Slashdot Mirror

← Back to Stories (view on slashdot.org)

Distributed TiVo Code Cracking

Posted by michael on from the wait-for-the-video dept.

Twostep writes "With the newest version of the TiVo software (Version 3.2), TiVo has once again changed the secret password to enter "backdoor" mode, which lets advanced users enable hidden features. Unlike last time, people were not able to quickly find the new code, so a distributed computing project was started to find the backdoor codes. You can read about it Here, grab the Linux or Windows clients and pitch in some CPU time for a good cause."

7 of 258 comments (clear)

  1. Re:No Offense by Anonymous Coward · · Score: 5, Interesting

    cause there simply is no alternative. 90% of all consumers are totally in the dark about anything that involves technology. So business run flashy ads and salespeople move the product. It simply is not economically sound for these companies to appease this small percentage of technologically literate consumers. So in the end it is the people who really will use the device to its fullest extent that get the shaft.

  2. Re:Idiots by warmcat · · Score: 5, Interesting

    This isn't true, unfortunately. When the implementations of strong hash checking are done properly (everything in one chip, ROM a la Xbox), they WILL succeed in locking everyone else out without very expensive hacks.

    Personally I think new law is needed to render this illegal, unless it is under the control of the user.

    If you think that sounds extreme, consider that the persistent state for all copyrighted works is that they are in the public domain. It is a temporary aberration of a few years that the works are allowed to be held privately. After that they are meant to be available for everyone. As it is these encrypted fortresses inside consumer products will never yield up their secrets.

  3. Re:Because you're entitled to use your own hardwar by TarpaKungs · · Score: 5, Interesting
    Good argument, mumblestheclown. But I disagree concerning the freedom to employ unstable business models.

    I agree, it wouldn't be very nice to set fire to my Tivo and throw it through your window. Conversely if I rip the silencer off my motor, it would be perfectly OK to drive it around on private land (with permission) 20 miles from the nearest inhabitant (in the UK at least).

    One reason I may want to mod the box is this: consider that maybe I want to use and pay for the Tivo service but I also want to add some random feature. That would be in the same league as installing an amp in my car or whatever. I do not expect to have to ask the manufacturer's permission to disassemble my dashboard.

    The other reason I may want to crack the unit is that it's my box - I paid for it, I own it, it's on my property.

    I take on board your argument supporting varying business models - but I hold that the business model is flawed. Sell the box at a profit and discount the service. In a way Tivo's business model is basically parallel to the "loss-leader" trick employed by supermarkets. They offer something at an attractive discount (actually with a negative profit margin) in the hope that I will buy other products. However, it is perfectly reasonable for me to isolate all the loss leaders and buy them and nothing else, thus making a loss for the company. That's the risk they took. On average it works out well for them (or they'd stop doing it).

    I'm sorry - if Tivo want to guarantee that I will buy their service, they shouldn't sell the box on it's own. Or they shouldn't at least sell it at a loss. I can buy a phone without a phone line or rent a phone line without a phone. It would be silly, but I can do it and it doesn't cause the telco or the phone makers any problems.

    I generally subscribe to the view "What I own I can take the lid off and poke around" as a starting point. I am very much against any business model which is so flimsy that it needs laws like the DMCA to support it.

    All of which is why I've added 2 machines at home to the cracking pool :-)

    Sod the DMCA and everything like it in Europe!

    Best, Timbo

    --
    Why can't women be like Hedy Lamarr - beautiful, talented and inventors of frequency-hopping spread-spectrum techn
  4. Re:Because you're entitled to use your own hardwar by Zeinfeld · · Score: 5, Interesting
    Why? because, again, there is a public good involved, but this one is subtler. It's the public good of a business climate where companies make products and services using a variety of business models and people buy them and use them in a manner consistent with widely-held notions of fairness.

    I find it amazing that Tivo appologists fall for this type of tactic. The only reason they do is that they have not woken up to the fact that Tivo is not the only maker of PVRs.

    I do not expect Tivo to survive. The clueless business model only works if there is no competition. There is plenty of competition in the space and that is only going to increase. Nobody succeeds with a razor and blades business model (the Tivo subscription) when there is a cheaper option flat fee.

    Every one of the clueless 'I just want 0.01% of every transaction on the net' payment schemes failled miserably.

    But every time we have a Tivo story the Tivo heads rush in to explain why everyone should pay twice the going rate for the technology. It is as pathetic as the Apple appologists, 'Macs are fastest, speed is what matters, buy a Mac, oops they are no longer fastest, well it isn't just CPU power that matters, its benchmarks, no its the pretty case'. Apple's price gouging and constant interface changing games to make old peripherals obsolete should be criticised as much as if not more than Microsoft's tactics. But they get away with it.

    I don't want the video to decide what to record, I do that. I want a recorder with a removable disk so that the thing is not always full. There is an interesting port on the back of my DishPlayer PVR, anyone know what it does?

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  5. Re:Idiots by jpt.d · · Score: 5, Interesting

    I think the persistent state for all copyrighted works made after Micky Mouse will continue to be copyrighted...

    Disney: "You can have Micky Mouse, when you pry it from my cold dead fingers"

    --
    What we see depends on mainly what we look for. -- John Lubbock Now search for that bug slave!
  6. Pointless but fun by p3d0 · · Score: 5, Interesting
    They say repeatedly this is just for fun. They have already found that, if you are willing to put the TiVo disk in your PC, you can patch the binary to use the old backdoor password. If you want to enable backdoors, that's how you do it.

    They have already tried most of the 9-character space to no avail, and every additional character makes the search take 37 times longer. And, as was said numerous times, when they find it, TiVo will just change it again and tack on a couple more characters.

    Plus, there is no verification of results, so surely someone will cheat a la SETI@Home just to inflate his score by returning a bunch of bogus results, and the results will be invalid. Worse yet, a truly malicious person could return bad results for a whole lot of valid usernames, and it may be impossible to separate the good results from the bad. (I don't know if the server tracks IP addresses, but those can be spoofed too.)

    So, this is kind of futile, but it looks like they're having fun. :-)

    --
    Patrick Doyle
    I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
  7. Re:Ad-skips by merlyn · · Score: 5, Interesting

    The code to enable 30-second skips is "select" "play" "select" "3" "0" "select", and does not require the "master back door enable" code referenced by this thread. The "master back door enable" code opens up about two dozen other codes. See the Tivo backdoor page for details.

    --