1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CableCard experiments

Discussion in 'TiVo Underground' started by telemark, Aug 12, 2014.

  1. HerronScott

    HerronScott Active Member

    Jan 1, 2002
    Staunton, VA
    Yes, this was imaging from the existing 1TB drive which had pairing intact and this was meant just as another data point. :)

  2. nooneuknow

    nooneuknow TiVo User Since 2007

    Feb 5, 2011
    Cox Cable...
    Anybody else wondering if this is "just too easy"?

    I'm wondering if that cablecard state pointer is meant to direct the attention of prying eyes away from where the actual pairing data is...

    Other closed ecosystems, like Playstation/Xbox have gone as far as fake BIOS bootstraps (or whatever the famous "belt sander" to the gaming console board exposed), to divert attention away from where the real "secret handshakes" happen. I'd imagine the fact that people hacked their way past that, but TiVo still remains secure, might mean there could be some major intentional misdirects with anything related to content protection.

    I think we may need to tread carefully, as this is getting into content protection mechanisms, and what we are looking for, no matter how innocent our intentions, might fall afoul of the ban on discussions about "circumventing" content protection mechanisms.

    I know I'm often naturally in a paranoid state. So, I welcome anybody to help assure me that we're not going into the "danger zone", by simply trying to find the location of this data, and find a way to "preserve" it, then restore it to another drive (or even the same one, after a re-image), and not set off any nullifying mechanisms...

    I know I'd be more willing to experiment, if I could eliminate dealing with Cox, and explaining I don't need a truck roll, but just need the paring re-established (but can't tell them how it wound-up lost, for the 30th time in a month)...
  3. telemark

    telemark New Member

    Nov 12, 2013
    Sharing some of my notes. Found some OCAP .jar files on my backup images.

    If you google some of the java paths:

    You'll find code bases:

    And two overviews:

    PS. ya, I don't understand everything they're talking about either.
  4. telemark

    telemark New Member

    Nov 12, 2013
    @ggieseke: Thanks for that.

    I think it's more likely it's that easy versus it being a misdirect. I say that because it's low value as there's limited other uses (the key only works between same CC and Host). Tivo's relatively decent at securing what it wants to, which is apparently content protection and access to the OS / root.

    Whether it's too close to forum policy, I'll defer to the veterans of the forum for their judgment.

    Regarding data points: one of the recent installs on the 4TB thread said they didn't have to contact Comcast to re-pair. It would near impossible for them to have migrated that data over accidentally aside from mixing up the drives. Time will tell if it gets invalidated.
  5. nooneuknow

    nooneuknow TiVo User Since 2007

    Feb 5, 2011
    Cox Cable...
    Just don't forget how many people post arguments against those who do have to re-pair plus get to a fully authorized, and fully functional, state, and the reason is often that their (former person's) MSO only requires pairing and auth states for premium channels, which such a person posting re-pairing is/was not needed, may mis-state as they "kept their pairing", when there is/was no pairing, and they may have never had pairing, or lost it, without adverse effects.

    On the opposite end of the spectrum, I've experienced many issues where the card takes the pairing, but fails to become authorized to decrypt "pak" channels, of which most are Encore movie channels, and what is sometimes considered "premium", like Epix, or even just odd ones like IFC and BBC America (variety pak). This is often the hardest state to resolve, for me.

    It's an issue for both Moto and Cisco cards, the pairing plus authorization (two different things, of which both parts are needed, to have the card in a fully paired/auth'd state).

    I've been brushing up on what all the acronyms in the cablecard and TA screens stand for, and what the values displayed represent. It sure helps a lot to know them. The most helpful guide was actually the Cisco STA1520 manual/guide for MSOs. Before this, I only knew which ones mattered, and what values were good and bad.

    Speaking of TAs, there is a pairing of the TA to the card (within my regional Cox market, but not used in others), which might also be a crucial component of keeping things paired and authorized. It has gotten so "locked-down", that all these variables, of which some have no need for, I'm stuck needing all of them, just to get anything beyond digital basic starter tier (which still requires pairing, but not the auth state).

    So, when it comes to data points for the most locked-down markets, I guess I'm the source, even though very little use of the CCI-byte is used here (in this oddball Cox market). I think the mystery issues I have are Cox using a different manner of content protection. Even though my market is "back in the fold", it used to be a rogue Cox breakaway, which did as it pleased, even though the Cox franchise didn't approve. They still have that bit of "maverick" to them. So, it's hard when I'm the only one reporting-in from my market...
  6. ggieseke

    ggieseke Active Member

    May 30, 2008
    I don't *think* that it's dangerous territory. First you have to be able to parse the MFS file structure, then you have to be able to actually read tyDb files. Note that AllYourBase used a hacked S3 to even run "mfs dumpobj" at the bash prompt.

    Additionally, the only value I can see in it is the possibility to back up the pairing by pulling the hard drive. Assuming that it's even worth the effort, the existing tools like MFSLive or DvrBARS should copy that file to the new drive. Using that data to actually do anything to the CableCARD like adding HBO to your account would be impossible. We'll be darn lucky if it even copies the pairing for a majority of users.
  7. nooneuknow

    nooneuknow TiVo User Since 2007

    Feb 5, 2011
    Cox Cable...
    I kind of doubt that any majority of TCF members will be participating in this thread. Some, who don't want to change from say a 3TB drive to a 4TB drive, just because their last paring call turned into a days-long nightmare, are likely watching for the results, and might never post anything to help.

    Often, I have the easiest paring calls, but sometimes they are nightmarish.

    Since drives of larger sizes are coming along, I might be willing to spend the money for all 4TB drives, once they come down a bit more (they are already hitting sale prices which are the same as sale prices when I bought 3TB, but couldn't justify the extra $40-$60 at the time for one more TB, as I have 3 Roamios, and always buy at least 5 drives (which has always been a good move).

    If the closest we get is a better chance of smooth pairing, with most of the data being correct, it's still better than nothing. If we can get to the point of better understanding what goes wrong with pairing, that might be reflected by the local data, that's a bonus. If it gets to where pairing data can be backed-up/restored, for Roamios, that will be good for many. If I can get around the paring invalidation mechanism that has a hair-trigger here, I'll be very happy.

    I have so many pairing calls to Cox, that they are suspicious of me, and what I'm up to. I've hit the threshold, where I have to beg and argue that they don't need to do a truck-roll, to find a reason for so many pairing calls, and so many that go wrong. I'd have done more to try and help with drive upgrading and this, if I wasn't worried about Cox's worries about the volume of pairing they have a history of. This history will get brought up by them. But, if I ask them to look into the history, they play the "what history?" game...

    I think the value of this project will only become apparent once it has been completed. I think I'm the only one asking for it, but believe I'm not the only one who would make use of it.

Share This Page