All - I copied this info from another thread in another site so not my own info. Apologies if this is repeated anywhere on this site but I just wanted to share the news so to speak. As always there's no way to confirm everything described but it's certainly some interesting reading & what can be expected with N3: Question; so how long will it take? Well the question really is: will the information be leaked as it was for n1 and n2. I guess that might depend on how much money one or more companies are willing to pay for it. It is very unlikely this information will be leaked again. This is unlikely as value and sensitivity of the information is well known now, and the appropriate security departments will work to prevent this information from being leaked. It is possible that the information will never be leaked, preventing a n3 crack for several years. Why so hard? n1 and n2 were hacked? Why not n3? The best answer to that, is because of a loss of talented hackers. The number #1 hacker in Europe has been hired by the company that owns the makers of nagra3 encryption system. Who is that you ask? Well let’s review a little history for the answers. One of the best n2 hackers was Chris Tarnovsky, the founding member of the Black Hats. The Black Hats are a German hacker group that showed many of the world’s hackers just how to break into the card’s security systems. But now he has been hired by NDS, the company that hacked Nagra 2. This is a good reason hackers in Spain/England and the Eastern Block's have not been able to break into the new Video Guard/Europe encryption system for the last two years. The video guard encryption system used in Europe is different than the encryption system used here in the states with ***/dn, but the info needed still remains the same. NDS took 6 months trying to break into the n2 cards, but it wasn't until Tarnovsky was paid 6 figures that he broke the cards down in less than a week. This blew away NDS big-time. The information Tarnovsky retrieved from the cards was used by the coders to write MAPCALL codes for new BIN files. This took about 5 to 6 months to complete. Now coders have several more tools to use in writing bins, this makes it a lot faster and easier to write bins now. This is why we have new BIN files released in matter of hours not month's or week's nor even days. Most files today are written on a complier within minutes and released to the general internet within 2 to 4 hours. Now let me give you a little history lesson "Rupert Murdoch" owns dtv and NDS, a subsidiary of the media group news corp. This company is setup for the purpose of hacking dn n2 cards, and was setup in 1999 in Israeli for the purpose of hacking and releasing the codes over the internet. Why? Well, because he and "Charlie Ergen" the owner of DN tried to merge both their companies twice once in 1997, and again in 2000 and the FCC forced them to stay apart. Why? Because of what many call "Capitalism” or we might call "free market". The government refused to allow the merger saying it would create a monopoly. Dtv and dn have been in a lawsuit since 2002, which is just now in a federal court in California. Dtv and dn have been fighting between themselves. This is the reason Dtv hacked and released the n2 codes to hurt dn. Why? Well because Rupert Murdoch does not want DN to have a greater market share of satellite tv industry in the US and that pretty much says it all. Now back to who writes Nagra Encryption System? A Swiss corporation called Kudelski Group and Echostar(USA) equally own NagraStar who are the producers of the dn Nagra Encryption System, and have invented all 3 (n1,n2, and n3) Nagra encryption systems variants used in the North American market. I'm absolutely positive that until the private CW codes are known, the coders are not going to be able to break the n3 security encryption. To progress further the hackers must be successful in peeling away the 3 extra layers of silicone in the G3 security chips. This can be accomplished using a powerful electron microscope and several different acids and lasers, to get to the final precious bottom 3 layers of the Kudelski chip where all the precious codes are hidden. Only the best hackers (engineers) have the ability to do this type of work. So please do not think for one minute that any “back yard” computer “guru” hacker can break this type of security system, I’m sorry it just isn’t going to happen. “EVER” So what some of us do know is that without Chris Tarnovsky techniques that allowed him to break open chip cards that block access to pay TV the whole world would still be without a crack for satellite tv. Is there hope for us yes! Of course, it is always possible. Hackers are working on this problem now out in the hundreds of labs setup in different countries . But remember they have to have do several things, first access to G3 cards, unissued cards open and clean meaning; cards that have not been imbedded with maintenance access codes, and user access codes used to track the customer uses of this system, PPV Events, PPV Movies, p0rn and so on. This is very important and requires someone from the inside of the manufacturing department, of the (SI) department itself. But this is not likely to happen with that amount of screening done by the company’s for their personal. And that each person has to allow the company into their lives, banking records, and life styles. So how long will it take before any group of coders have a fix for n3, well depending on the amount of info on the new G3 cards they might have to run on a complier for several days, or using (banks of compliers) for several weeks. It’s still unknown the amount of new process in the map codes used on these new chips. Estimate run all over the place so nobody actually knows for sure, best guess is 6 months to a year before the info needed becomes a new file for release. So what are the FTA manufactures doing about this? This is where we are now, it is possible some manufactures have already hired hackers or paid hackers to break into the G3 encryption systems. Some are still under lawsuits now brought by echo star and dn and may not be doing anything at all. I would bet you a hundred to a dime that’s a 1000+1 odds that “if and when these codes” are broken and released on the internet we all will know it the same day. And on that day I bet the coders will start working on the solutions to n3 problem A.S.A.P So until the whole internet is busting out with this info "HACK" we will be in the dark. That’s just a fact of life. Whether this is good news or bad doesn’t matter to me, it’s just the truth about where we stand right now. I hope this has at least helped explain things a little more "this is not a rumor" nor perdition.
Yes but I expect in this case the all important code etc will be very closely guarded/protected with no unauthorised access. That's if they've learned anything from their N2 rollout & you'd have to expect they have learned.
hi guys so this could be the end i say could be no one knows for sure but if it is . is it worth our while going to satellite dish is it cheaper ,once off payment or will they crack that to
this is from a site in November 2008. I don't know the man Tarnovsky, but would I like to - yes - someone with more brain power than the average man - and what I like - the challenge I thing he gets from it, but I am only conjecturing - from a website somewhere ---------------------------- 1st c&P: Tarnovsky In Action! C/P Chris Tarnovsky was recently fired by NDS and his job application was rejected by Nagra. Hmmmm...the foremost smartcard XXXX disturber or 'software engineer' as he prefers is unemployed and has a lot of time on his hands...I wonder what that will mean for d*sh/DTV? Maybe job security for me? Here is Chris at work. He make nice video for us! (not a live link) Code: hxxp://www.wired.com/politics/security/news/2008/05/tarnovsky?currentPage=all This time I order 'super strong', impenetrable security mesh on top of smartcard substrate and other security goodies including anti-glitch voltage mechanism, anti-glitch ground mechanism and anti-clock modulation thwarter ...hmmm...lots of tasty goodies for Chris. 2nd c&P: N3 wont be a problem c/p taken from a news release from the netherlands.... Manufacturers of semiconductors claim that their chips are inviolable. Companies that integrate them into their products rely on the specifications provided to them. They think that their secrets will be well guarded. That is not true, of course. " Christopher Tarnovsky uses HydroBromic acid to eat away at the passivation layers and doping guns to cut/add traces to a working IC. And to submit photos of his laboratory, fitted with equipment he used for a few thousand dollars. At the center, a powerful Zeiss microscope to enter the heart of the chip which are hidden the precious codes. The successive layers of silicon are revealed with acids and lasers. The engineer then explained how he took control of the map by bypassing its protections with long microscopic needles. Within minutes for the weakest, a few hours for the best-designed, the contents of the card opens 9 times out of 10 these assaults. NOTE: there was a mistake in the story, it's not HydroBromic Acid used, it's Hydroflouric Acid, which is more on the right track when dealing with delayering the uController, HNO3 is whats used to decapsulate the uController from its package,, 3rd c&P: Tarnovsky on N1-N2 switch, his thought on N3 Christopher Tarnovsky used to work for D*v years ago .. he was paid by d*v to hack the nagra1 card and he did so .. he now has to appear in court to answer to the aligations about hacking the nagra1 card .. d*sh is sueing d*v for millions of dollars and this case continues .. however he did not come up with the map57 fix .. thats another court case coming up with viewsat using a north american coder (name not released at this time ) that sold the fix to viewsat for $750,000. The nagra3 card is being used in europe already and has not been publically hacked yet .. but Tarnovsky says the chip is not as secured (wonder how he knows that? ) as nagra claims it is and quote " it will fall " money will get the nagra3 hacked 4th c&P: Tarnovsky on Paid Access Systems NOTE!: this story part is an old one, but I thought it fit NICELY in with the rest of the info, for those that aren't aware of the back story can get caught up a bit c/p Quote: Christopher Tarnovski's website: Translation PAID ACCESS SYSTEMS. A key witness in the court case opposing the Swiss group against the media giant News Corporation was passing by in Amsterdam, attending a conference on computer piracy. We met him. François Pilet, Amsterdam Saturday, March 29 2008 The audience is glued to the lips of Christopher Tarnovsky. In front of a podium of hackers and security specialists - with an average age of 25 - the self-taught electronics specialist revealed the techniques that allow him to break open chip cards that block access to pay TV chains in the whole world. The scene takes place in the Mövenpick hotel in Amsterdam, where the European edition of the Black Hat conference was held Thursday and Friday last week. This is one of the prime professional meetings dedicated to computer piracy. Among the twenty or so speakers invited to this big get-together, Christoper Tarnovsky talked for more than one and a half hour in the "Lausanne" room - a sign of destiny (Tr. note: Lausanne is a Swiss city close to the headquarters of the Kudelski Group). Employed by NDS The 39 year old American is accused of having been recruited in 1999 by the Israeli company NDS, a competitor of Kudelski, to break the security codes of Canal+ (French Pay TV) and publish them on the Internet, and to have repeated the operation, to the detriment of the Swiss group and its clients. The publication of these codes allowed hundreds of thousands of savvy users to access encrypted TV channels without paying the subscription fees. The American satellite TV company Echostar also uses Kudelski cards to protect their content. They confirmed having lost hundreds of millions of US dollars due to these pirate activities and demand one billion US$ of damages from NDS, a subsidiary of the media group News Corp. This April, Christopher Tarnovsky will take the witness stand in a California court in defense of NDS, his employer for ten years following 1997. According to him, Kudelski and Echostar have wholly invented the conspiracy they claim having been victim of in order to mask the weakness of their encryption. In his eyes, the case against NDS is nothing short of an extortion attempt. "Sure, I've broken the cards of Kudelski", he annoyedly states. "I was paid by NDS to do it. This is an activity that all companies in the trade do. But why would I have published these codes on the Net for free? I am not stupid, and I never had the intention of taking that risk." Having become an awkward asset, Tarnowsky is no longer employed by the group since a year. He started his own company, Flylogic, through which he offers his know-how to electronics manufacturers, to test the resistance of new products to pirate attacks before they are launched. Christoper Tarnovsky details the general weakness of systems based on certain chips designed by a handful of companies like Motorola and Infinenon (sic), systems used in products as divers as garage door remotes, car alarm systems and TV decoders. "Unbreakable? That's wrong!" "The manufacturers of semiconductors claim that their chips are unbreakable. The companies integrating them into their products trust the specifications they obtain. They believe that their secrets will be well kept. That is wrong, of course." He showed pictures of his laboratory, set up with second-hand equipment worth a couple of thousand dollars. The centerpiece is a powerful Zeiss microscope to access the heart of the chip, where the precious codes are hidden. Successive layers of silicone are peeled away, using acids and lasers. The engineer then explains how he takes over control of the card by short-circuiting one by one its protections with long microscopic needles. It takes a few minutes for the weakest of them, a few hours for better designed chips, but the content of the card gives in to these attempts 9 out of 10 times. For such an operation, Flylogic bills "about 30'000 dollars". When questions were taken, a voice is heard from the end of the room. A Microsoft engineer is wondering: "Did you take an interest in the processor of our Xbox360 game console?" - "I was offered 100'000 dollars to break it", says Tarnovsky. "But I replied that that wasn't enough." "They didn't invest enough" The next question comes from an Estonian journalist. His country, forerunner of cyberdemocracy, has introduced a chip-containing identity card, which can be used for e-banking, as well as online voting. "It's a Motorola", sneers Tarnovsky. "An old model, badly protected." What about the Kudelski cards? A short embarrased silence before his reservations disappear: "Sorry: The last two generations were broken. The next one will be, as well. They did not invest enough into research in the last ten years. Today, Kudelski is running out of money, look at their stocks. They hope to reestablish themselves with this lawsuit, but they will lose."
Great post btw thanks for the information. Can someone answer this though ... why is it that the UK has not introduced this and yet Ireland has? Surely we are talking hundreds of thousand of boxes versus a few thousand?
different cable companies, vm in england meant to be going down anouther route of encription other than nagra3.
I dont get why one tv company would want another tv company hacked. It doesnt really make business sense. If any tv is hacked, the pirates will choose whichever is hacked and be watching it for free. That means they wont be paying for any tv at all. So by any tv being hacked, both companies will have less paying customers. eg. when I found out about the NTL/UPC boxes, I canceled my sky subscription and switched to cable, now that UPC hacking is dead for the foreseeable future, ill probably switch back to sky, or look into sky card sharing further. So actually NDS (sky) lost money on this, and at least UPC got my 20 euro a month for the basic service.
