Slashdot Mirror

← Back to Stories (view on slashdot.org)

High Definition TiVo Bash Software Hack Claimed

Posted by CowboyNeal on from the shell-shocked dept.

crazyray writes "Fresh on the heels of Sunday's Washington Post's article about TiVo and the broadcast flag, a group calling themselves the 'HD TeAm' is claiming to have discovered a software-only exploit to enable bash on the new $1000 High Definition DirecTiVo. Prior to this announcement, it was thought that this was only possible by desoldering and reflashing the PROM. Perhaps most interestingly, 'HD TeAm' is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation."

41 of 154 comments (clear)

  1. Smart plan by irving47 · · Score: 4, Insightful

    Maybe that's a good way of doing it. Make sure you don't have any money to be sued for by the MPAA, but have money going to someone who might arrange your legal defense.

    --
    I had a sucky sig.
    1. Re:Smart plan by garcia · · Score: 4, Insightful

      The conglomorates haven't exactly cared whether you have money or not. If we all had enough money to support an effective legal defense against the monopolies or enough power to end their money-backed lawmaking schemes we wouldn't be trying grassroots campaigns to end their stranglehold.

      Now would we?

    2. Re:Smart plan by Lumpy · · Score: 2, Insightful

      what does it mater, I'm betting they will release the code in an anonomous way so the corperate Gestapo cant target anyone. And be on the lookout that this will be the way code will be released in the future. it's nice to get credit, but screw it I'll attach nothing of me to code that helps humankind take back their rights.

      I hope they are smart enough to not leave any traces of their identity in it so they cant get harassed like the DECSS debacle.

      --
      Do not look at laser with remaining good eye.
  2. off like a dress... by zoloto · · Score: 4, Funny

    ...on PROM night!

    and reflashing the PROM

    well I have to say that brings back fond memories of prom night. ... oh wait, this is about a PROM?? uhhh... nothing to see here, move along!

    1. Re:off like a dress... by tommck · · Score: 2, Funny

      You went to the prom??? What are you doing reading Slashdot?

      --
      ---- It puts the lotion on its skin or else it gets the hose again. It does this whenever it's told.
  3. Away to Jail with Ye by ravenspear · · Score: 5, Funny

    Today the US Senate announced pending legislation designed to curb the growing problem of Tivo hacking. The House is expected to take up a similar bill next week.

    Senator Orrin Hatch, chief sponsor of the bill, was quoted as saying "This issue is of extreme importance to the future of America. What kind of message would we be sending to our children if we allowed this kind of wanton hacking activity to go on unchecked? I ask all politicians who value protecting our intellectual property laws to join me in support of this legislation."

    1. Re:Away to Jail with Ye by garcia · · Score: 2, Funny

      He has also opened a Paypal account to accept donations to help fund the mounting legal costs in persecuting attempts at allowing that evil Communist "freedom of information" idea that has been infiltrating our great fascist state.

      Yes, this is the proper usage of Fascist. We are allowing our country to be opened to the control of the corporations.

    2. Re:Away to Jail with Ye by a_nonamiss · · Score: 2, Insightful
      "This issue is of extreme importance to the future of America. What kind of message would we be sending to our children if we allowed this kind of wanton hacking activity to go on unchecked? I ask all politicians who value protecting our intellectual property laws to join me in support of this legislation." - italics added for emphasis
      wanton - Audio pronunciation of "wanton" ( P ) Pronunciation Key (wntn) adj.

      1. Gratuitously cruel; merciless.
      2. Marked by unprovoked, gratuitous maliciousness; capricious and unjust: wanton destruction.
      3. Unrestrainedly excessive: wanton extravagance; wanton depletion of oil reserves.
      4. Luxuriant; overabundant: wanton tresses.
      5. Frolicsome; playful.
      6. Undisciplined; spoiled.
      7. Obsolete. Rebellious; refractory.

      OK, I know I'm preaching to the choir here, but how does this type of activity merit the use of the word wanton. Genghis Kahn merits that kind of description, but not a bunch of people who want to make the hard drives bigger on their TiVos. Exactly how are women and children being slaughtered by this activity? How can Orrin Hatch say something stupid like that and face no backlash from the mainstream media? This pisses me off to no end! These people are demonizing those of us that just want to upgrade the TiVos that WE OWN.
      I BOUGHT THE TiVo, I PAY THE SUBSCRIPTION FEE, I ABIDE BY THE LAW. WHY CAN'T I OPEN IT UP AND PUT IN A BIGGER HARD DRIVE IF I WANT TO?

      Sorry for the yelling. This makes my blood boil.
      --
      -Arthur
      Cave ne ante ullas catapultas ambules
    3. Re:Away to Jail with Ye by drinkypoo · · Score: 2, Funny

      Didn't you read the definition you pasted? 5. Frolicsome, playful. Wanton is also defined on occasion as "with abandon", which is the sense in which I most commonly see it (in pornography) :)

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:Away to Jail with Ye by Merk · · Score: 3, Informative

      You know, I have mod points, and could just mod you down, but I thought I'd reply instead.

      Godwin's Law isn't a rule about winning or losing arguments. It's a law of nature. It's like gravity. If a thread goes on for long enough, someone will mention Nazis or Hitler. But notice, I'm the first one in this thread to do so. Fascism is bigger than just Nazis. The Italian government under Mussolini was fascist as well.

      Before you say that fascism requires burning racially inferior people in furnaces, you might want to at least read the definition:

      a political system based on a very powerful leader, state control and extreme pride in country and race, and in which political opposition is not allowed

      Let's compare that to the current state of affairs in the US of A:

      • a very powerful leader -- I think unilaterally declaring US citizens to be enemy combattants qualifies here
      • extreme pride in country and race -- substitute religion for race, and this clearly describes a lot of Bush's supporters
      • political opposition is not allowed -- well they haven't won this battle yet, but remember many people argued that protesting the war was unamerican, remember how the republicans tried to shut down Farenheit 911, notice the tiny, dangerous, hidden "Free Speech Zone" at the democratic convention

      There's no question, we're a long way from Italy or Germany in the '30s. At the same time, there's a continuum between an open society and a fascist one. The US is much closer to the fascist side of that spectrum than any other western (or modern eastern) country. Sure, Cuba is worse, and so is North Korea, but when those are the only countries that are more fascist than you... it's a pretty bad sign.

  4. Blackmail? by SilentChris · · Score: 2, Insightful

    "is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation"

    Uh, why? Just release the code.

    1. Re:Blackmail? by jaaron · · Score: 3, Informative

      Apparently a contest was made available first before a software exploit could be found. The HD TeAM group just happens to be the first to claim success. If their post:

      "HD TeAm has a solution prepared and authorizes it's distribution via ddb once $1,000 has been collected. We request that all proceeds be donated to the EFF so that research of this nature remains legal in the future."

      "It is our position that if the community, particularly the minority with the disposable income for hd-units, is unwilling to come together & donate this token sum to a worthy organization the hack is probably better kept private"

      --
      Who said Freedom was Fair?
    2. Re:Blackmail? by MooseGuy529 · · Score: 5, Insightful

      Why? This should be obvious.

      The music, movie, and TV industries in the U.S. still haven't opened up to the idea of sharing things. It was one thing back when TV was analog, and music was on tapes (yeah, they complained back then, but it *was* less of a problem), but now they're scared shitless because they're broadcasting a digital stream, and, although it is compressed, any duplication, recording, or sharing of it would be at exactly the same quality.

      So, they try to manipulate laws (DMCA, Broadcast Flag, etc...) their way so that nobody can copy their stuff illegally or legally. The end result is that we need organizations like the Electronic Frontier Foundation to stand up to them and preserve our rights to use media legally.

      A lot of these laws fall into a category which I particularly find disturbing: laws that cure the symptom instead of the disease. Instead of just cracking down on true copyright violation (large groups of people selling pirated movies and such, not some guy who copies a few movies for a friend), they crack down on ways to violate copyrights, or they crack down on ways to create ways to violate copyrights, or they crack down on uses of copyrighted material more broad than what is truly illegal, or they crack down on anything that could eventually lead to copyright infringement.

      Now, for some analogies. (I warned you, so don't complain they suck!) People are allowed to have knives, for normal uses such as chopping vegetables. Knives, however, can also be used for violence. If knives were regulated the same way copyright law is looking, we wouldn't be able to have knives because they *could* be used to hurt people. Furthermore, most recipies involving chopping would be illegal, due to the fact that they could induce someone to create a knife for that purpose.

      But look at it another way: guns--something whose purpose is solely violence--are regulated. Think about DeCSS--it is used only to decode DVD data to view it; pirates don't even need to decode DVD data to make pirated discs. If the movie industry wanted to crack down on something, it should have been DVD burners (yeah, I know, they shouldn't be regulated either... maybe they should have required a special code on consumer discs, so players won't play DeCSS-encrypted discs [presumably a copyrighted movie] when they are on a consumer disc [presumably because it is a pirated copy]), not DeCSS. That's like cracking down on knives, because they can be used to hurt people, even though they have plenty of harmless uses, while leaving guns unregulated.

      Okay, shred apart my analogies. Have fun. But that is the reason we need the EFF--to protect us from corporations that would otherwise crack down on lawful acts.

      So why not just release it? As the thread says, the people who have enough money to buy an HD TiVo certainly have enough money to contribute to the EFF, and their very use of the TiVo is an act protected by the EFF. Asking for donations to a good group in exchange for a donation is perfectly valid. If you don't like it, don't give money... someone else will... or maybe not, and we'll never see the code...

      --

      Tired of free iPod sigs? Subscribe to my blacklist

    3. Re:Blackmail? by Enucite · · Score: 2, Funny

      whitemail?

  5. Is this the opposite of digital terrorism?? by dgrgich · · Score: 2, Insightful

    I remember a while back the gang of folks threatening to release hacks for the Xbox unless MS paid up - don't remember hearing what happened there. This seems to be similar but completely different - :)

    I have to say that I'm against anything that might harm Tivo as a company; I'm a rabid fan who sees signs on the wall that Tivo may be in trouble within the next few years as the cable companies produce low-grade DVRs that do not give the database-powered juicy goodness that Tivo provides.

    Just my two cents.

    1. Re:Is this the opposite of digital terrorism?? by Anonymous Coward · · Score: 5, Informative

      They were threatening to release the software hack unless MS were to allow a signed version of Linux to be released on the XBox. Of course MS didn't, and the hack (which allowed the user to load an unsigned linux loader without a hardware mod) was released.

      Later that hack was modified by other people to run *any* unsigned executable on the XBox. It was this very possibility that the original hacker wanted MS to avoid by allowing a signed Linux loader.

  6. Software-only hacks rule! by 192939495969798999 · · Score: 4, Insightful

    Let me be one of the first (today) to say that software-only hacks rule! There are a lot more people that can use that type of hack, then there are that would open the box and do stuff in order to get BASH, or what have you, to work. Having witnessed hardware xBox/TiVo hacks myself, I can attest that if you don't have nerves of steel, you could bump that soldering iron into something important.. and whoops! There goes the system.

    --
    stuff |
  7. OK, dumb question by GojiraDeMonstah · · Score: 4, Insightful

    What would you be able to do with a TiVo hacked in this way that you can't do now? Hook it up to a different hard drive and store more shows?

    --
    "Stop throwing the Constitution in my face, it's just a goddamned piece of paper!" - George W. Bush Nov. 2005
    1. Re:OK, dumb question by Radak · · Score: 5, Funny

      Run a web server on it for remote programming, extract digital video from it, and most important, IRC from it.

    2. Re:OK, dumb question by irokitt · · Score: 2, Funny

      Two words, man. Nethack.

      --
      If my answers frighten you, stop asking scary questions.
  8. Re:bash? by selfabuse · · Score: 5, Informative

    This is bash.

  9. Opening Narration by irving47 · · Score: 4, Funny

    In 2004, a crack hacker unit will be sent to prison by a civilian court, for crimes they just barely understood themselves. These hackers promptly escaped from the maximum security MPAA holding room to their mothers' basements. Today, still wanted by Jack Valenti, they survive as coders of fortune. If you have an encrypted video stream, nobody else will touch it, and if you can find them, maybe you can hire the HD TeAm!
    click click click click...

    --
    I had a sucky sig.
    1. Re:Opening Narration by Anonymous Coward · · Score: 5, Funny

      B.A.: "You know I hate to code assembly, Hannibal!"

      *snickers* Great reference!

  10. Re:Fishy! by thedude13 · · Score: 5, Interesting
    read a little further down, specifically message #6:
    first submission (maybe the last?) "HD TeAm" has submitted a sw only exploit for evaluation the license is restricted distribution - but only to prevent resale / hero abuse the HD TeAm position: "HD TeAm has a solution prepared and authorizes it's distribution via ddb once $1,000 has been collected. We request that all proceeds be donated to the EFF so that research of this nature remains legal in the future." "It is our position that if the community, particularly the minority with the disposable income for hd-units, is unwilling to come together & donate this token sum to a worthy organization the hack is probably better kept private" OK, lets open the floor to discussion
    i personally hope it is real because i believe once i purchase the hardware, then i should be able to do whatever i want with it.
  11. Reading between the lines... by rdewalt · · Score: 4, Funny

    "... Perhaps most interestingly, 'HD TeAm' is offering to release the code to the world if enough donations are given to the Electronic Frontier Foundation."

    In other words, "We'd like our defense fund paid in advance before we release That-Which-Will-Get-Us-Sued-Out-Of-Our-Lives.

  12. The hack I'd like to see by AndroidCat · · Score: 5, Funny

    Skipping commercials is nice, but I'd like a hack to allow a TiVo to record and show good programs. "I wish my television had a control to adjust the intelligence level. I tried the control marked 'brightness', but it didn't help at all."

    --
    One line blog. I hear that they're called Twitters now.
    1. Re:The hack I'd like to see by Rude+Turnip · · Score: 3, Informative

      That's what Thumbs Up/Down is for, in conjunction with watching your viewing patterns. Never failed me yet! I have more stuff that I watch in the "Suggestions" box than programs I picked myself. Just brace yourself the day your SO finds "G String Divas" in the suggestions box :-).

      --
      Bill Clinton: Pimp we can believe in. - The Shirt!!!
    2. Re:The hack I'd like to see by Monkelectric · · Score: 2, Informative

      First Gallagher quote on slashdot in years, +5!

      --

      Religion is a gateway psychosis. -- Dave Foley

  13. Re:Still #2 And A Very Cool System by Radak · · Score: 3, Informative

    > The secondary reasons are to add features and disk space.

    Disk space can be added to TiVos without shell access. Many people have already upgraded their HD TiVos' hard drives, while only a handfull have shell access to them.

  14. Re:How about a hack for the Series 2? by Zondar · · Score: 2, Interesting

    How about stepping into 2004? The two-card-monte method as applied to the Tivo Series 2 as long ago as February, 2003.

    http://www.dealdatabase.com/forum/showthread.php?t =22154

  15. Re:I heard of this before... by Spaceman40 · · Score: 5, Insightful
    [quote] This 'digital blackmail/digital terrorism' leaves a sour taste in my mouth. I hope the EFF does the right thing and encourages people not to donate for this cause. Or perhaps not give out how much money they've been donated. This should not be encouraged at all. [/quote]

    If you've RTFA, you'd realize:

    The forum offered a bounty for a software hack.

    The bounty was funded by donations.

    The TeAm just asked for the bounty to be redirected to the EFF instead of to themselves.
    So basically, the big deal is that the bounty needs to reach $1000 before they'll release the code, but when it does, they're just going to give the bounty to the EFF anyway. What's wrong with that?
    This isn't terrorism, you idiot - write the code yourself if you want it. The comparison "leaves a sour taste in my mouth".

    Argh. Mod parent: flamebait.

    --
    I [may] disapprove of what you say, but I will defend to the death your right to say it.
  16. This is not a good thing by codefungus · · Score: 2, Insightful

    We don't need people associating the EFF with blackmail.

    I wish they wouldn't do this.

    --
    -- A cat is no trade for integrity!
    1. Re:This is not a good thing by Anonymous Coward · · Score: 3, Informative

      I agree with the question - how is this blackmail?

      It would be blackmail IF the team publicly said "we'll release this code UNLESS Tivo(/the broadcast industry/MPAA/whoever) pays the EFF $X"... this is more of a "we want an acknowledgement that this is useful, and people are interested in it, but legally we obviously can't get paid ourselves for it"

  17. Re:I have a question....... by Not_Wiggins · · Score: 2, Interesting

    An idea from the Devil's Advocate side of the world: perhaps they don't *actually* have the code and are just trying to drum up donations using a hoax of sorts.

    You'd be just as wise to put your money down on a "pre-release" copy of Duke Nuke'em Forever without doing more homework. ;)

    --
    Diplomacy is the art of saying, "Nice doggie!" until you can find a rock.
  18. Re:Fishy! by Anonymous Coward · · Score: 2, Interesting


    not if it means getting service for FREE and TiVo losing money. hacks like this can allow this alteration, and it's just not good for the company and it's investors

    NO! This is especially true in this case. Corporate America needs to be taught that "we will make money as long as we contol the use of our product after we sell it" is a bogus business plan.

    Capatalism demands that any company that tries this be run out of business. Darwin tells us that any investor that supports a company with such a business plan will have their money taken away (and this is a good thing)

    I'm sick and tired of the "companies and investors DESERVE to make mony no matter how lame their business plans are" crowd. FSCK that. If a company can't figure out how to make money w/o inventing new limitations on what consumers can do with their product then it is VITALLY IMPORTANT that that company be allowed to fail. It may hurt in the short term, but we are all better for it in the long term.

  19. ITS NOT BLACKMAIL by Anonymous Coward · · Score: 4, Informative

    They are asking for donations (to a non-profit organization!) and in return they will release a hack that THEY CREATED into the public domain.

    How is offering to release something that you created in exchange for donations, blackmail?

    If it is, then I guess every business that sells goods or services is guilty of blackmail too *roll eyes*

  20. Definition of blackmail by tgibbs · · Score: 4, Interesting

    This 'digital blackmail/digital terrorism' leaves a sour taste in my mouth.

    Blackmail involves the withholding of information in return for a fee. If providing information in return for a fee is blackmail, then we'll have to jail all the programmers and scientists.

  21. Re:I have a question....... by josecanuc · · Score: 3, Informative

    There was a contest: The contest organizers would collect a bounty from folks. If some group met the challenge (bash shell in Tivo) before the deadline, then they would get the collected money.

    There is a group now that claims to have a working solution to the challenge, but they are saying they will not release it until the collected bounty is at least $1000 and with a promise that the contest organizers will not send it to the winners, but to the EFF instead.

  22. I can hear it now... by ControlFreal · · Score: 2, Interesting

    (Tell-Sell mode)

    The latest TiVo hack... Soon coming to a Freenet or MUTE node near you... It's amazing!

    (/Tell-Sell mode)

    A little later, it'll be all over the general file-sharing networks, without ever having left a trace to its origin. At that stage, the cat is irrevocably out of the bag.

    The point you raise is interesting: it doesn't matter that anonymous networks like Freenet or MUTE are not currently used by a lot of users; they _are_ used by ~1000-~10000 users. When more than a view of those start sharing it at high-usage filesharing networks, the cat is out of the bag. I can indeed imagine really high-profile hacks (say: like the utopical patch that'll break DRMS and/of TCPA in a few years, or so ;) to be "released" in either the two-stage way I just described, or by using virusses (as a last resort).

    Interesting...

    --
    Support a Europe-related section on Slashdot!
  23. Re:I heard of this before... by KidSock · · Score: 2

    If you've RTFA, you'd realize:

    Obviously RTFA didn't help you understand why the principle of this offer is flawed. Bascially this is like saying "If you donate money to GreenPeace we will torch some Hummers." They are using a premeditated illegal action as a sort of endorsement for an organization. Therefore the correct response is for the EFF to denounce illegal activites regardless of wheather or not they believe the laws are constitutional.

  24. Re:Still #2 And A Very Cool System by Radak · · Score: 2, Informative

    > I found that the command to initialize a new hard drive (if present) is already there along with a comment of "No, we didn't remove this..." So, just plug in the second drive and it should work. No PC necessary!

    Wrong. Those commands cause it to add a blessed drive to MFS, not to bless a blank drive. You still need to set up the basic partition table in a PC.