IEDR has to try to follow the rules and under its interpretation, porn.ie is not acceptable. Of course allowing bebo.ie, windowsonecare.ie, onecare.ie (Microsoft products), irishindependent.ie (one of the biggest Irish newspapers with the domain irish-independent.ie), googel.ie (google typo), dmoz.ie to be squatted is perfectly fine. Though technically, porn.ie might not be acceptable under the legislation governing.ie ccTLD. Most ccTLDs tend to run differently to the gTLDs like.com where anything can be registered.
O'Reilly and CMP threatened an Irish company over the use of Web 2.0 based on a US application for a service mark it seems. Well unless O'Reilly and CMP have an Irish or EU trademark or service mark, they have no rights to the term in Europe. Perhaps someone should explain that harsh reality to them. In threatening IT@Cork, O'Reilly and CMP have shown themselves to be no better than Jeff Bezos with his One Click patent etc. It is sad to see such a great reputation destroyed by the careless actions of lawyers.
"I think that we will all miss the source of insightful, future-looking, new idea-creation factory, much to our long term deficit."
Don't fool yourself. These guys were not very insightful and the certainly weren't future orientated. Hell they weren't even bright enough to see their own demise staring them in the face.
They were trying to "rethink" stuff. Most invention and research comes out of hard work and genius. Both of these aspects seemed to be lacking in both MLE and its management.
"I read a research paper that predicted exactly what is going on with cable / satellite, and PVRs right now. Including the network downloading of video content for 'Video On Demand', the DRM issues and a bunch more (I can't remember exactly right now)." Those tossers in MLE and Medialab were not there dealing with HDTV, DRM and the problems of conditional access. I know because that is exactly the business I was in, specifically the Conditional Access side of things. The cable/satellite industry was planning stuff in the early 90s and late 80s that has really only become a reality in the last few years. MLE and Medialab are as irrelevant to that as they are to Irish technology culture.
The MLE is Medialab Europe. The US one has not crashed and burned yet. But there is a lot more research going on in real labs funded by US industry. But even that Wired article in 2003 was the start of corporate America questioning the whole Medialab thing.
I really don't think that you understand the differences between hacking some trivial executable on Windows and reverse-engineering a smartcard and implementing a pirate version of the card on a different microcontroller.
Witha commercial attack on a smartcard, the card has to be stripped and the contents popped. The equipment and the skills to do it are not that common and it can end up being expensive. That gets you as far as having a pile of code that may well be bit scrambled rather than encrypted.
Then, once you have reached this stage, you have to examine how the code operates. Some of the code will be inactive (ready for future ECMs) so part of the equation will be missing. Even so, it should be enough to implement some kind of emulation of the official smartcard (as long as they haven't thrown another spanner in the works like using an ASIC as part of the process).
Then the decision about what kind of microcontroller to use for the pirate smartcard has to be made. This has a lot of engineering and timing contstraint issues. The code has to be rewritten and tested for this implementation.
Then there is the problem of marketing the pirate cards.
Hacking smartcard based systems is a tough and very expensive business.
In Pay TV, especially in a captive terrestrial market, a quick figure can be derived by taking the number of decoders in the market and subtracting the number of decoders for which valid subscriptions exist. With satellite systems, the equation is more complex and I don't have time to explain it here.
The code examined in the GSM hack was probably extracted from a GSM smartcard. Once the code is extracted from a smartcard (even the Canal Plus one) it has to be examined and reimplemented. This can be very hard work as you have to figure out what each section does. The problem with this (as applied to a Pay TV smartcard rather than a GSM smartcard) is that some sections of the software may not actually be in operation so you are in effect missing half the equation. Once you have figured out how to implement the code on different chips it is possible for the piracy to begin.
This hack was always going to happen. In fact almost any system that uses a conditional access system where the data stream can be accessed and rebroadcast is vulnerable. News Datacom, the company that created the crypto architecture for DSS/DirecTV knew about this vulnerability and it patented what they considered a solution to it. (US Patent:5,590,200 if you want to check it on www.uspto.gov).
It is not due to the crypto system being compromised. It is basically a failure in the model. I formulated the original hack for this over ten years ago so it is not as if the designers of the TV encryption systems did not know about it.
Regards...jmcc
(John McCormac)
Indonesia may release E. Timor//+comment on "War"
on
First Virtual War
·
· Score: 1
Sounds like the Indonesian givernment sources are putting a very nice spin on the situation.
With respect to your analysis, I don't really think that you understand what happened. In a situation like East Timor, getting the message out is extremely important. The more the Indonesian govt. was shown to be in the wrong, the more untenable their position becomes. It is classic information warfare. The same situation occurred here in Ireland with the Northern Ireland conflict - the Republicans were so effective in getting the ir message out that they were even banned from TV and radio in the UK and Ireland. With the WWW, the printing costs are removed making it far more feasible to put the viewpoint forward. It would have been in the best interest of the Indonesian govt. to reduce any such avenue of expression.
Since East Timor does not have a financial network or any targettable infrastructure, hitting that server in Ireland, which also hosts the DNS for the entire.tp top level domain would effectively wipe the virtual country of East Timor off the internet.
One of the first rules of any covert operation is that it has to be deniable. The second rule is that it must be difficult to properly attribute.
I don't know about the level of your knowledge of information warfare but your doubting that the Indonesian government was responsible is a proof of rule one.
In real information warfare, this kind of operation would have been subcontracted. From the people I have spoken to about this, it seemed that it was a planned attack and was the culmination of some activity that had been going on for about six months or so.
Did it ever occur to you that the people who carried out the op may also have watched Beavis and Butthead. After all MTV is a global satellite network.
Slashdot Mirror
IEDR has to try to follow the rules and under its interpretation, porn.ie is not acceptable. Of course allowing bebo.ie, windowsonecare.ie, onecare.ie (Microsoft products), irishindependent.ie (one of the biggest Irish newspapers with the domain irish-independent.ie), googel.ie (google typo), dmoz.ie to be squatted is perfectly fine. Though technically, porn.ie might not be acceptable under the legislation governing .ie ccTLD. Most ccTLDs tend to run differently to the gTLDs like .com where anything can be registered.
O'Reilly and CMP threatened an Irish company over the use of Web 2.0 based on a US application for a service mark it seems. Well unless O'Reilly and CMP have an Irish or EU trademark or service mark, they have no rights to the term in Europe. Perhaps someone should explain that harsh reality to them. In threatening IT@Cork, O'Reilly and CMP have shown themselves to be no better than Jeff Bezos with his One Click patent etc. It is sad to see such a great reputation destroyed by the careless actions of lawyers.
"I think that we will all miss the source of insightful, future-looking, new idea-creation factory, much to our long term deficit."
Don't fool yourself. These guys were not very insightful and the certainly weren't future orientated. Hell they weren't even bright enough to see their own demise staring them in the face.
They were trying to "rethink" stuff. Most invention and research comes out of hard work and genius. Both of these aspects seemed to be lacking in both MLE and its management.
"I read a research paper that predicted exactly what is going on with cable / satellite, and PVRs right now. Including the network downloading of video content for 'Video On Demand', the DRM issues and a bunch more (I can't remember exactly right now)." Those tossers in MLE and Medialab were not there dealing with HDTV, DRM and the problems of conditional access. I know because that is exactly the business I was in, specifically the Conditional Access side of things. The cable/satellite industry was planning stuff in the early 90s and late 80s that has really only become a reality in the last few years. MLE and Medialab are as irrelevant to that as they are to Irish technology culture.
The MLE is Medialab Europe. The US one has not crashed and burned yet. But there is a lot more research going on in real labs funded by US industry. But even that Wired article in 2003 was the start of corporate America questioning the whole Medialab thing.
Regards...jmcc
I really don't think that you understand the differences between hacking some trivial executable on Windows and reverse-engineering a smartcard and implementing a pirate version of the card on a different microcontroller.
Witha commercial attack on a smartcard, the card has to be stripped and the contents popped. The equipment and the skills to do it are not that common and it can end up being expensive. That gets you as far as having a pile of code that may well be bit scrambled rather than encrypted.
Then, once you have reached this stage, you have to examine how the code operates. Some of the code will be inactive (ready for future ECMs) so part of the equation will be missing. Even so, it should be enough to implement some kind of emulation of the official smartcard (as long as they haven't thrown another spanner in the works like using an ASIC as part of the process).
Then the decision about what kind of microcontroller to use for the pirate smartcard has to be made. This has a lot of engineering and timing contstraint issues. The code has to be rewritten and tested for this implementation.
Then there is the problem of marketing the pirate cards.
Hacking smartcard based systems is a tough and very expensive business.
In Pay TV, especially in a captive terrestrial market, a quick figure can be derived by taking the number of decoders in the market and subtracting the number of decoders for which valid subscriptions exist. With satellite systems, the equation is more complex and I don't have time to explain it here.
Regards...jmcc
The code examined in the GSM hack was probably extracted from a GSM smartcard. Once the code is extracted from a smartcard (even the Canal Plus one) it has to be examined and reimplemented. This can be very hard work as you have to figure out what each section does. The problem with this (as applied to a Pay TV smartcard rather than a GSM smartcard) is that some sections of the software may not actually be in operation so you are in effect missing half the equation. Once you have figured out how to implement the code on different chips it is possible for the piracy to begin.
Regards...jmcc
This hack was always going to happen. In fact almost any system that uses a conditional access system where the data stream can be accessed and rebroadcast is vulnerable. News Datacom, the company that created the crypto architecture for DSS/DirecTV knew about this vulnerability and it patented what they considered a solution to it. (US Patent:5,590,200 if you want to check it on www.uspto.gov). It is not due to the crypto system being compromised. It is basically a failure in the model. I formulated the original hack for this over ten years ago so it is not as if the designers of the TV encryption systems did not know about it. Regards...jmcc (John McCormac)
Sounds like the Indonesian givernment sources are putting a very nice spin on the situation.
.tp top level domain would effectively wipe the virtual country of East Timor off the internet.
With respect to your analysis, I don't really think that you understand what happened. In a situation like East Timor, getting the message out is extremely important. The more the Indonesian govt. was shown to be in the wrong, the more untenable their position becomes. It is classic information warfare. The same situation occurred here in Ireland with the Northern Ireland conflict - the Republicans were so effective in getting the ir message out that they were even banned from TV and radio in the UK and Ireland. With the WWW, the printing costs are removed making it far more feasible to put the viewpoint forward. It would have been in the best interest of the Indonesian govt. to reduce any such avenue of expression.
Since East Timor does not have a financial network or any targettable infrastructure, hitting that server in Ireland, which also hosts the DNS for the entire
Regards...jmcc
One of the first rules of any covert operation is that it has to be deniable. The second rule is that it must be difficult to properly attribute.
I don't know about the level of your knowledge of information warfare but your doubting that the Indonesian government was responsible is a proof of rule one.
In real information warfare, this kind of operation would have been subcontracted. From the people I have spoken to about this, it seemed that it was a planned attack and was the culmination of some activity that had been going on for about six months or so.
Did it ever occur to you that the people who carried out the op may also have watched Beavis and Butthead. After all MTV is a global satellite network.
Regards...jmcc