SATELLITE PIRACY CALLED INEVITABLE WITHOUT NEW SMART CARDS
Canal Plus lawsuit accusing NDS of hacking encryption for its pay-TV smart cards is exposing unwelcome news for broadcasters: There now is too much skill in too many labs worldwide, and too much information on Internet, for any conventional smart card system to stay unhacked. Encryption experts said if broadcasters wanted to protect their programming and revenue, they might have to switch to smarter smart card that automatically eliminated data if attempt were made to hack it.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
In lawsuit against News Corp.’s NDS, Canal Plus alleged that lab in Israel working for NDS obtained antipiracy software called UserROm from Mediaguard smart cards by “electrical and optical examination,” packaged it as compressed file called Secarom.zip and gave it to Web site called DR7.com. Once file was published it was copied by dozens of other sites, enabling pirates to use code to make counterfeit cards that give viewers free access to programming, Canal Plus said. Company sued NDS for $1 billion last month in U.S. Dist. Court, San Francisco, under Racketeer Influenced & Corrupt Organizations Act, Copyright Act and Cal. Unfair Competition law. Canal Plus, owned by Vivendi Universal, said it chose Cal. venue because Mediaguard codes were given to Web site there. NDS has called suit “outrageous and baseless” and said it planned counterclaim.
Many Web sites carrying Mediaguard hack have been shut down, but Canal Plus said it was too late. “The horse was then out of the box,” Canal Plus Exec. Vp Francois Carayol said. Company now will replace 13 million legitimate cards in more than 12 countries, including U.K., France, Italy, Spain, Poland, Benelux nations, Malaysia. Changeover is expected to be completed by year-end, Canal Plus said.
Canal Plus’s Mediaguard and NDS’s Videoguard work on same basic principle. So far, Videoguard hasn’t been hacked but NDS said it was possible. Canal Plus said hack needed “expensive machinery” and “sophisticated and well-funded effort.” Pay-TV services scramble signal before transmission so it can be viewed only when control keys in broadcast signal match keys permanently embedded in receiver and temporarily stored in smart card. Broadcast keys change every 2 sec. and if smart card has been authorized by payment of subscription, card keys keep in step. Each smart card has unique number and every month broadcast signal carries new batch of codes that replace those stored in card. Software in card prevents new codes from being stored in cards with numbers that don’t match up to list of paid subscriptions.
Even NDS concedes hackers will crack system eventually. “All smart cards can be hacked if left in the field long enough, which is why NDS’s business plan calls for periodic replacement of cards,” NDS CEO Abe Peled said. “NDS also designs its system to permit electronic countermeasures to be sent over the air to disable counterfeit cards.” He said hack of Canal Plus system was due “solely to the inferior nature” of its conditional access technology and “the failure of its business plan to contain measures to protect against piracy and its failure to deal with piracy once it began.” Cambridge U.’s Tamper And Monitoring Protection Engineering Research (TAMPER) said long-term solution to hacking was for pay-TV industry to switch to smart card with RAM and onboard battery so stored data could be erased automatically before hackers had opportunity to steal it.