take your time here is a really long read but great ..
Satellite TV Piracy to see changes // 2008-06-22
Satellite TV subscribers in Canada will undergo another satellite Smart Card ( Conditional Access Card) swap in Bell ExpresssVu's attempts to thwart Satellite TV signal theft. The transition by Bell to another new encryption system is now in its second stage and requires many ExpressVu subscribers to remove the SmartCard inside their satellite receivers and swap them with a new one.
In the first stage of the new encryption transition, ExpressVu issued new firmware updates through their satellite signal streams to selected satellite receivers. These firmware updates were sent out discreetly at night to said selected receivers without any intervention by the subscriber.
In the second stage of the update process, ExpressVu sent a letter in the mail to affected subscribers which included a new upgraded SmartCard. Swapping the SmartCard on the ExpressVu receiver is a simple process. On most ExpressVu receivers, the SmartCard is located at the front, on the left hand side behind a small plastic panel or door. The card fits into a small slot is hidden by closing the plastic panel door.
The subscriber simply swaps the old card for the new one. Once the new card is in place, customers are required to activate the new card online or via a toll free phone number. Bell says it will then take approximately 15 minutes to 2 hours for programming to return to normal. Failure to activate the new Smartcard in the given time limit may result in loss of programming, or a continual on screen reminder advising them to do so.
You can expect the US Satellite company DishNetwork to follow suit very shortly. Bell ExpressVu and DishNetwork use the same technologies and similar satellites. Bell purchased the technology from Echostar Communications in the US. Echostar is the parent company to Dishnetwork. Although DishNetwork and bell ExpressVu are completely separate companies using separate satellites, they do share common methods and technologies. Smart cards, Satellite receiver boxes, satellite dishes and broadcasting methods are virtually the same.
Since the last encryption scheme update in 2005, ExpressVu and Dish Network have been seriously compromised by satellite piracy using inexpensive Free-to-Air (FTA) receivers to illegally watch ExpressVu and Dish Network programming.
More than 2 million homes in 2007 were pirating Bell ExpressVu and Dish Network Direct-to-Home (DTH) satellite television signals. The new encryption scheme currently in deployment is an attempt by ExpressVu and Dish Network to shut down the satellite pirates.
Article was posted at:
Satellite TV Piracy to see changes | Informative Post
Murdoch's hacker tells all // 2008-06-12
Full story with pictures and video at wired.com
From the Eye of a Legal Storm, Murdoch's Satellite-TV Hacker Tells All
SAN DIEGO -- Christopher Tarnovsky feels vindicated. The software engineer and former satellite-TV pirate has been on the hot seat for five years, accused of helping his former employer, a Rupert Murdoch company, sabotage a rival to gain the top spot in the global pay-TV wars.
But two weeks ago a jury in the civil lawsuit against that employer, NDS Group, largely cleared the company -- and by extension Tarnovsky -- of piracy, finding NDS guilty of only a single incident of stealing satellite signals, for which Dish was awarded $1,500 in damages.
"I knew this was going to come," Tarnovsky says. "They didn't have any proof or evidence."
The trial was years in the making, yet raised more questions than it answered. It came down to testimony between admitted pirates on both sides who accused each other of lying. Now that it's over Tarnovsky, who was fired by NDS last year, is eager to tell his side of the story.
Dressed in loose jeans, flip-flops and a T-shirt, Tarnovsky, 37, spoke with Wired.com by phone and in an air-conditioned lab in Southern California where he's been running a consultancy since losing his job. Surrounded by boxes of smart cards and thousands of dollars worth of microscopes and computers used for researching chips, he talked excitedly at lightning speed about his strange journey, which began in a top-secret Pentagon communications center, and ended with him working both sides of a heated electronic war over pay TV.
Satellite-TV hacker Chris Tarnovsky opens his laboratory to Threat Level reporter Kim Zetter, providing a unprecedented peek into the world of smart-card hacking.
Editor: Annaliza Savage
Camera: Steve Raines
His story sheds new light on the murky, morally ambiguous world of international satellite pirates and those who do battle with them.
The stakes are high: Earnings in the satellite-TV industry reach the billions. In the first quarter of this year alone, U.S. market leader DirecTV announced revenue of $4.6 billion from more than 17 million U.S. subscribers. Dish Network earned $2.8 billion from nearly 14 million subscribers. Although satellite piracy has greatly diminished from its peak seven to 10 years ago when the events detailed in the civil lawsuit took place, the two companies lost millions in potential revenue, and spent millions more to replace insecure smart cards used in their systems and track down dealers selling pirated smart cards.
Those smart cards are at the center of the controversy over NDS, a British-Israeli company and a majority-owned subsidiary of Murdoch's News Corp. The company makes access cards used by pay-TV systems, most prominently DirecTV -- itself a former Murdoch company. Nagrastar, a plaintiff in the case and NDS's chief competitor, makes access cards used by Dish Network and other runners-up in the market.
According to allegations in the lawsuit, in the late '90s NDS extracted and cracked the proprietary code used in Nagrastar's cards, a fact that NDS doesn't contest. What happened next, though, is hotly disputed. Nagrastar says Tarnovsky used the code to create a device for reprogramming Nagrastar cards into pirate cards, and gave the cards to pirates eager to steal Dish Network's programming. Tarnovsky was also accused of posting to the internet a detailed road map for hacking Nagrastar's cards.
Nagrastar says NDS had an obvious motive for these antics: Their own chip, the so-called P1 or "F Card," had already been thoroughly cracked by pirates, and the company wanted to level the playing field with its competitors.
NDS denied the allegations at trial. The company declined to comment for this article or to confirm details of Tarnovsky's employment other than to say it was pleased that the verdict "ended in a resounding affirmation of NDS and its business ethics and proper conduct."
Tarnovsky began his pirating career in the '90s while serving in the U.S. Army. He had a top-secret SCI security clearance working on cryptographic computers in Belgium for NATO headquarters, and spent a year at Ft. Detrick in Maryland providing support to the National Security Agency for satellite transmissions to Europe.
In 1996, he was stationed in Germany when his colonel sold him a used satellite-TV system, along with two pirated access cards, neither of which worked. Tarnovsky began posting on online pirate forums, and developed contacts in the community, ultimately learning how to fix the cards to access English-language programs from Sky in the United Kingdom.
After leaving the Army and returning to the States, he got a call from Ron Ereiser, a Canadian pirate who'd heard about him through the grapevine. Pirates had found a back door in the P1 card and were vigorously exploiting it to get DirecTV content. But the cards kept failing. In a game of pirate pingpong, DirecTV periodically deployed electronic countermeasures, or ECMs, in the satellite stream that killed the cards in their set-top boxes. Ereiser needed someone to fix the cards.
There was serious black-market money on the line. In Canada, where pirating of U.S. satellite services wasn't considered illegal until 2002, syndicates of dealers did enough business that they could afford to chip in about $50,000 to hire a programmer to reverse engineer the latest cards. Pirate cards would sell for about $200 each, with the profit split between the investors and engineers. Tarnovsky claims Canadian pirate dealers could make $400,000 in a weekend; when Reginald Scullion, a notorious pirate in Canada, was raided in 1998, authorities seized $5.5 million from his bank accounts and safe-deposit boxes, though not all of it was from piracy.
Ereiser, who now works as a consultant to Nagrastar, concedes that the money from piracy was good, but insists that nobody became an overnight millionaire. "It was lucrative," he said in a telephone interview. "But to suggest that millions were being made in a month is an absolute crock."
DirecTV's countermeasures were a nagging drag on this lucrative trade. Every time an ECM was deployed, Ereiser and other dealers would be harangued by customers demanding to have the cards fixed and their TV programs restored.
Tarnovsky, who was known online as "Big Gun," says Ereiser offered him $20,000 to fix cards that were killed by ECMs, and he agreed. Each time NDS created a countermeasure, Tarnovsky would analyze the code and find a way to circumvent the countermeasure. He did it while working full-time as a software engineer for a semiconductor company in Massachusetts.
"I'd be at work and I'd check the IRC (channel) to see if they'd launched their Thursday countermeasure yet," he says. "It was like a chess game for me. I couldn't wait for them to do a countermeasure because I would counter it in minutes."
Tarnovsky suffers from attention deficit hyperactivity disorder, which he says helped with the detailed work.
"I think so fast," he says.
It wasn't long before NDS came courting. Tarnovsky had a contact at the company to whom he'd begun passing information about holes in its software, even supplying patches to fix them. NDS offered him a job earning $65,000 a year. By the time the company fired him last year, he was earning about $245,000 in salary and bonuses and had another $100,000 in stock options, he says.
The company set him up in a lab in Southern California equipped with a computer, some DirecTV set-top boxes, sample DirecTV cards and NDS source code. There was no fancy equipment at first, but his relationship with NDS and the lab grew over the decade he worked with them. Tarnovsky says the job was a dream come true. While living in Europe he'd once seen a news report showing an engineer at a French satellite company writing countermeasures, sitting in a lab with smart cards piled around him on his desk.
"I always thought it would be so cool to be that guy," Tarnovsky says. "Finally I got the chance."
Tarnovsky had two roles at NDS -- to find holes in its software and work undercover with pirates to discover what they were doing against NDS technology.
To conceal his relationship with NDS from pirates, few people at the company knew his identity. He used the name "Michael George" and for the first four years was paid through other companies, including, for about five months, HarperCollins, the Murdoch-owned book publisher.
"It was very hush-hush, because we didn't know who could be an inside informant," he says.
Part of his job was developing ECMs for NDS. He'd examine pirate NDS cards to determine how they worked, then send instructions to engineers in Israel to create a kill for them.
"I didn’t actually load the gun and pull the trigger but I got to make the bullet," Tarnovsky says.
Among the countermeasures he says he created was one known among pirates as the "Black Sunday" kill -- an elaborate scheme that destroyed tens of thousands of pirate DirecTV cards a week before Super Bowl Sunday in 2001.
Instead of being delivered all at once like other measures, the Black Sunday attack code was sent to pirate cards in about five dozen parts over the course of two months, like a tank transported piece by piece to a battlefield to be assembled in the field. "They never expected us to do this," Tarnovsky says.
The kill didn't last long before pirates found a way to jump-start the cards. But it holds an enduring position in pirate lore; for the first time, they could see a cunning mind at work on the other side.
While Tarnovsky was killing cards, however, he was also helping pirates fix them.
Days before Tarnovsky began working for NDS, the company began phasing in its latest-generation smart card, the P2, which was thought to be virtually uncrackable. But word reached the company that two Bulgarian hackers working for Ereiser had cracked the P2. On NDS's instructions, Tarnovsky met with Ereiser undercover in Calgary to get the code. When he got there, Ereiser offered him $20,000 to work for him fighting whatever countermeasures NDS and DirecTV cooked up to thwart their P2 hack.
NDS considered it a great opportunity for Tarnovsky to maintain his pirate identity, but DirecTV insisted on some controls. Under "Operation Johnny Walker," as they dubbed it, Tarnovsky gave Ereiser a program to create pirate NDS cards, but encrypted it so no one could copy it. The program worked only with a dongle attached to Ereiser's computer and created a limited number of cards that could be killed at any time.
But, according to Nagrastar, Tarnovsky wasn't just helping NDS fight piracy by working undercover and creating ECMs, he was also committing piracy against NDS's competitors to weaken their place in the market.
After NDS engineers in Israel hacked the Nagrastar code in the late '90s, Nagrastar says Tarnovsky created a "stinger" program that turned Nagrastar cards into pirate cards. He allegedly gave the program to a Canadian named Al Menard in 1999 who sold reprogrammed Nagrastar cards for $350 each. Then in December 2000, someone anonymously posted code and detailed instructions for hacking Nagrastar's card to two websites, one of them run by Menard, exposing Dish Network to even more piracy. It was estimated in court testimony that between 100,000 and 165,000 pirated Nagrastar cards were released to the market in the wake of this posting.
Nagrastar says Menard began sending Tarnovsky cash from the sale of the pirate cards. At the end of August 2000, authorities acting on an anonymous tip seized two boxes destined for a mail drop Tarnovsky rented in Texas. Inside, they found a CD and DVD player with $20,000 and $20,100 concealed inside.
The boxes were sent from a phony address for "Regency Audio" in Vancouver to C.T. Electronics at Tarnovsky's address. A customs form for a third package that wasn't seized indicated that it was sent from Menard to Tarnovsky and also contained electronic goods.
Tarnovsky was in Israel at the time, and says he didn't know anything about the packages until he was notified that they'd been seized. He thinks they were sent by someone in Nagrastar's camp who was trying to frame him. He says Nagrastar's accusations about the "stinger" program were baseless, and that he never gave Menard any software.
On Feb. 9, 2001, U.S. Customs agents appeared at his doorstep. On advice of a lawyer, he declined to let them search his house without a warrant. Tarnovsky was never arrested or charged with any crime, but suspicions against him were mounting. NDS gave Tarnovsky a polygraph test, but asked only two, self-interested questions that never touched on the Nagrastar accusations: Had Tarnovsky sold any modified NDS smart cards, or company secrets, since he'd been working for the company? Tarnovsky answered no, and passed the test.
He continued to work for NDS for six years. But then last year, Nagrastar confronted NDS with a sheriff's report showing that fingerprints lifted from the seized electronics equipment sent to Tarnovsky's Texas mail drop belonged to an associate of Menard, raising suspicions again that Tarnovsky might have sold pirate Nagrastar cards without NDS's knowledge. NDS fired him.
Tarnovsky says his termination proves he and NDS weren't conspiring against Nagrastar. Had they been, NDS would have done anything to keep him happy, and quiet. He says the fact that Nagrastar lost the case shows he wasn't pirating on his own either.
"I've never sold a single Nagra card, ever," he says.
Although he was angry at NDS for abandoning him, he told Wired.com before the trial ended that he hoped to work for the company again.
"I want to make sure that NDS wins this lawsuit because that will clear my name," he said at the time.
When it was suggested that someone might view this as motivation for him to lie on NDS's behalf, he disagreed.
"That's crazy. I could go to jail," he said. "I would never perjure myself for some company."
Since NDS fired him he's been consulting for two semiconductor companies and a manufacturer of dongle tokens, but he misses his life in electronic warfare. If NDS doesn't want him, he says he'd be happy to work for Nagrastar -- jumping sides once again.
"I could design a whole entire chip for them like I did for NDS," he says. "NDS thinks today that their technology is superior to everybody else's and it probably is, because they're 17 years ahead of Nagra technologically. But Nagra could catch up overnight if they used my services.
"I'm a very valuable asset as far as smart-card technology goes," he adds. "I know everything about (NDS) as far as their intellectual property models go."
He offered his services to the company last year, while the lawsuit was pending. Nagrastar declined.
Dishnetwork used same tactic as NDS // 2008-06-10
SANTA ANA, Calif. - DISH Network Corp has engaged in the same kind of satellite television piracy that it accused News Corp unit NDS Group of in a lawsuit, a lawyer for NDS argued Wednesday during closing arguments in the case.
Attorney Darin Snyder told the jury in his closing remarks that DISH employed an infamous hacker and attempted to crack the encryption codes of rivals in the satellite TV business.
DISH has sued NDS in a corporate espionage case that has the potential for damages of $1.6 billion if a jury finds against the News Corp unit and awards punitive damages.
Jury deliberations were set to begin in the high-profile case as early as Thursday morning.
"The plaintiffs are doing the same with practically everything they're complaining about with NDS," Snyder said. "They had a multi-million-dollar project where they tried to break into a Motorola (black) box."
Snyder said DISH employed convicted hacker Ron Ereiser, who had been caught trying to steal the codes of formerly News Corp-owned DirecTV.
NDS employed several hackers, including Christopher Tarvnosky, who was keeping tabs on Ereiser in a sting operation titled "Johnny Walker," according to testimony during the one-month trial in Santa Ana, California.
In her closing argument, DISH attorney Wade Welch countered by asserting that Tarnovsky's real role was to hack into DISH's network and flood the market with "smart cards" that unscrambled the satellite signal when placed in a black box.
DRAGGING THE MARKET DOWN?
Trial testimony showed that NDS employed several engineers in an Israeli lab and dubbed the group "The Black Hat Team." Their mission was to extract codes from rival systems. According to testimony, more than 100,000 DISH cards were produced that Tarnvosky sold for $350 each.
NDS officials denied producing the cards and testified that they used engineers for reverse technology, which is standard in the industry.
But DISH charges that the result was not a better NDS product, but rather they "chose to drag the market down because they couldn't compete. So they hired the world's two best hackers."
Welch pointed to a trial exhibit that was a confidential NDS report he described as a "how-to" manual for hacking. Then he went through a series of Internet posts and e-mails where the compromised DISH code was discussed.
Snyder argued that the manual was created as a prevention measure so NDS could save itself from pirates. He called DISH's allegations "lies" and pointed to NDS's aggressive track record in ferreting out pirates and prosecuting them.
In fact, NDS has such an aggressive investigative team that they were able to find a piracy ring in Canada that was the culprit for DISH's hack, Snyder said.
"All of these things are legitimate activities, there's nothing wrong," he said.
Thursday ECM // 2008-05-29
The usual Thursday ECM is here, most of the devices are down except plastic and IKS type receivers.
Coolsat Saga // 2008-05-28
I have been receiving lot of inquiries regarding Coolsat support (may be NO support)on their older models 4000, 5000 and 6000, here are the details I got after doing some digging around.
Coolsat 4000, 5000 and 6000 were made by a separate company out of the Korea than the 6100, 7000 and 7100, to make the matter even more complicated they decided to go with a 3rd company for the 8000 and 8100 receivers..... Freetech (North American importer) of the above receivers did not pay their first gen. receiver coders well to take care of his product so they decided to screw him around with his older models, 6100, 7000 and 7100 coders did not like his pay either and they decided to throw their support behind the different importer K HUB (K1 Heros and K2 Extreme same manufacture out of Korea as Coolsat 6100, 7000 and 7100 models), these guys claim that the end seem to be near between Freetech and Korean manufacture, Freetech is offering to take back 4000, 5000 and 6000 and trade them up to Coolsat 6100 with a fee of $89 (that is wholesale price of Coolsat 6100 and it will help them get rid of 30,000 units they are stuck with) once they have money in their pocket they will go on with different manufactures and customers will be left to fend for themselves with no support just like the older models they just traded.
I was told that K Heros coders can take care of the coding of 6100, 7000 and 7100 if they decide to do it, the k-hubs work with coolsat 6100, 7100 currently and they auto run off of k-hub servers NOT coolsat servers,coolsat dongle and server are still at only a few dozen channels.
The current coolsat 6100 and 7100 files are from the khub team.
That is the story on Coolsat and future does not look too bright for them at this time.
ECM by both providers // 2008-05-21
Reports are coming in that there is ECM by both providers which knocked out majority of test devices except plastic and IKS receivers.
NDS vs. NagraVision aftermath // 2008-05-17
7 years of court case and $1500 victory instead of one billion dollar, is not really a victory for Nagrastar....
What I found very disgusting, looking through bits and pieces of the released court documents, were the names of the advisers, depositions and behind the scene investigators on both sides.
One of my former site moderator Neo's deposition was a shock to me, I had no idea he was going to give damaging deposition against the guys he was getting sued along.
Under cross examining Nagra security guy said that Reg Scullion and Mr. Perlman were his consultant while they were running dr7 site, these 2 guys were heavily involved in legal defense fund site at one time along with others.....
Ron and few other past big name dealers/hackers were also named as Dishnetwork consulatnt.
Chris Tarnovsky aka Big Gun a well known hacker was named a NDS employee while he sold/provided codes to hack Nagrastar encrypted card, Big Gun was involved in DirecTV hacking scene at one point also.
All this show you that what you think you know is NOT always the way it is, sad but true.
Echostar wins the hollow victory over NDS // 2008-05-15
Santa Ana, Calif.—A California jury Thursday found that NDS Group Americas, a division of News Corp., had violated a pair of piracy laws by hacking EchoStar Communications’ conditional access system, however it only awarded $1,500 in statutory damages—a far cry from the $1 billion in damages EchoStar had been seeking.
EchoStar (now Dish Network) alleged that NDS Group in 2003 reverse-engineered its "smart cards" then leaked the hacking information on the Internet. EchoStar asserted the company sought to improve its position as a system security provider by diminishing the reputation of NagraStar LLC, EchoStar's security provider.
EchoStar owns 50% of NagraStar.
EchoStar could opt to accept the statutory damage award or the actual damages. But the latter award was even smaller: $46.95 for each of the two counts the jury believed EchoStar had proved.
The jury felt EchoStar had met its burden of proof that NDS violated an anti-piracy section of the Cable Communications Policy Act and California state law against piracy. The award represents the cost of a single piece of EchoStar's anti-theft system. The jury voted no damages for co-plaintiff Nagrastar.
In prepared e-mail statement, EchoStar officials sounded both vindicated and dejected by the jury’s decision.
“We are pleased that after four weeks of testimony on all the facts, the jury concluded that NDS violated the Federal Communications Act and the California Penal Code,” the company said in the statement. “We will continue to vigorously prosecute those individuals and companies that engage in stealing our satellite signals. While we are disappointed in the jury’s damages award, we are pleased that NDS will be responsible for our attorney fees in this case, and that we were completely vindicated on NDS' meritless counterclaims."
Darrin Snyder, one of the attorney's for NDS, said "NDS is pleased with the jury verdict."
The trial put an end to the lie that NDS had any responsibility for piracy at EchoStar, he said, adding the jury's verdict was consistent with the evidence.
Tuesday ECM by both providers // 2008-05-13
Reports are coming in on an ECM by both providers, most of the FTAs are down along with other devices.
Plastic and IKS type FTAs are reported to be up at this time.
DISH/NDS Trial Jury Ready for Deliberations // 2008-05-09
Jury deliberations are set to begin next Tuesday in the high-profile federal trial involving DISH and NDS Group centering on claims that the News Corp. technology unit allegedly hacked the satellite TV company's conditional access technology.
As of press time, there was no new news on the trial, taking place in southern California. In closing arguments that wrapped up Wednesday, NDS attorneys alleged that EchoStar engaged in the same behavior that NDS is accused of participating in through its internal operations. According to press reports, DISH stuck to its story that NDS hired a well-known pirate to hack its security system and shared the knowledge with others, which led to a large number of pirated conditional access smart cards flooding the illegitimate market.
EchoStar and its conditional access provider NagraStar are seeking $1 billion in damages in the litigation, alleging that NDS compromised the conditional access technology utilized by the companies.
In their complaint, EchoStar and NagraStar allege NDS cracked their access card technology, and extracted proprietary codes from within the system. What's more, NDS personnel then designed and built a pirating device that was capable of reprogramming those access cards, stated the litigation. Those devices were then allegedly distributed to the pirating community, the lawsuit said.
Source:
SkyREPORT.com - Satellite Industry Daily News, Information, Data and Research for direct-to-home, DBS, C-Band, Local Channel, Broadband, High Speed Data, PVR and Interactive Television.
ECM by both providers again // 2008-05-06
Reports are coming in that both Nagra providers sent out the ECM again, it looks like they are getting pretty serious in their efforts toward piracy.
Thursday ECM // 2008-05-01
There is ECM in the stream by both providers, reports are coming in that international and PPVs are down on most of the platforms including IKS FTAs, expect rest of them to go down shortly.
Majority of the Private and public plastic are down this time also.
NDS vs. NagraVision a disater for P.R // 2008-04-30
NDS vs Nagra is a nightmare for both companies
PR people, it shows what kind of tactics were used and being used by both companies.
Nagrastar alleges in it's lawsuit that NDS used a group of hackers headed by Chris Tarnovsky (known as Big Gun on the underground forms), to hack their card and gave the information to dr7.com which sold the hacked dishnetwork cards to public and to other dealers, as a proof they submitted evidence from custom who confiscated a VCR full of money from dr7 to Big Gun.
Nagrastar had few of their witnesses revealed in front of the judge to testify against Chris Tarnovsky and NDS, their witness Marty Mullen is already in jail for NDS piracy charges so he can not testify, their other witnesses were Reg (vcipher owner, one of the biggest pirate site in thier time) who passed away and Ron Ereiser (a self confessed hacker/dealer who at one time had an article published in newspaper about his piracy empire......) both sides have asked the judge to seal the documents so no information can be released on the identity of the other informants.
The above 3 guys were the top guys on hacking front in their days and now they are revealed as informant/witness for the satellite company, looking at the request to seal the documents I will not be surprised to find some big name underground guys/hackers who are/were acting on both side of the fence.
This case has revealed what goes behind the scene in those big corporations who preach against piracy but do not think twice to hire a pirate to do piracy for them or use them in other ways.
Even the judge at this court case commented on the allegations and credibility of the witnesses who are testifying, he asked the both companies to come up with mutual agreement (which is very unlikely)
Top hacker claim NDS hired him // 2008-04-24
A HACKER, described as one of the two best in the world, has told a court hearing into corporate spying that he was hired by News Corporation to develop pirating software.
But Christopher Tarnovsky, who said his first payment was $US20,000 ($21,136) in cash hidden in electronic devices mailed from Canada, denied using the software to hack into the security system of a rival satellite television service.
Mr Tarnovsky was testifying in a Santa Ana court in a corporate-spying lawsuit brought against News Corp's NDS Group by DISH Network Corporation.
The trial could result in hundreds of millions of dollars in damage awards.
NDS, which provides security technology to a global satellite network that includes satellite TV service DirecTV, has said it was looking only at its rival's technology to determine how it worked, a standard in the electronics industry.
DISH's attorney Chad Hagan described Mr Tarnovsky as one of the "two best hackers in the world".
Mr Tarnovsky told the court he was paid on a regular basis by Harper Collins, a publishing arm of News Corp, for 10 years.
He said one of his first projects was to develop a pirating program to make DirectTV more secure.
Lawyers for DISH said Mr Tarnovsky's mission was to hack into DISH's satellite network, steal the security code then flood the market with pirated smart cards, costing DISH $US900 million in lost revenue and system-repair costs.
Smart cards enable satellite TV converter boxes to bring in premium channels.
Mr Tarnovsky conceded that he made a device called "the stinger" that could communicate with any smart card in the world.
Another hacker, Tony Dionisi, testified that Mr Tarnovsky bragged about creating "the stinger" and that he knew of another hacker and NDS employee who reprogrammed 50 smart cards with the device.
News Corp is the parent company of the publisher of NEWS.com.au.
The trial continues.
Source:
Top hacker claims News Corp hired him | NEWS.com.au
More on Ariza / David Fuss // 2008-04-22
Here is the update on the story I wrote on April 12th.
As part of their ongoing anti-piracy push north of the border, DISH Network/EchoStar, NagraStar and Canada's Bell ExpressVu said the execution of civil search and seizure orders were made against David Fuss and Incredible Electronics, Ariza Technology and Electronics Wholesale, all in Toronto.
The companies said that earlier in the month they executed search and seizure orders of Fuss' property in order to preserve evidence for litigation. Large quantities of DISH Network receivers and access cards were recovered, said the companies. Also found during the order execution were Nagravision “embedded” free-to-air receivers, hard drives and business records disclosing the identities of Fuss' suppliers and customers, the companies claimed in a statement.
The companies alleged that Fuss supplied free-to-air receivers to piracy dealers and provided piracy software for FTA receivers through various Web sites.
The move was the latest in a series of enforcement actions by the companies in Canada, and is the culmination of several years of joint investigations conducted by the companies.
Source:
SkyREPORT.com - Satellite Industry Daily News, Information, Data and Research for direct-to-home, DBS, C-Band, Local Channel, Broadband, High Speed Data, PVR and Interactive Television.
NDS on trial for alleged tech sabotage // 2008-04-21
Did a Rupert Murdoch company go too far and hire hackers to sabotage rivals and gain the top spot in the global pay-TV war?
This is the question a jury will be facing in a spectacular five-year-old civil lawsuit that is finally being tried this month in California but which has, oddly, received little notice from U.S. media.
The case involves a colorful cast of characters that includes former intelligence agents, Canadian TV pirates, Bulgarian and German hackers, stolen e-mails and the mysterious suicide of a Berlin hacker who had been courted by the Murdoch company not long before his death.
On the hot spot is NDS Group, a UK-Israeli firm that makes smartcards for pay-TV systems like DirecTV. The company is a majority-owned subsidiary of Murdoch's News Corporation. The charges stem from 1997 when NDS is accused of cracking the encryption of rival NagraStar, which makes access cards and systems for EchoStar's Dish Network and other pay-TV services. Further, it’s alleged NDS then hired hackers to manufacture and distribute counterfeit NagraStar cards to pirates to steal Dish Network's programming for free.
NagraStar and one of its parent companies, EchoStar, are seeking about $101 million for damages for piracy, copyright infringement, misconduct and unfair competition. The list of witnesses in the case includes EchoStar's founder and CEO Charlie Ergen; several hackers and pirates; and Reuven Hazak, an Israeli who heads security for NDS and is a former deputy head of Shabak, or Shin Bet, Israel's domestic security agency (the equivalent of Britain's MI5).
The case, which began April 9 in the U.S. District Court's Central Division in Santa Ana, California, could conceivably result in an award of hundreds of millions of dollars, although neither side is expected to emerge unscathed from testimony that threatens to expose the messy underbelly of the high-stakes pay-TV industry.
As if to emphasize this point, U.S. District Judge David O. Carter said after the proceedings began that he was concerned that the case would hinge on testimony from known lawbreakers like hackers and pirates, who have been employed by the companies on both sides of the lawsuit. The judge urged the plaintiffs and defendant to settle rather than face potentially devastating harm to their reputations.
EchoStar wouldn't comment on the case while it's ongoing, but Jim Davis, a senior analyst with the 451 Group, a market research firm, said the company isn't likely to settle.
"It gets taken very personal when your security product has been hacked," he said. "And to have a competitor do that through, allegedly, the services of a known hacker, has got to be particularly galling to NagraStar."
As for NDS, which currently has more than 75 million access cards on the market, Davis says the company probably sees the trial as an opportunity to defend against the image that it is "simultaneously promoting a product that secures networks while working with folks that work outside the law [to break networks]."
The company said in a statement to Wired.com: "We are confident our position will be upheld at a trial."
According to court documents, the scheme began to unravel in 2000 when law-enforcement agents in Texas seized suspicious packages containing CD and DVD players stuffed with more than $40,000 in cash. Parcels similar to this were being sent almost daily from Canada, via Texas, to a hacker in California named Christopher Tarnovsky, who was working for NDS as an engineer. The money was allegedly part of the conspiracy between Tarnovsky and NDS Group to sabotage NagraStar's cards.
As laid out in the allegations, NDS' hacking is said to have begun in 1997 after its own access cards were cracked and it was at risk of losing clients like DirecTV, which was being hit hard from pirates who were selling unfettered access to its system.
But rather than deal with its security breach, NDS hired Tarnovsky and other pirates who had compromised its system to help the company hack and pirate its competitors' cards and even out the playing field, it is alleged.
In addition to Tarnovsky, the company also hired Oliver Kommerling, a hacker known for writing the primer on cracking smartcards. Kommerling has acknowledged in an affidavit that he helped NDS set up a research lab in Haifa, Israel, where NagraStar's smartcard was allegedly cracked by NDS engineers.
NDS didn't hire only hackers, however. According to EchoStar/NagraStar, it also hired a handful of other people with colorful pasts who they say had a role in hacking and pirating EchoStar/NagraStar. There was Reuven Hazak, who had been deputy head of Israel's Shin Bet during the notorious Bus 300 incident (when two Palestinian terrorists who hijacked an Israeli bus were killed in custody by a Shin Bet agent. Hazak eventually blew the whistle on the subsequent cover-up).
NDS also hired a former U.S. Navy intelligence officer named John Norris and a former Scotland Yard commander named Ray Adams. Finally, it hired a former would-be terrorist, Yossi Tsuria, who became chief technical officer of its lab in Israel. Tsuria was part of a radical group of Jewish Israelis in the 1980s that plotted to bomb the Dome of the Rock -- a shrine that sits on the Temple Mount in Jerusalem, a holy site for both Jews and Muslims.
NDS has maintained in public statements that Hazak, Norris and its other security officers were hired to help it track down hackers and pirates and get them arrested. But EchoStar and NagraStar allege that Hazak and Norris played central roles in committing hacking and piracy as well.
In late 1997, NDS researchers in Israel reportedly cracked the NagraStar card after about six months of effort, using an electron microscope.
NagraStar became aware its card was hacked in late 1998 when meeting with DirecTV to discuss the pay-TV company's desire to switch from the hacked NDS cards to NagraStar's cards. But DirecTV employees surprised NagraStar at the meeting when they informed NagraStar that its cards had also been hacked.
EchoStar/NagraStar claim that NDS, aware that DirecTV was about to abandon its cards in favor of NagraStar cards, cracked NagraStar's card to discourage DirecTV from making the switch.
After NDS cracked its rival's card, Tarnovsky and his associates allegedly created and sold counterfeit NagraStar cards through a piracy site based in Canada, among others, that allowed pirates to access Dish Network programs for free. Tarnovsky is also accused of later posting on the Canadian site the code, secret keys and instructions for hacking the microprocessor on EchoStar's access cards, allowing pirates to flood the market with even more cards. He has denied the allegations. Hazak and Norris are accused of providing Tarnovsky with the code so he could post it online, but NDS maintains this didn't happen.
According to court documents, the sabotage scheme worked remarkably well throughout 1998 and 1999 as counterfeit NagraStar cards flooded the market.
It was around this time, however, that a German hacker in Berlin known as Boris Floricic, aka Tron, disappeared while walking home from his parents' home one day. He was found several days later hanging from a belt in a park.
Among his possessions, authorities found correspondence from NDS. NDS later said it had offered Boris a job, which he had rejected. Prior to his death, Boris had obtained source code and information about hacking access cards that were being used in a German satellite TV system. His friends in the German hacker group, Chaos Computer Club, were convinced that he'd met with foul play.
Although his death was officially ruled a suicide, there were enough details around it to create suspicion. Floricic's feet were on the ground when he was found hanging, for example, and other evidence suggested that his body might have been placed in the park after he died.
During this time, NagraStar wasn't the only alleged victim of NDS hacking and piracy. In 2002, the French pay-TV service Canal Plus filed a damages suit against NDS, from which the EchoStar/NagraStar case emerged. In an affidavit from that case, Kommerling disclosed that NDS had cracked the Canal Plus cards using a method he had taught its engineers in Israel. Then, he revealed, the company instructed Tarnovsky to post the Canal Plus code on the internet.
The Canal Plus suit fizzled after its parent company, Vivendi Universal, struck a business deal with News Corporation that included a condition that Canal Plus would drop its suit against NDS. This is when EchoStar joined the litigation.
Before Canal Plus's case against NDS died, Tarnovsky indicated to the company that Reuven Hazak had given him the Canal Plus code to post it on the internet. He reportedly told the French firm he would testify in the case, but later backed out, citing fear for his life and his family.
In May 2002, two months after Canal Plus filed its suit, someone broke into the car of one of NDS' British employees and stole the hard drive from his laptop, making off with thousands of NDS documents and e-mails. EchoStar/NagraStar say the e-mails provide proof of NDS' hacking and piracy activities. NDS has suggested that the e-mails might be fabricated and has battled to keep them out of the court proceedings.
NDS has denied the lawsuit allegations. The company maintains that it was simply engaging in reverse-engineering, as any company would do to understand rivals and compete in the marketplace, but that it did not distribute cards or information about hacking NagraStar's encryption to pirates.
In an e-mail statement to Wired.com, the company took a dig at its competitor's competence and touted its superior skills.
"The hacking of EchoStar was the result of inferior technology arising from inadequate investment in research and development by [NagraStar]," said the statement. "NDS, on the other hand, invests heavily in research and development ... we reinvested over 30 percent of our revenues into R&D -- and the result is that we have zero piracy and the platforms of our customers are completely secure."
The trial is expected to last at least two more weeks.
Source:
Rupert Murdoch Firm Goes on Trial for Alleged Tech Sabotage
NagraGuy faces possible jail sentence // 2008-04-18
Jeremy Corkery, known also as “NagraGuy”, was deemed in contempt of court after refusing to allow DISH Network/EchoStar and Bell ExpressVu to examine computers, hard drives, and electronic media he had in his possession. The Ontario Superior Court of Justice ruled that Corkery “deliberately interfered with the efforts of the companies to exercise their authority.”
Corkery was supposedly a well-known satellite piracy coder, and the primary officer at a company called Blue Screen Computer Services.
Sentencing is pending, and judging from the track record of other Canadians in similar situations, Corkery may be facing jail time.
Coolsat camp in disaaray // 2008-04-17
Coolsat owner Eric is in a tug a war with the coders (specially the older model 4000, 5000 and 6000 receivers), this is all about the new dongle they are trying to introduce so the receivers can be turned into IKS (Internet Key Sharing).
It looks like the coders have upper hand at this point, they are delaying / holding off the bin releases and have Eric as a hostage at this point, it looks like if Eric does not listen to them on the release of the dongle they will release the bins under different group and have most of the old receiver customers relying on them, once that is accomplished they will introduce the dongle and have all the sales in their pocket.
Let us see how this power struggle plays out.
Wednesday afternoon ECM here // 2008-04-16
The usual weekly ECM is here, reports are coming in that ViewSonic released the fix few hours after ECM, rest should follow soon.
Plastic and IKS type receiver were not affected with this ECM either.
Ariza / Incredible in trouble // 2008-04-12
It has been confirmed that Ariza / Incredible Electronics(Toronto) got visited by authorities, cube vans were being loaded with evidence and they were closed for business afterward.
It is most likely that they have been served with Anton Pillar order.
RCMP bust in NB // 2008-04-10
MONCTON, N.B. — Two New Brunswick residents are facing charges following the seizure of a large quantity of satellite TV piracy equipment.
RCMP Cpl. Marc Bridges said Wednesday the evidence seized from a home in St. Maurice suggests a commercial-level satellite piracy operation.
Police received information that led to a search Friday.
They seized computers, access cards, card programmers, software and modified satellite TV receivers.
Bridges said the equipment allows users to access satellite channels without paying for them.
Charges are expected to be laid related to the possession, modification and sale of devices used to steal satellite signals.
Thank you for the report my friend.... you know who you are.
ECM by both providers // 2008-04-09
Fixes are already out by SonicView and rest of the FTA guys will be releasing it soon.
Some of the plastic guys are reporting lost of few PPVs but majority of them went through this key change just fine, IKS FTAs did not get affected also.
:
