Slashdot Mirror
Distributed TiVo Code Cracking
Twostep writes "With the newest version of the TiVo software (Version 3.2), TiVo has once again changed the secret password to enter "backdoor" mode, which lets advanced users enable hidden features. Unlike last time, people were not able to quickly find the new code, so a distributed computing project was started to find the backdoor codes. You can read about it Here, grab the Linux or Windows clients and pitch in some CPU time for a good cause."
good cause?
How is this a good cause? I am asking out of sheer curiosity, not against the statement. If there is a legitimate reason to cracking it, then can someone point me to some literature about this subject, or just explain to me why TiVo deserves to be cracked in this manner???
I'm just confused, sounds like this is cracking, and last time I checked thats a pretty illegitimate thing to do, even advocate.
You cannot buy a 2003 ford mustang, remove the muffler, and drive around at 3am generating 100db of sound. Yes, it's your hardware, but rules exist to further a public good--a (relatively) pollution and noise free environment.
Similarly, laws exist that say that you cannot circumvent pretction mechanisms such as that on the tivo.
Why? because, again, there is a public good involved, but this one is subtler. It's the public good of a business climate where companies make products and services using a variety of business models and people buy them and use them in a manner consistent with widely-held notions of fairness.
the alternative is a world where prices are higher / options are fewer because companies would have to hedge against unauthorized uses.
of course, for some businesses, it turns out to be beneficial that there is a user commuity that likes to hack around. but it's up for the company to decide whether that is, indeed, the case as far as it is concerned.
cause there simply is no alternative. 90% of all consumers are totally in the dark about anything that involves technology. So business run flashy ads and salespeople move the product. It simply is not economically sound for these companies to appease this small percentage of technologically literate consumers. So in the end it is the people who really will use the device to its fullest extent that get the shaft.
This isn't true, unfortunately. When the implementations of strong hash checking are done properly (everything in one chip, ROM a la Xbox), they WILL succeed in locking everyone else out without very expensive hacks.
Personally I think new law is needed to render this illegal, unless it is under the control of the user.
If you think that sounds extreme, consider that the persistent state for all copyrighted works is that they are in the public domain. It is a temporary aberration of a few years that the works are allowed to be held privately. After that they are meant to be available for everyone. As it is these encrypted fortresses inside consumer products will never yield up their secrets.
I agree, it wouldn't be very nice to set fire to my Tivo and throw it through your window. Conversely if I rip the silencer off my motor, it would be perfectly OK to drive it around on private land (with permission) 20 miles from the nearest inhabitant (in the UK at least).
One reason I may want to mod the box is this: consider that maybe I want to use and pay for the Tivo service but I also want to add some random feature. That would be in the same league as installing an amp in my car or whatever. I do not expect to have to ask the manufacturer's permission to disassemble my dashboard.
The other reason I may want to crack the unit is that it's my box - I paid for it, I own it, it's on my property.
I take on board your argument supporting varying business models - but I hold that the business model is flawed. Sell the box at a profit and discount the service. In a way Tivo's business model is basically parallel to the "loss-leader" trick employed by supermarkets. They offer something at an attractive discount (actually with a negative profit margin) in the hope that I will buy other products. However, it is perfectly reasonable for me to isolate all the loss leaders and buy them and nothing else, thus making a loss for the company. That's the risk they took. On average it works out well for them (or they'd stop doing it).
I'm sorry - if Tivo want to guarantee that I will buy their service, they shouldn't sell the box on it's own. Or they shouldn't at least sell it at a loss. I can buy a phone without a phone line or rent a phone line without a phone. It would be silly, but I can do it and it doesn't cause the telco or the phone makers any problems.
I generally subscribe to the view "What I own I can take the lid off and poke around" as a starting point. I am very much against any business model which is so flimsy that it needs laws like the DMCA to support it.
All of which is why I've added 2 machines at home to the cracking pool :-)
Sod the DMCA and everything like it in Europe!
Best, Timbo
Why can't women be like Hedy Lamarr - beautiful, talented and inventors of frequency-hopping spread-spectrum techn
I find it amazing that Tivo appologists fall for this type of tactic. The only reason they do is that they have not woken up to the fact that Tivo is not the only maker of PVRs.
I do not expect Tivo to survive. The clueless business model only works if there is no competition. There is plenty of competition in the space and that is only going to increase. Nobody succeeds with a razor and blades business model (the Tivo subscription) when there is a cheaper option flat fee.
Every one of the clueless 'I just want 0.01% of every transaction on the net' payment schemes failled miserably.
But every time we have a Tivo story the Tivo heads rush in to explain why everyone should pay twice the going rate for the technology. It is as pathetic as the Apple appologists, 'Macs are fastest, speed is what matters, buy a Mac, oops they are no longer fastest, well it isn't just CPU power that matters, its benchmarks, no its the pretty case'. Apple's price gouging and constant interface changing games to make old peripherals obsolete should be criticised as much as if not more than Microsoft's tactics. But they get away with it.
I don't want the video to decide what to record, I do that. I want a recorder with a removable disk so that the thing is not always full. There is an interesting port on the back of my DishPlayer PVR, anyone know what it does?
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Because Tivo doesn't really care. They are doing this, probably, so that they can safely say that joe average doesn't have these features.
Do you think they are so stupid as to think that the community won't crack this? of course they know it will.. the point is that they be seen as shipping a product with these features disabled.
If it's too easy, and already public knowledge, they will change it, otherwise they could be seen as supporting those features, and could end up in court. Forcing peopel to go through this kind of crap makes it so it's easy for them to point out that it's unsupported, not part of their main product, etc.
I think the persistent state for all copyrighted works made after Micky Mouse will continue to be copyrighted...
Disney: "You can have Micky Mouse, when you pry it from my cold dead fingers"
What we see depends on mainly what we look for. -- John Lubbock Now search for that bug slave!
They have already tried most of the 9-character space to no avail, and every additional character makes the search take 37 times longer. And, as was said numerous times, when they find it, TiVo will just change it again and tack on a couple more characters.
Plus, there is no verification of results, so surely someone will cheat a la SETI@Home just to inflate his score by returning a bunch of bogus results, and the results will be invalid. Worse yet, a truly malicious person could return bad results for a whole lot of valid usernames, and it may be impossible to separate the good results from the bad. (I don't know if the server tracks IP addresses, but those can be spoofed too.)
So, this is kind of futile, but it looks like they're having fun. :-)
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
The code to enable 30-second skips is "select" "play" "select" "3" "0" "select", and does not require the "master back door enable" code referenced by this thread. The "master back door enable" code opens up about two dozen other codes. See the Tivo backdoor page for details.
Think of stuff like drugs, suicide, fictional pornography, and you'll have lots of laws which can get you arrested for doing things in the privacy of your own home. On the other hand, I like to think that the actions are only criminal if you get caught which means, by definition that you are no longer affecting only yourself.
However... I have a theory about this. As an armchair political theorist, I will make the broad statement that capitalism is anti-democratic. In the eyes of government, the will of the corporation has long outweighed the will of the people.
International government power is found in economic well-being and competativeness. Corporations provide that power and are thus more important than citizens.
So if a corporation says "we can be more competative if you support digital-etcetera laws", the government is compelled to assist them. Why? Because if your country slips in the capitalist system, you loose international power.
From this perspective, the Microsoft case was one where the government was torn between defending the internal free market, and defending a great international economic power. From the microscopic perspective... hurting the corporation could do more damage to domestic jobs than could be recovered by a healthy domestic marketplace. A battle between the tangible and immediate (jobs) and the abstract (healthy internal economy).
So do you use government might to empower Disney, Warner Bros and other domestic corporations? or do you risk loosing those corporations in the interest of personal freedom. That is, do you preserve your healthy and powerful global industry at the cost of individual liberties?
What could the people gain by the government supporting individual liberties?
This is why I sent back the Tivo I ordered (it was Series 2 which to my knowledge has never been successfully hacked ... yet). I don't want to be constantly locked out of my machine when some corporation decides to tighten the screws again by a forced software upgrade. In some sense, TiVo is worse than Microsoft, even though they nominally "support" open source by using Linux. With Windows, I choose when to install the Service Pack update ... at least thus far :)
... don't buy a card with the lower quality VIVO Phillips chip) and a ATI TV-Wonder capture card. Grabbed two old 10Gig drives from another machine and I had something that cost me nothing more than the Series 2 TiVo.
Instead I bought a Pentium IV 2.4, Asus P4PE, 512 333 MB DDR, Leadtek A250 GF4 Ti4200 (which has a Conexant HDTV-capable video out
What software will I run? Well, right now I'm leaning heavily toward MythTV. With this I will eventually be able to surf the web, check email, play games, as well as schedule programs and skip through commercials in TV broadcasts. A few bucks and an afternoon of tinkering will also hopefully allow me to control the channel switching on the digital cable box from the computer's infra-red port.
There is also Freevo, which I may consider looking at if I don't like MythTV, although the activity on the mailing lists indicate that this system is already quite functional for many users.
Hope this is useful to anyone out there still sitting on the fence. I reached my decision after several hours of research on the web. I hope I don't regret it!