Security vulnerabilities of DVB chipsets
This video from Hack in The Box Amsterdam 2012 focuses on the security of audio and video MPEG streams broadcasted to subscribers via their set-top-boxes by a digital satellite TV provider.
It discusses in detail the security mechanisms such as Conax conditional access system with chipset pairing that is used by modern digital satellite TV set-top-boxes to protect against set-top-box hijacking and illegal sharing / distribution of a premium satellite TV content (TV channels and Video on Demand movies).
It demonstrates the process of discovering the inner workings of a silicon chip implementing advanced DVB functionality related to the MPEG streams decoding and decryption. It shows the process of reverse engineering the instruction set of a completely unknown processor core embedded inside a DVB chip along with the steps that lead to the discovery of security vulnerabilities in a chip’s design / implementation.
Sample exploitation scenarios of discovered security issues are also discussed for the purpose of illustrating what real threat security flaws in DVB chipsets can pose for digital satellite TV operators and content providers.