Slashdot Mirror
Users Conned by Cable Con
RJ Mansfield writes "MSNBC is running a story on users attempting to con their cable companies being connned. The high-cost filter being sold on Ebay and through email Spam to bypass Pay-Per-View (PPV) digital cable systems is a readily available filter that only temporarily blocks the PPV charges. Users are getting shocked when the cable company then bills the cable user for all of the ordered PPV."
This is what we're talking about. A little crappy coax coupler. I saw this on ebay a couple days ago, and thought to myself 'This must be a scam -- such a little thing can't work, since real descrambler boxes are pretty large and complicated'. Guess I was right.
From the DMCA: Now the cable companies are free to blackmail those who have used the devices. Pay us X number of dollars or we will turn you over to the police...
Nobody said eBay is spamming people about this device. You are apparently overlooking the word "and" between "Ebay" and "through email spam". Sellers are peddling the devices on eBay, and they are also selling them via spam.
I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
Maybe we should read the title... "Users conned by Cable Con"
The users, who are trying to screw the cable company, are getting screwed. They are getting screwed because they fell for the "Free Pay-per-View" con.
For once, the editors are okay here. Break it down:
The "Cable Con" part referred to in the title: "You can get free PPV, if you buy this thingy. Con your cable comany!"
However, those people who think they are going to con themselves get conned, because they actually bought a worthless piece of crap. See how the users got conned by a cable con?
People already have made devices that they claim give free PPV on Sky - it's a 9V battery and a couple of diodes that fake a phone line. Like the cable product everything appears to go fine until you reach the credit limit and then it stops working, and again, you either never plug it into the phone line again or pay up. Sweet!
Cracking the challenge/response would be very difficult - if it's even 1/2 way as secure as the MediaGuard encryption nobody will get even close. MediaGuard is *very* secure.
Gareth
This is not a descrambler at all, that's handled entirely by the cable box. The only thing this particular device achieves is to prevent the PPV order from being transmitted back to the cable provider. The digital cable box, or "DCT" will let you order as many movies as you want, up to a credit limit set by the cable provider. For AT&T Broadband in the greater Chicago area anyway, it usually defaults to $100 or $150. As far as the DCT is concerned, you're watching the movie, and being billed for it. Once the DCT fails to respond for a certain time period, usually a couple weeks, it'll be shut down, and prompt you, the subscriber, to call in. You're then forced to have a technician come out and check out the DCT to find out what's going on before you're allowed to have the service restored, unless the problem can be determined by a bit of quick troubleshooting on the phone.
;)
All in all, this little filter does the same thing as leaving the phone cord unplugged on older networks where the cable network wasn't two-way. I have no sympathy whatsoever for anyone who thought they would get away with it. There would be no use in trying to convince the tech that the DCT is broken either. They have diagnostic tools and whatnot. Even if you were to convince a technician that the DCT is broken, and they swapped it for a new one, guess what? You're still billed for those PPV movies that are remaining in the DCT. They clean those out once the DCT is returned and put them on your bill, sometimes as much as 6 months later
(disclaimer: i worked for at&t broadband chicago until about 2 months ago)
It's the exact same way with DirectTV satellite service - you can unplug the box from the phone line, and you won't get charged for PPV until you reach a dollar limit, or 25 events. Then the box has to call home and "unload" the billing information, and you are charged for all the purchases at once.
A friend used to do this sometimes when he was financially strapped, then next month when he got paid, he'd plug the phone back in and pay for all the purchases. He wasn't really stealing - just delaying the billing bit.
They also can poll the newer boxes to make them dial home even if they have no pending PPV purchases.
The main difference is that with CATV they know where the box is, with satellite there is no way for them to tell.
The other difference is that with the satellite boxes, the pirates can clear the purchases from the removeable access card, whereas with cable boxes there's no way to clear that memory.
-- You are in a maze of little, twisty passages, all different... --
Those of us who do research this stuff have tried to warn people. My god, believing a poorly worded ebay auction?
Ugh.
My digital cablebox site will tell you what little is known. If anyone wants to help, and designs PCI cards or demodulators for a living...
Something similar in France: clever guys rented
actual Satellite TV decoders with a 1 month subscription, giving a fake address. They "repackaged" the decoder in a homebuilt box to
make it look like a pirate one, and sold them during
that month claiming it was a pirate box. The buyer
was very happy during..one month.
This is the device (http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&ite m=3013536743). Aside from the name, the write up only says you can get PPV, etc. when the coupler is connected to the appropriate box. Which is true since it is just a coupler. The buyer is inferring from the _name_ that the device will make the viewing free. A court case would revolve around whether it is reasonable to assume a descrambling ability when no such ability was mentioned in the description. The description would be argued as being the seller's definition of the name. Their definition does _not_ mention descrambling. Which makes the scam a rather tidy one.
"Consensus" in science is _always_ a political construct.
We have stores that sell drug paraphernalia like water bongs, yet smoking and possessing marijuana is illegal. They claim it is for tobacca. Yeah, right!
Actually, I have smoked turkish tobacco in a water pipe -- even remember reading an article about the "fad" catching on in california or something.
Totally different than cigarettes, and very easy to see why the early settlers found tobacco so appealing.
Recursive: Adj. See Recursive.
Thing is, if somebody was using one of these notch filters to block the communication from the set top box to the cable company, the cable company wouldn't be adding the box to the audience figures. Since I'm assuming they'd pay the PPV provider based on the actual audience, the cable company isn't paying for the viewers they don't know about. I'd assume the audience counters and billing systems are linked, so as soon as the cable company finds out that you watched a movie and adds you to the count sent to the PPV provider, they also bill you.
After reading this and laughing (I know a guy that got seriously burned after unplugging his DirecTV's phone line for awhile) I decided to take a look at raymond917's eBay Feedback rating.
He's got a pair of shades next to his rating. Make me wonder if he'll change his moniker after this.
What I found interesting is how much an average person such as myself can find out about someone just by looking at their eBay Feedback and any of the still available auciton listings. This guy likes kickboxing movies, in fact he's bought a number of them since January 1st. He bought a Gunman Chronicles/Survival/Alcatraz mulit-pack at the end of February that he's selling already.
Things like this with eBay make you go hmmm.
d a v e
"Hmmm...upgrades."
In digital cable the signal isn't technically scrambled; it's encrypted. When a digital PPV event is about to become available, one part of the key to decrypt the event is sent out to the digital cable boxes. If that event is ordered, the box uses that key and one of its own. Usually there is a predetermined (by the cable company) number of events that a box can order. When the box has hit the limit, you can no longer order PPV movies.
Every hour the cable company's headend polls all the digital cable boxes in the field (free timing attack if you can determine exactly when the box is polled) to determine how many PPV events each box has ordered. At this point it also clears the boxes tally and sets the number ordered back to 0.
The device being sold is almost definitely just a filter to keep the digital cable box from responding to these poll requests by filtering out the reverse path frequencies. Therefore, the events are not recorded by the cable company and they are "free". However, the tally remains on the box, including the PPV event information, until a poll is successful and the information is cleared. After a certain number of purchases, the user can no longer purchase events, but if they take off the filter, the previous events get recorded. There is no way for the user to clear these events, and if the box is returned to the cable company they can still get the events and charge for them. The box would have to "die" an impressive death to stop this which might lead to getting charged for the box.
Since cable companies often have problems with their reverse path anyway, a box that doesn't talk back will not be disabled. All the information the digital cable boxes need to function is sent to it in a different frequency range.
While a 1-{800 | 888 | 877 | 866} number is free to the calling party, except for some nefarious call redirection scams, it is NOT free to the receiving party. They pay for the call. They can receive ANI information detailing which phone number is calling them.
Unlike Caller-ID information which is transmitted in-band (on the same line) between the first and second telephone ring and can be blocked by the dialing party, the ANI service is transmitted off-band and CANNOT be blocked when you call an 800 number. It's always there.
Contrary to the tone of the article, this isn't and instance of the cable company "conning" users. The gist of the story is this (since so many don't seem to read): People bought a filter that blocks the box from talking to "headquarters", so the cableco doesn't know what movies you are watching. The problem? The cableco realizes that your box hasn't called home so hey shut it down, and once you bring it in they can easily retrieve all of the movies that you watched (the box has a long memory of all those late night porn flicks). They aren't "conning" people, but rather are charging people for events they TRIED to steal, but couldn't.
Saying that the cable company "conned" them is like saying that Walmart is conning you if they make you pay for a chocolate bar you ate while walking around the store.
In both of these cases, calling the 1-800-xxx-yyyy number created an account entry with the phone numbe you were calling from on it. This account entry was provided to the owner of the 1-800-number, who used it to call you back.
While a 1-{800 | 888 | 877 | 866} number is free to the calling party, except for some nefarious call redirection scams, it is NOT free to the receiving party. They pay for the call. They can receive ANI information detailing which phone number is calling them as long as they pay extra for it.
Unlike Caller-ID information which is transmitted in-band (on the same line) between the first and second telephone ring and can be blocked by the dialing party, the ANI service is transmitted off-band and CANNOT be blocked (either one time or permanently) when you call an 800 number. It's always there
Apparently, DirecTV did something similar: they sent a signal legitimate viewing cards couldn't decode (hence ignored) saying something like "You've won a free holiday! Call 1-800-555-1234". The non-legit cards happily decode the signal, display it, and the dumber users turned themselves in to DirecTV by mistake. Whoops. I don't know if that's an urban myth or not, but DirecTV certainly have a history of using clever technical tricks to screw users with bent cards, rather than getting lawyered up for a fight: here, for example.