Skip to main content

Researcher to Disclose Crippling Security Flaws in Satellite TV and Digital Video Broadcast Systems Worldwide

posted onMarch 7, 2012
by l33tdawg

L33tdawg: Adam's first talk will be on Security Threats in the World of Digital Satellite Television, in which he'll be showing off the functionality of his 34,000 lines long Proof of Concept code and 20+ 0days in the Polish satellite TV operator. Immediately following this will be even more brain melting kungf00 as he walks though Security Vulnerabilities of Digital Video Broadcast Chipsets, where he intends to show the process of reverse engineering the instruction set of a completely unknown processor core embedded inside a DVB chip along with the steps that lead to the discovery of security vulnerabilities in a chip’s design / implementation! Oh yeah! This is going to be absolutely brilliant! :) 

Amsterdam, The Netherlands, 7 March 2012 – A well-known Polish security researcher has discovered major security flaws in digital satellite TV set-top-boxes and DVB chipsets used by many satellite TV providers worldwide. The research done by Adam Gowdiak reveals that a combination of security issues present in software, hardware and services from multiple vendors can have a devastating impact on the security of modern digital satellite TV platforms. Gowdiak will be presenting this research in two talks at the third annual Hack In The Box Security Conference in Amsterdam in May (21st – 25th @ Okura Hotel).

In research spanning over one and a half years, Gowdiak has discovered over 20 security issues in the environment of one of the biggest satellite TV operators in Poland. Gowdiak aims to demonstrate that a novel platform such as digital satellite TV set-top-boxes is not immune to hacking and can be infected with malware in the very same way as computers these days – automatically and without user interaction.

The research reveals that well constructed malware can break the security of silicon chips implementing advanced security mechanisms in these set-top-boxes. Gowdiak has verified that this can result in the illegal sharing of encrypted satellite TV programming over the Internet with other, non-paying users.

“Security Explorations’ presentations at HITB2012 Amsterdam will be unique for two reasons. It will be the first ever discovery and disclosure of real malware threats in the context of the digital satellite TV platform,” said Adam Gowdiak, Founder and CEO of Security Explorations.

“And this will also be the first ever successful attack documented against digital satellite set-top-box equipment implementing Conax Conditional Access System with advanced cryptographic pairing function,” he continued. Security mechanisms such as Conax Conditional Access System is widely used for protection against hijacking and illegal sharing / distribution of premium and paid content.

Gowdiak is not a new name in the security industry. Also known as the man who brought Microsoft Windows to its knees in 2003, he was part of well-known research group The Last Stage of Delirium or LSD which uncovered a devastating attack in all Microsoft Windows versions at that time. Over the years, he uncovered over 50 security issues in key Java technologies such as J2SE and was the first in the world to present a successful and widespread attack against the mobile Java platform J2ME, potentially affecting over 250 million devices worldwide.

For more information on HITBSecConf2012 – Amsterdam and to register, please see: http://conference.hitb.nl/hitbsecconf2012ams/

Source

Tags

HITB DVB HITBSecConf HITB2012AMS Security Encryption Hardware

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th