Thinking Bout IKS?

[insaneaudio]

IKS (abbreviation for "Internet Key Sharing") receivers have been growing in popularity due to their reputation of almost always being "UP." Owners of IKS units often boast that "their" receivers can weather most ECMs and downtime can usually be measured in mere minutes. In contrast, most cardless receivers must endure wait times of many hours or even days before new bin files are released. More recently, IKS dongles have been developed that can transform some brands of FTA receivers into IKS receivers and are now available for the Captain and Coolsat line of receivers. Currently, the latter only works with CS6100 models and higher but the developers of the Coolsat IKS dongle state that it will soon be compatible with the discontinued CS4K/5K/6K models in addition to other brands and models of FTA receivers. Proponents of IKS claim that the dongle will give a whole new lease on life to discontinued models of receivers, not just Coolsat models. The price of the IKS dongle is approximately $89 or about half the price of purchasing a new IKS receiver. The dongle does require a source of power. In the case of the Captain dongle, the power supply is integrated into the dongle itself. The Coolsat dongle requires an external AC/DC adapter.

How does an IKS dongle work? By forming an interface or bridge between the receiver and an Internet IKS server. You simply connect the dongle to the serial port of the FTA receiver; then connect the dongle to the Internet using a standard CAT5 Ethernet cable. IKS requires an Internet connection in order to connect to one of half a dozen or more relay servers that, in turn, connect to the "real" server (currently located in Korea based on the server's IP address). The IKS receivers obtain certain data (not really "keys" in the conventional sense) from the server via the relays and then uses that information to unscramble encrypted video content. The precise mechanism has not been revealed for probably a couple of reasons: one may be to protect a trade secret but the more likely reason is to make it more difficult for the satellite providers to launch an effective ECM against it. IKS does NOT mean you won't go "down." It only means that you will be able to come back up much faster than having to wait for a new bin release.

But just how safe is IKS? Most users are focused almost entirely on the risk factors associated with having their IP address exposed when connected to the Internet. Of course, any online connection ... including the one that an IKS dongle or receiver (e.g., Nfusion) requires in order for IKS to work ... does expose your IP address to prying eyes. This exposure is not limited to law enforcment agencies but to virtually anyone who has both the moxie and the appropriate hardware/software tools to do so ... and its a pretty safe bet that the content providers have programmers with both. The IKS server requires a UDP connection, not TCP. UDP is generally regarded as being somewhat more secure but the most important difference is that UDP packets travel in only one direction and the connection is dropped after the data packet has been sent to the relay. The server does not monitor whether the relay server is able to deliver the data packet to its ultimate destination. It only cares about whether the relay server has received the data and then terminates the connection. Since the connection time between the master server and its relays is very brief and the amount of data extremely miniscule, it is difficult for outside parties to effectively monitor data transfers between the server to and from the thousands of receivers connected via IKS. It doesn't mean you can't be tracked; only that it would be more difficult to determine what data your receiver actually received and how it was used.

Does that mean IKS is safe? Unfortunately, there isn't a simple "Yes" or "No" answer available. If looked at solely from the viewpoint of IP exposure and monitoring, it is probably 99% "safe." However, regardless of how many or what kinds of multiple relays, proxies, and virtually any other masking scheme is employed, most experts will concede that a talented investigator, given sufficient time and motivation, could successfully track you. The odds or likelihood of someone actually doing so is relatively small unless the data packet you are receiving contained the term "bin laden" or some other terrorist keyword. Does it then mean that because the risk is small, IKS can be deemed to be "safe?" Let's look at some additional facts. No one will argue that the sole purpose or function of an IKS connection is to descramble or decrypt otherwise protected content. The IKS server has NO other purpose than to ACTIVELY allow people connected to it to decode encrypted provider signals (an illegal activity). The IKS server does not provide users with any other useful information or data that would justify the server connection and it has zero function in true FTA. Therefore, if you connect to an IKS server, you are in fact indicating that you are decoding the provider's signals. No reasonable person has ever denied or challenged this simple fact, including Matchstick and Matchbox (the spokespersons for Nfusion). But if no one is tracking your IKS connection via an IP address, "so what!" goes the reasoning of far too many users.

Here's the "so what." If (or probably more accurately, "when") the IKS receivers are challenged in court and the IKS connection is ruled an illegal tool, will the plaintiff have to prove that you actively used it or would the mere purchase of an IKS dongle or receiver be deemed sufficient evidence of guilt? That's a big unknown and impossible for anyone to predict with any degree of accuracy at this time. But if one were to look at the DirecTV litigation launched in 2002-2003 against end users, DTV was able to establish (in the courts of most states but not all) that the mere purchase of an Hu card and card programmer (unlooper) demonstrated intent to pirate their signals based on their claim that the Hu cards "served no other purpose." That was patently false because the cards CAN be used in other applications but the alternate uses represented only a tiny sliver of the market and the vast majority were, in fact, purchased to pirate DTV signals. Of course, by the time that the estimated 24,000 letters of pending litigation were sent out to users, most DTV hackers had already long been exposed and compromised by the sales records that they left behind when they purchased the Hu cards and unloopers. It was impossible for those users to hide their identity after-the-fact or deny they had made the purchases because of the availability of dealers' sales records. DTV obtained those sales records via subpoena. The records included the real identity and addresses of those who purchased the cards making it extremely easy for DTV attorneys to mail out their letters of pending litigation. The tracking of card purchases was the primary tool used by DTV in their now infamous war against DTV signal pirates.

[insaneaudio]

Cont.


I believe this is where the real danger lies for users who are considering going the IKS route. I see a direct parallel here to the purchase of an IKS dongle or receiver to decrypt provider content because the IKS connection itself "serves no other purpose." I have read many posts regarding the excuses that the poster stated he/she might use if they were ever served with a DTV-like letter. Most of those excuses were completely lame or made in jest and those that were serious probably wouldn't hold up to even the slightest degree of legal scrutiny. An even more important consideration is that if the provider does launch legal action against an IKS user, it would be pretty foolish for that person not to hire an attorney to represent them. If legal representation is retained, win-draw-or-lose, it's going to cost you. In the case of DTV's law suits, they offered to settle out of court for $3,500. Thousands of users settled because the legal fees involved in retaining an attorney to contest the suit would very likely have exceeded that amount. Some parties who were totally innocent of signal pirating and didn't even own a receiver or satellite dish also capitulated (at least according to online posts by their respective attorneys) because of fears over the negative publicity a suit would bring and the costs of defending against the suit.

In the case of IKS, if the targeted end user was in fact using the IKS dongle or receiver to decrypt the provider's signals (after all, what "other purpose" is there?), the outcome is likely to heavily favor the plaintiff, not the defendant. In the case of a dedicated IKS receiver like the Nfusion, one could argue that the receiver can also be used for "true FTA." However, that argument doesn't seem to hold much water when you consider that IKS receivers are on the crappy side of the equation for true FTA. Even the ancient and discontinued Fortecs and Coolsats will run circles around an IKS receiver in any true FTA application. So why would anyone pay $200 for an IKS receiver when you can purchase an FTA receiver that actually works better for its intended purpose (true FTA) for one-fourth the cost? That, of course, is where the lame excuses begin to flower and the in-jest posts proliferate like weeds.

Let's apply some additional common sense. What's the risk factor that the provider(s) will go after IKS manufacturers, dealers and end-users? Well, DN and BEV are both willing to invest millions of dollars in a card swap and millions more in tech support, Nagra 3 licensing fees, and other asociated expenses to stop signal piracy. That's a given. If IKS receivers are able to stay up (and that is NOT a given) after the new encryption techniques have been implemented, guess which receivers will then gain the FULL attention of the providers? IKS numbers are still relatively small compared to the total pie but those numbers are growing. As IKS gains traction with an increasing share of the market, isn't it only reasonable to expect unwanted attention from the providers in the not too distant future? In fact, that's probably something you can take to the bank.

I have always felt that DN was always somewhat benevolent towards end users and their primary legal focus was against the distribution channel (manufacturers and dealers). That may be due, in part, to the backlash that DirecTV suffered when they opted to sue the consumer and DN may not want to repeat the same mistake. However, that benevolence may take a back seat when it comes to IKS because the IKS approach makes no pretense whatsoever about being a hobby, "testing," or any other form of casual viewing. IKS is a more determined, focused, and intentional effort to pirate provider content not unlike the purchase intent behind Hu cards and card unloopers of yesteryear. If you're still tempted to go down this slippery slope, then consider this opinion and observation. The greatest potential risk to IKS users will probably NOT rest in their IP exposure but in the audit trail that is left behind when making an IKS dongle or receiver purchase. Purchasing one online and/or paying for it with a credit card or PayPal will leave a trail that will lead directly to your doorstep if the provider(s) decides to launch a legal offensive against IKS.

Here's the net, net bottom line: ONLY YOU can make the final decision whether to purchase or not to purchase. The intent of this post is neither to encourage nor discourage you from considering an IKS dongle or receiver. The sole intent is to make you aware of factors that you may not have considered previously. There is a tendency for users to simply look at the end result (i.e., being able to be almost always "UP") and not the potential risks and other factors involved in the use of IKS. Use your own judgment, do lots of reading, evaluate all of the potential consequences and run "what if" scenarios through your mind; then proceed from there. For members determined to go ahead with an IKS purchase, let me provide some commonsense advice. I strongly recommend that you consider making your purchase only from a local dealer (i.e., in person), use an alias instead of your real identity (if the dealer requires a name and address for the sales receipt), and pay for your purchase in cash.

My own gut feeling is that the odds are in your favor anyway but if it turns out otherwise, those who left an audit trail of their IKS purchase(s) will probably be among the first casualties. This was a long post and if you stayed with me to the end, I appreciate your interest and hope that it may help protect some of you from one aspect of an IKS purchase that you may not have previously considered.