Down and Out in Liverpool and the CyberSprawl
The man in the pub is called Dave. He’s not a software engineer, and he’s not a programmer. He is not l33t. Dave is for all intents and purposes, illiterate. He is, however, able to follow a YouTube tutorial.
Dave is the guy to whom uncle Bob goes to have his fire stick modified so that he can watch football matches for free.
There’s nothing dodgy. It’s dead safe. Half of Liverpool’s doing it.
Dave makes £30 a time for jailbreaking a firestick and sideloading two pirated apps. It takes perhaps five minutes, and when he’s finished, Uncle Bob can pick it up at his leisure from Dave’s home address. The jailbreak process simply involves toggling a few software switches in the settings, and loading the apps requires only a USB cable and a PC. There are dozens of tutorials online.
But it is dodgy. It isn’t safe. And if half of Liverpool is doing it, then you can draw your own conclusions about Liverpool.
Yesterday is Dead
The past is a different country. Especially if you were born in the England of the early 1950s. You would have experienced food rationing, bomb damaged cities, the laissez-faire, brutalist rebuilding efforts of the next several decades, and mass unemployment as British industry breathed what seemed to be its last breath.
For the working man, one of the few refuges from the twin spectres of mass unemployment and sky high interest rates was sport. Religion was no longer the opium of the masses. That honor fell to football (soccer to US readers), and in a former industrial port city like Liverpool, with two football stadiums, sandwiched between rows of terraces, and facing each other over the green expanse of Stanley Park, the weekly fixtures were almost spiritual. A rite and a right.
Matches were broadcast over the radio, and from the early 1980s, were shown on the BBC and its advert supported rival, ITV. For free, if you can imagine such a thing.
Now, thanks to the rise of satellite and cable networks, the right to view premier league matches costs around £90 per month, and satellite broadcaster Sky, now a wholly owned subsidiary of Comcast, has held the exclusive rights to broadcast most games since 1992.
For people of my uncle’s generation, who were able to watch their favorite teams lose without having to pay for the privilege, it should still be free. They view the cable giants as pirates. They see them as thieves, who have used their huge corporate bulk and unlimited cash to steal what should rightfully belong to the working man.
In the late 1990’s and early 2000’s, men like my uncle bought cracked satellite decoder cards from dodgy geezers in smoky pubs. These cards would unscramble the signal sent by Sky, and, as if by magic, they would be able to watch footage of Everton battling league relegation, live, on a gigantic CRT TV.
Cracked decoder cards aren’t a thing now. They may still exist, but a quick google search reveals they haven’t really been around since 2012. I’m not a football fan. I hadn’t noticed their absence.
There are still dodgy men in pubs, though. And there are still men, and almost exclusively men, who believe that football, like information, yearns to be free.
Tomorrow Out of Sight
Amazon’s fire stick is their best selling product. It plugs into the HDMI slot of a TV and provides access to subscription services such Netflix and its own Prime programming. There’s one in almost every British home. It’s also a walled garden. Apps are provisioned from its own baked in App Store, where everything is vetted by the company.
It’s an ideal platform for viewing pirated football streams. At least my uncle Bob thinks that way, and so, apparently, does most of Liverpool.
Because unlike satellite decoder cards with which information flowed only one way, in this particular chain of criminality, there are intercepts and pitfalls with each link. Between Dave and the back of my uncle’s TV, there are people and organisations capable of doing him harm.
Let’s start at the top. The rights holder is the Comcast subsidiary, Sky Sports, and according to Uncle Bob, they are the villains of the piece for having the audacity to try and charge him an extortionate amount for the content he believes should be his by right. Sky definitely wants to hurt Uncle Bob. They would like to use their legal and financial muscle to hurt half of Liverpool. But right now, they can’t. Prosecuting end users under UK copyright laws is difficult, besides which, they don’t know who or where the users are. Keep this in mind as we go forwards.
The next link in the chain is the organisation which provides the streams. Some, like Rocketstreams make their money by selling set top boxes alongside a low cost IPTV streaming service. $10 per month gets you unlimited access to any and all content you can imagine. All the football, movies, TV shows, porn channels, and music which is normally locked away behind the networks’ iron gates. Uncle Bob is connecting directly to these streams. Whoever is on the other end has his home IP address which can be linked directly back to his Virgin Media account. Uncle Bob isn’t paying to use the IPTV service, and it is costing them money to provide it to him.
The IPTV stream provider has a reason to want to hurt Uncle Bob. At the very least, keeping a list of IP addresses alongside what they have illegally streamed will provide some bargaining power when the Feds and the rights holders inevitably come knocking. Discussions on Stack Overflow indicate that it is absolutely possible to inject malware into an IPTV stream. It’s unlikely that Rocketstreams would actually do this because it would be bad for business.
To view the IPTV streams, Uncle Bob needs special software, and Dave has sideloaded an IPTV viewer called STBemu Pro. STB stands for Set Top Box, and it emulates the set top boxes sold by organisations such as Rocketstreams. With me so far? Other software is available, and some enterprising devs both build the software and provide mirroring capacity for the streams. Understandably, they want to make money, and are becoming increasingly irate that users are pirating the shows that they themselves are pirating. Take a look at this reddit post, in which the developer of the TVZion app discusses what to do about users who have modded versions of his app, and who are costing him a significant amount.
These were the options he put forward:
“Log mod users for IP addresses, timestamps and contents accessed and keep this information to be used as I see fit if it ever comes to that
Crypto mining – Mine crypto currency in the background. From my experience this’ll only overwork the device for very little money
Use device as proxy – This will essentially turn their device into a proxy server which will be rented to others (NOT A FAN OF THIS)”
After a backlash from users, the dev opted to leave things as they are. Or at least that’s what he has said publicly. The dev is still losing money, and we haven’t examined the app to check.
Dave and Uncle Bob could have used the ad supported version of STBemu, or they could have paid the very modest one-off fee of £4.99. Did they? Of course they didn’t. Dave has installed a cracked version of the software. He doesn’t know who cracked it, and he doesn’t know what they did to it. Dave is not in the business of looking after his customers.
Naive and Oh So Confident
Do we need to explain why it is an astonishingly bad idea to let software of unknown provenance run amok on your network? In addition to the crypto miners and stealth proxy proposed by the legitimate developer of TVZion, there are thousands of different payloads which can be injected into a rogue app. And there are beginner level Youtube tutorials on how to do it. Malware can spread from his Fire TV to his desktop PC over a home network. It could be a keylogger listening for Uncle Bob’s internet banking passwords, or it could be something else. He doesn’t know. Dave doesn’t know.
Because the Fire Stick is an android based system, there should be dozens of anti-malware apps available for it. But because Amazon takes a walled garden approach, none of them are available in the app store for the fire stick. A search for malwarebytes, for example, brings up no matches in the catalog and the device suggests we search on YouTube or Amazon Music.
If Uncle Bob wants his dodgy app checked, he’ll need to take it back to the dodgy guy who installed it to sideload a dodgy version of an antivirus app.
Which brings us back to Dave, and the incomplete list of people who want to harm Uncle Bob. Dave isn’t one of them. Dave got paid £30 to do a job of work and is happy with the way things turned out for him.
But half of Liverpool knows who Dave is, which means that if FACT, the Federation Against Copyright Theft, doesn’t know who he is, they soon will.
Back when pirate decoder cards were a thing, FACT was prosecuting the vendors. When so-called fully loaded KODI boxes were being sold online and in local pubs, FACT, alongside the rights providers made dozens of successful cases.
Recently, FACT has started leaning on middlemen like Dave for their customer bases. Dave has names and phone numbers. He has the Amazon account details of his customers. And when FACT comes for Dave, as they undoubtedly will, they will have Uncle Bob’s details too.
But FACT hasn’t directly threatened anyone yet, and all of Uncle Bob’s money is still in his bank account. As far as we know, no-one has offered Uncle Bob’s IP address and viewing schedule as a peace offering to the lawyers at Sky.
All that could change very quickly.