Just want to pick a few brains on this.....am I right in thinking that the original hack was more of a backdoor around the encryption rather than an actual unlocking of the system?

A few people have asked me this and I'm not exactly sure.

Yeah its more of a work round than a hack...............

The N1 method of getting into a card was to utilise the built in backdoors and a bug that allowed the use of a plaintext password and then log into the data section of the card.

This allowed inserting EMM keys with a ghost provider and send an EMM that copies the backdoor keys into a section of ram of the card. And so enabling access to the code section to allow read/write function within it.

So yes N1 is still locked down even to this day, speaking from a mathematical point of view.

Que, The Coder :)

NipPEr Is a buTt liCkeR!

;)

btw, Nipper was apparently an early hacker of the analog versions of Nagra and whom had given Kudelski some problems. A fitting tribute for his name to be imortalised within the code of N1 and perhaps a sign that Kudelski's programmers actually have a sense of humour !