****************************************************************** *---------------- Syndicated Hack Watch - 10:1993 ---------------* ****************************************************************** *-------------- Special Projects BBS +353-51-50143 --------------* *-------------- SysOp: John McCormac --------------* ****************************************************************** *------------- (c) 1993 MC2 (Publications Division) -------------* *--------------- 22 Viewmount, Waterford Ireland ----------------* ****************************************************************** ****************************************************************** Syndicated Hack Watch is copyrighted material. All unauthorised reproduction whether in whole or in part, in any language will be suitably dealt with. ****************************************************************** Contact Numbers: Voice: +353-51-73640 Fax: +353-51-73640 BBS: +353-51-50143 HST - Special Projects BBS E-mail: [email protected] FidoNet: 2:263/402 ****************************************************************** Piracy Covered By Mainstream Press It would appear that the mainstream press has finally copped on to the fact that piracy is happening. The Financial Times, the English eqivalent of the Wall Street Journal, has covered the matter though the topic had a curiously Anglo-Australian flavour. Apparently there is a dealer in Offaly, Ireland selling pirate smart cards into the UK. The initial Finacial Times article featured a photograph of Mr David Lyons of Satellite Decoding Systems (Offaly and Warrington) with a a legitimate card and a pirate card. The day after, the Financial Times had a small piece on how they received a pirate smart card with a Cheshire, UK, postmark. Basically what Satellite Decoding Systems is doing is marketing the pirate card into the UK from Ireland. The card is not illegal in Ireland but it is illegal in the UK. But the problem was that the cards were being shipped into the UK from Ireland and then distributed in the UK. The UK side of the operation was slightly illegal. Sky's lawyers have served a writ on the UK operation but Mr Lyons is fighting it. Sky are faced with a tricker problem in Ireland. The hacking of non-Irish satellite channels is not illegal under the Irish Broadcast Act 1990. The only option sky would have is to take Satellite Decoding Systems to court for copyright infringement. EC Legislation On Piracy? The Motion Picture Experts Group has drafted an anti-piracy proposal with which to lobby the EC. They want to make piracy illegal in all the states of the European Community. They may be movie experts but their knowledge of piracy is appears to be in the realm of the fictional. The draft proposal would make piracy of satellite and cable signals illegal throughout the EC. The most likely implementation would be as a Directive which would be law throughout the EC. The approach is American and the thinking on appears to be federalist. Except in this case the federalist approach is not the correct one. Each country in the EC has its own particular framework and problems. To try to implement a standard catch-all piece of legislation will cause more problems than it solves. There is legislation extant in various EC countries to protect the signals. Though the downside is that the legislation is inward looking. The laws of each country protect that country's channels. In most states in the EC, the legislation protecting satellite and cable channels is a compromise. Protecting cable signals with legislation is a fairly straightforward matter. Protecting satellite signals is a trickier proposition. Normally the legislation covers the channels uplinked from that country but does not extend to satellite channels that originate outside the country. The legislation in some countries have provisions that extend protection on a reciprocal basis. Of course the problem with piracy is that it rarely respects legality. It can operate underground when necessary. Where it has been forced underground it has prospered. General Instruments Sues Magazine General Instruments, the maker of that greatly hacked system, VideoCipher II, are to sue a magazine over adverts. The adverts in question were for third party cable decoders. The action is being taken because GI believe that the adverts contravene the 1984 US Cable Act which makes it a criminal offence to assist piracy. The magazine, "Nuts And Volts" has a circulation of 80,000. The US constitution protects the right to free speech. Commercial and editorial speech is also protected to a lesser degree. The US Supreme Court upheld a decision that the US magazine "Soldier Of Fortune" could be liable for criminal acts committed by mercenaries who advertise in its pages. Some in the industry see the lawsuit as a form of harassment by GI. However the situation will be watched closely here in Europe by Sky. A Faster Update For Pirate Cards According to some sources, Sky are about to face a more versatile and lethal threat. Some of the newer designs for pirate smart cards will be updated by telephone. In this respect are becoming more like Sky. Except in this case the pirate cards will be updated to cope with Sky's countermeasures. The technology involved is similar to that used in the USA for the VideoCipher key updates. The basic dealer equipment will be a modem, a computer and a chip programmer. The update codes will be delivered via modem to dealers throughout Europe. They will then have to program the pirate cards using the delivered codes. This essentially involves plugging the pirate card into a socket on the programmer and downloading the updated set of codes. Of course the full chip program will not be sent. The newer versions of the cards will have two chips. One chip will hold the main card program. This chip will be protected. The second chip will be unprotected. This chip will hold the alterable information. Such a change in operation will give the Blackbox industry an edge on Sky as they will be able to bring the update time down to a few hours. Whereas before it was a question of returning the card and waiting perhaps a few days, pirate users will now be able to walk in to a dealers and have the card updated on the spot. FilmNet and VideoCrypt 2 The system used by FilmNet on the low Astra transponder is VideoCrypt. It is not the same type of VideoCrypt as that currently in operation on the Sky Multichannels. The new type of VideoCrypt has been given a working title of VideoCrypt 2. Others have called it VideoCrypt Europe. Some hackers have pointed out the ominous similarity of its acronym - VC2. The need for VideoCrypt- 2 has become evident over the last few months. Some of the more European channels in the Sky Multichannels package have sizable European potential. The Ireland - UK constriction of the Sky Multichannels package tends to limit their financial outlook somewhat. The European market is far more lucrative in terms of cablenet deals. According to a source, FilmNet have already ordered 100,000 VideoCrypt-2 IRDs from Thomson. The use of the system by FilmNet is not particularly unusual. However it is an indication of a clever strategy on FilmNet's part. It is a case of compartmentalised operations. A separate system for each area of operation. The strategy would tend to limit the effects of a hack on any of the systems. As things stand, FilmNet on Astra is hacked and VideoCrypt is hacked. Unless there is some major upgrade in VideoCrypt-2 then the system will also be hacked. The use of a separate transponder by some of the channels that use VideoCrypt-2 to access the European market is out of the question. Therefore VideoCrypt-2 must be able to coexist with VideoCrypt-1 on the same channel. There may be some evidence for the VideoCrypt-2 being in operation on channels other than FilmNet. Some official card users have been reporting slow lock-up times on various channels. Other problems such as intermittent drop-out have been observed. These are exactly the kind of symptoms to be expected if VideoCrypt-1 and VideoCrypt-2 are sharing a channel's datastream. The VideoCrypt datastream is robust in that it has a very slow data rate. The 1 kilobit per second rate gives it a good resistance to sparklies. The disadvantage is that the slow data rate makes updates and addressing tedious. Normally the VideoCrypt system requires a new seed key every 3.5 seconds or so. To multiplex VideoCrypt-1 and VideoCrypt-2 datastreams would be possible. The problem would be that some areas of the datastream would double in size and take as long to transmit. Other areas of the datastream would have to be expanded as well. As some of the Sky Multichannels package are not yet cleared for European rights they would have to transmit a secondary channel identifier. This would ensure that a European Discovery smart card would decode only Discovery and not the rest of the Sky Multichannels package. This would mean that the channel identifier bytes would be transmitted on an alternating basis hence the delayed lock-up. At this stage it is only possible to speculate on the circuitry used on the VideoCrypt-2 decoder. Most of the VideoCrypt designs on the market at the moment are based on the 1989 design. The 8052, 6805, custom logic chip have made this particular decoder design vulnerable. The 8052 was not even protected. Over the last few years there has been a tendency to go for surface mount componentry but the main chipset appears the same. The most logical areas for updating would be the 8052 and the 6805. In the VideoCrypt-2 decoder the functions of these chips would probably be taken care of by one chip. This would give a higher security to the decoder as the compromised programs could be rewritten and perhaps given a few new twists and turns. The question at this point relates to FilmNet's risk. Are they walking into another ambush? VideoCrypt-1 is already totally hacked. VideoCrypt-2 may not last very long unless there has been some intense re-engineering of the software and the card-decoder protocols.