Japan’s “B-CAS” smart card system has been completely cracked, allowing free viewing of almost all the country’s premium satellite and cable channels.
The hack involves the complete compromise of the “BS Conditional Access Systems” smart card system which regulates the vast majority of Japan’s cable and satellite broadcasts.
These smart cards are distributed with all TVs and tuners in Japan, and their unique IDs must be registered with satellite and cable providers in order to decrypt and view all but free terrestrial digital broadcasting.
The hack potentially allows free viewing of all channels the user can receive with their dish or line, including all premium channels.
All that is required is a vulnerable card, a card reader, and the software required to rewrite it (unsurprisingly, this was developed and distributed illicitly over 2ch).
At first only a small minority of the regular cards were vulnerable, triggering a “B-CAS lottery” as eager otaku each bought up large numbers of cheap or second hand TV tuners in order to maximise their chances of getting one, but it only took days before the vulnerability was further exploited to cover the majority of cards in circulation.
Commercially selling the hacked cards or directly promoting their use would likely constitute an easily prosecutable crime, but it may be legal for individuals to take advantage of it.
More significantly, as there is no direct method by which someone using a hacked card to receive premium broadcasts can be detected, there is apparently no method by which a crackdown could be effected.
As the cards cannot be remotely revoked the only way of resecuring the system would be to completely redesign and reissue all of the millions of ordinary cards in circulation, a process which would likely take years.
The B-CAS system was first compromised in early 2012 – although as this involved illicitly importing specially created “Black CAS” cards from shady Taiwanese dealers for $500-$1000 each there was a very limited impact. As buyers could not have recouped the purchase costs in the time it took for the regular hack to appear, they are currently the subject of some ridicule.
Although a very serious technical blow to the grip of Japan’s broadcasters over their airwaves, the relative complexity of the hack, general reluctance of Japanese to engage in such shenanigans, and the likelihood that many of the people now hacking cards would never have paid for access in the first place (“I bought a tuner and hacked the card – only to realise there was nothing worth watching!”) will probably limit the impact.