programming and human factors

December 10, 2015 – 11:49 am
Satellite smart card

One of the most impressive hacks I've ever read about has to be the Black Sunday kill. Since the original 2001 Slashdot article I read on this is 99.9% quote, I'm going to do the same. I can see why they quoted so extensively; it'd be difficult to improve on the unusually succinct, well written summary provided by Pat from Belch:

One of the original smart cards, entitled 'H' cards for Hughes, had design flaws which were discovered by the hacking community. These flaws enabled the extremely bright hacking community to reverse engineer their design, and to create smart card writers. The writers enabled the hackers to read and write to the smart card, and allowed them to change their subscription model to receive all the channels. Since the technology of satellite television is broadcast only, meaning you cannot send information TO the satellite, the system requires a phone line to communicate with DirecTV. The hackers could re-write their smart cards and receive all the channels, and unplug their phone lines leaving no way for DirecTV to track the abuse. DirecTV had built a mechanism into their system that allowed the updating of these smart cards through the satellite stream. Every receiver was designed to 'apply' these updates when it received them to the cards. DirecTV applied updates that looked for hacked cards, and then attempted to destroy the cards by writing updates that disabled them. The hacking community replied with yet another piece of hardware, an 'unlooper, ' that repaired the damage. The hacker community then designed software that trojanized the card, and removed the capability of the receivers to update the card. DirecTV could only send updates to the cards, and then require the updates be present in order to receive video. Each month or so, DirecTV would send an update. 10 or 15 minutes later, the hacking community would update the software to work around the latest fixes. This was the status quo for almost two years. 'H' cards regularly sold on eBay for over $400.00. It was apparent that DirecTV had lost this battle, relegating DirecTV to hunting down Web sites that discussed their product and using their legal team to sue and intimidate them into submission.

Four months ago, however, DirecTV began sending several updates at a time, breaking their pattern. While the hacking community was able to bypass these batches, they did not understand the reasoning behind them. Never before had DirecTV sent 4 and 5 updates at a time, yet alone send these batches every week. Many postulated they were simply trying to annoy the community into submission. The updates contained useless pieces of computer code that were then required to be present on the card in order to receive the transmission. The hacking community accommodated this in their software, applying these updates in their hacking software. Not until the final batch of updates were sent through the stream did the hacking community understand DirecTV. Like a final piece of a puzzle allowing the entire picture, the final updates made all the useless bits of computer code join into a dynamic program, existing on the card itself. This dynamic program changed the entire way the older technology worked. In a masterful, planned, and orchestrated manner, DirecTV had updated the old and ailing technology. The hacking community responded, but cautiously, understanding that this new ability for DirecTV to apply more advanced logic in the receiver was a dangerous new weapon. It was still possible to bypass the protections and receive the programming, but DirecTV had not pulled the trigger of this new weapon.

Last Sunday night, at 8:30 pm est, DirecTV fired their new gun. One week before the Super Bowl, DirecTV launched a series of attacks against the hackers of their product. DirecTV sent programmatic code in the stream, using their new dynamic code ally, that hunted down hacked smart cards and destroyed them. The IRC DirecTV channels overflowed with thousands of people who had lost the ability to watch their stolen TV. The hacking community by and large lost not only their ability to watch TV, but the cards themselves were likely permanently destroyed. Some estimate that in one evening, 100, 000 smart cards were destroyed, removing 98% of the hacking communities' ability to steal their signal. To add a little pizzazz to the operation, DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".

Among the countermeasures he says he created was one known among pirates as the "Black Sunday" kill - an elaborate scheme that destroyed tens of thousands of pirate DirecTV cards a week before Super Bowl Sunday in 2001.

Instead of being delivered all at once like other measures, the Black Sunday attack code was sent to pirate cards in about five dozen parts over the course of two months, like a tank transported piece by piece to a battlefield to be assembled in the field. "They never expected us to do this, " Tarnovsky says.

The kill didn't last long before pirates found a way to jump-start the cards. But it holds an enduring position in pirate lore; for the first time, they could see a cunning mind at work on the other side.

Source: blog.codinghorror.com

PINWHEEL K1 S2 Amlogic S805 Quad Core 1G/8G Android TV Box DVB S2 Satellite TV Receiver Support CCCam Newcamd Biss Fully Loaded XBMC / Kodi 15.2 Media Player
Home Theater (Skyworld)
  • DVB-S2 receiver allows you to watch stable live tv channels.Support am,newcamd,biss,support H.265/HEVC Hardware decoding 1080P
  • CPU: Amlogic S805 Quad core Cortex A5;GPU: Quad-core Mali-450MP GPU 600MHz.
  • DDR3 1G + Flash 8GB; OS: Android 4.4.2 (KitKat), Built in 2.4G WiFi. Pack with US power adapter.
  • The Mali 450 Octo Core High Performance 3D GPU processor delivers the necessary graphics for 2D/3D Games and ultra HD quality movies. All your favorite Games on...
  • Cut your monthly TV subscription and enjoy FREE Movies, Shows and Live Entertainment from all over the world including Sports. No restrictions! Forget the limitations...
LB1 High Performance New HDMI Switcher 3 Ports Mini Switch w/ Built-In Equalizer & IR Remote for MINIX NEO X7 Android TV Box RK3188 Quad Core Mini PC 1.6GHz 2G/16G WiFi HDMI USB RJ45 OTG SD Card Optical XBMC Smart TV Receiver Intelligent Auto Switch 3x1 Enhanced HDMI and HDCP
CE (Laptop Battery 1)
  • 3x1 HDMI Switch with IR Remote allows you to connect High Definition 1080p source components such as a Blu-ray Player | Play Station 3 | audio|video receiver cable...
  • Connect the HDMI output from the Selector Switch to an HDTV or other high-definition displays. Be sure to use a quality HDMI Cable to connect all of your HD components...
  • This switch is operated off of the power provided in the HDMI signal and requires no additional power supply. By use of the included IR remote control or the manual...
  • Support 12-bit Deep Color full 1080p.
  • Multifunctional on switching: intelligent or mechanical.
  • Supports with HDMI1.3b - High performance up to 2.5Gbps.
  • Switches easily between the several HDMI sources.
  • Maintains high resolution video - beautiful sharp HDTV resolutions up to 1080p| 2k and computer resolutions up to 1920 x 1200 are easily achieved.
  • IR extender receiver (included) and IR remote (included).
  • No power needed (If the input equipment is standard otherwise power needed).
  • Compatible with virtually all HDMI sources and supports HDCP.
  • 100% Customer Satisfaction. Fast Same-Day Shipping by 12:00 PM PDT.
  • 30-Day Money Back Guarantee. 12 Months Warranty. Exclusive $1 Product Protection Plan!
  • Satisfies Government - School - Health care enterprise and Corporate account purchase order requirements.

Related posts:

  1. Set Top box satellite Receiver
  2. Magic box satellite Receiver
  3. FTA Digital Satellite receiver
  4. StarSat Digital Satellite receiver