Cable's new sheriff packs technology: cable piracy remains such a big problem that even cops are getting in the act. But new digital set-top boxes may prove to be a strong deterrent

Cable World, Nov 19, 2001 by Richard Cole

Something looked wrong to Cable One executives who examined the operating results from their franchise in the Albuquerque, N.M., suburb of Rio Rancho.

"When we looked at Rio Rancho, its penetration was lower than it should have been, even' taking into consideration that the Albuquerque area has relatively high satellite penetration," says Julie Laulis, VP-operations for the cable operator's Southwest Division.

So local general manager Ben Hernandez ordered employees to go house to house, examining every pole and connection in the franchise. The audit is ongoing, and Cable One won't release data yet, but the investigation has already sent shock waves through the community because it found that that among those illegally hooked up to cable were two of Rio Rancho's police officers.

The two officers were punished administratively and ordered to pay back Cable One, and the case has been referred to New Mexico's state police for criminal investigation to avoid a conflict of interest, says Rio Rancho police spokesman Sgt. John Francis. In New Mexico, first-time offenders can be fined $500, and repeat offenders can be fined $1,000 and sentenced to 30 days in jail.

"We view cable theft as a serious crime," Francis says.

Sgt. Francis is not alone in this view. Cable theft is widespread, costing operators $6.5 billion despite the industry's best efforts at disspelling the notion that cable piracy is a victimless crime. Indeed the image of police officers caught in a cable theft sweep suggests that it may take something stronger to stem the tide.

Last month the National Cable & Telecommunications Association (NCTA) hired a new point man on piracy, and he says digital technology will help operators do what law enforcement has not.

Brian Allen, who took over the NCTA's Office of Cable Signal Theft last month, has a long history of fighting piracy, including ten years with ACI Investigations Inc., the Garden City, N.Y., firm that handles nationwide cable theft issues.

Allen's investigation of several of the largest nationwide cable-pirating operations resulted in the seizure of more than 200,000 descrambling devices and stopped more than $100 million in annual illegal cable sales, according to the NCTA.

Seizures like those have barely put a dent in the problem. Working with figures from cable operators and law enforcement, the association estimates that 11.5% of homes passed in the United States have illegal basic-cable hookups and 9.5% watch pirated pay-per-view events and movies. But the advent of digital technology may provide a new defense against piracy, Allen says.

"The technology is absolutely changing it because of the new digital boxes that are coming out," he says. "There's no defeat for the digital boxes, and I don't think there's going to be one on the horizon. Of course, we only have 13 million digital subscribers out of a total of 68 million--so we're just getting started." Set-top-box manufacturer Scientific-Atlanta has taken great pains right from the beginning to make its equipment--both digital and analog--theft-resistant, says Tony Wasilewski, chief scientist for the company's subscriber network sector.

S-A is on its fifth generation of conditional access, the system that allows only customers who've paid for services to receive them. S-A's conditional access is implemented through its Power Key system on set-top boxes supplied to cable operators. Power Key combines encryption and hardware protection for key set-top-box components, making them impervious to the descrambling devices sold on the gray market. S-A has taken the added precaution of having an external security firm test the system.

"Its not really just about encryption--it's also about how you view the system, the key management and the other security protocols related to the system," he says.

That includes making the microprocessor and memory as physically secure as humanly possible, he says.

"It is packaged in a way that makes it very, very difficult to probe the chip to read out its memory or try to get the chip to actually execute commands that aren't inside the code," he says. "It's not a part that you just go into Radio Shack and buy."

S-A's Power Key system also includes a "signature," required for the box to accept commands. The signature can be S-A's, or it can be the MSO's, he says, but without that encoded signal, the box will not obey commands to descramble programming. And with open access to its cable network now an issue for the industry, S-A has experimented on behalf of one MSO with allowing third parties--such as an online banking firm--to participate in the signature system as well, says Wasilewski.

Encryption is still a fundamental security tool, however. S-A uses the Harmony data encryption service (DES), common in North America, but beefs it up by passing important keys--control codes that make the box perform--through the cipher three times.

An additional level of encryption called public key 1024 RSA is used to send middle-layer keys--and that gives each box its own key, Wasilewski says, allowing operators to control access to tiered services or pay-per-view. That encryption can eventually be extended to t-commerce applications as well.