TokenCracker
01-26-2001, 06:44 AM
Saw this on Slashdot yesterday and thought that maybe not all of you read slashdot or read this story. I post it because my brother has one and his card went out with everyone else's sunday night. A friend supplied this side of the county with hacked H cards since the scam was created and he cant watch tv on his satelite now. He said that the guy that started the scam was caught and fined like 800,000 dollars and had to choose between 5 years in jail and going to work for DirecTV and fixing the problem. Its obvious which one he chose and this article covers some information about the program created to fix the exploit in the cards and how they installed it and hid what they were doing from anyone who could read the card.
4 or more years ago DirecTV launched its service. DirecTV was one of the very first large distributors of smart card technology in their product. So much so, that Hughes corp. (the primary owner of DirecTV) decided to create their own smart cards. Each receiver has a smart card located inside that is keyed to the subscriber, and actively participates in the decryption of the digital satellite video stream. However, considering Hughes decided on this technology when it was virtually in its infancy, they made several mistakes. The hacker community caught onto these mistakes, and there has been a war between DirecTV and the hacking community ever since. For the past two or more years, it was apparent the hacking community would win this war, completely opening the DirecTV signal. However, over the last 6 months, DirecTV has fought back with a vengeance, displaying the most extensive technical campaign against the hacking of their product...
Allow me to give you some background.
One of the original smart cards, entitled 'H' cards for Hughes, had design flaws which were discovered by the hacking community. These flaws enabled the extremely bright hacking community to reverse engineer their design, and to create smart card writers. The writers enabled the hackers to read and write to the smart card, and allowed them to change their subscription model to receive all the channels. Since the technology of satellite television is broadcast only, meaning you cannot send information TO the satellite, the system requires a phone line to communicate with DirecTV. The hackers could re-write their smart cards and receive all the channels, and unplug their phone lines leaving no way for DirecTV to track the abuse. DirecTV had built a mechanism into their system that allowed the updating of these smart cards through the satellite stream. Every receiver was designed to 'apply' these updates when it received them to the cards. DirecTV applied updates that looked for hacked cards, and then attempted to destroy the cards by writing updates that disabled them. The hacking community replied with yet another piece of hardware, an 'unlooper,' that repaired the damage. The hacker community then designed software that trojanized the card, and removed the capability of the receivers to update the card. DirecTV could only send updates to the cards, and then require the updates be present in order to receive video. Each month or so, DirecTV would send an update. 10 or 15 minutes later, the hacking community would update the software to work around the latest fixes. This was the status quo for almost two years. 'H' cards regularly sold on eBay for over $400.00. It was apparent that DirecTV had lost this battle, relegating DirecTV to hunting down Web sites that discussed their product and using their legal team to sue and intimidate them into submission.
Four months ago, however, DirecTV began sending several updates at a time, breaking their pattern. While the hacking community was able to bypass these batches, they did not understand the reasoning behind them. Never before had DirecTV sent 4 and 5 updates at a time, yet alone send these batches every week. Many postulated they were simply trying to annoy the community into submission. The updates contained useless pieces of computer code that were then required to be present on the card in order to receive the transmission. The hacking community accommodated this in their software, applying these updates in their hacking software. Not until the final batch of updates were sent through the stream did the hacking community understand DirecTV. Like a final piece of a puzzle allowing the entire picture, the final updates made all the useless bits of computer code join into a dynamic program, existing on the card itself. This dynamic program changed the entire way the older technology worked. In a masterful, planned, and orchestrated manner, DirecTV had updated the old and ailing technology. The hacking community responded, but cautiously, understanding that this new ability for DirecTV to apply more advanced logic in the receiver was a dangerous new weapon. It was still possible to bypass the protections and receive the programming, but DirecTV had not pulled the trigger of this new weapon.
Last Sunday night, at 8:30 pm est, DirecTV fired their new gun. One week before the Super Bowl, DirecTV launched a series of attacks against the hackers of their product. DirecTV sent programmatic code in the stream, using their new dynamic code ally, that hunted down hacked smart cards and destroyed them. The IRC DirecTV channels overflowed with thousands of people who had lost the ability to watch their stolen TV. The hacking community by and large lost not only their ability to watch TV, but the cards themselves were likely permanently destroyed. Some estimate that in one evening, 100,000 smart cards were destroyed, removing 98% of the hacking communities' ability to steal their signal. To add a little pizzazz to the operation, DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".
--
My friend read his card when trying to fix it and he said game over is on it. That could only be put there by that guy that fixed the scam he started. All DirecTV stealers have been sold out.
------------------
<IMG SRC="http://www.geocities.com/newbnd/sig1.gif" border=0>
See, I got this brown spot on my arm, you think its just a birthmark but its my real skin color, the rest of my skin is just a birthmark.
4 or more years ago DirecTV launched its service. DirecTV was one of the very first large distributors of smart card technology in their product. So much so, that Hughes corp. (the primary owner of DirecTV) decided to create their own smart cards. Each receiver has a smart card located inside that is keyed to the subscriber, and actively participates in the decryption of the digital satellite video stream. However, considering Hughes decided on this technology when it was virtually in its infancy, they made several mistakes. The hacker community caught onto these mistakes, and there has been a war between DirecTV and the hacking community ever since. For the past two or more years, it was apparent the hacking community would win this war, completely opening the DirecTV signal. However, over the last 6 months, DirecTV has fought back with a vengeance, displaying the most extensive technical campaign against the hacking of their product...
Allow me to give you some background.
One of the original smart cards, entitled 'H' cards for Hughes, had design flaws which were discovered by the hacking community. These flaws enabled the extremely bright hacking community to reverse engineer their design, and to create smart card writers. The writers enabled the hackers to read and write to the smart card, and allowed them to change their subscription model to receive all the channels. Since the technology of satellite television is broadcast only, meaning you cannot send information TO the satellite, the system requires a phone line to communicate with DirecTV. The hackers could re-write their smart cards and receive all the channels, and unplug their phone lines leaving no way for DirecTV to track the abuse. DirecTV had built a mechanism into their system that allowed the updating of these smart cards through the satellite stream. Every receiver was designed to 'apply' these updates when it received them to the cards. DirecTV applied updates that looked for hacked cards, and then attempted to destroy the cards by writing updates that disabled them. The hacking community replied with yet another piece of hardware, an 'unlooper,' that repaired the damage. The hacker community then designed software that trojanized the card, and removed the capability of the receivers to update the card. DirecTV could only send updates to the cards, and then require the updates be present in order to receive video. Each month or so, DirecTV would send an update. 10 or 15 minutes later, the hacking community would update the software to work around the latest fixes. This was the status quo for almost two years. 'H' cards regularly sold on eBay for over $400.00. It was apparent that DirecTV had lost this battle, relegating DirecTV to hunting down Web sites that discussed their product and using their legal team to sue and intimidate them into submission.
Four months ago, however, DirecTV began sending several updates at a time, breaking their pattern. While the hacking community was able to bypass these batches, they did not understand the reasoning behind them. Never before had DirecTV sent 4 and 5 updates at a time, yet alone send these batches every week. Many postulated they were simply trying to annoy the community into submission. The updates contained useless pieces of computer code that were then required to be present on the card in order to receive the transmission. The hacking community accommodated this in their software, applying these updates in their hacking software. Not until the final batch of updates were sent through the stream did the hacking community understand DirecTV. Like a final piece of a puzzle allowing the entire picture, the final updates made all the useless bits of computer code join into a dynamic program, existing on the card itself. This dynamic program changed the entire way the older technology worked. In a masterful, planned, and orchestrated manner, DirecTV had updated the old and ailing technology. The hacking community responded, but cautiously, understanding that this new ability for DirecTV to apply more advanced logic in the receiver was a dangerous new weapon. It was still possible to bypass the protections and receive the programming, but DirecTV had not pulled the trigger of this new weapon.
Last Sunday night, at 8:30 pm est, DirecTV fired their new gun. One week before the Super Bowl, DirecTV launched a series of attacks against the hackers of their product. DirecTV sent programmatic code in the stream, using their new dynamic code ally, that hunted down hacked smart cards and destroyed them. The IRC DirecTV channels overflowed with thousands of people who had lost the ability to watch their stolen TV. The hacking community by and large lost not only their ability to watch TV, but the cards themselves were likely permanently destroyed. Some estimate that in one evening, 100,000 smart cards were destroyed, removing 98% of the hacking communities' ability to steal their signal. To add a little pizzazz to the operation, DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".
--
My friend read his card when trying to fix it and he said game over is on it. That could only be put there by that guy that fixed the scam he started. All DirecTV stealers have been sold out.
------------------
<IMG SRC="http://www.geocities.com/newbnd/sig1.gif" border=0>
See, I got this brown spot on my arm, you think its just a birthmark but its my real skin color, the rest of my skin is just a birthmark.