Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54655 readers

601 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others

Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

💰 Please help cover server costs.


Ko-fi	Liberapay

founded 1 year ago

MODERATORS

db0@lemmy.dbzer0.com

sunbrothersco@lemmy.dbzer0.com

dataprolet@lemmy.dbzer0.com

Flatworm7591@lemmy.dbzer0.com

RandomLegend@lemmy.dbzer0.com

Hackathon winners 'Remote Brick' pirate IPTV box using scalable technique (torrentfreak.com)

submitted 1 day ago* (last edited 23 hours ago) by Joker@sh.itjust.works to c/piracy@lemmy.dbzer0.com

20 comments fedilink hide all child comments

A team of hackers from Brazil have taken first place in a hackathon organized by the country's telecoms regulator. The challenge was to develop a solution to prevent non-approved 'pirate' set-top devices from functioning in people's homes. The team say they were able to remotely transfer code which completely disabled a target device. Once implemented, "there will be a general failure in most of the irregular boxes in use," the hacker predicted.

you are viewing a single comment's thread
view the rest of the comments

[–] ICastFist@programming.dev 10 points 14 hours ago (1 children)

the team’s solution is to render set-top devices useless through a software update controlled by them, rather than the manufacturer or whichever entity typically handles that.

ISPs in Brazil already hijack DNS requests for the purpose of blocking access to pirate sites. Typically, that involves an internet user attempting to access ‘Blocked Site A’ in their browser, and ISPs’ DNS servers directing the user to a blocking page instead. Assuming that a set-top box tries to access a particular domain name to receive an update, those requests can also be diverted to a different server.

Solution: never update the device.

Meanwhile, the victorious six-person team picked up a cash prize of R$7,000 for taking first place; that’s around US$1,200 or US$200 each after the split.

Wow. Just wow. I sure hope they get something more out of that, because 1200 dollars for fucking up who knows how many shitty chinese android boxes is worse than doing it for free. From a related article from TF:

Cybersecurity companies charge millions of dollars to solve problems smaller than this.

[–] _pi@lemmy.ml 1 points 7 hours ago* (last edited 7 hours ago)

Wow. Just wow. I sure hope they get something more out of that, because 1200 dollars for fucking up who knows how many shitty chinese android boxes is worse than doing it for free. From a related article from TF:

Bug bounties and hackathons are notorious for being the coding equivalent of working for exposure. These are inherently cost savings programs so that companies don't feel like they need to purchase these assets at market price.