If you look at history you can learn things.
It is possible that these revision updates may have hidden meanings beyond the provider just trying to lock you out of the cards.

Take a look at this press report titled “Toasting the crackers” from January 2001 and see if there are any similarities.

hxxp://news.bbc.co.uk/1/hi/sci/tech/1138550.stm

I’m not saying the same exact thing is happening now, but a wise man once said, “Those who cannot remember the past are condemned to repeat it”

Just thought you folks might find this interesting.

Here is a small snippet from the article:

************************************************** ***************************
Over the last year, DxxxxxTV has been regularly sending small chunks of computer code out to smartcards. To stop them being remotely disabled, many cracked cards would not accept the data being sent out by DirecTV. But without updates, cards will no longer provide access to shows.

Hidden purpose

So crackers found ways to put the code updates on pirated cards and initially thought the regular updates were just meant to annoy and inconvenience them.
But on 21 January, the real purpose of the updates was revealed. Together, the seemingly unrelated chunks of code created a program that DirecTV used to zap the hacked cards.
The program put the card into a loop that made it impossible to update and change. Satellite card hacking sites on the web reported that the last few bytes of data had been changed to read "Game Over".

Jesus, that was a long time ago. but I do not deny that this is what is happening.

I found a better description of that dark day. I did not write these words below the *****s, but stole them like an encrypted signal right off of the internet. :)

This is for those of you that have not been around long enough to remember this dance. If I were working for a smartcard security company, I would definately use this success story as a sales tool to get the provider execs to buy into the idea of doing it again and paying me to make it happen. Hard to argue with this kind of success wouldn't you think?

Although I am not sure if this little story is 100% accurate in every detail, I am sure that this is pretty much what happened. I remember it going something like this anyway.

As I remember it..... when this happened, one of the most trusted people to go to for advice was.........yup............MILI
I remember it as if it were a meal ago....

We know now that this was NOT the END OF DAYS for all testing as it was touted to be, but man.....it was sure a hard kick in the balls to say the least.

************************************************** *****



"One of the original smart cards, entitled 'H' cards for Hughes, had design flaws which were discovered by the hacking community. These flaws enabled the extremely bright hacking community to reverse engineer their design, and to create smart card writers. The writers enabled the hackers to read and write to the smart card, and allowed them to change their subscription model to receive all the channels. Since the technology of satellite television is broadcast only, meaning you cannot send information TO the satellite, the system requires a phone line to communicate with DirecTV. The hackers could re-write their smart cards and receive all the channels, and unplug their phone lines leaving no way for DirecTV to track the abuse. DirecTV had built a mechanism into their system that allowed the updating of these smart cards through the satellite stream. Every receiver was designed to 'apply' these updates when it received them to the cards. DirecTV applied updates that looked for hacked cards, and then attempted to destroy the cards by writing updates that disabled them. The hacking community replied with yet another piece of hardware, an 'unlooper,' that repaired the damage. The hacker community then designed software that trojanized the card, and removed the capability of the receivers to update the card. DirecTV could only send updates to the cards, and then require the updates be present in order to receive video. Each month or so, DirecTV would send an update. 10 or 15 minutes later, the hacking community would update the software to work around the latest fixes. This was the status quo for almost two years. 'H' cards regularly sold on eBay for over $400.00. It was apparent that DirecTV had lost this battle, relegating DirecTV to hunting down Web sites that discussed their product and using their legal team to sue and intimidate them into submission.

"Four months ago, however, DirecTV began sending several updates at a time, breaking their pattern. While the hacking community was able to bypass these batches, they did not understand the reasoning behind them. Never before had DirecTV sent 4 and 5 updates at a time, yet alone send these batches every week. Many postulated they were simply trying to annoy the community into submission. The updates contained useless pieces of computer code that were then required to be present on the card in order to receive the transmission. The hacking community accommodated this in their software, applying these updates in their hacking software. Not until the final batches of updates were sent through the stream did the hacking community understand DirecTV. Like a final piece of a puzzle allowing the entire picture, the final updates made all the useless bits of computer code join into a dynamic program, existing on the card itself. This dynamic program changed the entire way the older technology worked. In a masterful, planned, and orchestrated manner, DirecTV had updated the old and ailing technology. The hacking community responded, but cautiously, understanding that this new ability for DirecTV to apply more advanced logic in the receiver was a dangerous new weapon. It was still possible to bypass the protections and receive the programming, but DirecTV had not pulled the trigger of this new weapon.

Sunday night, at 8:30 pm est, DirecTV fired their new gun. One week before the Super Bowl, DirecTV launched a series of attacks against the hackers of their product. DirecTV sent programmatic code in the stream, using their new dynamic code ally, that hunted down hacked smart cards and destroyed them. The IRC DirecTV channels overflowed with thousands of people who had lost the ability to watch their stolen TV. The hacking community by and large lost not only their ability to watch TV, but the cards themselves were likely permanently destroyed. Some estimate that in one evening, 100,000 smart cards were destroyed, removing 98% of the hacking communities' ability to steal their signal. To add a little pizzazz to the operation, DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".

Good post Ohms, just remember, those serious packet errors will come back to life soon.

I just hope the boy with his finger in the dikes gets tired

Why yes seaboard. I have actually been watching for that since you told me about it. I saw a couple of posts that talked about HBO and the screen going all white, followed by a reboot, but I have not actually seen it myself. I am not logging right now, and probably wouldn’t understand ¾ of what I would be logging anyway, but there are many things that point to a repeat of black Sunday in our not too distant future. That’s my opinion, and is not based on any super technical analysis.

I saw a post by Hexcellence the other day that talked about something to the effect of us not being able to run a blocker soon because the eeprom code would be used for hash (currently its map) and if you had foreign code on the eeprom, it would fail. This sounds a lot like a counter measure to me. Probably just enforcement prior to the full launch.

I think things will get VERY interesting here soon.

But if you remember black Sunday, then you also remember boot loaders.

You could say, where there is a will, there is a way. Often, but not always. Stay tuned.

here's an even older testing story
From Wired, 1994
takes place in the Bahamas!
see if you recognize anybody lol

hxxp://www.wired.com/wired/archive/2.08/satellite.html

First of all that ecm was easily overcome with a bootstrap.
Ask Mili he sold them.
Looping/locking the old cards has nothing to do with modifying today's algorithm to work with fta cardless solutions.
You have a lot of reading to do.
But it's all history - so forget about it and wait for a fix. Cheers.

On oneside dish is working on eliminating fta. and older card methods on the otherhand expect more serious ecm activities to the yellow cards

0,
I spend several hours a day reading on this stuff, but you are correct. We can all benifit from reading more. I can assure you that I am not waiting for a fix.

Ohms,
REAL interesting stuff....I am farely new to this testing hobby, so, I was not aware of all that history...it does give me a new perspective on things to come....good stuff...hope you keep posting more....

Ohms,
Glad to hear you are taking some serious steps. I'm not a doom & gloom type person, but I can see further than whats in front of me. With my limited logging ability, I saw something a month back similar to what you are describing.

You have a lot of reading to do.
But it's all history - so forget about it and wait for a fix. Cheers.

lol
If you think someone like Ohms has "a lot of reading to" that spells big trouble for most of the rest of us....by comparison we're still struggling with Goodnight Moon and Hop on Pop lol
and you by comparison should be releasing your own private fix(es) shortly, yes?

Why yes seaboard. I have actually been watching for that since you told me about it. I saw a couple of posts that talked about HBO and the screen going all white, followed by a reboot, but I have not actually seen it myself. I am not logging right now, and probably wouldn’t understand ¾ of what I would be logging anyway, but there are many things that point to a repeat of black Sunday in our not too distant future. That’s my opinion, and is not based on any super technical analysis.

I saw a post by Hexcellence the other day that talked about something to the effect of us not being able to run a blocker soon because the eeprom code would be used for hash (currently its map) and if you had foreign code on the eeprom, it would fail. This sounds a lot like a counter measure to me. Probably just enforcement prior to the full launch.

I think things will get VERY interesting here soon.

But if you remember black Sunday, then you also remember boot loaders.

You could say, where there is a will, there is a way. Often, but not always. Stay tuned.

Hi Ohms,
I would like to read that post, if you don't mind, could you either post the link to it or c|p it here. Over the years I have seen a great deal of eprom related problems that cause strange events in television sets. However I understand that much of what I have seen is not directly related to the problems associated with an ecm such as what has been described here. Corruption of data and error codes are not new to me when dealing with television sets. Dealing with digital satellite receiver eprom and destructive code getting introduced is interesting.

In a television, I don't have a tsop to deal with that could be destroyed with malicious code. Past incidents did not cause irreversible damage to IRDS. However, because new types of threats are continually emerging there is that possibility in the near future.

There is problems starting to surface now even with a real rom 102 being revised from Ver.107 to 108. Maybe I'm wrong, I have been wrong before but I think a little back tracking may be in order soon. Too many looped cards are beginning to surface. I'm just an old dumb tv repairman, what do I know. I may have brain damage from back in the days of the vacuum tubes, from being shocked so much.

good read guys and boy do i remember. good thing was i was out of town and cam pulled :)

woods

There is no doubt I spend WAY too much time on this stuff. I am not one of the really smart guys though. There are some amongst us here and over at that OTHER site. :)

We all owe thanks to no1b4me without whom we probably would doing other things and paying full price. Thanks alsouthster. I really enjoyed that wired dot com link above you posted. I read every word of the 19 pages.


Seaboard, here is the post link you asked about.

http://www.dssftp.com/forum/t61514-dish-working-with-romcode.html

It's just a quick comment, but when this guy talks, I listen. Not many smarter.