High Definition TiVo Bash Software Hack Claimed

crazyray writes "Fresh on the heels of Sunday's Washington Post's article about TiVo and the broadcast flag, a group calling themselves the 'HD TeAm' is claiming to have discovered a software-only exploit to enable bash on the new $1000 High Definition DirecTiVo. Prior to this announcement, it was thought that this was only possible by desoldering and reflashing the PROM. Perhaps most interestingly, 'HD TeAm' is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation."

This sucks

The end.

Surprise

[Crzysdrs]

Not 5 minutes out of the box. HAXORED!!! PWNDED!!!!!1111

Smart plan

[irving47]

Maybe that's a good way of doing it. Make sure you don't have any money to be sued for by the MPAA, but have money going to someone who might arrange your legal defense.

Re:Smart plan

[garcia]

The conglomorates haven't exactly cared whether you have money or not. If we all had enough money to support an effective legal defense against the monopolies or enough power to end their money-backed lawmaking schemes we wouldn't be trying grassroots campaigns to end their stranglehold.

Now would we?

Re:Smart plan

[Lumpy]

what does it mater, I'm betting they will release the code in an anonomous way so the corperate Gestapo cant target anyone. And be on the lookout that this will be the way code will be released in the future. it's nice to get credit, but screw it I'll attach nothing of me to code that helps humankind take back their rights.

I hope they are smart enough to not leave any traces of their identity in it so they cant get harassed like the DECSS debacle.

Re:Smart plan

[ivan256]

Heh.

You assume that there's "code".

Have you read anything at DealDatabase? The "developers" there are mostly people who hack together a collection of real work done by other people. I bet this hack is some one-liner exploit that gets just enough data past the Tivo boot-time checks to make one of the existing hacks feasible. Those existing hacks are mainly pasted together work from people you've all heard of like Andrew Tridgell and Donald Becker that was done and dumped after they had what they wanted, or was written for other purposes entirely.

Then they say smug shit like this:

HD TeAm doesn't need the $ and if anybody else were smart/experienced enough something similiar would allready be public

What they really mean is that if anybody else cared enough, or had as much free time on their hands as they do, something like this would already be public.

Re:Smart plan

Yeah! We could ALL bond together in a group... umm... a body that supports the people... a... umm... government! Ah nevermind... It'll never work.

Re:Smart plan

The fact remains the exploit will be public soon and they could have profited off it. They elected not to and require a donation to a good cause. Don't like the way they handled it? uhhh too bad. Do it yourself next time and you wont need to worry about it.

Re:Smart plan

[88NoSoup4U88]

btw, anyone interested in my gameboy SP software exploit, which makes you able to run Dreamcast games on it : Also, it will be able to make direct calls to the red-phone in the White House ; and be able to toast a cheese sandwhich... without putting anything in it !

I will only release this is proper donations are met : I might even include the laser-rays too.

Re:Smart plan

[ivan256]

Don't like the way they handled it? uhhh too bad. Do it yourself next time and you wont need to worry about it.

I could care less about it in either way. I was just pointing out that it's unlikely that there's enough there to even be worried about a legal challenge. This type of stuff doesn't enable any copyright infringement. This just boots the box. All the recordings are still encrypted. If anybody needs to be worried it's the people who are developing the software to prevent that encryption and (illegally) redistribute raw, unencrypted DirecTV data streams. People have been doing that for years though, and nobody has sued them yet. The whole "give to EFF so we won't be repressed" thing seems like a scam to me, since nobody is repressing them.

Re:Smart plan

i agree with everything you said except it started as a bounty. The discoverer/developer said rather then take the money he wanted it to go to the EFF, Im not sure where the "repressed" issue comes from. If the money isnt paid out then yes by all means it will be a scam, if it is paid out then the EFF collected the bounty that the developer was entitled to.

Re:Smart plan

[ivan256]

It started as a bounty, yes. But after somebody had succeeded they placed this $1000 price on it. That changed things a bit. It's no longer a group of people offering a certain amount of money for something, but a developer asking for the money to release something.

Re:Smart plan

We will have to agree to disagree on this one.

off like a dress...

[zoloto]

...on PROM night!

and reflashing the PROM

well I have to say that brings back fond memories of prom night. ... oh wait, this is about a PROM?? uhhh... nothing to see here, move along!

Re:off like a dress...

OMG TEH FUNNEY

Re:off like a dress...

[tommck]

You went to the prom??? What are you doing reading Slashdot?

Re:off like a dress...

[TyrranzzX]

You forget, this is slashdot; we didn't go to prom night, and if we did goto prom, we looked like bad geeks and no girls would dance with us out of fear of social rejectition.

But now, those same cheerleaders will come to us BEGGING for us to change their proms around so they work. Reality is really strange.

Re:off like a dress...

[4of12]

You went to the prom??? What are you doing reading Slashdot?

I'm pretty miffed, too, because I didn't get my robotic girlfriend built in time for prom night.

Away to Jail with Ye

[ravenspear]

Today the US Senate announced pending legislation designed to curb the growing problem of Tivo hacking. The House is expected to take up a similar bill next week.

Senator Orrin Hatch, chief sponsor of the bill, was quoted as saying "This issue is of extreme importance to the future of America. What kind of message would we be sending to our children if we allowed this kind of wanton hacking activity to go on unchecked? I ask all politicians who value protecting our intellectual property laws to join me in support of this legislation."

Re:Away to Jail with Ye

[garcia]

He has also opened a Paypal account to accept donations to help fund the mounting legal costs in persecuting attempts at allowing that evil Communist "freedom of information" idea that has been infiltrating our great fascist state.

Yes, this is the proper usage of Fascist. We are allowing our country to be opened to the control of the corporations.

Re:Away to Jail with Ye

[a_nonamiss]

"This issue is of extreme importance to the future of America. What kind of message would we be sending to our children if we allowed this kind of wanton hacking activity to go on unchecked? I ask all politicians who value protecting our intellectual property laws to join me in support of this legislation." - italics added for emphasis

wanton - Audio pronunciation of "wanton" ( P ) Pronunciation Key (wntn) adj.

1. Gratuitously cruel; merciless.
2. Marked by unprovoked, gratuitous maliciousness; capricious and unjust: wanton destruction.
3. Unrestrainedly excessive: wanton extravagance; wanton depletion of oil reserves.
4. Luxuriant; overabundant: wanton tresses.
5. Frolicsome; playful.
6. Undisciplined; spoiled.
7. Obsolete. Rebellious; refractory.

OK, I know I'm preaching to the choir here, but how does this type of activity merit the use of the word wanton. Genghis Kahn merits that kind of description, but not a bunch of people who want to make the hard drives bigger on their TiVos. Exactly how are women and children being slaughtered by this activity? How can Orrin Hatch say something stupid like that and face no backlash from the mainstream media? This pisses me off to no end! These people are demonizing those of us that just want to upgrade the TiVos that WE OWN.
I BOUGHT THE TiVo, I PAY THE SUBSCRIPTION FEE, I ABIDE BY THE LAW. WHY CAN'T I OPEN IT UP AND PUT IN A BIGGER HARD DRIVE IF I WANT TO?

Sorry for the yelling. This makes my blood boil.

Re:Away to Jail with Ye

[Lawbeefaroni]

OK, I know I'm preaching to the choir here, but how does this type of activity merit the use of the word wanton.

Well, if it's Senator Hatch trying to sell it to a clueless public and his even more clueless coleages, it's the perfect work. Oh, and I'm pretty sure he never actually said that. Calm down, it was satire.

Re:Away to Jail with Ye

why are we getting 503 Service Unavailable? I cannot get to any other slashdot.org page unless I use a specific article's link.

Re:Away to Jail with Ye

[drinkypoo]

Didn't you read the definition you pasted? 5. Frolicsome, playful. Wanton is also defined on occasion as "with abandon", which is the sense in which I most commonly see it (in pornography) :)

Re:Away to Jail with Ye

Heh,

You must be new here. Slashdot is much like the NSA (Never Say Anything) when it comes to explaining site issues.

Re:Away to Jail with Ye

Better yet, I get 503 in IE while I can connect in Mozilla. Another note: I dont have cookies on in Mozilla, but I do in IE, so it may be the login portion of their service.

Re:Away to Jail with Ye

[mi]

Yes, this is the proper usage of Fascist.

Nope, it is not. Godwin's Law applies. Second time in one thread. Remember to logout, loser.

We are allowing our country to be opened to the control of the corporations.

Until we (US) start claiming racial superiority and burning racially inferior peoples in furnaces, all the talk of our alleged "Fascism" is complete nonsense.

Re:Away to Jail with Ye

[vsprintf]

Yes, this is the proper usage of Fascist. We are allowing our country to be opened to the control of the corporations.

Corporate control is a bad thing, but you should look up *fascism*. I believe that what you are referring to is more of a plutocracy since it's really control by corporate top management.

Re:Away to Jail with Ye

Uh. I hate to explain history to someone who's obviously warped it for his own ends (since it's almost always a futile gesture), but...

You're mixing Facism (Italy) and Nazi (Germany) beliefs.

Racial Superiority? Germany.

Burning Racially Inferior People In Furnaces? Germany.

Next time, please try to list the actions of a Facist state instead of a National Socialist state.

Godwin's law may or may not apply to the original conversation, but you're running afoul of other "internet rules." (e.g. you're now a Special Olympics participant)

Re:Away to Jail with Ye

[mi]

This is a perfectly valid point in itself. However, the poster, who provoked me -- most certainly -- meant the German version of Fascism. The Italian one just was not ugly enough, so there is no point in using it.

Although I realize, I made the mistake of thinking this was the same person, that used the term "corperate Gestapo" in another posting on the same thread, I'm quite certain of Garcia's point.

Re:Away to Jail with Ye

[Curtman]

Until we (US) start claiming racial superiority and burning racially inferior peoples in furnaces, all the talk of our alleged "Fascism" is complete nonsense.

I don't know what dictionary you're using, but I usually use reference.com , and it doesn't doesn't even mention furnaces or racial superiority, let alone list them as a prerequisite.

• Word History: It is fitting that the name of an authoritarian political movement like Fascism, founded in 1919 by Benito Mussolini, should come from the name of a symbol of authority. The Italian name of the movement, fascismo, is derived from fascio, "bundle, (political) group," but also refers to the movement's emblem, the fasces, a bundle of rods bound around a projecting axe-head that was carried before an ancient Roman magistrate by an attendant as a symbol of authority and power. The name of Mussolini's group of revolutionaries was soon used for similar nationalistic movements in other countries that sought to gain power through violence and ruthlessness, such as National Socialism.

Re:Away to Jail with Ye

[mi]

Yes, indeed. And "cretin" is a medical term too.

Most certainly, however, Mr. (?) Garcia used the term Fascism as a "dirty word".

You know it, I know it, he knows it. Put away the dictionary...

Re:Away to Jail with Ye

[Merk]

You know, I have mod points, and could just mod you down, but I thought I'd reply instead.

Godwin's Law isn't a rule about winning or losing arguments. It's a law of nature. It's like gravity. If a thread goes on for long enough, someone will mention Nazis or Hitler. But notice, I'm the first one in this thread to do so. Fascism is bigger than just Nazis. The Italian government under Mussolini was fascist as well.

Before you say that fascism requires burning racially inferior people in furnaces, you might want to at least read the definition:

a political system based on a very powerful leader, state control and extreme pride in country and race, and in which political opposition is not allowed

Let's compare that to the current state of affairs in the US of A:

• a very powerful leader -- I think unilaterally declaring US citizens to be enemy combattants qualifies here
• extreme pride in country and race -- substitute religion for race, and this clearly describes a lot of Bush's supporters
• political opposition is not allowed -- well they haven't won this battle yet, but remember many people argued that protesting the war was unamerican, remember how the republicans tried to shut down Farenheit 911, notice the tiny, dangerous, hidden "Free Speech Zone" at the democratic convention

There's no question, we're a long way from Italy or Germany in the '30s. At the same time, there's a continuum between an open society and a fascist one. The US is much closer to the fascist side of that spectrum than any other western (or modern eastern) country. Sure, Cuba is worse, and so is North Korea, but when those are the only countries that are more fascist than you... it's a pretty bad sign.

Re:Away to Jail with Ye

[garcia]

Now that I could finally get logged in to reply to your post...

I meant Fascism in a general sense. My comment was not directly related to Italy or Germany. Perhaps for the general population this is something that is a bit difficult to fathom but I have faith that most people here knew better when it came to what I said (and based on your moderation and those under you I believe they did).

Re:Away to Jail with Ye

[mi]

You know, I have mod points, and could just mod you down, but I thought I'd reply instead.

Awfully decent of you. If only you had the decency to not mention this fact...

but when those are the only countries that are more fascist than you... it's a pretty bad sign.

Right here is the flaw in your and Garcia's arguments. As per your definitions and explanations, there is nothing automaticly "pretty bad" about Fascism -- not without burning the inferior races in furnaces.

Yours, Garcia's (although he may deny it), and others' whole point of "name dropping" Fascism is to associate the opponents with the burning furnaces and other trully horrible sides of the (German) Fascism because they poses some treads of Fascism, however innocent those treads might be. This is the dishonesty I complained about. Boy, imagine, his name being Adolf! The guy would not even be elected...

It is Ok to have a powerfull leader (many countries have that), and it is Ok to be proud of your country -- almost everybody is.

And if that is not enough, of the two points, on which you claim USA is Fascist both are wrong:

a very powerful leader -- I think unilaterally declaring US citizens to be enemy combattants qualifies here you ignore the Supreme Court's recent ruling, that clamped that exact power extreme pride in country and race -- substitute religion for race, and this clearly describes a lot of Bush's supporters ha! if you allow "substitutions", why not just substitute "Republicans" for "Nazis" and be done with it?

Re:Away to Jail with Ye

[Merk]

True enough, Fascism is not automatically bad. Just like National Socialism is not automatically bad. Even Anarchy is not automatically bad. But history has shown that whatever their abstract flaws or benefits, in practice, they seem to be bad both for their neighbors and for the citizens.

I didn't claim that the USA is "Fascist", but I said it was farther along the continuum between Fascism and an open, free society than most other countries in the world. While it is true that the Supreme Court has recently ruled against Bush, the very fact that he was claiming that authority for a while says something. Name me another country where the head of state has exercised that sort of authority lately. Again, I can only think of North Korea and Cuba. Possibly China too... but really, do you want to be "slightly more free than North Korea"?

Same deal with that "extreme pride in country and race". If you've ever travelled outside the US, you would see how skewed the US is in this regard. I have never visited a country that was as fiercely patriotic as the US. Now, most countries I've visited have had some degree of patriotism. The people like certain things about their countries, but they don't like everything. The US is the only place I've ever visited where anybody has expressed an attitude that if you don't love the country, there's something wrong with you, and you should leave. I'm not saying everybody says that, but the fact that anybody says that makes the US unique, and it's not a good thing, in my opinion.

As for substituting religion for race... well that was a reasonable substitution. Most dictionaries seem to mention racism as tied to fascism, but it's not a fundamental requirement. The important distinction is drawing a line between "us" and "them". Religion does that just as well as race. And substituting Republicans for Nazis? Well... that's just too easy.

You're free to claim that there's nothing wrong with Fascism. You can even try to start a Fascist party and try to win a few elections. I don't think you'll have much support though. Even if you called it the "America First" party, I don't think you'd get much support. There has been some grudging acceptance of the Fascist-leaning policies that Bush has put into place, but I think if you tried to go too far in that direction, people would resist.

You say there's nothing inherently wrong with fascism until you start burning inferior races in furnaces. But it is the very qualities of fascism that make that more likely. What you're saying is the equivalent of saying there's nothing wrong with cocking a gun and pointing it at somebody's head. It's only pulling the trigger that's bad.

Re:Away to Jail with Ye

[mi]

What you're saying is the equivalent of saying there's nothing wrong with cocking a gun and pointing it at somebody's head. It's only pulling the trigger that's bad.

No, what I'm saying is that there nothing wrong with being made of steel, even if that makes a metal shovel "closer" to a people-killing gun, than a plastic or a (dure-)aluminum shovel is.

Blackmail?

[SilentChris]

"is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation"

Uh, why? Just release the code.

Re:Blackmail?

[jaaron]

Apparently a contest was made available first before a software exploit could be found. The HD TeAM group just happens to be the first to claim success. If their post:

"HD TeAm has a solution prepared and authorizes it's distribution via ddb once $1,000 has been collected. We request that all proceeds be donated to the EFF so that research of this nature remains legal in the future."

"It is our position that if the community, particularly the minority with the disposable income for hd-units, is unwilling to come together & donate this token sum to a worthy organization the hack is probably better kept private"

Re:Blackmail?

[MooseGuy529]

Why? This should be obvious.

The music, movie, and TV industries in the U.S. still haven't opened up to the idea of sharing things. It was one thing back when TV was analog, and music was on tapes (yeah, they complained back then, but it *was* less of a problem), but now they're scared shitless because they're broadcasting a digital stream, and, although it is compressed, any duplication, recording, or sharing of it would be at exactly the same quality.

So, they try to manipulate laws (DMCA, Broadcast Flag, etc...) their way so that nobody can copy their stuff illegally or legally. The end result is that we need organizations like the Electronic Frontier Foundation to stand up to them and preserve our rights to use media legally.

A lot of these laws fall into a category which I particularly find disturbing: laws that cure the symptom instead of the disease. Instead of just cracking down on true copyright violation (large groups of people selling pirated movies and such, not some guy who copies a few movies for a friend), they crack down on ways to violate copyrights, or they crack down on ways to create ways to violate copyrights, or they crack down on uses of copyrighted material more broad than what is truly illegal, or they crack down on anything that could eventually lead to copyright infringement.

Now, for some analogies. (I warned you, so don't complain they suck!) People are allowed to have knives, for normal uses such as chopping vegetables. Knives, however, can also be used for violence. If knives were regulated the same way copyright law is looking, we wouldn't be able to have knives because they *could* be used to hurt people. Furthermore, most recipies involving chopping would be illegal, due to the fact that they could induce someone to create a knife for that purpose.

But look at it another way: guns--something whose purpose is solely violence--are regulated. Think about DeCSS--it is used only to decode DVD data to view it; pirates don't even need to decode DVD data to make pirated discs. If the movie industry wanted to crack down on something, it should have been DVD burners (yeah, I know, they shouldn't be regulated either... maybe they should have required a special code on consumer discs, so players won't play DeCSS-encrypted discs [presumably a copyrighted movie] when they are on a consumer disc [presumably because it is a pirated copy]), not DeCSS. That's like cracking down on knives, because they can be used to hurt people, even though they have plenty of harmless uses, while leaving guns unregulated.

Okay, shred apart my analogies. Have fun. But that is the reason we need the EFF--to protect us from corporations that would otherwise crack down on lawful acts.

So why not just release it? As the thread says, the people who have enough money to buy an HD TiVo certainly have enough money to contribute to the EFF, and their very use of the TiVo is an act protected by the EFF. Asking for donations to a good group in exchange for a donation is perfectly valid. If you don't like it, don't give money... someone else will... or maybe not, and we'll never see the code...

Re:Blackmail?

Blackmail is entirely the wrong word.

I think the word you're looking for is trade.

Re:Blackmail?

[Elwood+P+Dowd]

This is the opposite of blackmail, smartguy.

Re:Blackmail?

[Enucite]

whitemail?

Re:Blackmail?

[L.+VeGas]

no, blackfemale

Re:Blackmail?

[OECD]

But look at it another way: guns--something whose purpose is solely violence--are regulated.

It's probably not a good idea to use a more contentious issue as your metaphor. You tend to lose people who are otherwise sympathetic to your argument. Care to explain it to me in abortion terms?

Larger point taken, however.

Re:Blackmail?

But look at it another way: guns--something whose purpose is solely violence--are regulated.

Qui desiderat pacem, praeparet bellum. My guns are owned in the hope that I'll never have to use them, but that if I do, it will be to *prevent* violence.

Is this the opposite of digital terrorism??

[dgrgich]

I remember a while back the gang of folks threatening to release hacks for the Xbox unless MS paid up - don't remember hearing what happened there. This seems to be similar but completely different - :)

I have to say that I'm against anything that might harm Tivo as a company; I'm a rabid fan who sees signs on the wall that Tivo may be in trouble within the next few years as the cable companies produce low-grade DVRs that do not give the database-powered juicy goodness that Tivo provides.

Just my two cents.

Re:Is this the opposite of digital terrorism??

They were threatening to release the software hack unless MS were to allow a signed version of Linux to be released on the XBox. Of course MS didn't, and the hack (which allowed the user to load an unsigned linux loader without a hardware mod) was released.

Later that hack was modified by other people to run *any* unsigned executable on the XBox. It was this very possibility that the original hacker wanted MS to avoid by allowing a signed Linux loader.

Re:Is this the opposite of digital terrorism??

um most of those DVRs the cable companies produce are rebranded licensed software of Tivo to begin with

Re:Is this the opposite of digital terrorism??

[Lumpy]

,i>I have to say that I'm against anything that might harm Tivo as a company; I'm a rabid fan who sees signs on the wall that Tivo may be in trouble within the next few years as the cable companies produce low-grade DVRs that do not give the database-powered juicy goodness that Tivo provides.

too late. WE've had them here in comcast that also record HD for over a year now. an additional $5.00 a month and you get a HD PVR that can never break because you dont own it, something that Tivo cant offer.. .as well as significantly lower subscription rates ($5.00 versus $12.95)

tiVo is doomed. and the only reason I have a replayTV is that it's effortless to get DVD ready mpeg2 files off it to my PC... no hacking anything required, otherwise I'd have the Comcast PVR HD box.

Re:Is this the opposite of digital terrorism??

[Rude+Turnip]

Comcast charges me $9.95/mo for their HD PVR, so the price difference isn't that great. I still have TiVo and it beats the Comcast PVR like a little bitch in terms of usability and functionality. As soon as TiVo comes out with an affordable HD PVR (preferably with Cable Card technology) I'm dumping the Comcast box.

Re:Is this the opposite of digital terrorism??

[Kyaphas]

I know this is off-topic, but what's up with the Magellan Meridian?

I looked for a way to contact you, but not too much luck.

Re:Is this the opposite of digital terrorism??

paying $5 a month in NC for 40 hours worth of hard drive with Time Warner Cable.

Re:Is this the opposite of digital terrorism??

[fordan]

Speaking as a cable company DVR user, I have to say I wish it was using rebranded Tivo software... Maybe then I wouldn't end up with double copies of every show as it get repeated for the west coast.

I just can't justify the cost of a Tivo (especially HD) when the cable company offers it so cheap (~$9/mo vs ~$6/mo for a digital box)

Re:Is this the opposite of digital terrorism??

Odd, by my math, that comes out to $10/mo vs. $12.95/mo, and unlike Tivo, you don't own the hardware, so you're at their mercy to come out and fix/replace it. Ever dealt with cable companies lately for anything BESIDES an installation? In other words, goooooood luck.

BTW, I'm a Comcast subscriber in Illinois, and they don't offer PVRs in my neck of the woods. Basically if you get a Comcast PVR, and move, you have to return the equipment (it's property of the local cable franchise, not Comcast), and the new Comcast franchise may or may not offer PVRs.

Sorry, but when I move, I'll keep my Tivo, to avoid inconsistent implementations of PVRs and crappy ones at that. And since I paid for lifetime, I don't have any subscription fee.

I think these crappy PVRs may actually be the deathknell for PVRs more than a rubout of TiVo's business. After the near-daily reboots, missed recordings, lousy UIs, I doubt many people will keep them beyond a couple months, or give them a second chance.

Re:Is this the opposite of digital terrorism??

Paying $0/month in IL for 200 hours worth of hard drive with Tivo, and I may be upping that to 320 in a little while.

Re:Is this the opposite of digital terrorism??

Owned it for 3 weeks, It locks up requireing a full firmware reload to get it back to operational.

Tech support told me "That happenes from time to time".

meaning this is a expensive toy useless for anything but playing around. It's 100% untrustworthy.

avoid it.

Re:Is this the opposite of digital terrorism??

wrong. they charge you $5.00 for the HD box and $5.00 for the pvr function.

if you had a Tivo you SILL have to get the HD box at $5.00 a month. so the price difference is as big as lumpy says.

Unless your Tivo recieves digital cable channels magically... Last i knew no PVR on the planet outside the motorola cable boxes can tune in digital cable.

Re:Is this the opposite of digital terrorism??

your math is flawed.

your Tivo can tune in CABLE TV digital channels without the Box?

you pay for the box, you pay more for a HD box, and then you pay more for a PVR box.

get a better calculator as lumpy is pretty dead on.

Software-only hacks rule!

[192939495969798999]

Let me be one of the first (today) to say that software-only hacks rule! There are a lot more people that can use that type of hack, then there are that would open the box and do stuff in order to get BASH, or what have you, to work. Having witnessed hardware xBox/TiVo hacks myself, I can attest that if you don't have nerves of steel, you could bump that soldering iron into something important.. and whoops! There goes the system.

Re:Software-only hacks rule!

I once left a big chunk of soldering stuff splash on a xbox board. needless to say it askted jerky, opening and checking, subsequently removing the stuff fixed it.

my xbox board has a couple of traces ripped open and fixed using some carefully applied soldering iron.

How about a hack for the Series 2?

[jocknerd]

Still waiting for my bash shell.

Re:How about a hack for the Series 2?

Series 2 software-only shell hacks have been around for at least a year.

Re:How about a hack for the Series 2?

[silas_moeckel]

I beleive the series 2 were software hacked last year via the 3 card monty method. There are downloadable ISOs to prep the drives. It does stop updates from working though. Even hacks the Directivo.

Re:How about a hack for the Series 2?

[Zondar]

How about stepping into 2004? The two-card-monte method as applied to the Tivo Series 2 as long ago as February, 2003.

http://www.dealdatabase.com/forum/showthread.php?t =22154

bash?

Um, what the hell is bash?

Re:bash?

[selfabuse]

This is bash.

Re:bash?

Thisba is bash.

Fishy!

Instead of claiming to have a software-only exploit, the referenced web site offers a reward for such an exploit.

Something smells fishy!

Re:Fishy!

Something smells fishy!

Of course. It's penguin powered, after all.

(Actually, good point there.)

Re:Fishy!

[thedude13]

read a little further down, specifically message #6:

first submission (maybe the last?) "HD TeAm" has submitted a sw only exploit for evaluation the license is restricted distribution - but only to prevent resale / hero abuse the HD TeAm position: "HD TeAm has a solution prepared and authorizes it's distribution via ddb once $1,000 has been collected. We request that all proceeds be donated to the EFF so that research of this nature remains legal in the future." "It is our position that if the community, particularly the minority with the disposable income for hd-units, is unwilling to come together & donate this token sum to a worthy organization the hack is probably better kept private" OK, lets open the floor to discussion

i personally hope it is real because i believe once i purchase the hardware, then i should be able to do whatever i want with it.

Re:Fishy!

not if it means getting service for FREE and TiVo losing money. hacks like this can allow this alteration, and it's just not good for the company and it's investors

Re:Fishy!

not if it means getting service for FREE and TiVo losing money. hacks like this can allow this alteration, and it's just not good for the company and it's investors


NO! This is especially true in this case. Corporate America needs to be taught that "we will make money as long as we contol the use of our product after we sell it" is a bogus business plan.

Capatalism demands that any company that tries this be run out of business. Darwin tells us that any investor that supports a company with such a business plan will have their money taken away (and this is a good thing)

I'm sick and tired of the "companies and investors DESERVE to make mony no matter how lame their business plans are" crowd. FSCK that. If a company can't figure out how to make money w/o inventing new limitations on what consumers can do with their product then it is VITALLY IMPORTANT that that company be allowed to fail. It may hurt in the short term, but we are all better for it in the long term.

Re:Fishy!

[Elwood+P+Dowd]

From the first message:

to be eligible for the bounty the exploit must be freely available to ddb members for personal noncommercial use. redistribution / resale license restrictions to prevent ebay / hero abuse are acceptable

Uh... make it GPL or BSD licensed please? I mean, I'm never going to get cable, let alone an HD Tivo, but wouldn't HD TeAm want the code to get integrated into other projects?

Re:Fishy!

[htmlboy]

i personally hope it is real because i believe once i purchase the hardware, then i should be able to do whatever i want with it.

i think there's a subtle difference between doing what you want with your hardware and requiring the system they put on that hardware to allow you to do so. i really don't know much about the details of the tivo hardware, but my impression is that it's possible to run your own linux install on it (though not very useful). as such, while you're free to do what you want with the hardware you've bought, it's the service running on it that's limited, and given the nature of tivo's business, i don't fault them for that.

OK, dumb question

[GojiraDeMonstah]

What would you be able to do with a TiVo hacked in this way that you can't do now? Hook it up to a different hard drive and store more shows?

Re:OK, dumb question

[Radak]

Run a web server on it for remote programming, extract digital video from it, and most important, IRC from it.

Re:OK, dumb question

[irokitt]

Two words, man. Nethack.

Re:OK, dumb question

[onyx00]

Well on the DirecTV units you can do quite a bit; noZKT hack, stuff dealing with the P4. That is all I will say; there is a quite a bit that can be done. Steal service I guess if you are in to that and stuff ;)

Re:OK, dumb question

[RedX]

The 3 big things that I'm waiting on for my HDTivo that can be done with non-HD models: networking for TiVoWeb capabilities, adding the 4.0 software for folders in Now Playing, and "HMO superpatch" to finally add HMO to DirecTV receivers.

Re:OK, dumb question

[sublimespot]

Monitor your TiVo with GKrellM
http://chriscarey.us/software/tivo/

Re:OK, dumb question

What's "man Nethack" ?

License?

[Meostro]

I wonder what the license will be, and why it wouldn't just be straight GPL'd.

"HD TeAm" has submitted a sw only exploit for evaluation

the license is restricted distribution - but only to prevent resale / hero abuse

the HD TeAm position:

"HD TeAm has a solution prepared and authorizes it's distribution via ddb once $1,000 has been collected. We request that all proceeds be donated to the EFF so that research of this nature remains legal in the future."

"It is our position that if the community, particularly the minority with the disposable income for hd-units, is unwilling to come together & donate this token sum to a worthy organization the hack is probably better kept private"

Opening Narration

[irving47]

In 2004, a crack hacker unit will be sent to prison by a civilian court, for crimes they just barely understood themselves. These hackers promptly escaped from the maximum security MPAA holding room to their mothers' basements. Today, still wanted by Jack Valenti, they survive as coders of fortune. If you have an encrypted video stream, nobody else will touch it, and if you can find them, maybe you can hire the HD TeAm!
click click click click...

Re:Opening Narration

B.A.: "You know I hate to code assembly, Hannibal!"

*snickers* Great reference!

Re:Opening Narration

Their crime would be "Interfering with a megacorp's right to profit."

Re:Opening Narration

Mr. T: Then suck this solder!

Re:Opening Narration

[niktesla]

Hannibal: "I love it when a progrma comes together."

Seriously, great reference!

Re:Opening Narration

[88NoSoup4U88]

Can i have my balls back ?

I just laughed 'em off ;)

In Other shocking news...

the members of HD teAm are all virgins

I have a question.......

[theJerk242]

Perhaps most interestingly, 'HD TeAm' is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation.

Why are they waiting for the EFF to get more donations in order to show the code to the world? Please go easy on me.

Re:I have a question.......

because at this time, this type of hack is supposed to be legal. in reality it is a bunch of legal troubles waiting to happen. (not necessarily that tivo will pursue it, but a lot of companies would) so they are trying to get people involved in ensuring that it does remain legal and stop companies from trying to stomp those that do.

Re:I have a question.......

[Not_Wiggins]

An idea from the Devil's Advocate side of the world: perhaps they don't *actually* have the code and are just trying to drum up donations using a hoax of sorts.

You'd be just as wise to put your money down on a "pre-release" copy of Duke Nuke'em Forever without doing more homework. ;)

Re:I have a question.......

[josecanuc]

There was a contest: The contest organizers would collect a bounty from folks. If some group met the challenge (bash shell in Tivo) before the deadline, then they would get the collected money.

There is a group now that claims to have a working solution to the challenge, but they are saying they will not release it until the collected bounty is at least $1000 and with a promise that the contest organizers will not send it to the winners, but to the EFF instead.

Re:I have a question.......

[Jahf]

Doubtful ... no incentive except for stupid kicks.

Seriously, they're not the ones getting the moolah, the EFF is. Therefore they obviously want the EFF to do well.

Move to your theory ... sure, the EFF gets $1000 ... but hereafter no one will ever participate in such a fund raiser since the first one was a burn. Which means in the end the EFF probably suffers more damage than good.

Unless this were perpetrated by people who -want- to hurt the EFF or the TiVo community, there is just no reason for them to bother.

So yes, in the end the contributors are doing this on the assumption of good faith, but it seems a fair assumption (especially since you can set your own donation level).

Remember, they are only trying to avoid modifying the hardware ... they can do all the low-level changes, hex editing and other tricks they want. And the BASH binary is already there with working IO interfaces. It is not as much of a trick as it would seem. Similar things have been done on earlier TiVos since the TiVo first came out.

Re:I have a question.......

Yes but earlier S1 units had a flashable prom. The newer units do not. This is a highly coveted hack and for the doubters out there whether this is legit or not. If you spent any time at all on ddb and know the people involved you would know it is real. RC3105 is a reliable guy and if he says he has the source in hand you can take it to the bank.

We will hold this code hostage

[Richthofen80]

and behead it if your money does not leave to the EFF within 48 hours.

Reading between the lines...

[rdewalt]

"... Perhaps most interestingly, 'HD TeAm' is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation."

In other words, "We'd like our defense fund paid in advance before we release That-Which-Will-Get-Us-Sued-Out-Of-Our-Lives.

I heard of this before...

[FortKnox]

Perhaps most interestingly, 'HD TeAm' is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation.

I hear a buncha guys tried this in some foreign country. Something about slitting throats unless buddies were taken out of jail.
It didn't end up pretty.

This 'digital blackmail/digital terrorism' leaves a sour taste in my mouth. I hope the EFF does the right thing and encourages people not to donate for this cause. Or perhaps not give out how much money they've been donated. This should not be encouraged at all.

Re:I heard of this before...

how is this blackmail?

they are trying to ensure what they did remains legal

Re:I heard of this before...

This 'digital blackmail/digital terrorism' leaves a sour taste in my mouth. I hope the EFF does the right thing and encourages people not to donate for this cause. Or perhaps not give out how much money they've been donated. This should not be encouraged at all.

Wow, do you people even know how to read? ("you people" referring to the idiots equating this to some type of blackmail)

For the reading impaired, there was a collection being taken to offer as a reward for anyone who could hack (crack, whatever) the HD Tivo. The HD Team merely offered to donate their reward to the EFF if it reached $1000. If it didn't, they'd keep the hack to themselves, and the reward money would be returned.

How the hell is that blackmail?

Re:I heard of this before...

You ignorant Troll. Intelligent creativity by finding a unique solution to a problem is part of free speech (much to the chagrin of Bushies). These hackers are not threatening death of a human life form. Get your perspectives straight.

Re:I heard of this before...

[Spaceman40]

[quote] This 'digital blackmail/digital terrorism' leaves a sour taste in my mouth. I hope the EFF does the right thing and encourages people not to donate for this cause. Or perhaps not give out how much money they've been donated. This should not be encouraged at all. [/quote]

If you've RTFA, you'd realize:

The forum offered a bounty for a software hack.

The bounty was funded by donations.

The TeAm just asked for the bounty to be redirected to the EFF instead of to themselves.
So basically, the big deal is that the bounty needs to reach $1000 before they'll release the code, but when it does, they're just going to give the bounty to the EFF anyway. What's wrong with that?
This isn't terrorism, you idiot - write the code yourself if you want it. The comparison "leaves a sour taste in my mouth".

Argh. Mod parent: flamebait.

Re:I heard of this before...

What exactly do you consider flamebait? Comments that you disagree with? This is why I meta mod all flamebait mods as unfair.

Re:I heard of this before...

[fikx]

So they took a bounty from the forum, and turned it into a political statemnet. They changed it form a friendly wager into a form of blackmail: "Buy our hack by supporting some cause" the direction TURNED it into something less than good. That's just geat eh?
The better way would have been collect the bounty, and THEN donte it to EFF. same result, just they would have been showing support instead of forcing support. Lot more up-and-up

Re:I heard of this before...

[AK+Marc]

The better way would have been collect the bounty, and THEN donte it to EFF. same result, just they would have been showing support instead of forcing support. Lot more up-and-up

Maybe. But the original comment was that it was "digital blackmail/digital terrorism." It is not blackmail to offer to release something for free once enough donations are received by a 3rd party. It is not terrorism to to release one's own work, once someone else meets certain conditions.

If that were the case, then I just had a terroristic plumber that, get this, demanded that I agree to pay him before he'd fix a leaky pipe. Horror of horrors, he didn't give away his work for free without conditions. How evil can you get.

But I will agree that they didn't handle their wish that people would donate the EFF for using the code in a manner that calcualted for good PR.

Re:I heard of this before...

[CrimsonAvenger]

just they would have been showing support instead of forcing support

How is this "forcing support"? If you don't want to support it, don't. If few enough bother to support it, they keep the hack private. Since the hack is their IP, they can do that.

Re:I heard of this before...

[KidSock]

If you've RTFA, you'd realize:

Obviously RTFA didn't help you understand why the principle of this offer is flawed. Bascially this is like saying "If you donate money to GreenPeace we will torch some Hummers." They are using a premeditated illegal action as a sort of endorsement for an organization. Therefore the correct response is for the EFF to denounce illegal activites regardless of wheather or not they believe the laws are constitutional.

Re:I heard of this before...

Oh yes, because torching Hummers and talking to your HDTiVo are equivalent.

Disobeying unjust laws are the only way unjust laws get changed. The state cannot afford to put away 95% of it's population, as the top 5% of the population isn't going to pay for their incarceration (crap, they scream and whine about their own transgressions, just look at Kenneth Lay).

Re:I heard of this before...

[fikx]

Yeah, it's a bit more grey than my first knee-jerk reaction. But, What I saw was the creater of the hack causing those who may not believe in a casue (free software) to donate to it if they want the hack. "If you want my hack, support my cause" . It's not quite that bad, but it's still not pretty from all angles.

Oh, just freaking great

[gmhowell]

Great. Now the EFF is going to be linked to the terrorists and get a visit from Ashcroft and the gang.

The hack I'd like to see

[AndroidCat]

Skipping commercials is nice, but I'd like a hack to allow a TiVo to record and show good programs. "I wish my television had a control to adjust the intelligence level. I tried the control marked 'brightness', but it didn't help at all."

Re:The hack I'd like to see

Skipping commercials is nice, but I'd like a hack to allow a TiVo to record and show good programs. "I wish my television had a control to adjust the intelligence level. I tried the control marked 'brightness', but it didn't help at all."


I can't help much with the good program side, but there is a simple hack to keep it from recording bad programs. Just unplug it.

We'll let you know when Ken is back on Jeopardy so you can plug it back in for 30 minutes a day.

Problem solved.

Re:The hack I'd like to see

[Burianski11]

TiVo is cool as hell, but it's not a miracle worker. First, the good programs have to be broadcast .

Re:The hack I'd like to see

[Rude+Turnip]

That's what Thumbs Up/Down is for, in conjunction with watching your viewing patterns. Never failed me yet! I have more stuff that I watch in the "Suggestions" box than programs I picked myself. Just brace yourself the day your SO finds "G String Divas" in the suggestions box :-).

Re:The hack I'd like to see

[AndroidCat]

Is Jeopardy one of those islands that people get kicked off of each week?

Re:The hack I'd like to see

[Monkelectric]

First Gallagher quote on slashdot in years, +5!

Re:The hack I'd like to see

[CastrTroy]

No.... Jeopardy is the one where they continually try to kick one guy off, but he stays there for like 38 episodes, and even past the end of the season.

Re:The hack I'd like to see

[AndroidCat]

Ahhh, so this is a show about politics? ;)

Re:Still #2 And A Very Cool System

It's not a dumb question. The primary reason is to extract shows. The secondary reasons are to add features and disk space.

Only $1,000? - so cheap!

[SendBot]

I bet they hit that mark easily by tomorrow.

"HD TeAm has a solution prepared and authorizes it's distribution via ddb once $1,000 has been collected. We request that all proceeds be donated to the EFF so that research of this nature remains legal in the future."

"It is our position that if the community, particularly the minority with the disposable income for hd-units, is unwilling to come together & donate this token sum to a worthy organization the hack is probably better kept private"

You suck.

The cock.

Re:Still #2 And A Very Cool System

[Radak]

> The secondary reasons are to add features and disk space.

Disk space can be added to TiVos without shell access. Many people have already upgraded their HD TiVos' hard drives, while only a handfull have shell access to them.

What is wrong with your brain?

How do you see a connection between "we'll do something nasty and evil if you don't do what we want" and "we'll do something nice if you choose to do what we want"?

Think more along the lines of Stephen King's experiment with online publishing, where he released the chapters for free but if he didn't get paid enough money, he'd stop writing them.

What's bash?

what is this bashing method? And why is there no mention of the preferred bat or sledgehammer to do so?

This is not a good thing

[codefungus]

We don't need people associating the EFF with blackmail.

I wish they wouldn't do this.

Re:This is not a good thing

how is it blackmail?

Re:This is not a good thing

as a consultant how is it any different from when i tell my clients they have to pay me before i release the code.

well i guess the difference is that these people are not getting paid for it.

Re:This is not a good thing

I agree with the question - how is this blackmail?

It would be blackmail IF the team publicly said "we'll release this code UNLESS Tivo(/the broadcast industry/MPAA/whoever) pays the EFF $X"... this is more of a "we want an acknowledgement that this is useful, and people are interested in it, but legally we obviously can't get paid ourselves for it"

Let's hope...

The EFF gets the money before Tivo has a change to patch the exploit.

Re:Let's hope...

[Radak]

These kinds of exploits are almost never patchable out in the field, because once the chain of trust is broken, it's broken. It doesn't matter if you break the chain of trust with this kernel and this OS version or with the newest one, because you can use this one to boot the new one. (See references to two-card monte exploits of S2 TiVos. Same idea.)

Once the chain is broken, it's broken forever, until the new hardware rev.

ITS NOT BLACKMAIL

They are asking for donations (to a non-profit organization!) and in return they will release a hack that THEY CREATED into the public domain.

How is offering to release something that you created in exchange for donations, blackmail?

If it is, then I guess every business that sells goods or services is guilty of blackmail too *roll eyes*

Re:ITS NOT BLACKMAIL

Plus, it's just going to send Tivo back to the labs to redo whatever was hacked. Remember that the Tivo software lives in the hard drive and can be updated whenever Tivo feels like it, to add, remove, or change functionality.

If the studios put pressure on Tivo, that's just what will happen.

Attaching this hack to the EFF bothers me. They have nothing to do with this. All it's going to do is get media types referring to the EFF as a hacker group. You watch. Maybe that's the point. Who knows.

If they don't release the code, what then? It's only a matter of time before someone else finds out how to do the hack. The secret of Playstation mod chips and XBox hacks never stayed secret for long.

I have to say it bothers me to see Tivo get hacked like this so quickly: the company is on shaky ground and I'd like to see them stay around for a while, and that requires support from the studios and broadcasters who want the flag and want the Tivo to enforce it. I'm more worried about what this means to Tivo than anything. Not much hope left.

Tivo will have to respond aggressively -which will probably piss off their users- if they want to keep the studios in check. If they fail to do so, then the war is over. Actually, it's already over. Tivo's going to be a shell in three years anyway, defeated by DirecTV's new boxes, and by everybody and his brother selling their own PVR.

totally false

idiot

Definition of blackmail

[tgibbs]

This 'digital blackmail/digital terrorism' leaves a sour taste in my mouth.

Blackmail involves the withholding of information in return for a fee. If providing information in return for a fee is blackmail, then we'll have to jail all the programmers and scientists.

Bullshit.

[Ayanami+Rei]

I didn't even get my dress off on prom night, I had to peel it off 18 hours later when I woke up underneath a volkswagon jetta that somehow made it into my garage. And there were opened boxes from undercarriage lighting kits... I felt so... dirty.

Re:Bullshit.

It's probably because on your site you look like a boy in a dress.

obligatory Orrin Hatch is a fucktard post

Orrin Hatch is a fucktard post

I can hear it now...

[ControlFreal]

(Tell-Sell mode)

The latest TiVo hack... Soon coming to a Freenet or MUTE node near you... It's amazing!

(/Tell-Sell mode)

A little later, it'll be all over the general file-sharing networks, without ever having left a trace to its origin. At that stage, the cat is irrevocably out of the bag.

The point you raise is interesting: it doesn't matter that anonymous networks like Freenet or MUTE are not currently used by a lot of users; they _are_ used by ~1000-~10000 users. When more than a view of those start sharing it at high-usage filesharing networks, the cat is out of the bag. I can indeed imagine really high-profile hacks (say: like the utopical patch that'll break DRMS and/of TCPA in a few years, or so ;) to be "released" in either the two-stage way I just described, or by using virusses (as a last resort).

Interesting...

bounties don't involve extortion

A bounty was offered. They developed a hack. Then they said they wouldn't release it unless they got a larger bounty.

This isn't a simple "we're donating our bounty to charity", it's a "pay more or else" situation. It's extortion, plain and simple.

I would have contributed to a bounty (I have an HDTiVo), but I don't pay extortion money. So they get nothing from me.

NO!!!

[nege]

Awww great. Now the EFF will be considered a terrorist organazation and threat to Our Way Of Life.

(Hackers who support organazations who disaprove of Orwellian futures? They MUST be terrorists!)

you had a contract

You had an agreement already that you get paid for the work you will do.

If I come to you and say I'll mow your lawn for $5, then mow your lawn, you owe me $5. If I just come up and mow your lawn without talking to you first and then go to you and say "give me $5", you are under no obligation to pay me. If I try to make you do so anyway, it is extortion.

Re:you had a contract

[Anomalous+Cowturd]

No, the analogy here is if I say I'll mow your lawn for $5.00, then show up and say "actually, the price has gone up. Now I'll mow your lawn for $20.00, but you have to give the money to these other guys over here who are helping to keep lawnmowing legal." Then, if you pay them the $20.00, I mow your lawn.

There, wasn't that easy? All you have to do is look at the actual situation and then just think for a second.

Re:This is not blackmail

[Lord+Bitman]

They will release the code if people donate to the EFF- that is, they will not release the code unless money has been given to an organization which is able to defend them in court when Tivo does what Tivo will.

Did you...

[Kjella]

Ever notice how people claim they want intellectual shows, while in reality braindead shows (Babewatch, soaps, shoot-em-ups) do great? Calvin & Hobbes had a great strip on that, where Calvin is complaining about the state of TV, and his dad suggests reading a book or going out instead. Calvin (still watching TV) says "So I lied. Sue me."

Of course, I only want intellectual shows ;)

Kjella

sounds almost like

[minus_273]

extortion... but backwards.. weird

High Definition TiVo Bash Software Hack Claimed

[Biogenesis]

Is it just me, or does anyone else think it's weird that I can make a meaning out of that headline :p.

Patch Schedule

[supersat]

Rumor has it that TiVo will patch it within the next week, starting possibly Wednesday.

Donate or we'll behead Jack Valenti

[mi]

Khmmm...

Re:Still #2 And A Very Cool System

[mr_zorg]

A little known fact, it seems, is that you don't even need a PC to add a second hard drive -- despite what searching the web seems to suggest. While poking around in the TiVo's startup scripts, I found that the command to initialize a new hard drive (if present) is already there along with a comment of "No, we didn't remove this..." So, just plug in the second drive and it should work. No PC necessary!

Re:Still #2 And A Very Cool System

[Radak]

> I found that the command to initialize a new hard drive (if present) is already there along with a comment of "No, we didn't remove this..." So, just plug in the second drive and it should work. No PC necessary!

Wrong. Those commands cause it to add a blessed drive to MFS, not to bless a blank drive. You still need to set up the basic partition table in a PC.

Re:Still #2 And A Very Cool System

[mr_zorg]

Hmm. Bummer. I figured it would take care of that too. I guess that's why I'm just executing the hacks instead of creating them... :-) Not yet anyway.

and EFF looks bad as a result...

nice job, skippy.

HINT

[Ayanami+Rei]

that's not me. i'm no webcam whore.