't claim to be a super guru but from what I gather, DTV activated a tweaked the ROM start-up code to check a specific memory location very early in the start-up sequence. The memory location just happens to be an OTP or "write-once" location on the EEPROM. Last Sunday they sent out an ECM that checked 50 or so different memory locations. If any of any of the checks came back with a byte that was different from standard DTV code, it wrote "00h" to the OTP memory location. If all bytes came back valid, the location was written to "33h". If the "00h" is present during start-up, the sequence is derailed and the card goes into a tight loop. During past "FF", "00", and "99" loops, you could hit the EEPROM with voltage spikes and dips to get the memory location to reset itself to default. After it was reset, the ROM would go through the start-up sequence and you could reprogram it. With this new loop, "33h" is not the default. So if you hit it with an unlooper and get the location to reset, it still won't go through the start-up sequence. The DTV hacker community has labeled the ECM as "Black Sunday". This will be fun to watch.
Doh!
What else can be said? Simply stunning.
In the course of every project, it will become necessary to shoot the scientists and begin production.
To those who are claiming that no 'theft' was going on...
I assume some of you have some experience working for a living. Let's suppose you have contracted to perform a service for someone. They will pay you a certain amount of money, and let's say, you will write a program for them. Let's further suppose that your business model is such that you make money by providing this service to people who otherwise can't or won't produce it for themselves, as there is no cheaper alternative. Alternatives (albeit, not cheaper) might be to learn to program yourself (perhaps too expensive in a time-sensitive manner) or hire someone else (maybe they don't know about the cheaper contract shop down the road).
Now here comes the fun part. Let's suppose that one of two things happens. Either the client figures out how to get the service and foregoes paying you. Not really the case here, because being a client suggests there is a contract. The other case is someone who somehow manages to retrieve your program (your service) and provide it to others at a vastly reduced price. Now, you have put effort into producing this product. Someone else put effort into taking the results of your product and providing them to others. You did not say that it was right to do this. In short, your efforts have been stolen. Yes, you still have your program. But it is quite useless since the people you would have sold it to have now received a duplicate of it for much less.
Imagine if someone took a GPL'd work, made changes to it to suit their needs (these crackers obviously changed the DTV cards to suit THEIR needs), and then sold it without providing the changes. They have violated the intent of the licensing, which was to make all changes available. Likewise, in this case, the licensing intent was to make sure that people who receive the service must pay for what it takes to provide that service. It wouldn't matter in this case that the crackers did make their changes available. The DTV cards weren't under GPL.
In the end, though, it probably doesn't matter. If an explanation is required, an explanation won't really change your mind. Not in this case.
_lpp
Bah. It was an over-glorified story of business vs out-and-out pirates. Get a grip people: These cards aren't DeCSS. They were solely designed to steal services from a vendor. The people who enabled the technology rank up there with the vendors of Desktop Sewer 2000, Spamalanche and other spam-ware designed to steal e-mail services for personal gain.
The local rag ran a feature about Canadian 'customers' of DirecTV service - you see, DirecTV was never for sale to Canadians, so the only way to obtain DirecTV service in Canada was to steal it using these pirate cards. Best as I can tell they deserved to lose what they didn't have the privelage to use in the first place.
You want to send a clear message to DirecTV that they suck? Stop patronizing their service. But don't whine if they take back what you stole from them.
Use Evolution instead of Outlook? Bewa
Possible new recruits at DirecTV!
I think the bit I like best about this is that DirecTV managed to upgrade their software remotely without cuasing an interruption to the service. THAT was a ballsy thing to do before the Superbowl!
I've been posting on the net since 1994 and I still haven't come up with a good sig!
Because like you said, DirecTV dared them to do it, they did, and they got hammered. Kinda like that honeypot stuff they were talking about a bit back to catch crackers... NICE
--
Peace,
Lord Omlette
ICQ# 77863057
[o]_O
For those of use who use eeprom emulators with cards modified in passive mode.
You understand incorrectly. When buying property the lease has restrictive covenants that bind you to certain responsibilities and obligations. In a CID (common interest development (gated communities, condos, developments, etc.)) leases have covenants that state the property owners agree to abide by the rules of the board. You also agree to pay any judgements or fine levied by the board; failure to do so will constitute a contractual violation (of the lease agreement) that can result in eviction. Part of these restrictive covenants is a clause that they must be passed on to any later purchasers of the property, so someone buying it will have to follow the board rules as well. These have been tested in court many times, and people have lost propery and have been forced to pay fines. A good book that talks about the history of CID's the laws that apply to them, and their implications for public and private society is Privatopia by Evan McKenzie.
Actually, Schrodinger's Cat model was used to explain a small thing about quantum physics. basically it said that when we observe something we are undoubtably changing it and thus it isnt what was actually there in the first place.
:). We change it by checking :)
. ht m
Heisenbergs Uncertainty Principle comes into play here because we are incapable of actually knowing the precise position and velocity of the cat
Technically the cat is both 100% alive and 100% dead...
take a peek at:
http://www.room103.com/archive/q_schrodengercat
for a better explanation (though not complete either)
-zr
It is great to see such a heroic and nobble battle. :)
Tales about this mythical fight will be told for centuries, I'm sure.
Even Hollywood may find it worth as a base of a movie - 'Haxxor Warz'
Real life is overrated.
The point of this was not that DirectTV needed the money, but that they wanted to make a statement. They've set a precendent for fighting on the hacker's terms. By doing this, they've made people realize that big corporations are not going to stand for any amount of piracy. Besides, this is a great PR thing for them with the general hacker/computer interested people community.
the motivation for people to avoid paying for the service. It seems like an awful lot of work and effort just to avoid paying $50/month or whatever it is. I guess if you find it thrilling to dick around with a company like Hughes then it makes sense but it still seems like alot of trouble to go to. Oh, and btw, I get a big ol' belly laugh at the expense of those of you who are crying about "the signal comes to my house, I can do with it what I will!" Your rights aren't being abridged, you're just thieves. Cheap ones at that. If you'd take all the money you've thrown at hacked cards and all the time spent fucking around with it, you could've paid for the service for some time.....
Read the Access Card. It says quite plainly that the cards are the property on Direct TV and must be returned if they ask for 'em. The cards were theirs to destroy.
Looks like somebody there has some brains!
If you get caught with a radar detector in my state, and it has batteries in it or is plugged in, even if it is not on, you are guilty of a crime. I don't remember the severity off-hand, but it IS a crime.
As far as the theft-of-services goes, there is nothing wrong (or at least shouldn't be) with building your own receiver and decrypting the signal by brute force. If you subscribe to their service and then hack their system to receive channels that are not on your contract, then that is a theft of services. Even though is does not cost them a dime for you to decode that information, it costs them an awful lot that you're not paying to subscribe to those channels. You may think you can walk the line, but the courts will disagree. And then life will go on.
Sure, it takes a lot of effort to hack those cards, but my admiration goes to the Hughes programmers who did their job (protect the content from unauthorized access) and did it with flair.
WARNING: there is a trojan on your
If you decode all of the channels, without their equipment, it's reverse-engineering. If you decode some, with their equipment, it's breach of contract.
If you want to think of some of the apparently screwy yet legally logical things that courts rule, consider a case (American, I don't remember the sub-jurisdiction but it doesn't matter in this case) in which someone was thrown out of a store for collecting price information. In this case, since he appeared in their judgement to be doing more than just comparison shopping, he could have been a competitor trying to undersell them, and they have the right to prevent that if they don't choose to publicly advertise their prices. In other words, you are implicitly invited to their store to buy their products, not to compete with them. The corrolary here is that DirecTV offers you the decoding equipment for the express purpose that you receive only those channels which you have paid for. Perhaps you pay something for the equipment, but it's a loss-leader, and under contract. While I haven't seen the contract, I suspect that in most courts, it would not need to explicitly say "The Customer shall not tamper with the receiver equipment to enable it to receive and decode additional signals." or some other such legalese for the court to agree that such tampering would at the least be subject to civil damages, if not a criminal prosecution.
WARNING: there is a trojan on your
If only they had been careful in the first place, they would never have needed to do this.
At the end of the day, it boils down to that legitimate DirecTV customers have to pay for the pirates TV, directly through the revenue lost for non-payment for services, and indirectly through the costs of hiring the people to fix it.
Ouch. Very Ouch. Devious plans like this make you almost respect the enemy, like Optimus Prime vs. Megatron. With any luck, we're Megatron, since anyone who remembers (or has watched again recently) the Transformers Movie knows what happens to the good guys in war.
Geek Culture killed my dog/
and I don't think it's fair...
io hymen hymnaee io
io hymen hymnaee
The Arizona Attorney General has announced the arrests of four people on computer fraud charges for distributing the hacked Direct TV cards.
See:
http://www.attorneygeneral.state.az.us/pr/pr.html
The HU cards will be broken (they already have been if you ask some), and so will their sucessors. What will change is the knowledge and financial resources required to break them.
In regards to the people who say most of the direct TV crackers were script kiddies, I disagree. Lots of scripts were available, but on most IRC channels and web sites people demonstrated a decent, if not in-depth understanding of the techonologies involved. It's not that hard to understand what DTV was doing, and with an emulator and ECM logs, you're set.
I find these stories very amusing. It reminds me of the one when the programmers of CDRWIN fought back against people that cracked their software. They essentially wrote malicious code to go through and destroy data on their hard drive. Of course they got sued for it, but it was the first instance that I've heard of a company actually fighting fire with fire against the hacking/cracking community.
5 days and counting without Vivid TV, I will be forced to go outside.
Well I can make 5 easily distinguishable signs with each finger and three with my thumb giving 5^4 * 3 - 1 = 1874 potential hours or just over 10 hours a day over that six month period. Well aren't you just the mould breaker. ;-|
Special Relativity: The person in the other queue thinks yours is moving faster.
However, I strongly disagree with your final statement. There was nothing in their signal that forced me to pay attention to it or to obey it. If someone had rigged their system to obey the signals and didn't work with DirecTV to ensure they would not be harmed by doing so, it is their own problem. The signal DirectTV sent out would not harm anyone who worked with DirecTV (i.e. a payine customer); it only harmed those who continued to obey the signal even though they knew DirectTV was sending updates that they couldn't figure out.
Edward Burr
Edward Burr
Having a smoking section in a restaurant is like having a peeing section in a swimming pool.
Personally, my feeling is that if it comes thru the air, it is part mine anyway, because it is passing thru my property anyway. The service is adequate payment for use of that part of the spectrum in my airspace .
Jaeger
www.JohnQHacker.com
GodHatesCalvinists.com
> The latest trend in DSS is using emulation software on a PC to intercept the signal and then sending it to your reciever. It truly is an innovative solution!
Mmm. Using computers hooked to the receiver to decrypt TV signal have been done since a long time (often emulating the missing circuit). Or maybe I don't understand what you meant.
Cheers,
--fred
1 reply beneath your current threshold.
the congratulation to DirectTV.
They did the right thing. A nice fight, and a regular victory. First round for the hackers, second round for DirectTV.
Waiting for last round, but both side have my support. This is the way the fight should be done.
This recall me the old time of copied adventure games on the Apple ][. There was one (don't remember its name), in which you had to escape from a jail, and the copy protection was smart enough to slighly change the game logic, so you could NOT escape. And there was an (rather hard to find) inscription on the toilet room (IIRC), that said, more or less: "You don't expect beeing able to complete the game with a pirated version, do you ?".
This is the way things should be done. Hardware companies should try to outsmart hackers/crackers which should try to do the same.
Cheers,
--fred
1 reply beneath your current threshold.
So long as the is a technological chess match, and no lawyers are involved, Its actually kind of interesting to watch.
Is is possible for Hughes to limit reception broadcast of a signal using only technological measures? (Their recent victory hints that they may)
Will the "non-paying listeners" be able to come back from this crippling blow? (Theyll need new hardware)
Will the effort required to decode the signal exceed the decoder's satisfaction in doing so? (Perhaps if Hughes make changes frequently enough, it just wont be interesting to continue to jump though their hoops)
--Since the singnal is SEND only it is impossible to "catch" someone doing this. Hence the destruction of the cracked cards.
---
This
To sue someone you have to know who someone is. DTV has no idea who has the cracked cards they just know that someone does.
That's why they did the "cool thing" and didn't sue. They didn't sue b/c it would be impossible to do!
So save the "Thank you for not using the legal system," crap. DTV is a SEND ONLY service how the Hell were they supposed to figure out who was stealing their service?
---
This
If you read even more, you'll realize that a pattern has set in that favors that hackers. In the age of the F card, as DirecTV was replacing them with the new, "unhackable" H cards, the pirate world was shook. Everyone predicted the end. No one knew how to hack these new smart cards. DTV, content, finalized the switchover and turned off the old data stream. The next day, the first "H Hack" was released on the Internet. DTV has spent years hunting down hackers to no avail. This weekend's attack had been predicted, so no one was too surprised, only sad at the loss of a pirate TV. But the same pattern seems to be developing - for a while now the HU card has been under scrutiny to find a hack, but no such luck. But now, with DTV about complete the switchover to HU completely, the first "HU Hack" has appeared, only in commercial settings only. Likely, this card will not stand a concerted attack from the hacker community.
And the big unpublished fact of this attack was that, due to a form of recklessness and carelessness by DTV, the ECM hit not only hacked cards, but many valid H cards!
Is there a way to direct the signal only to the homes that have valid DirecTV smart cards? I doubt it. This isn't the same as a radio signal where all you need is a mast at your station, this requires an enormous initial investment to send satellites into orbit. If you don't want to pay for it, then why should you have it? No-one has a right to satellite TV, you have to earn enough money to afford it, same as most things in life.
Stealing satellite TV is intellectual property theft just like doing the following without payment to copyright owners: photocopying copyrighted books/magazines, taping copyrighted movies and music, exchanging copyrighted mp3s via Napster, downloading warez/cracked software (or just copying the software from a friend's floppy). I wonder if the people who were so negative about satellite TV theft are consistent and do not engage in any of the above comparable activities.
But you know what's coming next. The RIAA & MPAA will point to this and say, "See? This is what we're trying to stop but we don't smart tech people like Hughes does so please, Mr. Congresscritter, make it illegal to copy our stuff. Make us safe from all these hackers[sic] because what they really are are thieves. Just look at Hughes."
well, it's nice to see that at least one company has enough sense to outsmart the smartest. i'm all for open source, but stealing tv is wrong. why should you not have to pay for the company to launch satellites, install systems, and organize programming? I think this is brilliant and would like to see more of it from other companies, Rock on!
Lysergic Acid Diethylamide, not just chemistry, reality!
It seems pretty hopeless for the mass media when /. doesn't differentiate between hackers and crackers.
-Dave
"What's a nubian?" Bitch, you almost made me laugh. ;)
Fantastic movie. BTW, for those who don't know, it's a quote from "Chasing Amy."
OK, a little more on-topic, I have to agree that DirecTV's decision to handle this on the technical battlefield rather than the legal one boosts my respect for them considerably. I'm neither a subscriber nor a hacker, but I've been following this story through a friend for several months now. It's amazing stuff. Very cyberpunk/Max Headroom.
-Ares
Boundless Expansion, Self-Transformation, Dynamic Optimism, Intelligent Technology, Spontaneous Order- BEST DO IT SO!
My wife and I are pretty happy with the service (other than rain fade margins-- they don't exist!) and think that we made the right choice over going with TWC. One of her teacher colleagues has TWC digital cable, and the picture is awful compared to DirecTV. (Except in those summer monsoons when DirecTV doesn't work at all!)
I have never been comfortable with people getting these kinds of services without paying for them. That monthly bill not only pays for the programming, but also on infrastructure and maintenance. Hughes played a HUGE gamble by launching its DirecTV bird. Unlike cable, satellite systems must have their entire infrastructure in place before they can sign their first subscriber. Cable systems can roll out a piece at a time, and early adoptors help pay to expand into new areas.
The only thing I'd like Hughes to add is a non-Windows bidirectional link for DirecPC and a dual-subscriber discount like TWC has with RoadRunner.
Check here for exactly how the cards were 'destroyed' and for a possible way that they could be repaired... but why would you want to do that?
A computer once beat me at chess, but it was no match for me at kick boxing -- Emo Phillips
No I wouldn't care about the wireless listening on my house. If you can cut through the noise and get some signal out of it, your method could make you some bucks.
Echelon? email sniffers? Why should I care so long as good ol' ROT13's around? :P
And yes, feel free to manipulate the DirectTV signal however you want. But by reprogramming the decoder box you're violating service agreements.. now it's no longer a matter of free reception of broadcast signals, it's contract violation. I hear a pack of lawyers barking in the not-so-distance..
Cryptomancer, whom applauds the hacks and counter-hacks for advancing the art if not the philosophy
Yes, we understand these tags always apply: fud, dupe, typo, slashdotted, topic name
Some say crackers steal DirecTV's signal; others say that it's everybody's right to use whichever way they like whatever DirecTV is unsolicitedly beaming to their backyard. I tend to side with the latter, I think it's OK if you build your own device that processes any signals that trespass your property; but when you buy DirecTV's hardware and services, you are in fact making an implicit statement that you are interested in their service and willing to pay for it; if you later use the hardware they provided for getting their service under other terms (that is, for free), it means cheating on that implicit statement, so it's more like stealing.
Tuff that Smatters.
I've followed DTV hacking for the past year (losing interest after a while as i figured it was a fruitless endeavor requiring updating every week or so, as well as aquiring an H card and card writers/unloopers). It was fun learning how the crackers were able to beat each and every one of DTV's attempts at curtailing their efforts - seeing the creative ways around the weekly updates, seeing how the crack scripts worked - it was some cool stuff. and now here's DTV with a move that can only be described, on a purely tactical and technical level, as masterful - a brilliant move on the part of DTV's techs, with icing on the cake to boot: GAME OVER - those two words make this DTV offensive (in the battle sense) against the cracking community more than just an anti-piracy advance; it says "we're not as stupid as you think, we do have the same minds as you and, corporate tho we may be, our technical abilities match yours - here's the final knell, hear it and know, your game is over."
and with a fair amount of aplomb, too... (cable is MUCH easier to pirate, folks)
Every DirecTV receiver in the Bahamas has a hacked smart card, at least thats what the bartender told me when I was there a few years ago. One spin is that Hughes doesn't sell DirecTV in the Bahamas. How immoral is it to steal a service that you simply can't buy legally?
IMHO, the only hackers in the group are the ones who hacked the smart cards in the first place, and then respond to DirecTVs updates with ever-more clever exploits. All the people who just follow along buying and selling hacked cards are pirates or crackers. Also, it shouldn't be illegal to hack satellite or cable, but that doesn't mean its the most moral thing either. DirecTV needs to make it difficult enough to hack, so that enough people watching are paying customers. Some of the people pirating the signal wouldn't have bought it anyway, even if they couldn't get it for free. They aren't losing money on those people. Its also the case that the pirates don't cost DirecTV anything as far as customer support or other infrastructure. their boxes don't phone home, the pirates aren't sent bills, and they certainly don't call up DirectTV when their equipment breaks. The only real money DirecTV loses is the money they pump into R&D to thwart the piracy. Everything else is theorical - how many people pirate the signal? Of those people, how many would pay for it if they cuoldn't pirate it? What programming would they get? DirecTV can't send out a survey to find this information out.
Direct Tv is too expensive anyway.
Hughes/DirecTV should have waited until the last possible moment before the super bowl to turn on their trojan. That would have been true justice.
As it stands today, they gave the boys a chance to go out and get re-equipped with either a replacement, a new crack, or some other alternative. Entirely too merciful. IMHO.
I'm one of those who are truly innocent (no hacked DirecTV access Cards). I have a dual LNB system and as a reslut of the crap DTV pulled one of my access cards went south. I called 5 times and worked my way through the call in menu (press 1 for this, 2 for that, etc) and wound up with a dial tone each time. I finally did get through (45 minutes later) and went through the crap with their "tech" folks. I was told it was a problem with the unit and that I would have to call the manufacturer. They kindly supplied me with a phone number (Thomson Electronics, I believe). THe MFG's tech person told me "hey, its a problem with your access card. call directv and tell them to send you a new access card..." Not wanting to play ping-pong ball between directv and MFG, I asked for a supervisor and told him that I wasn't going to do this/ could he hold and I'd get directv in on a conference call. He then kept me on the line and arranged everything for me. A few days later, I received the new access card. Same problem in calling in to the number supplied in the package with the access card (phone menu and then a dial tone). Maybe directv should hire more people when they pull shit like this? After 45 minutes, called Sales (when you can't get through to tech support to get a problem, there's someone in sales who will be happy to sell you some stuff) and was given another number. Finally got through. 1/2 hour of stuff on the phone and my set (in living room) is working. There's a scream and my wife and kids are yelling at me because "their" set just went south. 15 more minutes on the phone and everything is working. So today I see this slashdot piece. I'm really angry about this. I called DirecTV told them I wasn't using a "hacked" access card and asked them "So explain this to me". I had to get a supervisor who asked me "Are you using a pirated access card??" MMy response was, "Are you stupid, or what? That question is both insulting and stupid." I then explained the outage that occurred, the time spent getting through to DirecTV, the misdirection to the MFG, the eventual receipt of the Access Card, the time spent getting thru to DTV again, and asked, "What are you going to do about it?" Response from DTV, "What do you want?" My answer, "Three months free." Response from DTV, "I can give you 1 month of showtime." My answer, "Do you know any good CLASS ACTION ATTORNEYS?" I am not a happy camper... anyone who would like to refer a good attorney to me can contact me at jr@dott.com
You Hackers/Crackers out there were beat by a buch of old nerds at a Satellite company? Well, I guess you loose your chance to gloat for a little while. Will this event raise the bar? Will innocent sites collapse under the weight of a google of hackers who will be trying to make themselves feel better by disrupting everyones service?
It just does get better than this!
Excellent idea. I bet one of the employees who hangs out on alt.dss.hack would be up to this.
--
Ikaruga scoreboard (supports netranking)
I wonder how many Hughes folks are buying those up with company funds...
I love vegetarians - some of my favorite foods are vegetarians.
Now Obviously, alot of folks are going to be pissed off because they "lost" the game.
And I am sure that the fine folks at DirectTV are gleeful about the gnashing of teeth and their own clever victory.
Somehow I think this has to been kept quite separate from the other issues dealing with digital media.
People providing a service deserve enough to be able to cover the costs of their operation and to make a reasonable profit. Let those who are without sin cast the first stone. Who has not had dotcom phantasies of obscene wealth? Well how did you expect you would do this? by giving away the homeplanet? or do you want them to spent millions of dollars so that you can enjoy your right to the superbowl and free pr0n?
That being said there is ALSO the issue of fair and reasonable exchange for goods and services. DirectTV certainly has been on the wrong side of the issue as far as some aspects of copy protection, etc.
Some people would rather spend extraordinary effort and money to not not pay for goods and services. In the past, these people were called the 'rich'; it was part of their culture. and now this attitude has dribbled into the rest of society
In the past, much of what has passed for morality has been an effort to help keep people in their place, to help mold them into sheeple. This has been the main thrust of modern education since the education "reforms" at the beginning of the 20th century. All those immigrants had to be educated to be good workers, etc. NOT competitors to the status quo.
This ties in with the DirectTV game because the company, as such, naturally, and perhaps unwittingly, takes advantadge of the situation to impose conditions that are not fair exchange.
People instinctively react, at first, to situations that are not fair. They get mad. and they use this to justify their own attempts to get what they think they are due, and maybe a little bit more. It becomes a viscious circle.Unfortunately, some poeple will never be happy.
"It is a greater offense to steal men's labor, than their clothes"
I live in Bermuda and we get DirectTV there by using larger dishes to pick up the signal. When it first came out, the local satalite store employed a hacker to program smart cards so that people not have to worry about getting a subscription based out of a US address. These smart cards would unlock everything including the pay per view. Once a month DirectTV would block the hackers codes and everyone would just get a new card. Eventually DirectTV got smart and found out who the hacker was and took him into their employ. They also narrowed the signal so we only get half the channels. The satalite store now has hired another hacker and we have to change our cards every week. Not near as much fun as it once was.
Lol... Yeah! Where can I found out more about em? I'm uh, doing a research project *evil grin*
The H card is considered part of the service.
Yeah.. But when's the last time you checked?
But uh, yeah. I'd have to say this was a very elegant and masterfully planned attack on the hacking community. It was not just a feat of programming prowess, but also a powerful application of applied psychology.
It doesn't fly to well with me either. The thing is, it's in the contract when buying the unit.
:)
God, for some reason I just thought about Office 10. I guess it's kinda like that, sorta in a way. You physically have the binary for the program, but it's just a service. The saddest thing about that too, is they'll make loads of money just because 'Office' is a heavily marketed brand name. Just like the 'Pentium'. Everybody seems to have one yet half of them don't know what the hell it is.
Anyways... I should keep my fingers away from the keyboard. It'll keep me from going offtopic - So in conclusion, I don't like that fact that you don't own the H card either
Smartcards were already in use in some european countries in the early eighties (i had my first smart-credit-card in 1983). The first patents were issued in France in the late seventies (Michel Ugon/Bull CP8 and Roland Moreno/Innovatron).
80% of the smartcards used in cellphones and credit cards all over the world were producted by european companies (mostly french) such as Gemplus, Bull or Schlumberger (letting Delarue apart), based on european patents.
Tamper resistant devices such as smartcards are not easy to design and to manufacture correctly.
Attacks such as DPMA (based on the electric power used by the card while performing operations) is VERY difficult to circumvent.
If only Hugues had bought their smartcards from one of the companies which had a real experience in making smartcards instead of trying to re-invent it themselves... But the american "Not Invented Here" syndrome prevent them to even think of it.
I'm so surprised there cards were cracked.
This looks like poetic justice to me. All credit to DirecTV.
This sounds like a lot more fun than palying and game.
DRM? No thanks, I'll just get it somewhere else...
- Hackers will find a way around the new system. They always find a way, and they will have fun doing it.
Doubtful... if you read the article correctly, this last act effectively destroyed the smart cards.What would be cool is if someone found a way to actually revers-engineer and manufacture smart cards that recieved the regular updates, and acted exactly like legit ones, except they didn't dial into DirecTV.
This is the way companies should combat hackers that are "stealing" or "bypassing access control methods"... not tracking them down and suing them, and getting laws put in place to ban things that are useful to the community at large. DirecTV was able to attack hackers without infringing on their paying customers!
"Evil beware: I'm armed to the teeth and packing a hampster!"
Lex orandi, lex credendi.
whoo! Go DirectTV! That's really classic! Don't really understand why the DirectTV thing is so hard...can't they update the card on the fly, and use the last couple of bits from the last 5 seconds?
--- only for the squeamish
I have to say that this was an extremely enjoyable read. It almost made me wish I lived in the US just so I could have participated.
The major question it raises to me is this: is it really right? A hacker at home, playing about with the card to get free TV I have no problem with, but what about the mentioned $400 fees for a hacked card? Is this not worse than DirecTV themselves, who at least provide the service you pay for?
I'm glad to see that DirecTV in the end used a hack to beat the hackers.. there message shows a great sense of humour about the task too, and I have nothing but respect for the techs who worked on it.
--
Blaming GW Bush for the Iraq war is like blaming Ronald McDonald for the poor quality of food.
Denouement comes when Virgil pulls together, from stashed directories all over the system, hundreds of what the worm thought were harmless pieces of inept code from lots of kids taking programming classes to create a juggernaut that he uses to finally scour the Worm from the system.
- Ken
This is probably the cleanest, cheapest, and most effective way to resolve the issue. I now have great respect for DirecTV's engineers for doing it, and management for allocating resources to it.
That you reap what you sow.
It only serves the 'crackers' right to have this happen to them. They were beaten by the same game they played.
How does it feel to be 0wN3D!!
I have plenty of those. They have titles like "Bloody Wolf" and "Final Lap Twin", though. I haven't tried them in a DirecTV receiver.
Those who can, do. Those who can't, post on Slashdot about it.
I wonder why the media never gives hackers an even break? All we want is something for nothing.
www.stealthisURL.com
It looks to me like DirectTV (better known to the a.d.h members as "Dave", and not to be confused with "SuperDave", one of the newsgroup regulars) played an ace they've had up their sleeve for a long time. Apparently the boot code (in ROM) of the 8051 in the chip checks one bit in a 32-bit region of PROM (as in you can program it but you can't reset it) and goes into an infinte loop (I think this is what is being referred to as a "looped" card) early during the boot process. Since this is in ROM where it can't be re-programmed, you can't bypass it.
It seems there's also an ASIC in the card that is crucial to the decoding process. I'm guessing that it has to be enabled by the 8051. And if the 8051 "loops" before you can talk to it, you're hosed.
It also seems that there was a recent move to "emulators", which emulated the 8051, but passed commands to the ASIC through to the real card. That way, as long as the card was alive enough to tell it what to do, you would esentially firewall off the card from any nasty code that wanted to do stuff like program write-once bits in the CPU chip. Some people were arguing recently that emulators were overkill, but it seems they have been proven wrong. The only people with hacked cards that still work either had emulators or were lucky enough to pull their cards in time (or the decoder box was unplugged).
Apparently for a couple of weeks now "Dave" has been downloading code to detect illegal cards and test it (by locking up assorted cards and seeing what kind of results they got) before sending down the "ECM" code which caused the card to kill itself.
As to the timing, it is suspected they chose one week before Super Bowl to allow enough time for legitimate users (or those illegitimate users who wanted the better signal in time for The Big Game) to receive new cards.
Here are two messages I found on the newsgroup about all this: (line art removed because of /.'s lame filter)
From: ump25@aol.com (Ump25)
Newsgroups: alt.dss.hack
Date: 22 Jan 2001 05:38:13 GMT
Subject: EVERYONE READ THIS! INFO FROM MAGICIAN ET. AL.
Message-ID: <20010122003813.16538.00000761@ng-bj1.aol.com&g t;
From Magician and Hypertek comes the following...
As most everybody is aware, the ability of the dynamic code to execute a kill-type ECM was displayed today on "Black Sunday".
First, the bad news: the ECMs wrote 4 bytes to "write once" area of the EEPROM, 8000h-8003h. Unfortunately, one of the bytes that is changed is 8000h, which is checked extremely early in the ROM startup code (003Fh) to see if it contains "33h". These ECMs re-wrote this byte to "00h", which means that it very quickly enters an infinite loop because "P1.7" is not set. Since this area of the H card is "write once", there is no way to reset this byte back to "33h" to allow normal startup to continue, even by way of an unlooper.
Second, for those interested, here are all the EEPROM addresses that were tested to see if they contained modified bytes. Each byte was tested in its own packet (i.e., one address at a time):2 ,8 D24,8D25,8D32 Ins54 code
code:
- - -
8243 Vector for setting DPTR to ZKT secret vector
8246,8247 Vector for Cmd09 vector
8255 Vector for Ins58 patch vector
8258 Ins44 preprocessing vector
825B Ins44 extras vector
825E Find tier or PPV vector
8264 "EndInsHandling" vector
8273 Cmd1F vector
827C,827D Ins54 vector
8282,8283 Ins18/Ins1A vecotr
8440 First byte of channel blackout data (checked if non-zero)
8582,858C,8593 Cmd60 code
85B7 B7 nano vector
85BE BD nano vector
85C0,85C1,85C2 C0 nano vector
85C3 C3 nano vector
85C6,85C7 C6 nano vector
85E2,85E6,85ED,85EF,85F6 B5 nano code
8606,8608,8611 AddAToDfdNanoBufIfFlOpn code
8630 Deferred Cmd60 processing code
86DD Never-executed portion of old C6 nano code
87A1 Old CF nano jump table
8800 Hash algorithm code
8955 Main loop vector code
8973 Ins18/Ins1A code
8975 Ins54 check code
8982 Setup for Ins38 code
89A0,89A3 Setup for Ins44 code
89A6,89B2,89B9 Setup for Ins4C code
89DF End of main loop vector code
8BFE Cmd0C code
8CC7,8CCA,8CCB Preprocess deferred Cmd60 code
8CD9,8CDE Cmd0B for non-virgin cards code
8CF2,8CFE Ins58 patch code
8D04,8D09,8D0D,8D11,8D14,8D178D1A,8D1D,8D20,8D2
8D66,8D6A,8D72,8D76 Add ASIC bytes to signature hash code
8DD0,8DD3,8E68 Do 1 hash iteration code
8F2F Preprocess Cmd09 code
8F53 Cmd0C patch 1 code
- - -
Here is an example dynamic code packet (for the 8D1Ah address; all of the addresses were tested using similar packets, except for 8440h which used a JNZ instead of JZ):
code:
- - -
C3 nano used to preset RAM locatiosn 10h-1Fh:
C3 0A 00 20 99 03 AF 01 00 04 00 09 | Seed hash only (using 9 data bytes) results in these bytes at 10h-1Fh:
20 99 03 AF 01 00 04 00 09 CB 29 71 06 19 74 D0
Fourth byte loaded in EEPROM write register
Third byte loaded in EEPROM write register
Hi byte of 1st loop return address and second byte loaded in EEPROM write register
Lo byte of 1st loop return address and first byte loaded in EEPROM write register
Hi byte of 2nd loop return address
Lo byte of 2nd loop return address
Hi byte of 3rd loop return address
Lo byte of 3rd loop return address
What 8D1Ah is compared to
The C9 nano looked like this:
C9 10 20 90 8D 1A E0 47 60 08 90 | Write 15 bytes+RET, execute and hash
80 00 78 15 75 81 16 :
which caused this code to be executed:
893C mov DPTR,#8D1Ah
893F movx A,@DPTR
8940 xrl A,@R1
8941 jz 894Bh
8943 mov DPTR,#8000h
8946 mov R0,#15h
8948 mov SP,#16h
894B ret
- - -
Remember, R1 starts equal to 10h. So the above code does the following:
Compare 8D1Ah to @10h (which contains #20h)
If they match, simply return
Otherwise, set DPTR to 8000h
Set R0 to 15h
Reset the stack to 16h and RET, to resume execution at 0400h to load "00 04 00 09" into EEPROM write register which RETs to 01AFh to enable EEPROM write mode
which RETs to 0399h to write 00 04 00 09 to 8000-8003h.
In addition, there was an ECM to detect an H cards running with non-H CAM IDs, although this packet did not loop the card but simply "locked it up" until the next reset:
code:
- - -
C3 nano used to preset RAM locatiosn 10h-1Fh:
C3 0B 00 FE FC 32 00 00 04 AC 01 68 14 | Seed hash only (using 10 data bytes) results in these bytes at 10h-1Fh:
FE FC 32 00 00 04 AC 01 68 14 8A DF A3 AA 81 34
Hi byte of 1st loop return address
Lo byte of 1st loop return address
Hi byte of 2nd loop return address
Lo byte of 2nd loop return address
Hi byte of 3rd loop return address
Lo byte of 3rd loop return address
Hi byte of 4th loop return address
Lo byte of 4th loop return address
The C9 nano looked like this:
C9 12 20 90 83 74 81 60 07 57 70 | Write 17 bytes+RET, execute and hash
05 09 B9 12 F6 22 75 81 19 :
which caused this code to be executed:
893C mov DPTR,#8374h
893F movx A,@DPTR++
8940 jz 8949h
8942 anl A,@R1
8943 jnz 894Ah
8945 inc R1
8946 cjne R1,#12h,893Fh
8949 ret
894A mov SP,#19h
894D ret
- - -
Remember, R1 starts equal to 10h. So the above code does the following:
If first byte of CAM ID is 00, return (everything OK).
Otherwise, AND first CAM ID byte with byte @10h (#FEh)
If result is non-zero (meaning first CAM ID byte is not 01h), go to ECM routine
Otherwise, AND second CAM ID byte with @11h (#FCh)
If result is non zero, go to ECM routine
Otherwise, return (everything OK)
The ECM routine resets the SP to cause the RET to resume execution at 1468h, which RETs to 01ACh, which RETs to 0400h, which RETs to the infinite loop at 0032h...
From: Spacemonkey Gleep <Fictitious@Dont.Bother.Its.invalid> .com>
Newsgroups: alt.dss.hack
Subject: How Write-Once memory works, or "Why H cards hit by the ECM are never going to be fixed"
Date: Mon, 22 Jan 2001 10:56:12 -0800
Message-ID: <Fictitious-402BA7.10561222012001@news.primenet
In response to the umpty-nine-dozen "Why can't we just..." questions about the corrupted write-once area on the card, here's an explanation that may shed some light. (Note to those "in the know": Yes, I'm simplifying things ridiculously. Not everybody playing in this little sandbox is an EE with the knowledge to understand the inner workings of a chip)
A byte of RAM memory is a set of 8 cells that can hold a one or a zero. Which cells have 1s in them determines the value of the byte when you read it. With RAM, you can change the values any time you like. You can think of that byte as 8 switches that can be turned on or off in different combinations to give you various values.
A byte of ROM is similar, in that it's 8 cells that can each hold a 1 or a 0. Unlike RAM, these 1s and 0s are fixed. Instead of the "switches" that RAM has, you can think of ROM as having either a wire (for a 1) or no wire (for a zero). They can't be changed once made. The wire (or lack of one) is a permanent thing.
A byte of Write-Once memory (Also known as "PROM", or "Programmable Read Only Memory") has characteristics of both RAM and ROM. Like RAM, you *CAN* write to it, under certain circumstances. Like ROM, once written, it's **FOREVER**. Think of a byte of PROM as being 8 microscopic fuses.
When the chip is made, all the fuses are "good". If you could see it at the microscopic level, it would look something like this: ( each | is a fuse that isn't blown )
| | | | | | | |
and would have the value FF, or 255 in decimal.
Now, let's say you want the byte to have the value B7 (That's 183 in decimal, and in binary, it's 10110111) To write that value to it, you deliberately burn out two fuses in the byte, leaving it looking like this: (| = unblown fuse, : = blown fuse)
| : | | : | | |
From that point, it would be possible to write to it again, and change the value, *BUT* there's a catch. You can only "blow" more fuses. You can't "un-blow" fuses that are already blown. This means that a number that needs one of the fuses that's already blown out is going to be impossible to write.
So why is this a problem?
Normally, byte 8000 of the H card holds the value 33 (in Decimal, 51. In binary, 00110011) and the byte looks like this:
: : | | : : | |
But after being hit by DTV's ECM last night, the byte is set to 00 - it looks like this:
: : : : : : : :
There's no fuses left to blow out. They're all gone. That means that forever and always, byte 8000 of your ECMed card is going to say "I'm holding the value 00" when asked.
Why this means the card is permanently dead:
VERY early after the card gets powered up and reset, a check is done:
Does byte 8000 hold the value 33?
If the answer to that question is yes, then all is right with the world, and things start happening. The card gets initialized, spits out the ATR string, and then goes into "wait for a command from the IRD" mode. If, on the other hand, the answer is no, then the card goes into an infinite loop that does nothing. If you program in BASIC, it's the equivalent of the line
10 GOTO 10
NOTHING gets done until the next time the card is reset. And then the same thing happens all over again.
This check is in the card's ROM, so it can't be bypassed or changed.
Reprogramming the card won't do anything useful, since the ROM doesn't even get looked at, let alone messed with, by programmers (or unloopers, for that matter) and even if it did, it wouldn't do anything useful, since ROM can't be changed (short of actually damaging it).
So how can it be fixed?
The simple answer: It can't. Congratulations. Your H card is now an ice scraper. Get used to it. Life sucks.
The more extended answer:
If you've got the micro-tools to "rebuild" the blown fuses on the chip, you could go that route, but unless you're a chip manufacturer, or have access to that type of equipment somehow, you ain't got a prayer. We're talking about electron microscopes, tools for depositing single atoms onto the silicon wafer itself, that sort of thing. In other words, trying to do it is going to mean more money, knowledge, equipment, and effort than most any of us are capable of applying to the problem.
In short, last nights ECM was the ECM to end all ECMs. Any card hit by it is toast, and barring someone developing a cheap way to rebuild chips mat the wafer level (which isn't even remotely likely to happen anytime soon) there isn't a thing that can be done about it. Enjoy your new ice scraper.
Or get in touch with me about shipping it to me. I want to dissect it to get the ASIC out of it for some experimenting I want to do.
--
GLEEEEEP!!!!
PGP KeyID: 0x016B6B53 on the keyservers.
http://www.megsinet.net/~kayo/index.html
--
"Open source is good." - Steve Jobs
"Open source is evil." - Microsoft
It looks to me like DirectTV (better known to the a.d.h members as "Dave", and not to be confused with "SuperDave", one of the newsgroup regulars) played an ace they've had up their sleeve for a long time. Apparently the boot code (in ROM) of the 8051 in the chip checks one bit in a 32-bit region of PROM (as in you can program it but you can't reset it) and goes into an infinte loop (I think this is what is being referred to as a "looped" card) early during the boot process. Since this is in ROM where it can't be re-programmed, you can't bypass it.
It seems there's also an ASIC in the card that is crucial to the decoding process. I'm guessing that it has to be enabled by the 8051. And if the 8051 "loops" before you can talk to it, you're hosed.
It also seems that there was a recent move to "emulators", which emulated the 8051, but passed commands to the ASIC through to the real card. That way, as long as the card was alive enough to tell it what to do, you would esentially firewall off the card from any nasty code that wanted to do stuff like program write-once bits in the CPU chip. Some people were arguing recently that emulators were overkill, but it seems they have been proven wrong. The only people with hacked cards that still work either had emulators or were lucky enough to pull their cards in time (or the decoder box was unplugged).
Apparently for a couple of weeks now "Dave" has been downloading code to detect illegal cards and test it (by locking up assorted cards and seeing what kind of results they got) before sending down the "ECM" code which caused the card to kill itself.
As to the timing, it is suspected they chose one week before Super Bowl to allow enough time for legitimate users (or those illegitimate users who wanted the better signal in time for The Big Game) to receive new cards.
Here are two messages I found on the newsgroup about all this: (line art removed from the first one because of /.'s lame filter)
From: ump25@aol.com (Ump25)
Newsgroups: alt.dss.hack
Date: 22 Jan 2001 05:38:13 GMT
Subject: EVERYONE READ THIS! INFO FROM MAGICIAN ET. AL.
Message-ID: <20010122003813.16538.00000761@ng-bj1.aol.com&g t;
From Magician and Hypertek comes the following...
As most everybody is aware, the ability of the dynamic code to execute a kill-type ECM was displayed today on "Black Sunday".
First, the bad news: the ECMs wrote 4 bytes to "write once" area of the EEPROM, 8000h-8003h. Unfortunately, one of the bytes that is changed is 8000h, which is checked extremely early in the ROM startup code (003Fh) to see if it contains "33h". These ECMs re-wrote this byte to "00h", which means that it very quickly enters an infinite loop because "P1.7" is not set. Since this area of the H card is "write once", there is no way to reset this byte back to "33h" to allow normal startup to continue, even by way of an unlooper.
Second, for those interested, here are all the EEPROM addresses that were tested to see if they contained modified bytes. Each byte was tested in its own packet (i.e., one address at a time):2 ,8 D24,8D25,8D32 Ins54 code
code:
- - -
8243 Vector for setting DPTR to ZKT secret vector
8246,8247 Vector for Cmd09 vector
8255 Vector for Ins58 patch vector
8258 Ins44 preprocessing vector
825B Ins44 extras vector
825E Find tier or PPV vector
8264 "EndInsHandling" vector
8273 Cmd1F vector
827C,827D Ins54 vector
8282,8283 Ins18/Ins1A vecotr
8440 First byte of channel blackout data (checked if non-zero)
8582,858C,8593 Cmd60 code
85B7 B7 nano vector
85BE BD nano vector
85C0,85C1,85C2 C0 nano vector
85C3 C3 nano vector
85C6,85C7 C6 nano vector
85E2,85E6,85ED,85EF,85F6 B5 nano code
8606,8608,8611 AddAToDfdNanoBufIfFlOpn code
8630 Deferred Cmd60 processing code
86DD Never-executed portion of old C6 nano code
87A1 Old CF nano jump table
8800 Hash algorithm code
8955 Main loop vector code
8973 Ins18/Ins1A code
8975 Ins54 check code
8982 Setup for Ins38 code
89A0,89A3 Setup for Ins44 code
89A6,89B2,89B9 Setup for Ins4C code
89DF End of main loop vector code
8BFE Cmd0C code
8CC7,8CCA,8CCB Preprocess deferred Cmd60 code
8CD9,8CDE Cmd0B for non-virgin cards code
8CF2,8CFE Ins58 patch code
8D04,8D09,8D0D,8D11,8D14,8D178D1A,8D1D,8D20,8D2
8D66,8D6A,8D72,8D76 Add ASIC bytes to signature hash code
8DD0,8DD3,8E68 Do 1 hash iteration code
8F2F Preprocess Cmd09 code
8F53 Cmd0C patch 1 code
- - -
Here is an example dynamic code packet (for the 8D1Ah address; all of the addresses were tested using similar packets, except for 8440h which used a JNZ instead of JZ):
code:
- - -
C3 nano used to preset RAM locatiosn 10h-1Fh:
C3 0A 00 20 99 03 AF 01 00 04 00 09 | Seed hash only (using 9 data bytes) results in these bytes at 10h-1Fh:
20 99 03 AF 01 00 04 00 09 CB 29 71 06 19 74 D0
Fourth byte loaded in EEPROM write register
Third byte loaded in EEPROM write register
Hi byte of 1st loop return address and second byte loaded in EEPROM write register
Lo byte of 1st loop return address and first byte loaded in EEPROM write register
Hi byte of 2nd loop return address
Lo byte of 2nd loop return address
Hi byte of 3rd loop return address
Lo byte of 3rd loop return address
What 8D1Ah is compared to
The C9 nano looked like this:
C9 10 20 90 8D 1A E0 47 60 08 90 | Write 15 bytes+RET, execute and hash
80 00 78 15 75 81 16 :
which caused this code to be executed:
893C mov DPTR,#8D1Ah
893F movx A,@DPTR
8940 xrl A,@R1
8941 jz 894Bh
8943 mov DPTR,#8000h
8946 mov R0,#15h
8948 mov SP,#16h
894B ret
- - -
Remember, R1 starts equal to 10h. So the above code does the following:
Compare 8D1Ah to @10h (which contains #20h)
If they match, simply return
Otherwise, set DPTR to 8000h
Set R0 to 15h
Reset the stack to 16h and RET, to resume execution at 0400h to load "00 04 00 09" into EEPROM write register which RETs to 01AFh to enable EEPROM write mode
which RETs to 0399h to write 00 04 00 09 to 8000-8003h.
In addition, there was an ECM to detect an H cards running with non-H CAM IDs, although this packet did not loop the card but simply "locked it up" until the next reset:
code:
- - -
C3 nano used to preset RAM locatiosn 10h-1Fh:
C3 0B 00 FE FC 32 00 00 04 AC 01 68 14 | Seed hash only (using 10 data bytes) results in these bytes at 10h-1Fh:
FE FC 32 00 00 04 AC 01 68 14 8A DF A3 AA 81 34
Hi byte of 1st loop return address
Lo byte of 1st loop return address
Hi byte of 2nd loop return address
Lo byte of 2nd loop return address
Hi byte of 3rd loop return address
Lo byte of 3rd loop return address
Hi byte of 4th loop return address
Lo byte of 4th loop return address
The C9 nano looked like this:
C9 12 20 90 83 74 81 60 07 57 70 | Write 17 bytes+RET, execute and hash
05 09 B9 12 F6 22 75 81 19 :
which caused this code to be executed:
893C mov DPTR,#8374h
893F movx A,@DPTR++
8940 jz 8949h
8942 anl A,@R1
8943 jnz 894Ah
8945 inc R1
8946 cjne R1,#12h,893Fh
8949 ret
894A mov SP,#19h
894D ret
- - -
Remember, R1 starts equal to 10h. So the above code does the following:
If first byte of CAM ID is 00, return (everything OK).
Otherwise, AND first CAM ID byte with byte @10h (#FEh)
If result is non-zero (meaning first CAM ID byte is not 01h), go to ECM routine
Otherwise, AND second CAM ID byte with @11h (#FCh)
If result is non zero, go to ECM routine
Otherwise, return (everything OK)
The ECM routine resets the SP to cause the RET to resume execution at 1468h, which RETs to 01ACh, which RETs to 0400h, which RETs to the infinite loop at 0032h...
From: Spacemonkey Gleep <Fictitious@Dont.Bother.Its.invalid> .com>
Newsgroups: alt.dss.hack
Subject: How Write-Once memory works, or "Why H cards hit by the ECM are never going to be fixed"
Date: Mon, 22 Jan 2001 10:56:12 -0800
Message-ID: <Fictitious-402BA7.10561222012001@news.primenet
In response to the umpty-nine-dozen "Why can't we just..." questions about the corrupted write-once area on the card, here's an explanation that may shed some light. (Note to those "in the know": Yes, I'm simplifying things ridiculously. Not everybody playing in this little sandbox is an EE with the knowledge to understand the inner workings of a chip)
A byte of RAM memory is a set of 8 cells that can hold a one or a zero. Which cells have 1s in them determines the value of the byte when you read it. With RAM, you can change the values any time you like. You can think of that byte as 8 switches that can be turned on or off in different combinations to give you various values.
A byte of ROM is similar, in that it's 8 cells that can each hold a 1 or a 0. Unlike RAM, these 1s and 0s are fixed. Instead of the "switches" that RAM has, you can think of ROM as having either a wire (for a 1) or no wire (for a zero). They can't be changed once made. The wire (or lack of one) is a permanent thing.
A byte of Write-Once memory (Also known as "PROM", or "Programmable Read Only Memory") has characteristics of both RAM and ROM. Like RAM, you *CAN* write to it, under certain circumstances. Like ROM, once written, it's **FOREVER**. Think of a byte of PROM as being 8 microscopic fuses.
When the chip is made, all the fuses are "good". If you could see it at the microscopic level, it would look something like this: ( each | is a fuse that isn't blown )
| | | | | | | |
and would have the value FF, or 255 in decimal.
Now, let's say you want the byte to have the value B7 (That's 183 in decimal, and in binary, it's 10110111) To write that value to it, you deliberately burn out two fuses in the byte, leaving it looking like this: (| = unblown fuse, : = blown fuse)
| : | | : | | |
From that point, it would be possible to write to it again, and change the value, *BUT* there's a catch. You can only "blow" more fuses. You can't "un-blow" fuses that are already blown. This means that a number that needs one of the fuses that's already blown out is going to be impossible to write.
So why is this a problem?
Normally, byte 8000 of the H card holds the value 33 (in Decimal, 51. In binary, 00110011) and the byte looks like this:
: : | | : : | |
But after being hit by DTV's ECM last night, the byte is set to 00 - it looks like this:
: : : : : : : :
There's no fuses left to blow out. They're all gone. That means that forever and always, byte 8000 of your ECMed card is going to say "I'm holding the value 00" when asked.
Why this means the card is permanently dead:
VERY early after the card gets powered up and reset, a check is done:
Does byte 8000 hold the value 33?
If the answer to that question is yes, then all is right with the world, and things start happening. The card gets initialized, spits out the ATR string, and then goes into "wait for a command from the IRD" mode. If, on the other hand, the answer is no, then the card goes into an infinite loop that does nothing. If you program in BASIC, it's the equivalent of the line
10 GOTO 10
NOTHING gets done until the next time the card is reset. And then the same thing happens all over again.
This check is in the card's ROM, so it can't be bypassed or changed.
Reprogramming the card won't do anything useful, since the ROM doesn't even get looked at, let alone messed with, by programmers (or unloopers, for that matter) and even if it did, it wouldn't do anything useful, since ROM can't be changed (short of actually damaging it).
So how can it be fixed?
The simple answer: It can't. Congratulations. Your H card is now an ice scraper. Get used to it. Life sucks.
The more extended answer:
If you've got the micro-tools to "rebuild" the blown fuses on the chip, you could go that route, but unless you're a chip manufacturer, or have access to that type of equipment somehow, you ain't got a prayer. We're talking about electron microscopes, tools for depositing single atoms onto the silicon wafer itself, that sort of thing. In other words, trying to do it is going to mean more money, knowledge, equipment, and effort than most any of us are capable of applying to the problem.
In short, last nights ECM was the ECM to end all ECMs. Any card hit by it is toast, and barring someone developing a cheap way to rebuild chips mat the wafer level (which isn't even remotely likely to happen anytime soon) there isn't a thing that can be done about it. Enjoy your new ice scraper.
Or get in touch with me about shipping it to me. I want to dissect it to get the ASIC out of it for some experimenting I want to do.
--
GLEEEEEP!!!!
PGP KeyID: 0x016B6B53 on the keyservers.
http://www.megsinet.net/~kayo/index.html
--
"Open source is good." - Steve Jobs
"Open source is evil." - Microsoft
It's about time a company figured out how you fight crackers that are pissing them off, THIS is how you do it.
You don't run around suing everybody, you get your own programmers to make better technology that isn't so easily bypassed.
Of course the MPAA can ignore the previous message...
I have to admit that I am very impressed.
Rather than spend millions tracking down and sueing all of the people that were stealing the signal, DirecTV did it in a way that until now Big Business hadn't thought of.
Beating the hackers at their own game!
I tip my hat to the code jockeys at DirecTV!
Well Done!!
-Goran
Carpe Scrotum - The only way to deal with your competition.
However, I do think that the story is funny, even more so than the battle between the robotic arms in the tape backup closet from "Hackers."
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
great! I tire of paying higher prices so the hacker community can prove how "insecure" everything is. They were stealing, now they aren't, bravo Hughes!!!
To fail is human, to blue screen MS!
Life is like a web application. Sometime you need cookies just to get by.
I want to make it clear that I am not one that favors big corporations control on consumers, but you HAVE to admit that this is the most beautiful attack on hackers in a while. I have no sympathy for those who steal the programming and compound the error by selling it. I always thought that there was nothing quite like a game of chess, but it would appear as I was wrong. There is nothing so nearly as beautiful as a game of DirecTV...
If a "GAME OVER" has such effects, it makes gaming a lot more fun. SOrt of a strategy adventure, really. Being a good sport, I congratulate DirectTV on their win in this game, but I do think a lot of people will select "start a new game" ...
Sig (appended to the end of comments I post, 54 chars)
What did the remaining 2% of peope do differently to their cards? How did they escape DirecTV's programmatic code?
I have heard that the name of the new card is the 'football card'. It has been available to buy in Canada with one of the DirecTV dishes and recievers for around $750.00 Canadian. I have also heard however, that the hacking community hasn't figured out how to reverse engineer the new cards and thus design an unlooper. Has anyone else heard of this?
I wonder how long the attack on hackers has been planned for? Is it possible that direcTV has planned this attack for the Superbowl this year and thus the name "Football Card"?
I love the smell of Karma in the morning
"Homo sum: humani nil a me alienum puto"
(I am a man: nothing human is alien to me)
My only political goal is to see to it that no political party achieves its goals.
Hackers hack for the sake of hacking. It's not the teevee shows, it's the target. Hughes presented a big target, and good win. Now, they have presented a whole Borg cube to fight and hopefully win against. The hackers don't give a flying fsck about the shows. Hughes didn't win. They just threw more gas on the fire. Wait.
RESET!
-=-=-=-=-=-
I used to be a pimp, til i got shanked by my bitches
Yes, they deserve it.
A brilliant hack that served their purposes. It's neat, glorious, intelligent... and its legal!
Lots of Brownie-Points for DirecTV engineers.
As a technology-afficionado, I love it!
Regards,
opkool
I'm gonna miss the Drew Carey special this weekend to.
But I have to say. without 900 channels of TV I've spent alot more time in front of my computer.
Is that a good thing?
Robber Barons. That is how you would describe those corporations and individuals who would seek vertical and horizontal monopolies by creating artificial scarcity and gouging the general public. I would call airing commercials on a pay service stealing before I would call hacking a satellite reciever stealing. That's just my two cents on the issue.
This cat and mouse game will continue just as in Tom & Jerry and the Roadrunner, with a worse chance of wining. In the cartoons its a one to one fight but here we have a score or such against hundreds.
There's always sufficient, but not always at the right place nor for the right folks.
The smartcards used by DirecTV were designed by NDS Ltd (formerly News Datacom Ltd, aka NDC). NDS is not new to smartcard technology and has been using smartcards for years (as in the British Sky Broadcasting system).
It should also be noted that there have been MANY Electronic Counter Measures (ECMs) performed by DirecTV in the past (although the lastest ECM certainly seems to be the most difficult for pirates to recover from).
As to whether DirecTV pirates are 'hackers' or 'crackers', the vast majority of them are certinaly crackers. The primary motivation behind breaking DirecTV's security system is to make money - and it has been this way from day one. (the engineers who first broke the security system were funded by commercial pirates)
DirecTV's use of their technology to attack piracy is certainly not new to them, they have been perfoming ECMs since 1995.
It's great to see a big corperation fighting back against hackers by using technology instead of legislation. Hughes probably managed to get a few hackers on their side to help them out in this little infowar.
----------
Technoli
please stop slobering all over Dave having busted up all those signal pirate's h cards. ( I know infinite loop and all) Maybe it'll slow down the spam flooding my mail. The folks with a clue already switched to emulation a while ago. As to this whole Hacker/cracker nonsense, does it really matter that much ( except to 14 yr olds who just found out what BO2K is? ) Most people using h card hacks probably have VCR's that flash 12:00. As to folks descrambling Daves signal, he should of used better tech, it's not like someone is tapping a cable; I could understand the argument of theft better if the downlink was only as wide a basketball and only aimed at their paid subscribers. But no, they flood me with unwanted RF, I am going to do as I please with that signal. By the way Dave has run to their laweyrs many times before and has genraly made life miserable for many folks. Well thats my load of scantimonius(sp?) crap for the day.
This is the coolest anti-hacker-story I've ever hard of... congratulations to the people at DirecTV that implemented this counter-attack. Normally I wouldn't react this way, but this counter-attack shows that some very clever employee at DirecTV was even smarter than most of the hackers, and has humor as well :-) Of course most of those people who lost their cards are not sharing my thoughts, but hey, they did in fact steal a service and this is the bill... ;-)
It's so regrettable that in a /. discussion of this subject, it all seems to come down to a matter of "might makes right". I can take your signal and decode it, so I have a right to it. Ethical considerations don't even begin to enter the picture.
/.
DirecTV had to maintain a team of engineers solely to protect its service from being stolen. What a pathetic waste of resources, right up there with having to waste money on theft insurance, burglar alarms, and firewalls. Think of the percentage of human output wasted on just defending ourselves from the unscrupulous.
As soon as "might makes right" is turned against your community then you'll be whining and crying for laws and regulations. When Carnivore or something like it is sniffing your private communications, when your next door neighbor is listening to your conversations with high-tech snooping devices, or when the MPAA/RIAA is squeezing you out of their arena with their astoundingly deep pockets... then the loudest whining on the net will be heard here on
Is this really the society that we want to build? Doesn't anyone else crave a society where you can leave your doors unlocked so you never have to carry keys? Wouldn't it be great to be able to leave your contact information out in the open so long-forgotten friends can contact you, without being inundated with junk mail, phone calls, and spam?
Why are you letting these clowns ruin our country?
With the case of DirectTV pirate decoder cards, you didn't pay anything and so in that sense you have no rights to access the signal... other than of course the fact that it's coming out of the sky therefore it's yours to use if you can figger out how. The dubious ethics of hackers MAKING MONEY for themselves reselling access to content that was never theirs to resell in the first place, are inexcusable in my opinion. At that point it does become theft.
I do think DirectTV did the right thing here. They obviously had to plug that hole and they did that in a quite elegant fashion. I do wish the media companies in protecting their precious Content would resort to technical warfare - outhack the hackers - rather than legal warfare, which is the nasty kind nobody likes.
(I hate DMCA, RIAA and MPAA as much as everyone else.)
DirectTV appearently were planning to selectively disconnect the best quality analog plugs so you could only watch the cruddy low rez version of the content on legacy HDTV sets. Now that's just not fair. You paid for it, you should have a right to view it as you please. And that's why a hack to guarantee analog full resolution signals from the HD decoder box is moral and right: You're not stealing anything; you're merely protecting your rights as a paying customer.
Because the VC][+ has never been hacked cleanly. Everyone left the BUD (Big Ugly Dish) when the little dishes came out and were easily hacked. There is also the reason that with the BUD you can only watch a channel that is on that bird on multiple TV's. The little dish solved that issue. dave
Hackers will find a way around the new system. They always find a way, and they will have fun doing it.
This is awesome, its so good to see them use their technical muscle instead of their legal muscle.
So, the big-bad hackers were thwarted by the run of the mill salaried programmers!!!
woohoo!!!
More power to them I say.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
This is all very similar to the Videocipher 2 chipping that was going on until the early 90's. VC2 was the encryption method for big dish C band. Some hackers had figured out various ways to clone subscribed units, convince then they were subscribed to all services, etc., and sold these "chipped" units to unsuspecting consumers for large fees ("free satellite TV forever for just $800"). Many of those consumers didn't realize they were buying illegal equipment, although if they had half a brain they would have realized what they were getting.
There were attempts at fighting the piracy - ECM's that disabled some of the chipped modules. Since the VC2 was not particularly secure, it was easy for the hackers to get around this, or to replace a useless chip with a new one (until it got ECM'd). Many people spent a lot of money buying these chips from the hackers, possibly more than if they had just subscribed legally since some had to buy new chips.
Eventually, VC2 was replaced by VC2+ and VCRS, which have still not been cracked as far as I know. VCRS uses some new encryption techniques, and the hardware uses tamper-resistant packaging (I think the chips are encased in epoxy so you'd have to destroy the board to remove a chip). This upgrade was expensive for the satellite industry and for consumers who had to buy new VCRS modules. I don't recall whether legitimate subscribers got free replacements or not (they probably did). I had inherited a chipped VC2 when I bought my house, so I had to buy a VCRS to continue receiving TV.
DTV might be in for a similar situation. If the hacker abuse continues and grows too large, DTV will either go out of business or force everyone to upgrade to new more secure hardware. If this happens, the hardware upgrades for legal subscribers will probably be "free" but future service will get more expensive to pay for the upgrades.
That's right - I paid $500 for my card from local drug dealer, and now they've broken it!
I'm going to sue!
"Making linux GPL was the best thing I ever did" - Torvalds. I'd hate to see the worst thing...
The cost for a new smart card comes out of the customer's pocket, not DirecTV's. DirecTV charges $40-50 for a new smart card, which probably costs $1-2 to make. The number on the card is used once, never repeated on a different card, and is non-transferrable, just like a credit card number. If you sell (or even give) a receiver to someone else and want to subscribe, you have to order a new card. If last Sunday's "magic bullet" suddenly gave a lot of bootleggers a conscience and they all started ordering legit cards, DirecTV is going to make a killing. I can hear it now. Joe Blow: "I just bought my receiver at a flea market and want to activate it." DirecTV representative: "Yeah. Right. Suuure. Send us 50 bucks and we'll send you a new card. Then call us back to get it activated."
At least they sent the "killer poke" a week before the Superbowl instead of right before. This was a smart move, meant to rake in the bucks by those who want to see the super bowl but don't have time to hunt down another hackable or re-hacked card, so instead they have to go the legit route and pony up for a legit card + subscription.
for phase one.. the idea is awesome :) the idea is to always stay one step ahead of the bad guys (or good, depending on how you see them) and this was simply a game.. i doubt the game is actually over.. DirectTV just created an additional challenge.. let the new games begin.
The guys at DirecTV must've been feeling nice. They gave the hackers several days to find a new hack before the superbowl. I don't doubt that many people will be able to get their cards functional in time for the game. What companies don't seem to understand is that if enough people want to copy something, those people will find a way, no matter what. I'm not saying it's right, but that's how it is. Hardware can be hacked or emulated, and software can be patched. Either way, copy protection will be defeated by those with enough time, patience, and maybe money.
I must say though, what DirecTV did was brilliant compared what most companies would think of. (a lawsuit)
A great story and comments.
:)
Congratulations to both sides, for a game well played. And good job to the writer, all the commentors and Slashdot.
No it's not over yet, just the end of a quarter or a round.
Is it stealing?
If you think the law is always right and is the be all and end all of everything, then yes it is. intercepting and decrypting the signal is a violation of the current law.
On a moral side, it doesn't appear to be stealing. The signal is broadcast, available for anyone in the broadcast area to intercept. I'm not taking something from the company or thier customers. Heck the company is beaming it too them. If they can intercept, they should be able to process it. If they can successfully process it, they can do what they want with it.
This is where technology and morality intersect. Very interisting place. If you add in economic interest, this intersection turns into law.
Bussiness people already know how to make money in broadcasting, and that's what this is. They've been doing it for 50+ years. They integrated the profit making capability into the signal itself, called advertising. And Look we are about to see the biggest advertising event in the world, it's about the only one where people actually sit there and want to watch the advertising.
This is a game between technical people. the other part of the game is that the business people and the lawyers haven't caught on yet. So someone gets to have fun at work and home.
Kudos to DirecTV...heh if I had a house (or apt with a balcony) and lived in the US, maybe I'd get a dish hehe.
There are some details here.
Apparently the technology uses a similar technique to the winCIH virus, chopping up the update code into smaller parts and inserting them into empty/unused areas on the smartcard's PROM.
Kurt
Does anyone know if Hughes tracked down the actual thiefs/hackers/subscribers and pressed charges? Or did they just leave it at destroying their cards? If they never tried to press charges, I find it even more interesting.
It's kind of like catching someone stealing something from your store, but since you caught them- you decide to let them go. That's very unusual for a big corporation.
-p4
(c) All Rights Released.
I must admit they have done a great job on the hu card. But like other have posted it's just a matter of time. Or how about Dish Network. I matter of time.
Some friends of mine (who used hacked cards to steal DirecTV) were telling my wife and I about this last night. They've long tried to get us "in on the act," but we both disagree with the immorality of stealing the signal. Needless to say, I was busting up with laughter as they told us about "black Sunday." (Fortunately, they were rather good humored about the situation.) But what's funnier still was they had just returned from Walmart w/ new receivers that they'd purchased for the express purpose of getting new cards to hack. How funny is that? While I'm sure the hacking community will find some new way to thwart DirecTV, I'm equally sure my friends will go through more cards before it's all over. So how many new receivers do you suppose have been sold this week just for this purpose? Kudos to DirecTV for a truly inspired anti-hack!
Yes, a program can destroy hardware. If you mess around with write functions it is pretty easy to destroy some media. Most writeable meadia can only be written to so many times and damage can be caused by too many successive writes in short order. There are many other ways to destroy media. I use several methods to safeguard certain data so it won't fall into the wrong hands in the event of physical seizure of the device.
I no longer question my sanity.
I personally believe that any signals that happen to cross the boundaries of my property are mine to do with as I wish, but I also believe that the senders of those signals have the right (and in the case of a commercial enterprise, the necessity) to try and protect those signals.
This should be listed as one of the Top Ten Hacks of all time.
Chris Kuivenhoven is a thief, beware
Its time to move on guys-the term "hacker" has taken a derogatory turn, even if it is the media's fault.
I'm sure many years ago there where guys screaming about how they didn't want the term "gay" to lose its "happy" meaning. Too bad, it has Language evolves, just find something better to call yourselves, hack a new term and be ubergeeks, or emailreaders or something...
---"What did I say that sounded like 'Tell me about your day?'"---
A quote from Steve Young: "The principle is competing against yourself. It is about self improvement, about being better than you were the day before." Humans have this uncanny drive to become better at whatever we do, whatever the challenge.
Am I the only person who thinks this is an appropriate model for content protection? Why screw around with more laws when you have technology? Hackers hack, companies counterattack, the rest of us (who haven't hacked code since dabbling in a little Pascal in college...I experimented a little but I never inhaled...)just grin and buy it. Everybody wins. Sure, Direct TV would prefer not to give away a bunch of free content in along the way, but screw 'em. Someone has to "test" their security.
It Is the Nature of Information to Transgress Artificial Boundaries
I side with DirecTV on this one, too. But, not everyone is in the dark. . .
A guy at work was using one of those so-called hacked chips. However, he had a backup: an emulator. So at 8:30 when the TV went out, he started setting up the backup. The emulator connects to the inside of the DirecTV unit through a serial cable to your computer. The computer gets the updates from DirecTV and stores them in memory and then sends the appropriate signals to the DirecTV unit. When Hughes sends out the updates, the computer accepts them, but it never effects the physical hardware. It even stores the updates on a floppy disk automatically. So no fried chips for the person with the emulator.
Like I said, I'm with Hughes on this. But they didn't defeat everyone.
--
Consider the daffodil. And while you're doing that, I'll be over here, looking through your stuff.
It sounds like DirecTV came up with this magnificent counterstrike on the satellite hacking community. Well, they had some help. An "organization" by the name of NorthSat wrote scripts that when applied with a smartcard programmer, would enable all the channels. DirecTV sued them, but they weren't after money or damages. They wanted some assistance. So, in order to avoid jailtime and massive fines, NorthSat assisted in this ECM (electronic countermeasure). NorthSat knew the cards better than DirecTV did. They knew all the holes that were open, where and why they changed the EEPROM, and how to finally take them down. So, give NorthSat some credit. Bad guys gone good, yes. But FREE good guys.
The cost is very much the point. Hackers can take this one of two ways-- they can take their newfound respect for DirectTV and leave them alone, or they can get really interested and launch a full-scale attack on the technology. At some point this gets expensive for DirectTV.
One wonders how much it costs DirectTV to wage this "war", and whether it's really cost effective. The real goal, it would seem, would be to make it so inconvenient to hack that 99.9% of all potential customers would go the legitimate route. When you start spending a lot of money to get at that last 0.01%, you may be pushing it a little too far to be good business. Only DirectTV knows the real percentages (and their own finances), but if the hacker/cracker community fights back hard it may turn out that this was a poor business decision. Let's not forget that this is a content protection technology that, like all others, can and will be broken. For each DirectTV success, their opponents only get smarter and more determined.
Two things: First, I think that Hughes' tactics and strategy are about the coolest f---ing thing I have ever witnessed come out of stodgy corporate America. I challenge anyone to point to another company that would a) be willing to think this far out of the box and b) have the cojones to play it out. Second, wouldn't it be even cooler (if you had to work FOR someone) to work with these people. this is black ops skunkworks sh-t. this is the real deal.
wheeeeee dawgy! thats slick, this ping pong television signal battle is sweet. i can twait to see DirecTV's new line of tv stealing robot recon team. you steal their feeds and a rather angry robot will come take the card and replace it with your sphintcter, if they are smart they induce recordings of fran dresher(spelling?) yodeling
Poor is just having to many bills at the end of the money
What a wishy-washy article! It did not really explain anything. I guess you have to click on HackHU's site to find out more :) If you have satellite TV and thinking about buying $400 card to get free TV, don't bother. It will cost you the same or more in the long run. Also, all those patches, downtime, ECMs and dealers are annoying. However, if you are a hacker and just enjoy messing around with technology, get a Dish Network/Echostar receiver and hack away. Now I pay $35 per month for 100 channels and don't have to worry about another ecm hit. I don't care about free PPV since I borrow, rent and buy DVDs. Read tech info at www.dr7.com if you are still interested.
*bang* *bang* damn that was funney
All your base are belong to us! You are on the way to destruction!
- Pirates stealing DirecTV content by circumventing the content-protection hardware & software present in the satellite receiver
- Pirates stealing DVD-authors' content by circumventing the content-protection hardware & software present in the DVD player
Why do most of this community applaud DirecTV while comdemning SDMI? When did the principle become worse than the practice?But the way DirecTV shut down the pirates was pure Hacking Poetry. Making them have to update with the trojan that was going to kill them in the end was brilliant! It reads like something from a William Gibson novel.
Slashdot should be ashamed for misusing Hacker in yet another story. These guys were Pirates, there was no technical skill involved in 99% of their activities -- it doesn't take much to follow someone elses directions.
Brian
Remember Lexington Green!
Those engineers at DirecTV are pretty smart cookies. And they have a sense of humor. I like that!
I didn't pay for my operating system either
Does anybody knows DTV plans over LatinAmerica? They just started to broadcast a channel about a new smart-card you have to change. Is it right? What about this? Is the same on US?
How could the cards be remotely phyiscally destroyed? I can't quite think of how this might be possible. Any ideas?
The link's been 404'd. So much for the straight from the horse's mouth stuff. Still sounds pretty cool though.
Wenn ist das Nurnstuck git und Slotermeyer? Ja! Feierhund das oder die Flipperwaldt gersput!
Anyone else see the irony in the fact that it went out during the WWF pay per view in which Drew Cary was on as a wrestler in the royal rumble. Good ole DTV spokesman he is!!! LOLOL
Well the smaller dishes are digital and the old C-band stuff was analog, so I would imagine there is better resolution with a digital signal, compressed or not, by the time that analog signal travels however far it is from the satellite to your backyard. Are there any digital signals on C-Band yet?
Before I begin posting off topic I would like to ask if anyone has a working link to the "more information" -------------- ok, now I firmly believe that any one who thinks that they can broadcast data through me and then complain when I tap into it is a damn fool. The airwaves are public, and while I'd be happy to have a discourse about the legitimacy of propery rights in this realm, I consider it a wholly different subject than that of trespassing. That said, I don't believe that just because someone is foolish enough to broadcast information though me I have earned the right to sell hardware/software that takes advantage of their poor judgement. If I feel the need to protest the fact that our current government has been foolish/arrogant enough to sell something which seems clearly to belong to all of us then my dipleasure is better voiced as political action or even simply signal jamming. It must be understood by now that I'm not going to pay anyone for cable TV access - cracker capitalists or Murdoch, your the same wretched pirates to me. Again, please post a mirror of the document that has been /.ed so that those who want 'more info' may receive it. Sorry for starting another thread - flame me if you dare.
#!
I have read alot of peoples comments on the programmers of DSS being so clever to out smart all of the hackers who have been obtaining free TV for a good number of years after countless attempts at shutting them down. Do you really think they are so smart? Think about it... They have access to ALL of the technical documents and formats for all of the H data stream and how the H card is created as well as the software which is installed on it. They wrote the damn stuff! Anyhow... They aren't so smart. I'm still watching free tv!
On the bottom of my calculator, it says: "This device complies with part 15 of the fcc rules. Operation is subject to the following conditions: (1) This device may not cause harmful interference, and (2) This device must accept any interference that may cause undesired operation." Would "GAME OVER" be considered harmful interference since it destroys the H cards? Do these rules apply?
number 1: DTV hacking is still in full force... I'm watching just as many PPV's and just as much pr0n as I always have been, it's called an emulator. Everyone's got old 5x86's... So simmer down already...
2nd: 00 00 00 00 00 00 00 00 DOES NOT SPELL GAME OVER, RETARD!!! It doesn't spell ANYTHING!!! it's HEX! AS IN NUMBERS! You can't convert it to anything but numbers, okay? Sheesh.
Remember, It's not the "real" hackers that were defeated. The "common pirate," the ones who downloaded their programs from sites all over the web were the ones that suffered. Anyone, regardless of their programming knowledge, could buy a $225.00 programmer and download software for free. Real hackers are watching DTV as we speak, and their technology will soon be made public just as the reader/writers and unloopers were. DirecTV beat the little guys!