Murdoch’s Other Hacking Scandal: A Review of “Murdoch’s Pirates” by Neil Chenoweth

By Richard Smith

Back in the late 1980’s, Rupert Murdoch’s latest fiendish plan for world media domination (there’s a new one every decade or so) centred on pay TV. By 1990 he had merged his Sky Television with the licensed satellite broadcaster, British Satellite Broadcasting, jointly owned by a bunch of other British TV firms. Both Sky and British Satellite Broadcasting had been losing money hand over fist: hence the merger. Over the coming years, Murdoch’s stake in the combined entity, BSkyB, proved more equal, when it came to control of the corporate strategy, than the 50% held by the other parties to the deal, or the 60% held by non-Murdoch entities after flotation. Perhaps the shareholders didn’t mind so much: by 1995 BSkyB was a FTSE constituent, with operating profits north of £150Mn a year and exclusive broadcasting rights to the UK’s Premier League Football, a lucrative monopoly. A series of other money-losing pay TV outfits then fell into Murdoch’s lap. In 2002, BSkyB’s chief UK rival, OnDigital, went bankrupt, to the tune of £1Bn, an impressive sum in the innocent days before the crisis of ’07-‘08. Murdoch was carrying all before him.

While all that was going on, quite a different battle was going on behind the scenes. That battle is the subject of “Murdoch’s Pirates”, by Neil Chenoweth (Amazon US, Amazon UK).

It was all about crypto. If you want to be in pay TV, you have to be good at intellectual property protection. If you don’t make it difficult for non-subscribers to rip off your content, that’s exactly what they will do, in such numbers that you won’t make any money. In practical terms that means good (robust, but scaleable) crypto. In turn, that means understanding the weaknesses of cryptosystems in order to make better ones. Cryptology and cryptography go hand in glove. Hire hackers! Hire geeks!

Murdoch did just that: in 1992 he took ownership of his video encryption supplier, NDS; alleged fraud had made NDS a soft target, so there was an opportunity.

The original hackers and geeks at NDS were quite upmarket already: amongst the founders of NDS was Adi Shamir, the S in RSA.

It all went quite well. NDS became a leading supplier of pay TV crypto. But there was a problem:

By the mid-1990s, NDS had become the glue holding Rupert Murdoch’s global pay TV empire together providing conditional access services to Foxtel, BSkyB and STAR (in Asia). It also had big contracts with other broadcasters such as GM’s DirecTV in the US. But the NDS conditional access system was also the most widely pirated and was in danger of being driven out of business.

More geeks were needed, and others. Murdoch’s new hires included Israeli spooks Reuven Hasak, who became head of an NDS department called Operational Security, and Abe Peled (still CEO of NDS, which is now tucked away neatly inside Cisco Systems, where it won’t be able to embarrass Murdoch quite so much any more).

Then there was British ex policeman Ray Adams, whose career in the UK’s Metropolitan Police had never quite got over his recruitment of Kenneth Noye as an informant. When the short-fused Noye stabbed to death a policeman investigating Noye’s possible role in the record-breaking £26Mn Brink’s Mat bullion robbery (Noye was acquitted of murder: self defence), it all went horribly wrong for Adams (not to lose track of the dead cop, who fared worse). All the Noye fallout landed on Adams. Noye meanwhile followed up his cop-killing exploit with a conviction for handling stolen goods, the very type of crime the dead policeman had been investigating. Next, Noye stabbed to death a man whose driving annoyed him (he is still in jail for that one). Noye was simply too tempting an informant for Adams, no doubt, though I’m not sure why anyone trusted the info he provided.

At NDS, Adams further burnished his reputation for building risky professional relationships by hiring a whole crew of pay TV hackers. In the name of IP protection, those hackers promptly set about hacking all the pay TV encryption cards they could find, including those of Sky (in the name of security improvements), and, more ominously, those of Sky’s commercial rivals.

It appears that at least one of those hacks somehow made its way onto the black market:

BSkyB and News had been bitterly critical of the launch of OnDigital in late 1998, after its shareholders Carlton and Grenada dropped an earlier decision to use NDS as its conditional access system (as the smartcard decryption process is termed). Instead, in February 1998 they announced they would use a French system called Seca, developed by Canal Plus.
Two months later, the NDS Black Hat team, a reverse engineering group set up by Operational Security chief Reuven Hasak in Haifa, set out to crack the Canal plus Seca card, a legal and common practice within the industry. Reverse engineering involves the microscopic deconstruction of the card, layer by layer, to reveal the embedded coding.

The team, which was led by German master hacker Oliver Koemmerling, travelled to Bristol to use a Focused Ion Beam and Scanning Electron Microscope in the university physics department.

By June 1998 the Black Hat team had extracted a part of the operating code for the Seca card known as the ROM binary file.
The ROM file is “like the plans of the safe, but it doesn’t give you the key to the safe”, the former chief executive of Canal Plus Technologies, Francois Carayol, told Panorama. “In fact what it did, it gave the hackers a very precise idea of where to drill to open the safe.”

Nine months later, a Canadian piracy site called DR7.com, run by a hacker called Al Menard, published a copy of the Seca ROM file. Koemmerling recognised that it had the same date and time stamp as the file created in Haifa. While time stamps can be fabricated, without knowledge of the Haifa file, the odds against creating the same time stamp in a 12-month period are 500,000 to one.
“The time stamp was like a fingerprint, I mean it’s not really a physical proof, but by statistics you can say it is an astronomically small [chance] that it is not coming from us,” Koemmerling says.

Eventually, the pay TV companies smelt something

In addition to the controversy over OnDigital and Austar, the actions of Operational Security have triggered five separate unsuccessful legal actions by pay TV companies around the world, each claiming damages of up to $US1 billion.

The maxim “no smoke without fire” isn’t 100% reliable, which is bad news for that particular maxim. But still, that is an impressive amount of smoke; and yet, the courts said, there was no fire at all.

Chenoweth is unconvinced:

A secret unit within Rupert Murdoch’s News Corporation promoted a wave of high-tech piracy in Australia that damaged Austar, Optus and Foxtel at a time when News was moving to take control of the Australian pay TV industry.

The piracy cost the Australian pay TV companies up to $50 million a year and helped cripple the finances of Austar, which Foxtel is now in the process of acquiring.

A four-year investigation by The Australian Financial Review has revealed a global trail of corporate dirty tricks directed against competitors by a secretive group of former policemen and intelligence officers within News Corp known as Operational Security.

Their actions devastated News’s competitors, and the resulting waves of high-tech piracy assisted News to bid for pay TV businesses at reduced prices – including DirecTV in the US, Telepiu in Italy and Austar.

And we get a very nice “reveal”:

The actions are documented in an archive of 14,400 emails held by former Metropolitan Police commander Ray Adams who was European chief for Operational Security between 1996 and 2002. The Financial Review is publishing thousands of the emails on its website at URL afr.com.

The email archive, which News Corp has previously sought to suppress, provides a unique insight into the secret side of Rupert Murdoch’s sprawling global empire – it reveals an operational arm that has generated multi-billion dollar windfall profits for the company.
The emails support claims by the BBC Panorama program, aired in the UK on March 26, that News sought to derail OnDigital, a UK pay TV rival to News’s BSkyB, that collapsed with losses of more than £1 billion in 2002, after it was hit by massive piracy, which added to its other commercial woes.

While News has consistently denied any role in fostering pay TV piracy, the Adams emails contradict court testimony given by Operational Security officers as well as statements by News lawyers in the past three weeks.

Those last two paragraphs, phrased with such studied flatness, are about as brutal as it gets. Since they are still online, one might infer that News International’s lawyers have concluded that the allegations they make would be quite difficult to contest. There’s a sample of those emails here.

Thus, more than 25 years after the Kenneth Noye affair sent shudders through the Metropolitan Police, it appears that Ray Adams has blown up in someone else’s face: Rupert Murdoch’s, this time.

Since Chenoweth’s story starts in 1980, and continues to the present day, it’s been convenient to tell it by way of quotations from a couple of Chenoweth’s stories in the Australian Financial Review, here and here.

But for the full dope, and the whole back story, which is a chunk of tech and business history that is well worth knowing about, and teems with lovingly investigated colour, farce, and occasional killings, read the book. Perhaps readers should read the timeline first. It is at the end of the E-book. There is a lot to take in, and the timeline will give some idea of the scope.

Equipped with all that context, you can then turn to Chenoweth’s blog and Twitter feed @NeilChenoweth for the latest, latest stuff.

As of mid 2013, the Metropolitan Police were mulling whether to investigate the AFR’s claims about OnDigital. Apparently, they are still mulling.

So, anyway…data breaches, flaky ex-cops, private investigators, wildly out of control News International minions…those are the operational signature of “The News Of the World”. They are NDS hallmarks, too, as we see. To all appearances, the same rather profitable syndrome has manifested itself twice on Murdoch’s watch, more or less at the same time.

But twice is still just a coincidence, isn’t it?

Print Friendly, PDF & Email

8 comments

  1. OMF

    The lack of scruples at News International are well known. The audacity to engage in this type of behavior is characteristic, and now appears backed up by evidence.

    You have to wonder though; if this is what media companies get up to, then what kind of operations must the banks be running?

    1. Foppe

      Agreed, thanks Richard, both for pointing out the book and for the entertaining review.. Will pick it up some time soon.

  2. allcoppedout

    Indeed, great review. Ondigital also had trouble getting signals boosted so you could get decent reception. One has to wonder on the competitive process generally and how it really works. Microsoft’s security patches soon became the main means to prevent piracy. We used to get gas, coal, electricity and water to our homes “despite” our direly inefficient nationalised industries.

    Ideally, I wouldn’t want more than a tiny portion of content from main media and could survive with none. A small computerised television could provide me with some kind of “Real News and Naked Capitalism Plus”, a university of the air with student produced drama and documentary, my own choice of whatever is commercially produced from a database and free (Linux) office and communication products without advertising. Murdock and his ilk actually prevent my choice through domination by choices I don’t want.

    My guess is the hacking and other subterfuge happens because there is no real business model. The private sector is now criminal. It has to take over what are essentially utilities because it is essentially a protection racket keeping prices high. The giant transnationals are the nationalised industries of old, only worse. The only business model I can see is dominance through market share an unethical trading. Is Murdock much different from high street retailers selling textiles made in sweat shops?

    1. psychohistorian

      Just like finance they are all doing God’s work…..the God of Mammon, of course….follow the money. Morals are for sissies!

      Thanks for the back story Richard. I have been watching this from the IT networking side for years and once got Cisco networking professional certification to understand it better. This is why I don’t do banking online and use DSL instead of cable…..not that it matters much after reading the Snowden spying exposures.

      1. allcoppedout

        If only PH. Here, underwear and high finance are little different. The stuff is never tagged with any history of abuse. You need hidden cameras to get the evidence. One wonders if NSA/GCHQ have money trail records in their catch-all. Did anyone tag QE to see who git what?

        1. psychohistorian

          Underwear and high finance…LOL!

          I have said elsewhere in comments at NC that my belief is that private money gets the NSA/GCHQ data before the rest of the government folks and so any money trails are dead or will be, if necessary, to protect the puppet masters.

Comments are closed.