It is more-or-less an equilibrium: the non-subscribers who accept the semi-regular breakage of connectivity are in sufficient numbers to maintain professional pirates, but they are not numerous enough to really endanger the publishers business model.
Inspectors just masquerade as buyers, obtain a clone, see what card identity the clone is assuming, and deactivate the corresponding subscriber identity on the publisher side, evicting all clones of that card in one stroke. The cloning method is worth the effort only if thousands of clones can be sold, as part of some underground market. In such a situation, the only recourse for attackers is to clone smartcards, i.e.īreaking through a smartcard is expensive, but not infeasible, at least for the kind of smartcard that are commonly used for such things it requires a high-precision laser and an electronic microscope, and is rumoured to cost a few thousands of dollars for each break-in. Of course, such secrets were never maintained for long because reverse engineering works well and, inevitably, these homemade encryption algorithms almost invariably turned out to be pathetically weak and breakable.
