Dish Networks at 61.5W crushed too

Nagra2 present times are very hard. Dish Networks (NA TV provider) has been replaced the Nagra1 cards, due its massive hacking, a few weeks ago and now the new ones are hacked too. The so called ROM 101 present in Dish Networks too seens to be the "hole" in the security system.

Now the questions are two. The first how the providers will stop the "piracy", the providers should start a war of countermeasures that the hackers will try to rebate. And in second place, will the providers complaint Kudelski (Nagravision designers) about this security flaw ? If they takes legal actions agains this company it could end with this company engineers asking for some money in the streets. Whichever they take legal actions or not the image of the "biggest TV security provider around the world" is seriously damaged. I'm quite sure that the Murdoch guys at the NDS headquarters are opening some bottles of champagne.

First reaction from Digital+ to the Nagra2 hack

Today Digital+ has removed the Nagra2 ECM stream (on Taquilla channels only) broadcasted over the Astra 19.2E, this way they protect the access to the football (soccer for the US friends) on this satellite which carry the big amount of clients (around 4 to 1). On Hispasat nothing has changed.

Update: All channels on Astra 19.2E are removing the Nagra2 stream, in a few hours no D+ Astra channel will be decrypted with the Nagra2 hack.

Nagra2 hack, spread like powder

The Nagra2 hack is being spread like powder, today a lot of emulators are being released. I saw at least 3 decoders, 1 PCSAT public plugin and 2 PCSAT non-public plugins. The reason for this fast spread is that the routines used in the Nagra2 internal operations are standard RSA+IDEA ones. The RSA routines were originally coded for Nagra1 support (in example) and the IDEA one is quite simple to be implemented from scratch as it does not need a complex math.

Now descrambled ECMs are being exposed, its internal structure is mostly unknown except the control words definitions. Their format makes me think that the next movement from Digital+ will be to activate the MECM or a similar technique because the control words have a "free" byte which seens to indicate a possible extended encription activation.

If you want to write your own "descramble" routine, the public explain about it is almost "perfect" and clear, you can follow it without too much problems.

Digital+ hacked ? Yes, hacked.

I was able to see the "supposed" decoder descrambling the Nagra2 stream on Digital+ ten minutes ago, so I can say yes, it has been hacked. The decoder was not attached to any kind of card sharing system, nor any card in the slot; in fact it was programmed with the "new" firmware minutes ago.

Digital+ hacked ?

The last days a strong rumour about Digital+ (Spanish satellite platform broadcasting in Nagra2 and "Nagra2 over SECA" on Astra 19.2E and Hispasat 33.0W) being hacked using a good known brand programmable decoder. Is it true ? In the past there was a lot of this rumours (a friend of my son see a hacked channel in a friend home,....) none of them was reliable, but this one seens to be true.

I do not have the supposed decoder needed to hack the Nagra2 Digital+ stream, so I can not verify it, but many respetable people says that it is working.

If this hack gets confirmed in the next days it will jeopardize the global Kudelski Nagra2 streams around the world (currently Kudelski is the market leader in Digital TV conditional access systems after the buy of Canal+ Technologies and its SECA system) which will include the new USA ones (Bev and Dish) and the german Premiere ones. Will this mean that USA ones will be hacked ? No, but historically when a system exposes a flaw this flaw will be used to expose another flaws generating a reaction chain in code exposure and finishing with a complete card dump (Game Over).

Exposing the facts in the rumour, the hack attacks ROM 101 in Nagra2 streams provider ID 4101; this means that both satellites (Astra 19.2E and Hispasat 33.0W) are covered by the hack as some days ago Digital+ starts to broadcast the Nagra2 stream over the Astra satellite too, in order to allow new clients to use the Astra satellite with the Nagra2 decoder (seens that old SECA decoders are no longer manufactured).

Next days will be very interesting, will the provider react patching the current Nagra2 cards, changing its revision, will it deliver new Nagra2 cards ? The last days of this summer will show the strong of millionary security inversions.