Early September, Brazil’s telecom regulator Anatel announced that it would team up with the Hackathon Brazil Community to stage the first ever ‘TV Box Hackathon’.
The two-day event, tabled for September 28 and 29, would see teams of hackers develop “innovative solutions” to block or disable non-certified set-top boxes, typically piracy-configured Android devices installed in people’s homes.
So the challenge is this: by understanding how these non-approved devices work, you must develop an approach that is capable of interrupting the exchange of data that occurs between the devices and their users.
The task ahead was no walk in the park, but if anyone did manage to pull it off, the anti-piracy implications for the entertainment industries would be absolutely enormous.
We Have a Winner
“Hackathon Brasil and Anatel have successfully concluded the Hackathon TV Box 2024, awarding innovative solutions to end the use of illegal TV Box devices in Brazil,” an announcement on the official site now reads.
“The event brought together experts in technology, network security and hardware, focusing on creative and effective alternatives to protect consumers from digital threats, such as malware and spying.”
The winning team, revealed as Juarez J., Aline A., Henrique A., Eduarda L., Daniel S. and Theo W., picked up first prize after their solution demonstrated an “ability to directly impact the fight against TV Boxes not approved by Anatel, ensuring greater security and privacy for users.”
The competitors were judged on how closely they adhered to the details of the challenge, innovation, and ultimately the potential impact of their solution.
Anatel has repeatedly warned that many set-top devices currently in use have poor security, some at the operating system level. The winning team isn’t giving much away, but exploiting these weaknesses may have formed part of the successful strategy.
No Proof Yet, But The Attack Sounds Plausible
Exactly how much team leader/spokesman Daniel Lima is allowed to say in public is unclear, but the details revealed so far seem generally plausible.
In comments to Globo, Lima said the team’s solution is to render set-top devices useless through a software update controlled by them, rather than the manufacturer or whichever entity typically handles that. Ordinarily the first steps would’ve been much more difficult but in Brazil, systems are already in place to provide a helping hand.
In common with many counterparts elsewhere in the world, ISPs in Brazil already hijack DNS requests for the purpose of blocking access to pirate sites. Typically, that involves an internet user attempting to access ‘Blocked Site A’ in their browser, and ISPs’ DNS servers directing the user to a blocking page instead. Assuming that a set-top box tries to access a particular domain name to receive an update, those requests can also be diverted to a different server.
“We were able to add code that completely disables [a device]. Our solution uses advanced networking capabilities to allow the software on the box to be altered, and the user would be unable to access protected content,” Daniel says.
“Since Anatel controls the ISPs, it can force them to implement advanced network features that make it possible for the box to receive a modified package.”
Caveats Always Apply
These hacks are often more easily said than done, but having the ability to meddle with ISP DNS records to divert a device to a rogue server is a great start. If the devices had stronger security by default, even this would face challenges. If a technique regularly seen in ‘pirate’ Android apps was in place, that could’ve really upset the party.
Known as certificate pinning, this networking practice provides much greater certainty that the destination server requested by the host is that to which it connects; certainly not a rogue server carrying a potentially ruinous software update.
Claims in earlier reports have portrayed device security as extremely weak, so updates may not always be delivered via https; if they arrive via unsecured http, that would amount to another big plus. That doesn’t necessarily mean the rest of the process would be easy, or that any number of countermeasures couldn’t be deployed to stop the scheme in its tracks. Details on the security of these devices could make all the difference, or not much at all, it’s hard to say.
Strong Confidence Meets Cooler Consideration
Whatever the details, Daniel seems very confident that something big is on the horizon.
“When Anatel implements the solution, there will be a general failure in most of the irregular boxes that are in use,” he insists.
Anatel seems reluctant to say much and its official statement doesn’t say anything about possible use. However, a comment that does catch the eye relates to something we mentioned in our earlier article.
A genuine and workable solution to the pirate set-top box problem could make those behind it impossibly rich, but only if supported by a robust attitude towards their all-important IP rights.
Courtesy of Globo, Anatel’s comments seem to imply that while useful, any solutions should be seen as an extension of Anatel’s existing work, including methods it’s familiar with already.
Anatel is holding meetings with the Hackathon participants in addition to the winners, as all the teams presented solutions that were seen as opportunities for improvement in the process carried out by the Agency. The objective of the discussions has been to adapt the solutions presented to the methodologies already used by the Agency.
Many of the proposals are in line with what Anatel already does. In this way, the Agency has considered all the concepts and ideas that were presented as improvements to the Agency’s internal and external processes, which will allow for the optimization of the security of the telecommunications infrastructure and users.
The process is already underway, as it is continuous, with Anatel working together with the participants.
Meanwhile, the victorious six-person team picked up a cash prize of R$7,000 for taking first place; that’s around US$1,200 or US$200 each after the split.