Slashdot Mirror

← Back to Stories (view on slashdot.org)

TiVo Awarded Patent For Password You Can't Hack

Posted by Zonk on from the un-hack-able dept.

Davis Freeberg writes "TiVo has always been known for thinking outside of the box, but this week they were awarded an unusual patent related to locking down content on their hard drives. According to the patent, they've invented a way to create password security that is so tough, it would take you longer than the life of a hard drive in order to figure it out. They could be using this technology to prevent the sharing of content or it could be related to their advertising or guide data, but if their encryption technology is really that good, it's an interesting solution for solving the problem of securing networks."

4 of 291 comments (clear)

  1. Re:So.... by Anonymous Coward · · Score: 5, Insightful

    I want to know if the patent is invalidated when it's broken.

    (ie: does making outlandish and incorrect claims in a patent invalidate it?)

  2. Re:So.... by rob1980 · · Score: 5, Insightful

    No shit. The second your product gets into a consumer's home, its "unhackable" status vanishes.

  3. How is this news? by Sycraft-fu · · Score: 5, Insightful

    It's not like good crypto is hard to come by. I mean if I pick a good password with AES you aren't cracking that in your lifetime, much less the life of a harddrive. The problem isn't a good password, the problem is that DRM tries to use crypto for something it isn't made for. Crypto is about keeping out non trusted parties. That's how SSH works. You have the key, the server has the key and thus only you and the server can decrypt the traffic. Anyone else can capture everything if they want, and they are going to get all of nowhere with it.

    The problem with DRM is that the person who is the recipient is also one of the people they want to keep out. This creates a problem: To decrypt the message (by message I mean whatever they are giving you, video, song, game, whatever) you have to give them the key. However, if they have the key, well then they can decrypt it and do what they want with it.

    This leads to all the tricky, and ineffective, stuff we see these days. They try to hide the key so that only the device can find it and you can't get at it. Well that just don't work. It can make it so it isn't as simple as just copying a disk, but as we've seen with the AACS break, you can't hide that shit from a determined attacker. The key IS on there, it CAN be found.

    So I don't care how good their password scheme is. AES-256 with a 64 character password is good enough to last until the sun goes dark (or at least until quantum computing becomes a reality) but that doesn't buy you anything if you have to hand out the key as part of your scheme as is required by DRM.

  4. Re:So.... by jddj · · Score: 5, Insightful

    I don't think so.

    In the US at least, there's no requirement that a patented idea or invention or system actually do anything useful or work or even do what it claims.

    There are numerous patents for mind-reading devices, nutjob free energy systems and perpetual motion machines, and searching the USPTO database for the "hyper-light-speed antenna" will produce some interesting reading.

    Might as well patent completely unbreakable DRM.