How do satellite TV providers prevent theft of service?

Thread Starter

strantor

Joined Oct 3, 2010
6,782
Just out of curiosity, I wonder how they do it. To my knowledge, the dish does not transmit anything, so I do not see how they can verify which dishes are legit and which ones aren't.
 

#12

Joined Nov 30, 2010
18,224
The thing I know about it is the TV top boxes that decode the information. Honest people have to pay for an unlocking code.
 

Thread Starter

strantor

Joined Oct 3, 2010
6,782
The thing I know about it is the TV top boxes that decode the information. Honest people have to pay for an unlocking code.
so is the unlocking code changed frequently? I would assume it would need to be changed frequently, and a new unlock code sent to the boxes every time. But then I'm back to "how they can verify which dishes (boxes) are legit and which ones aren't"?

It seems like the box would need to have a unique hardware address that it would transmit back to home base to verify that it's account is in good standing before being eligible that to receive the new code. ... but then the code would need to be broadcast as well, introducing yet another opportunity for theft... puzzling.
 

BillB3857

Joined Feb 28, 2009
2,570
I have DirecTV and they have a record of the serial number of the box coupled with the electronic ID of the access card. They periodically send codes to these receivers that enables the decoding process. I also have a receiver/access card in my RV. If I don't go anywhere in the RV and connect it to a dish for a month or so, I have to call them to get it re-authorized. No big deal other than just not being sure whether I will need to do it or not. The authorizing of additional receivers on a given account is called Mirroring. Each receiver that is mirrored has the same access as the primary.
 

Thread Starter

strantor

Joined Oct 3, 2010
6,782
I have DirecTV and they have a record of the serial number of the box coupled with the electronic ID of the access card. They periodically send codes to these receivers that enables the decoding process. I also have a receiver/access card in my RV. If I don't go anywhere in the RV and connect it to a dish for a month or so, I have to call them to get it re-authorized. No big deal other than just not being sure whether I will need to do it or not. The authorizing of additional receivers on a given account is called Mirroring. Each receiver that is mirrored has the same access as the primary.
This complicates things even more in my mind; I had not thought of the separate access to individual channels. How do they keep track of that?

You say that if you don't use the one in your RV for a month or so, you have to call and reactivate it. I assume that if you were to use it continually, you would not need to call and reactivate it. So this seems to indicate (to me, anyways) that the access codes are broadcast, perhaps monthly, and if your receiver is not energized, they will miss is, and when you call, the provider will transmit it again. So are the channels that you pay for stored in the card? If you decide to add a channel, can you just call and add it, or do they have to send you a new card?
 

BillB3857

Joined Feb 28, 2009
2,570
The "permissions for your account" are transmitted periodically to each receiver and like you say, if a given receiver isn't connected to an antenna source, it won't get the new codes. If I want to add a channel or buy a pay-per-view movie, I just call them and they adjust my accountand send codes immediately. A lot of these things can be done on-line through the internet or, in the case of Pay-per-view things, if my receiver were tied to a phone line, I could do it with the remote for the receiver. Some of the newer receivers will also allow tie to the internet. My brother-in-law has that setup.

EDIT
 

Thread Starter

strantor

Joined Oct 3, 2010
6,782
The "permissions for your account" are transmitted periodically to each receiver and like you say, if a given receiver isn't connected to an antenna source, it won't get the new codes. If I want to add a channel or buy a pay-per-view movie, I just call them and they adjust my account.
In my mind, this seems to necessitate the dish actually broadcasting back to the satellite to verify identity. So I must be wrong about it being just a receiver. It must be a transceiver. would you agree?
 

tracecom

Joined Apr 16, 2010
3,944
In my mind, this seems to necessitate the dish actually broadcasting back to the satellite to verify identity. So I must be wrong about it being just a receiver. It must be a transceiver. would you agree?
No, there is no transmission from the subscriber to DirecTV. All permissions are sent from DirecTV to the subscriber, based on DirecTV's records of what the subscriber is paying for.
 

DerStrom8

Joined Feb 20, 2011
2,390
According to HowStuffWorks.com:

At the broadcast center, the high-quality digital stream of video goes through an MPEG encoder, which converts the programming to MPEG-4 video of the correct size and format for the satellite receiver in your house.
Encoding works in conjunction with compression to analyze each video frame and eliminate redundant or irrelevant data and extrapolate information from other frames. This process reduces the overall size of the file. Each frame can be encoded in one of three ways:

As an intraframe, which contains the complete image data for that frame. This method provides the least compression.

As a predicted frame, which contains just enough information to tell the satellite receiver how to display the frame based on the most recently displayed intraframe or predicted frame. A predicted frame contains only data that explains how the picture has changed from the previous frame.

As a bidirectional frame, which displays information from the surrounding intraframe or predicted frames. Using data from the closest surrounding frames, the receiver interpolates the position and color of each pixel.

Encryption and Transmission
After the video is compressed, the provider encrypts it to keep people from accessing it for free. Encryption scrambles the digital data in such a way that it can only be decrypted (converted back into usable data) if the receiver has the correct decryption algorithm and security keys.
Once the signal is compressed and encrypted, the broadcast center beams it directly to one of its satellites. The satellite picks up the signal with an onboard dish, amplifies the signal and uses another dish to beam the signal back to Earth, where viewers can pick it up.
You can find the entire article here.

You also might find this Wikipedia Article useful.
 

Thread Starter

strantor

Joined Oct 3, 2010
6,782
No, there is no transmission from the subscriber to DirecTV. All permissions are sent from DirecTV to the subscriber, based on DirecTV's records of what the subscriber is paying for.
Ok, I was just reading a different site and confirmed that the dish can't transmit.

So now I'm thinking that, with no way for the individual dishes/boxes to validate their identity to the satellite, the satellite must be making a blanket broadcast of every channel and trusting the individual boxes to only show you what you are paying to see. Plus, to fit with the scenario that you can just call and add channels, they must be broadcasting the decryption codes something like "if your address is XXXXXXXXXXXX then you have permission to show channels 200-300, 550-600, 2, 4, 12, and 36".

But that message containing the decryption codes couldn't be encrypted or else... well it seems rather circular that it would be. At some point you would have to bring the box into the satellite office or at least get another card.
 

Thread Starter

strantor

Joined Oct 3, 2010
6,782
According to HowStuffWorks.com:



You can find the entire article here.

You also might find this Wikipedia Article useful.
the howstuffworks page is the one I was just reading ;).
it touches on the topic but fails to give any real details:
Encryption scrambles the digital data in such a way that it can only be decrypted (converted back into usable data) if the receiver has the correct decryption algorithm and security keys.
does not explain how your decryption algorithm and security keys get into your box but not into my box.

your wiki article led me to this page which gives only a tantalizingly vague hint at the answer:
Access flags can be downloaded to the subscriber's card either over the air (via 'hidden' data streams) or by using the box's built in modem
hidden data streams?
 

BillB3857

Joined Feb 28, 2009
2,570
My understanding is that the combination of box serial number and access card ID provide a unique address for each receiver. For example, I can't take the access cards from two receivers and simply swap them. The pair is unique, but my account lists four receiver/access card pairs and each gets the same authorization codes.

When we first got the sat system, the installer set it all up, made a phone call to provide the serial/card numbers and VIOLA! We had all the channels we had requested on all the receivers that had been installed. Later, I bought another receiver from eBay that came with a card. A phone call to the sat provider, an added monthly charge to my account and it had the same access as the other receivers.
 

KJ6EAD

Joined Apr 30, 2011
1,581
The only successful fraud strategy I've heard of is sharing an acount by creating a clone of the receiver MAC code and the authorization card. Even these would be discoverable because a security ping from the satellite would result in duplicate coincidentally timed responses.

Dish uses a cellular system to upload data from the receiver to the company for routine program requests and security. They give customers a discount for connecting the unit to a hard-wired telephone line, presumably because it saves on cell service fees.

This is speculation but it wouldn't surprise me if for installations in areas with no cell coverage, they install a receiver with a built-in satellite uplink to maintain security, at some additional cost of course.
 
Last edited:

osx-addict

Joined Feb 9, 2012
122
We used to have DTV but ditched it months ago to save $$.. Our receivers were never connected to the phone because we had VOIP and it didn't play well with our receivers -- it never caused us any grief with DTV though..

On the other hand, if you search around you'll find stories from 5+ years ago about clones being made of access cards with all channels turned on and stuff like that -- done by hackers. These would run for a while until DTV figured out what was going on and would send something remotely that would destroy these cards making them worthless.. I'm not sure if that's what really happened but that was what I heard.

We live in DTV country where the majority (from my understanding) of the embedded development work is done for the receivers -- here in the LA area. DTV requires (or did in the past anyway) that you have a security clearance to work in that part of the company from what I understand because hacking is such a big issue.. They want to ensure you have a background check done similar to what the aerospace industry does for a secret/top-secret clearance.. They don't want their employees distrubuting the encryption info to the hacking groups for obvious reasons..

That's about all I know.. I don't know if hackers are still doing that stuff or not.. I've not heard anything for a number of years now..
 
Top