And if it is possible, why has it been decided to keep using a smart card for this task?
I will be grateful if you can provide some practical examples on how to bypass the use of a smart card (if possible).
And if it is possible, why has it been decided to keep using a smart card for this task?
I will be grateful if you can provide some practical examples on how to bypass the use of a smart card (if possible).
A satellite TV system must face the following challenge: it is one-way. The receivers cannot do anything but receive; they cannot emit anything.
The generic problem is known as broadcast encryption. In practice, things go that way:
Thus, a given decoder will just wait for the blob which contains K encrypted with his card-specific key Ks, and use the card to obtain K and decrypt the stream.
When a subscriber is no longer a subscriber (he ceased to pay), the publisher simply stops sending the blob containing K encrypted with the corresponding Ks. The next time K is updated (it happens several times per day), the ex-subscriber is "kicked out".
In older times, media publishers had the habit of doing everything "their way", which means that they designed their own encryption algorithms, and they were very proud of them, and kept them secret. Of course, such secrets were never maintained for long because reverse engineering works well; and, inevitably, these homemade encryption algorithms almost invariably turned out to be pathetically weak and breakable.
Nowadays, the publishers have begun to learn, and they use proper encryption. In such a situation, the only recourse for attackers is to clone smartcards, i.e. break their way through the shielding of a legally obtained smartcard, to get the Ks of that card. Breaking through a smartcard is expensive, but not infeasible, at least for the kind of smartcard that are commonly used for such things; it requires a high-precision laser and an electronic microscope, and is rumoured to cost "a few thousands of dollars" for each break-in. Attackers do just that.
Publishers react in the following way: with traditional police methods. The cloning method is worth the effort only if thousands of clones can be sold, as part of some underground market. Inspectors just masquerade as buyers, obtain a clone, see what card identity the clone is assuming, and deactivate the corresponding subscriber identity on the publisher side, evicting all clones of that card in one stroke.
From what I have seen, the break-clone-sell-detect-deactivate cycle takes about two weeks. It is more-or-less an equilibrium: the non-subscribers who accept the semi-regular breakage of connectivity are in sufficient numbers to maintain professional pirates, but they are not numerous enough to really endanger the publishers' business model.
We may note that Blu-ray discs are a much more challenging model, because readers can be off-line and must still work; and though each Blu-ray reader embeds its own reader-specific key, there is not enough room on a Blu-ray disc to include "encrypted blobs" for all readers in circulation. They use a much more advanced algorithm called AACS. However, for satellite TV, the simple method described above works well.
This is just some extra information but it didn't fit as a comment under Thomas' answer.
There's an interesting pirating method that have made it possible for the cycle to extend way longer than two weeks. It's called CardSharing. Here's how it works:
Somebody buys a legitimate card and inserts it into a modified satellite receiver that will use the card to decrypt and reveal K (which changes several times a day).
K is updated on a central servers to which satellite receivers connect and fetch the key. Many people use PC satellite devices such as SkyStar.
The key is used to decrypt the stream. Once the key is changed, the satellite receiver will ask for a new one from the central pirating server and repeat the process.
That way, the provider has no way of knowing who is the source of the leak since only the non-personal K ("control word") is being shared rather than the personal subscriber-specific key.