Current ECM courtesy of DSSFTP:

And I quote.

"These blackouts are due to the session key stuff they are playing with.I guess they don't want to fuck their customers, so they are doing it every couple of hours on select receivers like the 2700. Once they are sure subs won't be affected, everyone else is going down, rest assured.
Heres how:

1. They will stop sending video packets to the old firmware, thereby forcing everyone to upgrade to the new firmware.
2. The new firmwares will negotiate the session key using 768 bit RSA instead of 512 bit RSA. In layman's term, calculating the session key will become computationally more intensive.
3. In older firmware, the session key was only negotiated at bootup and stayed static. It seems they will now attempt to negotiate a new session key more often. It is even possible they will do it every 15 seconds for each new video packet. Kind of like the old CMD 02 for Nagra 1.

In layman's terms: They will be "speeding up" the datastream. Not literally speeding it up, but requiring the CAM to do more computations, which is equivalent to speeding things up.

The end result will be that the hacks that can't keep up will become history. Logs will be provided tonight"

So. Go call me a fear monger now.

mili

:) It's about time they started making us put in a little bit more effort.

it was only a key changee

Both of you are wrong. It's a complete change in the way that commands are being processed. It will require re-writes of all software to process.

Just so we are all on the same page here..this ecm is in reference to the Canadian provider and not chuck. My best guess is parser failure...looks like they have changed the cmd$07 causing the control word parsing to be different from what we are currently using..so we will end up with incorrect control words.

Just so we are all on the same page here..this ecm is in reference to the ??? provider and not chuck. My best guess is parser failure...looks like they have changed the cmd$07 causing the control word parsing to be different from what we are currently using..so we will end up with incorrect control words.

Give that man a cohiba.

The stream speed up always seems to popup but never makes sense.

You have B recievers that run around 16 to 33mhz and then you have fta recievers that start around 90 mhz and go up.

Its not to hard to figure out which would deal with any extra demand better then the other.

In this area they are kept in check by there own hardware.

From elsewhere:

Nagra has changed the format of the decrypted CMD 07 video packet on some channels. Most likely, the rest of the channles will follow soon.

The old CMD 07 decrypted packet structure looked like this:

....09 01 ....100900AAAAAAAAAAAAAAAA110900BBBBBBBBBBBBBBBB.. ..

where AAAAAAAAAAAAAAAA was video control word 0 and BBBBBBBBBBBBBBBB was video control word 1. FTA boxes would simply use these keys to decode the audio/video. Echostar cams would encrypt these control words with the 16 byte session key and the IRD would simply decrypt them (redundant process designed to counter wedge hacks) to decode the audio/video.
The new CMD 07 decrypted packet structure now looks like this:

....09 01 ....100940aaaaaaaaaaaaaaaa110940bbbbbbbbbbbbbbbb.. ..

where aaaaaaaaaaaaaaaa and bbbbbbbbbbbbbbbb are not the actual control words, but some CONVOLUTED FUNCTION of the control words. Notice the cam is being instructed by 100940 and 110940 instead of 100900 and 110900. What this convoluted function is at this time is unknown. Most likely, a simple X-OR with some bytes in the Cam's RAM or IRD's firmware. This will pretty much eliminate all camless and standalone hacks that do not use echostar cards and receivers or possible both. The FTA factories in Korea will be idle very soon. It looks like the free (no pun intended) FTA ride will be over soon.

Expect Dish to implement the same countermeasures within the next few days. They also revised their cards. Only cards with the latest revision actually work now.
If the current revision cannot be unlocked, then it will be pretty much impossible for anything to work.
They are now sending down CMD04 packets whose decrypted payload is being used to X-OR the convoluted control words coming down in CMD 07. Without access to a dump of the latest revision, it is impossible to know how they are X-ORing the data. Even if one can theoretically decrypt CMD 04 (which we still can).

To re-iterate:

1. If the current revisions cannot be unlocked by nob14me, then NO stand alone hack is possible. Only a married-sub type hack will be possible.
2. If the current revisions are opened up, that still doesn't mean everything would work again because decrypting a CMD04 is very computationally intensive. Only the fastest devices would survive.

Rom10,11, Syndrome and Atmega are gone for sure because of speed limitations even if unlocking were successful. Actually, SYndrome may have worked but the designer is now behind the bars, so it is irrelavent. FTA are gone too because I doubt they could handle the speed either. All this is assuming someone can unlock the newest revision, which may not happen at all. Well, people may be watching black screens over the next couple of weeks.

Lord whats with all the doomsayers that pop out.

And it blows my mind how they end up talking about speed but seem to have never checked the specs on the recievers.

Unless (you know who) magicly sends something down the stream to make there hardware go beyound its max possiable speed there not even going to come close to the speed of even the older fta's.

Every time theres something new you always get the ones running around saying the sky is falling

Aleast the stream speed up nonsense is always worth a laugh...lol.

Now its not to say new unbreakable code may come out but neither of them has been very good at it and even the much feared n2 didn't work.:)

I agree totally. I tend to disagree with the gloomy predictions but the analysis of the event seems to be pretty accurate. Like I said before this is where the rubber meets the road. The latest card revisions have already been compromised so the game is still very much on.

Just because Bev is hitting the hackers does not mean Dishnet will do the same.

"Expect Dish to implement the same countermeasures within the next few days. They also revised their cards. Only cards with the latest revision actually work now."

What?


Thats crap.

Why start all this and get everyone bent out of shape. When something happens we will do all we can to get around it.

There is no sense whatsoever in getting all excited about something that "might" happen.

Too be sure the game is still a foot and the CMD 07 seems to be correct enough.

After n2 this doesn't seem to be a huge problem to get over and i suspect wont take long.

As for dish maybe they are going to fellow suit but the fact that this seems to be the old long weekend hash that everyone has seen before i doubt it.

There likely going to wait and see how long things go but i doubt even you know who expects this to be anything more then a temp fix.

Is BEV and DN and N2 DEAD!!! ...bits pieces of copy/pastes..but take it serious!

--------------------------------------------------------------------------------

As somebody said we are in for a bit of a rough ride.Each time Im told it ain't so bad..I get another message that its worse...But it seems like older model receivers will be rendered True FTA...Pansat 2300/2500 Fortecs ..Sorry but this could be the end of the line..I will know more in the next few hours as I speak to more people...The Death of the Older models is still an assumption by those more knowledgeable than I,but it seems logical.Processes will have to be run faster than these machines are capable of..But like I said Stand By ..we're are on it...and wil let everyone know as we get it.

From source 1....All Boxes Will need there ROMS hard coded...So a Hardware Mod Will be required................................

Wait everyone .....More as it comes in.







--------------------------------------------------------------------------------

This is not good news at all.....Pretty much confirmed ..Pansat 2300/2500 Fortec Lifetime .Ultra and Original...And The Clones of such models are done.The info I am gathering is troubling....It seems that those of you using these and any other slow processor receivers are in for a bit of a shock..as are those with faster machines....Somehow They have managed to find a way to require a ROM hard Code..which means Keys are /will be a thing of the past...We will need to run a full hard coded Emulation system in our boxes, Autoroll is about to become a thing of the past..Emu will make our toys run better at least for those that have machines that can handle faster computations...This is not going to be fun...Please Im am Piecemealing the info as I get it...And typing it as it comes down the pipe...






Dreamboxes..triple Dragon ...And PCI will recover..MOST STBS Will NOT.Will take about a week to rewrite ROM....Please be Patient.....






BEV ECM Analysis

Nagra has changed the format of the decrypted CMD 07 video packet on some channels. Most likely, the rest of the channles will follow soon.

The old CMD 07 decrypted packet structure looked like this:

....09 01 ....100900AAAAAAAAAAAAAAAA110900BBBBBBBBBBBBBBBB.. ..

where AAAAAAAAAAAAAAAA was video control word 0 and BBBBBBBBBBBBBBBB was video control word 1. FTA boxes would simply use these keys to decode the audio/video. Echostar cams would encrypt these control words with the 16 byte session key and the IRD would simply decrypt them (redundant process designed to counter wedge hacks) to decode the audio/video.
The new CMD 07 decrypted packet structure now looks like this:

....09 01 ....100940aaaaaaaaaaaaaaaa110940bbbbbbbbbbbbbbbb.. ..

where aaaaaaaaaaaaaaaa and bbbbbbbbbbbbbbbb are not the actual control words, but some CONVOLUTED FUNCTION of the control words. Notice the cam is being instructed by 100940 and 110940 instead of 100900 and 110900. What this convoluted function is at this time is unknown. Most likely, a simple X-OR with some bytes in the Cam's RAM or IRD's firmware. This will pretty much eliminate all camless and standalone hacks that do not use echostar cards and receivers or possible both. The FTA factories in Korea will be idle very soon. It looks like the free (no pun intended) FTA ride will be over soon.

Expect Dish to implement the same countermeasures within the next few days. They also revised their cards. Only cards with the latest revision actually work now.
If the current revision cannot be unlocked, then it will be pretty much impossible for anything to work.
They are now sending down CMD04 packets whose decrypted payload is being used to X-OR the convoluted control words coming down in CMD 07. Without access to a dump of the latest revision, it is impossible to know how they are X-ORing the data. Even if one can theoretically decrypt CMD 04 (which we still can).

To re-iterate:

1. If the current revisions cannot be unlocked by nob14me, then NO stand alone hack is possible. Only a married-sub type hack will be possible.
2. If the current revisions are opened up, that still doesn't mean everything would work again because decrypting a CMD04 is very computationally intensive. Only the fastest devices would survive.

Rom10,11, Syndrome and Atmega are gone for sure because of speed limitations even if unlocking were successful. Actually, SYndrome may have worked but the designer is now behind the bars, so it is irrelavent. FTA are gone too because I doubt they could handle the speed either. All this is assuming someone can unlock the newest revision, which may not happen at all. Well, people may be watching black screens over the next couple of weeks.





BEV Losing Channels!!!

--------------------------------------------------------------------------------

Seems Bev is up to her old tricks (or a new one really) as of last night bev was missing a few channels including treehouse, cp24 and some french channels. As of this morning PPV channels on bev 352-356 are also black screen or scrambled msg. It seems Bev playing with the CMD $07 causing these to be unviewable. You can expect more channels to follow thru out the day and maybe a total blackout of bev by tonight. There also is a new ch. 340 (found when doing a new scan) to call at T.O number if your experiancing missing channels or black screen this is just another ploy by bev to weed you out just like DN pirate channel. This seems to be an easy fix for the FTA coders but the race is on who will release the new fix for this attack by BEV. To also add Bev Started Updating Cams to Rev 643 as of last night and Sub's without this update yet are also experiancing these missing channels. Remember what Bev does Charlie is sure to follow.....Hold on it's going to be a bumpy ride.




--------------------------------------------------------------------------------
Viewsat may be first to whip ECM..

From an earlier posted report:

Report Recommendations:

Although the Nagravision Encryption for certain cams is publically compromised, it will be proposed to Echostar and ExpressVu via the FCC and CRTC respectively, that the following counter measures be implemented immediately:

1. Restoration of CAM-IRD handshake protocol and counter measures against firmware modifications. It will be proposed that the CONTROL WORDS be ciphered with the 64 byte Primary RSA key in IRD firmware in a convoluted manner difficult to reverse-engineer from firmware disassemblies. Any modifications to the Primary RSA key will result in incorrect CONTROL WORDS. Without knowledge of the convolution process, FTA and DVB piracy will be eliminated.

2. Increase the length of the RSA exponent used for public key decryption to 512 bits. This will render atmel based piracy devices and older generation ROM cards useless.

3. Traditional electronic counter measures against compromised "102 ROM"
cams.

#1 is our worst fear and I believe this is what has happened. The restoration of the handshake protocol will be a tough one to defeat. Viewsat has a jump on this however due to long ago, before N2 was actually hacked, Viewsat had a work around by using a N2 card in their box. (remember the video's I circulated). The handshake protocol can be nulified by using part of the ROM dump of a current revision card. This dump was posted today at a different forum of Rev 2.44. The lead engineer for Viewsat is now in possession of this dump and will study it and the current stream activity. Today is Mr Viewsat's 30th birthday, and I listened to a 3 way phone conversation where he asked for a nice B-day present from his #1 coder. It will please you all to know that he is fairly confident that he will have a solution within a few days. Viewsats past experience of using an actual N2 card in conjunction with their unit has given them an edge in understanding the ECM and how to defeat it. In all likelyhood, part of the cards ROM section will have to be added in to the bin. The added work load shouldn't be much of a problem for the Viewsat, but I think we may see the end of slower, less powerful units for decrypting this new encryption.. Only time will tell, but I heard the confidence in his voice and his remarks, that he should have this sorted out soon.. This feat alone should propel Viewsat to #1 if indeed they can pull it off...
Cross your fingers kiddos, there's alot at stake this time...

Another forum (this is the best one) basically is saying that FTA along with everything else is dead.I wanted confirmation from you fellows.

only time will tell

Awe someone being a little more technical high five to that. BUT b!v Subs are getting the fukked around here. They are having audio problems and black outs and it is not rain fade. Sollution ,all of you that are still subs with B1V. Make a call. Tell them your problems. You may even save a few bucks on your next invoice. All of you the bought FTA and cancelled well Smooth move.... What did you think was going to happen. THINK! it must cost B!V a ton to keep the bird alive. So why not pay your share and consider the Fta as a bonus.:wow:

Well my viewsat on 119
is giving me mtv (chanel 160) and nothing else
and on vue none of ppv's both french and english
except vue 11(611) king kong and playboy (780)
no ctv, or global but most of the rest.
can anybody confim ?

From another forum...

Ok here is the list of the channels that doesn't work anymore for me on my cw-600 (sorted by SID)
53,54,55,57,58,61,62,66,72,73,77,82,139,140,161 to 177,204,205,211,212,214,221,225,227,235,236,237,23 9,240,243,244,250,252,253,283,290,300,301,302,303, 304,305,306,308 to 317,320,321,322,323,351 to 360,362 to 381,400,412,501,503,507,553,600,750 to 760
all the other ones are working for me for right now
but some channel have only the audio part and others have only the video part (those might come down soon too)

has for the name of these channel list here it is :
CTV:toronto/vancouver/winnipeg/edmonton/montreal/regina/Lloyd/calgary/newsnet
GLOBAL : toronto/halifax/winnipeg/saskatoon/edmonton/calgary/vancouver
CITY : toronto/vancouver/
MCTV : sudbury
ABC : boston
FOX : boston/seattle/soccer channel/news channel
TELETOON FRENCH
TREEHOUSE TV
VRAK-TV
HGTV
MOVIE NETWORK
M-MOR
M-EXCESS
M-FUN
MFEST
MPIX
M-ESCAPE
MOVIE CENTRAL
ADRENALINE DRIVE
SHADOW LANE
HEARTLAND ROAD
TSN
ALL THE FRENCH VU
ALL THE ENGLISH VU (EXCEPT 361)
ALL THE RED CARPET VU
ALL THE VENUS

That's it for right now
that's all the help i can provide(and i hope it will help)
thanks again for all the other guys thats are helping

thanks 4 the hlp, cool **tester thingi xD

is this also affecting the other providers testing rom cards,,or fta only?

Everything is affected.

I understand the importance of this topic but please remember that Bell discussions of any sort are not permitted in the forums. If you are going to discuss this issue please keep that rule in mind.

I wasnt out of line i hope,,just very curious as to what we have to look forward to.

Iam never amazed anymore by the guys posting how the slower fta wont be able to keep up with the b recievers.
Guess there must be a major swap out of bell recievers i haven't heard of or some magic fix over the stream that causes the slower b hardware to catch up to the slowest fta recievers.:blink:

Of course the whole thing is from one person who cut and pasted what another said and then stuck his bit on.

Do a TP scan on Nim.2 at 82-deg.W 12.661 V & you will get 9 new channels: ISP1-9, 5 of which are Movie Network channels.

Do a TP scan on Nim.2 at 82-deg.W 12.661 V & you will get 9 new channels: ISP1-9, 5 of which are Movie Network channels.

We're delighted with this info but no bev discussions here!

Cross your fingers kiddos, there's alot at stake this time and thanks to evry body for great news the future is not to black thanks :hat:

what is going on . i have a panset 2500a and lost most channels on sunday the 21. i just checked and i have everything back ??? charliecuda@yahoo.com:yes:

Rumor has it that there having issues with older recievers but this is not confirmed yet.

They could be just messing with us so its a wait and see.

Yeah, most likely the were taking too much heat from too many subs and decided to back track. Some people on other forums were reporting that their legitimate subbed receivers that hadn't been in the stream for a while had to be hooked back up and left in for up to 24 hours before they would update and get channels back.

You can be pretty sure that once they iron the kinks out, the channels will go dark again as ppv and porn still are.

I have been reading on several forums there porn and ppv is back up...

Forget the damn rumours..there was a key change and all that's needed now is a blind scan and you will smile. No, the sky is not falling in.

Forget the damn rumours..there was a key change and all that's needed now is a blind scan and you will smile. No, the sky is not falling in.


** WHAT ARE THE NEW KEYS IF THEY HAVE CHANGED?? **
:yes:

hi so what do we do now on rsa no mod on rom 10 to 102

Sit back and let the cards fall where they may
than go out and get a rom 102 card looks like thats all that will be working soon?:cry:

Sit back and let the cards fall where they may
than go out and get a rom 102 card looks like thats all that will be working soon?:cry:And only subbed ones will be reliable. It looks like cardsharing will be the future.