Hacking Pay TV …
Tuesday, September 2, 2008 13:35Alright!! this news is an old shit. I was thinking to write about it for many months but was always wary of the leagal bindings I have with my company. Now, that the news is old, stale and widely public, I feel like talking about it.
Satellite TV hacking has been in a lot of focus in the past, especially, in the western world, when the technology was in its infancy stage and was trying to grow. Cryptographers and mathematicians were busy round the clock trying to produce new algorithms to keep hackers at bay. and then, emerged the two guys, Boris Floricic (better known as Tron) and this guy , Chris Tarnovsky (better known as Big Gun) in the underground world.
Satellite TV hacking in the past has been considered as on the lines of hacking smart card (From the Eye of a Legal Storm, Murdoch’s Satellite-TV Hacker Tells All , Also see the video given below ). But now, I feel that trying to hack a smart card is a waste of energy, time and money. It needs a lot of know how and knowledge to break the pay TV smart card and is no where, similar to internet hacking. I agree that if you wish to watch free TV, then you’ll definitely need to hack the smart card. But then, you can still pay the bills and try to break the system to get more out of it. So, it always goes on in my mind that if instead of trying to reverse engineer the smart card, we try to exploit the system, then it will be much easier to get more information on your TV.
Okay, lets take an example as usual. Lets say that, you social engineer the programmer sitting in of the software companies writing code to enable EPGs. Although, every code written passes strigent code reviews, but it is still very easy to leave easter eggs in the code which can enable you view some information you are not entitled to. :-)
May be, we can try the other route. Third party companies writing interactive applications always uses the API’s and the SDK provided by the above referred product vendors. So, As you know, every software has bugs, it might take quite a while, but using tainted object technique, these interactive applications can exploit the information stored on the Set Top Box. and you never know, this might compromise a big system.
Talking about all this, we still know that it is a closed system development and is not available to outside world. Also, it passes stringent checks, code reviews and quality assurance, it is still possible to leave small gaps to enable the hackers to exploit these possibilties.
I am a novice in this reverse engineering field and bound by my company laws, I cannot talk more details about it.
But, I leave you to think more and meanwhile, watch this awsome hacking video. 
…
Quote of the Day:"Human beings may not be perfect, but a computer program with language synthesis is hardly the answer to the world's problems." - JC Denton
flashguy says:
December 3rd, 2009 at 8:40 pm
This was a great read though! Thanks..