because broadcom strictly keept keyladder certiffication process while sti not
thats why also NDX choosen broadcom for providers instead of sti
there just few sti receivers exist in NDX development maybe because some of providers wanna this shit to use
i dont see any problem to decrypt control words over provider cpu and send to the clients tested on sti cpu 8 year ago
if you were look how sti keyladder hack works then you understand where is the problem
the chipset keys or keys decrypted by chipset should held in security space while idiots from sti dont do that
they allow user space to read from DCW area + they allow you to move plain cwpk keys to DCW area
in broadcom even if you can read from DCW space you cant move to this place cwpk keys
it took many years and many work on broadcom hack without any success by any team
then if you think about these keys are readable somehow then you are completly wrong
it can be done by some other ways except side channel attack (which would cost you big money to release)
few of them exist and have been succefully executed by me on sti cpu
does they will works on broadcom cpu ? well thats good question because they can secured against
problem is about any of this hack need big work in ida to understand security processor commands (all of other ways existed partially need commands to play with)
but time will tell...