Take that, Little Englanders
See, this is why we need highly skilled immigrants to perform those tech jobs that local workers won't touch.
A man from Birmingham has been jailed for five and a half years for his role in a cable TV fraud. Mohammed Ali, 35, was sentenced last week for selling modified set-top boxes that can receive free channels. Three other men were also convicted of involvement in the fraud. Umar Manir, 28, was handed 18 months' jail and ordered …
"Later this month, we will introduce a new encryption process in Birmingham, which is already rolling out across other parts of the UK now,"
I wonder if this could explain the sudden inability of my TV box to pick up most of the channels I pay for, and Virgin's customer "service" rep's inability to fix it? That's some top encryption right there.
"This will protect our existing customers and make it impossible for others to take our services unless they pay for them legitimately"
I just wish they would say what they mean for once. It'll stop the thieving bastards nicking our service and doing us out of money. "Protect our existing customers" my arse..
If their customers could get service for free, they'd no longer be customers. So in that sense they're protecting them by stamping on free hacks. They're protecting customer numbers in other words and have lower overheads that they don't have to pass onto to customers. Doesn't mean Virgin won't jack up their prices for other reasons, but supporting freeloaders is not one of them.
Is to do what Sky do. Put the decryption onto a card / cam and swap it from time to time based on perceived thread. The beauty of DVB-CSA is you can have multiple encryption schemes running at once, allowing a period of transition between the two scheme, or for boxes by different manufacturers to use different crypto schemes.
Virgin could even start decking out new customers with boxes which use a cable modem to talk with a centralized crypto server. It would make cracking virtually impossible short of someone being able to brute force the CSA payload. Once computers get fast enough to brute force the CSA encryption in realtime, then all bets are off until DVB-CSA2 turns up.
I'm not very knowledgeable about such things, but if you run the old and new encryption schemes together for a short period, and someone has cracked the old one, doesn't that make it easier to crack the new one?
You've got two identical streams encrypted in different ways, one of which you know how to decrypt giving you the decrypted signal of the 2nd stream. Can't you then work backwards to decrypt the 2nd stream?
Me confoozed :(
Not really. The way crypto works in DVB-CSA is a little tricky to explain but here goes:
a) The crypto in the STB (Irdeto, Nagravision, Videoguard etc) listens for entitlement control messages in the incoming transport stream. The content of these ECMs is unique & proprietary for each crypto scheme.
b) The proprietary crypto scheme cracks open the payload and extracts a descramble key. The descramble key is just a random 64 bit number.
c) The descramble key is plugged into the CSA algorithm to decrypt the video / audio content. The key is only good for a second or so and then another one is sent.
Steps b & c) are common to every DVB-CSA implementation and a) is unique. A cable company can transition from one form of crypto or run a couple side by side, sending ECMs for both kinds of boxes at the same time. A cracker might be able to compromise a) in one scheme but it would not necessarily help them crack the others unless the schemes were related in some way.
Theoretically two ECMs for different boxes do contain the same descramble key so if you know the key from one ECM it might help you crack the other, but I expect that every scheme ensures to salt (put random stuff in and around the key) to stop this. More modern STBs also do 2-way crypto (i.e. they need a cable modem) so it's not enough to just read what's on the wire.
I don't think it will be long before someone starts selling brute force devices that simply try every possible combination of descramble key until they find the right one. Then it won't matter what crypto is in the box because DVB-CSA will be completely broken. If that happens the shit will hit the fan since you'll be able to plug a CAM of any kind into bog standard satellite / cable receiver and watch ANYTHING.
I expect at that point that Sky et al will have to replace their older boxes. I imagine their more recent boxes may be capable of DVB-CSA2 & 3. I don't know much about either but I expect the keylength and crypto algorithm is a lot stronger to resist brute force attacks.
Prior to a rewrite of the payment gateway for mobile purchase, 1 in 10 boxes shared the same decryption key due to the limited range of the code used and the cobbled together *in house* crypto (not worth the name).
After the rewrite, now *only* 1 in 1000 boxes shares the same key. Still stored on the box, but at least now they use a reasonable cypher.
Still, the code only protected some really crap games so *shrug* not so big a deal, still if you're going to implement crypto then use a cryptographer and do it properly.
"Mohammed Ali, 35, was sentenced last week for selling modified set-top boxes that can receive free channels."
They're free - what's the problem? Even if you stop paying for VM services, you can still receive free to air channels using the cable network. At least that was how it used to work. Receiving non-free channels, now that's a different matter...
"CY4OR, a digital forensics consultancy, compiled crucial evidence to prove the set-top boxes had been illegally modified."
It is NOT illegal to modify them, just against the Ts&Cs of connection. There is the problem of ownership of course, but (IIRC) the rules on abandonment comes into play here - if you have an old STB and tell inform Virgin Media that you have it and they need to arrange to recover it and don't, within a certain amount of time it's considered yours.
The boxes were not modified to view the free channels... you can get those already without any kind of subscription. They were modified to view the premium channels (I.E. Sky Sports) for free.
Also, in my experience, modified boxes have not actually been Virgin Medias own boxes. They have been third party DVB-C boxes that anyone can buy that have been modified. I believe this is completely legal because you can do whatever you like to a box you yourself own. What is not legal is plugging this into a cable connection as it will break the T&Cs of the connection.
Exactly what they got arrested and convicted for is not mentioned in this article. I'm guessing that the law new that these guys were responsible for a large number of "modded" boxes on the market, but jailed them under other criminal acts.
5 and a half years for stealing cable TV!!!
Should have tried mugging old ladies with violence. He would have only got 20 hours community service from our "World Class" justice system.
You can see where the priorities of the British Legal System lie with this case.
If you rob peoples home , assault innocent people or make peoples lives a misery you get a slap on the wrist.
BUT...
If you dare to steal from a big corporation like Virgin Media the whole weight of the law is brought to bare.
No surprise is it really, there are loads of examples of dumb justice in the UK. Probably all reported here, like the guy who got arrested for arms possession - Lara Croft Cutout, or the old man who put razor wire on his fence to stop a repetetive burglar and was convicted and had to pay the burglar damages.
The only reason cracked STB's are useful is for sports and that's not going to last long with new boxes that talk to servers changing keys every couple of hours.
Just build/buy a cheap XBMC/BOXEE/MythTV box and get a much better range of TV & Films than Virgin or Sky provide.
PS. For all the good stuff (ie reason people are chipping these boxes) you'll need a certain plugin.
Happy
MythTV does not condone piracy. In fact it's actively discouraged, the project has no wish to be associated with thieving bastards.
MythTV is for legal recording of television and viewing/listening of media you have legally purchased.
The project cannot control what third party plugins are created unfortunately, that's the nature of open source but go use XBMC if you want sympathetic treatment.
"Mohammed Ali, 35, was sentenced last week for selling modified set-top boxes that can receive free channels"
"The group were arrested in 2008, when 2,000 illegally modified set-top boxes were found during police raids..."
So had he sold them, or did he still have them? Or did he have some left and had sold others? Did he keep VAT receipts? Is that how they knew he'd sold some?
You could claim that he had 2000 left, so he must have sold others, but is suspicion now taken as fact in British courts?
Just extract the key from the memory of a single hacked box with a full subscription to every channel and share that over the internet in real time to the owners own HD Cable boxes.
The areas are making the switch one by one so it's possible Birmingham is just going over.
You gotta love the ironic situation... if it was not so sick it would be funny. The crazy difference in sentence between these guys and convicted rapists is just unbelievable.
Equally odd (though far less shocking than the physical violence convictions I agree) is the difference in what Virgin Media think they are allowed to do and what these guys have been imprisoned for.
VM have a web page on their corporate website dedicated to the news that they continue to believe it will be ok and legal to intercept the private internet data stream of their customers in order to sell the data for behavioural marketing... Contrast THAT with some guys enabling the free use of their data. Meanwhile, over 700 days since the Crown Prosecution Service started looking at evidence of BT Group's Phorm Webwise trials... And because it is so complex (really?) they still have not made a decision. Incapable of saying they will or will not prosecute the company for using the private data of thousands of their customers without telling them.
It really is a very odd, odd (and corrupt?) world when the above happens.
Typical. Sling him in the slammer so that the taxpayer gets the privilege of paying for his upkeep.
Why couldn't they just make the punishment fit the crime? Locked room. TV on the whole time which he couldn't control. Full monte of Neighbours for as long as it takes. Let him out whimpering when the series ends. Cheap, cheerful, does the job.
It looks like this has happened before....
Take a look at this tragic story. This guy was jailed by Virgin Media for 6 years a few months ago for exactly the same thing. Poor guy might not make it with his life.... it seems that they weren't content with banging him up, they wanted to let him rot as well.
Seriously, 5 years for the boxer, 6 years for the guy who is fighting for his life.. someone tell me how this is even handed justice? Are we sure Virgin does not have an army of secret coppers and judges getting fatter by the day?
Don't dare complain on their helpline that you lost a channel or two... they might come after you!
http://www.ipetitions.com/petition/justiceforimrankhansia/
I think 5 years is a fair sentence assuming they have been selling hundreds or thousands of these boxes. They took the risk, they failed or got greedy and now they pay. Nice to see a sentence given out that might make others think twice before filling the new gap in the market.
It might even reduce the amount of smug gits on benefits on council estates bragging about how they get free cable and how they got their gas cooker fitted for free by claiming they could smell gas and all the other scams they learn about down the pub while the rest of the world is out working.