these are legal, but they can have serious implications if you use them to pirate satellite tv. I know it’s just an ISO-7816 interface and not an unlooper, but if you write any pirat3 war3z for an interface like this, prepare to be served with a lawsuit if you don’t post anonymously. the satellite companies have been suing for decades and if you naively post any DIY involving sat, even if it doesn’t actually amount to pirating, you will get hit severely. most people who do this already know, but I’m saying this just in case a normal hardware modder puts 1 and 1 together and experiments.

Posted at 7:11 pm on Mar 3rd, 2009 by mike

Valid point, mike. I’d have to say that normal hardware modders are pretty good at putting 1 and 1 together.

Posted at 7:41 pm on Mar 3rd, 2009 by Andrew

can this bypass my laundry in basement? those cards are similar

Posted at 7:55 pm on Mar 3rd, 2009 by therian

Generally speaking, if you’d use this to get something physical for free that you’d usually have to pay for, you’re probably in the wrong.

Posted at 8:09 pm on Mar 3rd, 2009 by JimXugle

jimxugle: He didn’t ask if it was right or wrong, simply if it was possible. But he has not provided enough information to determine that anyway.

Also, mike, sued for pirating satellite? lol, maybe if you are stupid enough to sell hacked hardware or programming services.

Posted at 8:38 pm on Mar 3rd, 2009 by jproach

I thought all of those Dish/Direct TV cases were overturned and everyone who had settled previously in ‘03(?) got their money back in another class action suit.

It was a pretty ridiculous precedent to set anyways. Just like the RIAA seeking profits from iPods because they can be used to play pirated music.

Posted at 10:10 pm on Mar 3rd, 2009 by MikeD123

Definitely like the idea of this project. Lots of smart card readers to be data fuzzed. Given the way its designed, couldn’t this also potentially capture smart card passwords as well. The general idea, is that you “program” this smart card with the complete memory contents of the smart card you wish to capture the password for, since you only need the password for writing any memory cells on the original smart card, but not for reading said memory cells.

Once the emulator has a complete copy of the memory cells, but not the password, since you don’t know it yet, the emulator is then programmed to take the very first password guess supplied to it as correct, and store the password it receives to its internal memory, to be read out later. From that point, you could then apply the password to your actual smart card and do what you wish with it, within certain limits.

Posted at 10:25 pm on Mar 3rd, 2009 by CaitSith2

As far as I can tell, you can’t control all of the ATR or various protocol parameters on a java card. So, if you need that level of control, a fully-programmable microcontroller is the way to go,

Posted at 11:15 pm on Mar 3rd, 2009 by Karl

therian:

The laundry at my university also used smart cards. I managed to get around it by putting one card in the machine for it to read £X from, and then swapping it for another which it wrote £X-1 to! So actually you could make money (but only money you could spend on laundry).

They eventually fixed it, and if you pulled the card out it would say “Fraud detected! Your bursar has been notified!”. Complete bollocks, but quite funny.

Posted at 1:53 am on Mar 4th, 2009 by Tim

A open hw plataform/sw framework capable of emulating ISO-7816-3 plus ISO-7816 memory cards (sle-4442, sle-5542, ….) will be great to hack, play around, test, debug a lot of interesting plataforms.

Posted at 2:17 am on Mar 4th, 2009 by santino

Mike, you are correct:
Be careful everyone, A friend of mine got convicted of satellite piracy just for purchasing the equipment to do it, he had no intention of it but since he had the means, he was found guilty, find a third party or order the stuff under an alias.

Posted at 4:54 am on Mar 4th, 2009 by aztraph

I guess the point I’m trying to make is that the sat co’s zealously defend their I.P. You could probably get a slap on the wrist for using this thing to reprogram the laundromat and wash you dirty gym socks for free, but even if you publish a minute technical detail of the sat systems, say on your own DIY hack blog, next to the blog about a tic-tac-toe AVR circuit, they more than likely would sue you under DMCA (if you were an easy target hosted in the US and had an otherwise legit “Joes hardware blog” site with your name and everything). Even if you aren’t found liable, I”m sure being sued is a nightmare that no one wants to experience.

Posted at 5:50 am on Mar 4th, 2009 by mike

so publish that info anon on one of the China sat tv hacking sites.

Cripes, why do all you “crackers” have this affinity with cred?

Posted at 6:14 am on Mar 4th, 2009 by fartface

You know you are part of the process of intimidation now mike, did you stop to think about that? And should you not get paid?

Posted at 7:24 am on Mar 4th, 2009 by Wwhat

Great project, thanks

Posted at 7:50 am on Mar 4th, 2009 by AtlanticCityBlackjack

@wwhat – so I’m supposed to just keep my mouth shut and let someone make a mistake (if they didn’t understand the legality first) and get burned ? It’s intimidation if I try to help someone avoid getting sued ?

If you want to challenge the law (the penalties are usually civil but the DMCA *is law*) then do the opposite of what I just said. To expedite the process, post your first and last name along with your hack. If you want to hack sat but not get caught, use overseas websites, and if you want to stay legal, don’t hack sat.

As Olmek said on Legends of the hidden temple: the choices are yours and yours alone.

Posted at 7:52 am on Mar 4th, 2009 by mike

The wisdom of Olmec is as fresh today as it was 1000 years ago

Posted at 8:24 am on Mar 4th, 2009 by dan

There is nothing illegal about making a home-brew smartcard as Travis did.

There is nothing illegal about making a smartcard reader or one that can electrically glitch a smartcard inserted into it.

What is illegal and still is today is using ANY kind of technology to circumvent payment for reception of signals that are otherwise impossible to get without paying!

Whoever got sued by Dtv/Dish bought unloopers including the software explicitly for “unlooping” Dtv/Dish cards and thus had no argument except to settle.

Posted at 9:49 am on Mar 4th, 2009 by chris

The Citi program at the University of Michigan had done some interesting work with their Leon smart card simulator and monkey-in-the-middle hardware.

http://www.citi.umich.edu/projects/smartcard/leon.html

There are also some good resources for starting smart card hacking.

http://www.citi.umich.edu/projects/smartcard/

Posted at 1:12 pm on Mar 4th, 2009 by Rob Pickard

Reply to mike: Yes, sometimes you should let people use their own mind, and exercise their freedom, you aren’t hired to warn people about all dangers in the world anyway.

Having said that I hope you understand I’m not attacking you per se, I was just pointing out some thoughts , pointing out that there are more sides to most things.

It’s good to know a risk, but it’s the MO of many companies (and in fact religions and political groups) currently to go for intimidation and threats, suing grannies just so the news reports it so people get scared, and helping them ’spread the word’ is something you (meaning everybody) should just think about a bit, if you want to be part of that ’system of intimidation’, is my point.

Posted at 3:08 pm on Mar 4th, 2009 by Wwhat

Very cool hack. I know that a company named Sentilla has Java running on the MSP430. It would be really cool if you were running Java on the smart card.

Posted at 3:24 pm on Mar 4th, 2009 by Andrew

Andrew why ?!?!? even if close eyes on speed and size(which make it imposable to run it even on high end chips), java have no hardware support, simple rs232 is pain in java

Posted at 8:07 pm on Mar 4th, 2009 by therian

@wwhat, I see your point. I am not trying to dissuade anyone from experimenting by sounding intimidating. What bothers me most about the dmca applied to sat is that even if you dont post a 1.2.3 guide to steal the signal, the dmca protects against publishing any tech. info on protection technology. So I dont want to see some 19 yr old kid do this hack, and publish on a site a guide like “I send 0×3F and it returned 0×9C”, and have a sat co ruin his future via a lawsuit he cannot defend himself against. what i just described Rather, I want to see him do it, but I want him to be aware that he needs to do so more carefully than if he posts the same info about the smartcard at the laudromat. In short, if getting into some hot water at the laundromat is like a garter snake, I’m trying to say the sat co’s are the black mamba. That could be interpreted as intimidation, but it is also supported via fact as we have seen all the lawsuits in the news, justified or not. No it’s not my job to warn people, but it’s my choice to be compassionate and pass on knowledge that could help someone.

Hope this clarifies. Happy hacking everybody.

Posted at 8:50 am on Mar 5th, 2009 by mike

mike be quiet

Posted at 4:16 pm on Mar 5th, 2009 by nolikemike

Yea I heard of guys getting lawsuit letters from Dave for just buying a smart card programmer.

Also my best fried did 39 months for Sat piracy back in the C-Band VC2 days. He died a couple of years ago, but had worked on something similar to this smart card emulator a few years ago.

Cheers

Posted at 6:52 pm on Mar 5th, 2009 by the Wizard

yeah mike, dvb cards are better ;)

Posted at 7:19 pm on Mar 5th, 2009 by likemike

@mike: The most exciting thing you can say to a nerd is that he must not talk/post about something or else “they” will come after him.

Posted at 11:29 pm on Mar 5th, 2009 by tom

As far as I can tell, you can’t control all of the ATR or various protocol parameters on a java card. So

Posted at 2:41 am on Mar 10th, 2009 by hack

Thank you nice documents

Posted at 2:41 am on Mar 10th, 2009 by hack

The Citi program at the University of Michigan had done some interesting work with their Leon smart card simulator and monkey-in-the-middle hardware

Posted at 2:44 am on Mar 10th, 2009 by hackedpage.net

can this bypass my laundry in basement? those cards are similar ??

Posted at 2:45 am on Mar 10th, 2009 by www.1tk.org

lol.. this site has gone down hill, but not from the staff, more like from you trolls. Mike was pointing out a VERY real and clear issue. The rest of you just say “be quiet” and “can I get free laundry?” In my not so humble opinion, mike and the others that pitched in along his lines are doing a great thing, they’re not discouraging hacking, they’re just saying “be smart” with it and dont do anything that you’re gonna regret after some legal trouble. You may have saved someone from going to jail mike.

Posted at 7:28 am on Mar 10th, 2009 by spindizy

nice…

Posted at 6:50 am on Apr 26th, 2009 by pradip

LOL, NO ONE could hack my site. I do all the security myself. beatthecourt.com

Posted at 9:53 pm on Jun 10th, 2009 by Tort King

hi,
Mutoh Spitfire have a plotter, which uses SLE4442 for each color, I read one of the cards and can not change in the first 32 bits. I can help someone ….
thanks

Posted at 3:32 pm on Oct 13th, 2009 by enache