Security vulnerabilities of DVB chipsets
Posted on 10 July 2012.
This video from Hack in The Box Amsterdam 2012 focuses on the security of audio and video MPEG streams broadcasted to subscribers via their set-top-boxes by a digital satellite TV provider.

It discusses in detail the security mechanisms such as Conax conditional access system with chipset pairing that is used by modern digital satellite TV set-top-boxes to protect against set-top-box hijacking and illegal sharing / distribution of a premium satellite TV content (TV channels and Video on Demand movies).

It demonstrates the process of discovering the inner workings of a silicon chip implementing advanced DVB functionality related to the MPEG streams decoding and decryption. It shows the process of reverse engineering the instruction set of a completely unknown processor core embedded inside a DVB chip along with the steps that lead to the discovery of security vulnerabilities in a chip's design / implementation.

Sample exploitation scenarios of discovered security issues are also discussed for the purpose of illustrating what real threat security flaws in DVB chipsets can pose for digital satellite TV operators and content providers.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th