What could have made On/ITV Digital a success?

And they'll usually better the online retention offer if you ring them up, especially when it comes to phone and broadband they will happily match a competitor or keep you on your current offer if you commit to another 12 months.

My mind is playing tricks on me it seems! Thanks for putting that straight.

You'd think they'd be more on it with collections, especially given the 'gold card' issue. Virgin Media are pretty lax now about collecting lapsed equipment but their equipment is useless without a subscription now that they solved the problem they had pre-2010 where boxes could be chipped quite easily.

I don't understand how channel changes weren't always actioned - their billing system must have been separate from whatever determined access. Mental really.

Yes, we still have an old Virgin Media box from our second room subscription that was cancelled in 2007 and never collected.

However when we upgraded to HD, and then to TIVO we did have to send the old boxes back- in the box they delivered the new STB in (as they send them out for you to fit yourself now), or they'd charge you for it. I guess that's easier as they don't have to pay anyone to come out to take it.

I had Virgin briefly in 2008 and still have the old modem. I didn't subscribe to the tv service.

I had a V+ box which was never collected. I think I took the HDD out of it and chucked the rest away, not that a 120gb 3.5" drive is much to crow about...!

Although the rampant piracy is well documented, what does seem to be less documented is that they had actually beaten a lot of casual piracy by the end. The decryption keys on the cards were changed every couple of months or so, which knocked out gold cards as they wouldn't pick them up over the air, but a major weakness with the hardware design was that the conditional access PIN to limit things like OnRequest purchases and implement channel blocking was stored directly on the viewing card. Thus when you changed the PIN on the box you were effectively reprogramming the viewing card directly from the box's interface.


This was quickly picked up on by the hackers and so on the most common type of gold card new keys could be programmed into the card through the PIN change feature, once they changed the new ones quickly circulated on the internet and the dead card could be reactivated by changing the PIN to specific numbers in sequence. Once the sequence was complete the card reactivated and would be good to go again. No new card needed and no special hardware needed. This is what made the piracy such a problem.

By 2002 however they'd implemented some sort of ECM which permanently knocked most of these cards out. Piracy was of course still a big problem but in order to pirate the system then you'd either need to be a sophisticated hacker who had the hardware to reprogram the cards when they were knocked out, or be a more committed pirate who was willing to buy new cards continually. The days of being able to buy a gold card from a dodgy website for £12 and have it work for years were gone, but I think it was too late by then.

Right 2 Reply did talk about these pirate cards here:

Also, ITV Digital planned to upgrade the encryption system on its pay channels, and the software on its boxes to divert it toward from OnDigital to ITVD. Both of those measures never happened thanks to the company collapsing.

With all of the factors and implications brought onto this thread in regards to ITV Digital, it's safe to say that it was a truly botched disaster. The digital TV landscape would have been far too different if ITV Digital survived.

While the 'gold cards' did die out to a large extent, I recall that the next phase of the attack was to open up the original cards themselves.

It was possible to read the master key from the card, and either use this to program a PIC-based card with this key (which then auto-updated the keys), or run the original card as a "MOSC" (modified original smartcard). Both of these were much more difficult for OnDigital to defeat.

It should be pointed out as well that SECA2 (the replacement system ITVD were planning to implement), which utilised two keys was itself hacked rather quickly when implemented by continental providers. ITVD would doubtless have had the same problem over again if they'd upgraded their systems.

There were strong rumours at the time that Murdoch's NDS company in Israel not only hacked the Mediaguard system, but also other competing systems like Viaccess and Nagravision (which Virgin used). Given that, I have no sympathy whatsoever for Sky now that cardsharing techniques have laid waste to their encryption system for the foreseeable future.

There's a bit of evidence to back it up as far as I was aware (or at least enough evidence making it worthy of further investigation).

Elliot Higgins/Brown Moses of Bellingcat fame (open source journalism/investigations, both in the middle east and for the phone hacking scandal) was working on some sort of data dump/discussion with people who had information about the NDS involvement with the OnDigital stuff, but as far as I know this hasn't gone anywhere (or we'd have heard about it by now). So the circumstantial evidence is all that exist.

Does Sky Q not use a new system? I know they send out new cards.

Seems as they were starting it from the ground up they would have made it stronger.

They aren't starting from the ground up (other than UHD stuff) - they need to receive the same broadcasts as Sky HD and SD boxes - so would need to use both encryption systems in parallel (which happens a lot in Europe where platforms have merged but not replaced receivers instantly) However this isn't particularly secure.

They may have introduced a new version of VideoGuard with new controls (particularly for UHD content) in the Q boxes, which needs a new card, or the ability to stream multiple channels from a single receiver (and thus the requirement to decrypt multiple streams simultaneously) may have required new card hardware (which can simply run faster)

Non-Q boxes only require one decryption path as they only output a single decrypted stream (which is decrypted on live viewing or playback of encrypted recordings). Sky Q boxes allow you to watch one channel live or a recording (same as Sky+ SD and HD), but also allow further channels or recordings to be watched on tablets, phones etc. which will require additional decryption paths. (The same may also be the case for the Mini Box - which doesn't have a tuner - does that have a card?)