Hello All, Over the recent month we have been trying (with no success) to obtain information from various entities regarding the replacement process of set-top-box devices conducted by the NC+ operator in Poland [1]. The basis of the above can be found in this message [2]. We have received a key confirmation from NC+ operator that "the goal of a replacement process of set-top-boxes is to improve security level of a broadcasted signal, which is a requirement of agreements signed with content providers". However when we inquired about the basis of charging end-users a monthly fee for a replacement process of flawed (vulnerable to ST chipsets flaws) set-top-box devices, no response was received. So, we asked NC+ for an official contact at the parent company (Canal+ Group). Again, no response was received. We asked CERT-FR (French Government Cert) for assistance and a contact to Canal+ Group and they responded that this is not their role to pass this information to us (CERT-FR directed us to ST, which has not been responding to our messages / refused to provide information regarding impact and addressing of the vulnerabilities found in their chipsets). So, we asked Vivendi, a parent company of Canal+ Group for an official contact where our inquiries could be sent. Again, there was no response. Thus this message. If anyone of you knows a security contact at Canal+ Group where we could direct our inquiries pertaining to security / replacement process of STB devices vulnerable to STMicroelectronics flaws, please let us know. Thank you. Best Regards, Adam Gowdiak
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment