Satellite TV Hacker Tells His Story 160
Wired is running a story about Christopher Tarnovsky, the man who was accused of working for NDS, a company owned by Rupert Murdoch's News Corp., to sabotage a competitor's satellite TV system. Wired had a chance to speak with Tarnovsky and get his description of how the smart-card hacking war developed. Quoting:
"Tarnovsky, who was known online as 'Big Gun,' says Ereiser offered him $20,000 to fix cards that were killed by ECMs, and he agreed. Each time NDS created a countermeasure, Tarnovsky would analyze the code and find a way to circumvent the countermeasure. He did it while working full-time as a software engineer for a semiconductor company in Massachusetts. 'I'd be at work and I'd check the IRC (channel) to see if they'd launched their Thursday countermeasure yet,' he says. 'It was like a chess game for me. I couldn't wait for them to do a countermeasure because I would counter it in minutes.' It wasn't long before NDS came courting. Tarnovsky had a contact at the company to whom he'd begun passing information about holes in its software, even supplying patches to fix them."
Motivation (Score:5, Insightful)
Accountability? (Score:1, Insightful)
Re:Accountability? (Score:4, Insightful)
Re:Motivation (Score:5, Insightful)
Oh yes, as if DRM is unbreakable! One quote that I have heard (don't remember where) but it was "The only DRM that doesn't get cracked are the ones that no one cares about the content on them". Just about every DRM scheme known to mankind has been broken in some way or another. Honestly, the less DRM/locked-down-content we have, the less problems you have and the less people are going to be out to crack/hack it (just look at the PS3, because Sony made installing Linux on it very easy, there has been a smaller effort to crack it compared to say, the Wii)
Re:Accountability? (Score:5, Insightful)
Re:Accountability? (Score:4, Insightful)
Re:Motivation (Score:5, Insightful)
Additionally, with the arms race comes better code, not simply for the DRM, but for the operating systems and applications that work with the content. It is indeed evolution of both content, DRM, and code in general. The arms race in this case (not that of nuclear arms) is the catalyst of evolution, and betterment for all users in the long term. I would never call such hackers bad, simply the opposite side of the DRM coin that MUST exist, as without it, the other side cannot exist either.
Try keeping all the coins in your pocket/drawer/whatever so that you only ever see the heads side sometime. It's far easier to just allow any side to show in it's turn. It kind of makes things like pockets, coin purses, piggy banks work well.
Re:Accountability? (Score:3, Insightful)
Re:Accountability? (Score:5, Insightful)
Re:What an arrogant douchebag (Score:2, Insightful)
Re:The Video Shows the Holy Grail of Sat Hacking (Score:5, Insightful)
Re:Motivation (Score:5, Insightful)
Re:Motivation (Score:3, Insightful)
Well, DRM on ephemeral data isn't untenable. You don't really have to make it unbreakable. You just have to make it take long enough that you can't break it on the fly. Most people aren't willing to watch TV on a five minute delay while their computer queues up the encrypted data and attempts to determine the keys....
Unless, of course, your goal for DRM on the ephemeral data is preventing people from recording it... in which case, yeah, it is just as untenable for ephemeral content as it is for any other content....
Re:Motivation (Score:5, Insightful)
Economically, there are two trade-offs in DRM:
1. the cost of the hardware manufacturer to implement the DRM scheme, compared to the cost of the content he's trying to distribute
2. the cost for the DRM wannabe hacker (cracks, mod chips etc.), compared to just buying a legit copy.
There's no logic fault in saying that, for a certain type of content, with a certain cost, these two tradeoffs allow a DRM system to survive. That is, to cost small enough to implement as to not increase the cost of the content significantly, and high enough to circumvent, that the users rather pay than circumvent. This is not the same as "unbreakable", especially for the types of passionate hackers like Mr. Tarnovsky, but that's irrelevant.
Note that the 2. cost can benefit tremendously from an economy of scale, if it's enough for a single user to circumvent and distribute to all others. For example when the content is in a platform independent format (distribute decrypted music), or when the DRM system is implemented in software (distribute software crack).
This is not the case with, say, live High definition TV. Maybe someone can hack his topbox and have unlimited access to live Sports coverage, but he can't feed that content to me fast enough to be useful. So I need to hack my own topbox, and that could cost much more than the subscription to the sports channel.
Also, this is not the case with a console game, where I need, again, to perform my own hardware hacks. A mod chip costs significantly today, and when the GPU, CPU, RAM and DRM chip will be integrated on a single dye, a mod chip will be impossible, and one would need to hack his own silicon.
Re:Accountability? (Score:3, Insightful)
Re:Accountability? (Score:3, Insightful)
Anyway why bother so much about Paris Hilton?
How about George Bush - anyone actually remember the WMD claims? There are lots of people dead because of him.
Or Diebold - anyone remember those voting machines? The best democracy money can buy
Now that's what I call getting away with it.
uh, this is a PR fluff piece (Score:1, Insightful)
What makes this guy unique is a complete lack of loyalty - he works for the highest bidder, and even then is ready to stab them in the back when his contract is complete. He's analogous to a lawyer- knowing that both sides are equally corrupt, he can take advantage by selling his services to both sides, so that no-one ends up any better off at the end. Except Tarnovsky.
The one application-specific challenge here is removing the "security layer" without ripping apart the layer underneath. But given that this guy's outstanding skill appears to be social engineering, I'd say it's more likely he had access to insiders who developed the chips and could advise him on what they used in failure analysis.
The only moral of the story here is that an arrogant, ethics-free mercenary with access to any tool he pleases is given way too much admiration in the twenty first century.
Re:What an arrogant douchebag (Score:2, Insightful)
Re:Motivation (Score:3, Insightful)
I sometimes wonder if turning a bit of a blind eye to the console mod chip market is in the interests of the console makers. If they are selling their consoles at an outright loss (which they allegedly do initially) then obviously they are losing money if people are copying games rather than purchasing them, but eventually the manufacturing costs come down enough that this isn't true.
How many less people would have bought a ps/ps2 if there wasn't a mod chip available for it? We have a ps2 which isn't modded, and most of the games we have bought have been really cheap and/or included extra hardware (sing star, buzz, etc). But, we bought that after the ps3 had been out for a while so it wasn't really expensive.
I guess the question I have is, if Vendor A released a console with completely solid state unhackable DRM, and simultaneously Vendor B released a console with no DRM whatsoever, and both consoles were otherwise pretty much equal in terms of features, who would 'win'? More people might buy B because they can illegally copy the games, but the game developers might develop more for A for precisely the same reason... but if there would no good games for B then nobody would buy it, but if nobody was buying A then the developers might not bother with developing games for it... it would be an interesting race to watch