
How to Reverse-Engineer a Satellite TV Smart Card (2008) - stevekemp
https://www.wired.com/2008/05/tarnovsky/
======
alexpotato
So in the early 2000's, I worked for a firm that was hired by a major
satellite TV provider to investigate Smart Card hacking.

It was a very eye opening experience for a recent grad and would be happy to
write up some of my experiences if people are interested.

~~~
alexpotato
Wrote it up here:
[https://twitter.com/alexpotato/status/1270423060097708035?s=...](https://twitter.com/alexpotato/status/1270423060097708035?s=20)

~~~
beavisel
Great thread. Thank you

------
at-fates-hands
>> DirecTV periodically deployed electronic countermeasures, or ECMs, in the
satellite stream that killed the cards in their set-top boxes. Ereiser needed
someone to fix the cards.

I worked for a home theater company from 2000-2002 following the dot com
crash. Every single one of our customers had pirated DirecTV cards. I still
remember getting calls on a regular basis, "Yeah, I think the card got fried
again" and would have one of our techs go out and get their fried cards
replaced.

I was pretty shocked how common it was and how a legit business was profiting
from giving away satellite tv for free which was obviously illegal. Every time
DTV fried the cards, we would charge a card replacement fee and a service
charge which was around $30. Nobody ever complained about paying it - as long
as their pirated tv continued to work.

------
schoolboard
Does anybody remember back in the late 80s when we had those BIG satellite
dishes that you had to aim from one satellite to another for different
stations? We had a chipped card and got some physical mailing every month with
a huge code we had to type into the receiver from the remote to receive
encrypted signals for that month. A huge pain, but as a bored kid in Nebraska
I gladly did it! Anybody know more about that newsletter and how they did it?

------
eternauta3k
> Nagrastar says Tarnovsky used the code to create a device for reprogramming
> Nagrastar cards into pirate cards, and gave the cards to pirates eager to
> steal Dish Network's programming. Tarnovsky was also accused of posting to
> the internet a detailed road map for hacking Nagrastar's cards.

> Nagrastar says NDS had an obvious motive for these antics: Their own chip,
> the so-called P1 or "F Card," had already been thoroughly cracked by
> pirates, and the company wanted to level the playing field with its
> competitors.

How does increasing piracy of your competitor help you?

~~~
mschuster91
> How does increasing piracy of your competitor help you?

Pretty easy. Assume I'm an end consumer of the competitor's client stations...
and my contract is up for renewal while at the same time I can get a cracked
cardfor a hundred dollars, I'd be a fool to renew the contract.

Also, the competitor's client stations may decide to drop the competitor (and
come to your company), especially if there is a fundamental unfixable flaw in
the system.

~~~
aidenn0
Or more obviously; I'm a purchaser of your product, I tell you I'm going to
switch because your cards are hacked, my response is "see, so is the
competition" and you don't bother switching.

------
RobGR
I attended a talk at Defcon in 2007 or 2006 which was given by Chris
Tarnovsky, in which he alluded to some of details covered in this article. It
was definitely one of my formative tech career experiences, I don't remember
much of the other talks then, but I think I could almost recount his
presentation word for word, and I stayed after for an informal demo after the
talk was "over". Mingling in that crowd I ran into a person who I vaguely
remembered from college, who I would never have thought to show up in that
environment.

I think it was that experience, along with a later experience at "Do it with
Drupal" in New Orleans, that lead to me completely re-evaluating how I valued
and approached conferences and other "community" type events. Prior to that I
put them in the same class as picking the right powerpoint template and buying
obnoxious people drinks at the hotel bar, i.e., complete sales / business
fluff to my nerdy point of view. After Defcon and that presentation in
particular, I tried to never miss any of the "community run" tech events, such
as Defcon, Linux Fests, Drupal camps, etc.

------
Neil44
I remember these from the 90's, we knew someone who dealt them. There was a
little card/PCB type hybrid thing and every now and then they'd change
something about the encryption and you'd have to go back and get the card re
flashed. Eventually they got killed off altogether iirc.

~~~
eumoria
The 'CableCard' system where I lived was pretty big during the TiVO era before
cable companies started providing their own DVR systems.

You had to get 2 cards one for each tuner card in the TiVO and they would
constantly fail and had endless issues. I was a Cablevision (a New York cable
company) technician at the time.

~~~
wolrah
I had a TiVo HD with an M-Card on Armstrong Cable from 2008 through when I got
rid of cable altogether. I don't recall ever having any issues with it, so if
I did they weren't all that memorable. Certainly nothing like the piece of
shit Motorola box they gave me to start.

The parts that sucked about CableCard mostly sucked because a lot of cable
companies wanted them to suck, but the suckage was not mandatory.

~~~
soylentcola
That's also what I'd read. For a while I used a Hauppauge PCI card to get
legit/paid cable into my HTPC. It actually still works for OTA digital TV but
back then it was a godsend.

Even the built-in Windows Media Center gave me a better interface and tons of
storage versus the junky old cable boxes for rent, but then they used
confusion over the switch to _broadcast_ digital to stop providing Clear QAM
channels and move everyone over to digital encrypted cable boxes.

For a while I really wanted to buy one of those fancy Ceton cards that took a
CableCard like a TiVo, but between the cost of the tuner card and the horror
stories I read about getting $CableCo to support anything but a TiVo I just
said screw it and stopped buying cable at all.

------
FraKtus
The card sharing scene was alive for many years and it took a long time for
the industry to fight back and have some control over it.

