Dec 10th, 2009, 17:59 | 只看该作者 #1046 |
Free to Air Installer
|
几乎所有的IKS解码器都已经DOWN了
DN找到了攻击IKS系统的方法(其实就是锁定了共享的CARD,然后DISABLE它们)。 大家等近一步的消息吧,这回问题有些严重! Standby for more information as it becomes available. The latest incident appears to be impacting all sharing of Dish Network codewords. B3V codeword sharing so far does not appear to be impacted, however all solutions taking severe server hits will likely result in negative performance on any B3V programming. While this may very well be a new ECHO* dervived IKS Electronic Countermeasure, that has not yet been confirmed. More details are expected to develop throughout the day. We will post as much information as we can here, as most forum websites are experiencing extreme traffic loads. Our Forums are expected to be closed down until later this evening. Like I said at least five sites are carrying this...or some variation of this...As SV does not have B3V open it is impossible to tell if they are just down for maintenance or did jump the gun by putting their sub's back up too early...making Nfusion statement a possibility... |
|
Dec 10th, 2009, 20:15 | 只看该作者 #1052 | |
Free to Air Installer
|
引用:
Providers attack IKS As some of you know, the providers have ECM'd most IKS setups including those touted as being "The Best" by their distributors. This includes not only your beloved NFusion; but your Slinger as well. A visit to the slinger site will show you this: IKSlinger is DOWN until further notice... Subs have been comprimised!!! Team Will Be Setting Up New Servers and Subs Again - Not Expected to Return for at least several weeks. And if you own an NFusion, the message is the same. Sonicview has never really been up for the last few montrhs so if they got hit, the ecm just blended in with their usual down time. At this point you will get more out of your iHub than you will out of an Nfusion or Slinger. (Looks like Mili's Christmas won't be so merry after all) Here is an analogy posted by someone named "Cheap trick" that I found explained it best for those of you wondering what happened: NagraStar's Anti-Piracy Task Force is composed of two basic divisions : One being the Legal branch ( lawsuits, takeovers, information gathering, intimidation propaganda, etc. ) and the other one, which we're interested in, the Operational Unit. O.U. is basically working on two fronts: a.- Signal securement and b.- (signal) Distribution and providers. Up to now, against IKS technology, their signal securement efforts have been fruitless. So what we suffered last Thursday was the result of a successful sabotage on preselected IKS provider's servers. It would be too tedious trying to explain the technical aspects on how it was done, but I'll try to do it using the following analogy: Let us suppose that the Server we connect to is a big water tank . And that we use a water hose to bring the water from this big tank. What Nagra's O.U. did was connect a "water pump" to this big tank, disrupting and overloading the flow for the rest of us. Most (not all) servers we're affected in very different ways. Some of them, with good extra capacity and security, rapidly recovered. Some were not even affected at all. Others (Nfusion) being the largest busiest one (and main target) suffered a severe crash.So the story basically remains the same. But for the moment the Mother of all Battles will be "NagraStar vs The IKS Servers". We have no problem with this? Of course we do. Warfare costs Big Money and for how long will IKS providers endure those tremendous costs? In order to survive, IKS service will eventually be charged. You can take this to the Bank (literally). But this is another story I'm also hearing reports that the NFusion servers were compromised and IP addresses of those connected are known, but Im not sure how credible those reports are as people like to panic and speculate at times like this. For now.. stay vigilant my friends. Without understanding how the N3 system works we can only speculate as to how they targeted specific cams. It could be they sent a revision down that targeted cards with unusual request patterns, and if the request reached "X" amount in "Y" amount of time, then force "Z". I remember reading somewhere that the cards were only capable of issuing so many requests in a certain amount of time. ex, you change your channel to HBO, so do a few hundred other people, then you start flipping channels, so do many other people.. the card has to issue all these control words for all these different channels all at the same time to many other people. Thats alot more than your average Joe sitting around watching Football and Porn. So that sends a flag.. next thing you know.. isolation.. then the hit. |
|
|
Dec 11th, 2009, 01:00 | 只看该作者 #1053 | |
Senior Member
注册日期: Jan 2007
帖子: 2,919
积分:6
精华:2
声望: 404694
|
引用:
而如果攻击被限制在一定的IP范围内,很容易就在路由器级被隔离掉了。 基本上,这种大公司最可能做的还是锁定共享的卡号了,毕竟这是他们的本职。 |
|
|
Dec 11th, 2009, 01:30 | 只看该作者 #1054 | |
Free to Air Installer
|
引用:
Last Thursday the providers finally triggered their latest ECM to take down IKS. We all thought they would come up with something at some point so here it is I heard that few months ago they tested it on some of their European markets and it is now fully operational at DN and Bell. (See Nagra IKS protection patent Let me give you an idea on how it works First that new ECM has been forced in all cards and continuously counts all channel changes. From now on, all DN/Bell cards will increment a counter every time you change the channel. If you stay on the same channel then youre good but if you keep sending requests for new channels (like an IKS server does when it share his card to server multiple channels) then your counter will raise to the ceiling. Remember some FTAs went down a few weeks ago. The providers were forcing everyone to stream their card and take the update. No IKS server was working until they streamed cards again. Remember MECM updates for N2, same thing? They had no choice but to take the EMMs to restore video. Then the providers enabled the watchdog on Thursday I dont know about you but I think this one is going to be tuff to work around. Our only chance is for the IKS servers to put one card behind every channel they serve. Hopefully by sharing this information, we can provide a united front to keep the exchange of information FREE and for public consumption as it should be. |
|
|
Dec 11th, 2009, 01:32 | 只看该作者 #1055 |
Free to Air Installer
|
还有另一种解释: I guess we all know what the last smart card revision from the provider was all about. Some code was added to process "special" cmd08s where the card responds not with actual control words for video decryption, but bogus control words that contain the smart card's camid. The idea being that Echostar engineer's could have these bogus packets relayed back to them for account identification. The only problem with this trick is that if two cams being used in an IKS setup to compare the control words for each cmd08, they can easily discover such 'bogus' packets and either ignore them or load the returning packet with a bogus camid and have Dish go on wild goose chases disabling valid subbed accounts and trying to extort $$$$ from perfectly innocent subbers through litigation. After identifying the 'supposed' camid being used in IKS, the provider would naturally send down a barrage of emms that would disable the offending cards. This IKS ECM was only a partial success. It seems to have caused some freezing on some IKS systems and nothing on others. It would seem that the method used to identify IKS cam id's wasn't bulletproof. The provider probably disabled hundreds of cams in the field, but most were probably never used in any kind of IKS. Otherwise, if the provider's method was bulletproof, every single IKS cam would have been identified and disabled and every IKS service would be completely down. Instead, several are still up and others like nFusion were 'voluntarily' shut down to assess the situation because of some 'freezing'. What does this all mean? Well, it means the provider is getting smarter but isn't quite there yet. Most IKS systems will be back up and running soon and no doubt the provider will try to fine-tune his method of disabling IKS cams through another cam revision. Eventually, the provider will get it right and be able to disable publically used IKS cams with a great deal of accuracy. The future of public IKS through subbed cams is looking very bleak right now. Even private IKS can be knocked down with another card revision where the cam counts how many CMD08s are processed per 15 second interval and simply loops itself if too many are being processed like in a card-sharing enviroment. |
|
Dec 11th, 2009, 01:41 | 只看该作者 #1056 |
Free to Air Installer
|
CNX和I-LINK已经基本恢复正常了,IKS SERVER那边应该有额外的备份卡,看来几年前的猫和老鼠的游戏又开始了,现在的情况和05年年底N2被破解后大约小半年,卫星公司开发出来新的换密码算命法和ECM攻击的手段和类似。很多老玩家应该还记得。 IKS技术目前看来已经不是没有办攻击的了,以后会有更多DOWN的时候,只有等N3被破解,再结合IKS技术,才能回到2008年NFUSION用IKS处理N2的稳定程度。 一点儿分析,请大家指正。 |
|
感谢 sillybearcat 此篇文章之用户: |
qwertyonly (Dec 11th, 2009) |