TiVo Community
TiVo Community
TiVo Community
Go Back   TiVo Community > Main TiVo Forums > TiVo Coffee House - TiVo Discussion
TiVo Community
Reply
Forum Jump
 
Thread Tools
Old 12-04-2006, 10:47 AM   #1
MickeS
Registered User
 
MickeS's Avatar
 
Join Date: Dec 2002
Location: AZ
Posts: 25,883
TiVoToGo DRM cracked

I'm guessing this has already been posted here, but I couldn't find a thread about it... so if it HASN'T been posted, here's a thread.

http://community.livejournal.com/tivolovers/384800.html

I wonder what this will mean for ToGo for Mac?

Last edited by MickeS : 12-04-2006 at 10:53 AM.
MickeS is offline   Reply With Quote
Old 12-04-2006, 11:00 AM   #2
ZeoTiVo
I can't explain
 
ZeoTiVo's Avatar
 
Join Date: Jan 2004
Posts: 25,486
Well it is not really a crack per se as it still requires the Media Access Key from the user and just basically does the same pipe and filtering in a C program.

the good news for Mac and Linux users is that you do not need TiVo desktop installed to run this program.

While I do not think this will induce an uptick in files from TiVos shared on the internet - since people could have done that already by just getting a windows PC this si somewhat bad news for TiVo, inc. as it weakens the perception of security on their platform in the content owner's eyes.
__________________
You just need to disable your sense of shame for all humanity and click past the break
ZeoTiVo is offline   Reply With Quote
Old 12-04-2006, 11:24 AM   #3
Stu_Bee
Registered User
 
Join Date: Jan 2002
Location: Silicon Valley, Ca
Posts: 887
Quote:
Originally Posted by ZeoTiVo
as it weakens the perception of security on their platform in the content owner's eyes.
Yeah..and that's all it is perception. Even tivo allows people to currently strip the DRM from their content via the Tivo Desktop+ transcoding to other video formats.
The only protection Tivo can be offering at this point is the Do Not Allow download flags.
Stu_Bee is offline   Reply With Quote
Old 12-04-2006, 11:26 AM   #4
Jiffylush
Registered User
 
Join Date: Oct 2006
Posts: 139
I see this as bad news for S3 owners waiting for TTG and MRV.

I hope it isn't but this is just the type of thing cablelabs would use as a reason not to enable TTG and MRV.
Jiffylush is offline   Reply With Quote
Old 12-04-2006, 11:31 AM   #5
MickeS
Registered User
 
MickeS's Avatar
 
Join Date: Dec 2002
Location: AZ
Posts: 25,883
Quote:
Originally Posted by Jiffylush
I see this as bad news for S3 owners waiting for TTG and MRV.

I hope it isn't but this is just the type of thing cablelabs would use as a reason not to enable TTG and MRV.
Which never has made any sense to me, since recording devices for the PC are allowed.
MickeS is offline   Reply With Quote
Old 12-04-2006, 11:33 AM   #6
ZeoTiVo
I can't explain
 
ZeoTiVo's Avatar
 
Join Date: Jan 2004
Posts: 25,486
Quote:
Originally Posted by MickeS
Which never has made any sense to me, since recording devices for the PC are allowed.
it is all about the HD on premium channels and the coming downloading of movies.

OTA content or premium SD content is not so important to the copyright holders anymore, but they are looking for that locked down digital stream they can provide thier content on and feel like no one is dipping into the stream without paying.
__________________
You just need to disable your sense of shame for all humanity and click past the break
ZeoTiVo is offline   Reply With Quote
Old 12-04-2006, 12:00 PM   #7
jmoak
Beware of Conky!
 
Join Date: Jun 2000
Location: florida
Posts: 2,573
Quote:
from the soueceforge page:
The conversion still requires the valid MAK of the TiVo which recorded the file, so it cannot be used to circumvent their protection, simply to provide the same level of access as is already available on Windows.
So it's not actually "cracked", is it?

Or is it just a "perception" thing?

It's not, but they say it is, but it's really not, but it does not matter, 'cause they say it is, even though it's not, so it may as well be, 'cause they say it is, even though it's not, everyone says it is, or is it? I mean, the title says it is, so it must be, right? right?

jmoak is offline   Reply With Quote
Old 12-04-2006, 12:02 PM   #8
MickeS
Registered User
 
MickeS's Avatar
 
Join Date: Dec 2002
Location: AZ
Posts: 25,883
Nope, I guess "cracked" is not entirely correct. More shorthand for "circumventable without TiVo-provided software" .
MickeS is offline   Reply With Quote
Old 12-04-2006, 12:30 PM   #9
ZeoTiVo
I can't explain
 
ZeoTiVo's Avatar
 
Join Date: Jan 2004
Posts: 25,486
Quote:
Originally Posted by jmoak
It's not, but they say it is, but it's really not, but it does not matter, 'cause they say it is, even though it's not, so it may as well be, 'cause they say it is, even though it's not, everyone says it is, or is it? I mean, the title says it is, so it must be, right? right?
I think you have it now. That is exactly how the content providers will think it through
__________________
You just need to disable your sense of shame for all humanity and click past the break
ZeoTiVo is offline   Reply With Quote
Old 12-04-2006, 12:35 PM   #10
rainwater
Registered User
 
Join Date: Sep 2004
Posts: 5,981
Since the DRM scheme has been reverse engineered and you can circumvent the DRM without the TiVo software, then it has been officially cracked (whether it requires the MAK or not).
rainwater is offline   Reply With Quote
Old 12-04-2006, 12:42 PM   #11
ZeoTiVo
I can't explain
 
ZeoTiVo's Avatar
 
Join Date: Jan 2004
Posts: 25,486
Quote:
Originally Posted by rainwater
Since the DRM scheme has been reverse engineered and you can circumvent the DRM without the TiVo software, then it has been officially cracked (whether it requires the MAK or not).
A crack to me denotes you can open any .tivo file without needing the specific key

I think it is better to say it has been hacked
__________________
You just need to disable your sense of shame for all humanity and click past the break
ZeoTiVo is offline   Reply With Quote
Old 12-04-2006, 12:49 PM   #12
Aflat
Registered User
 
Join Date: Aug 2005
Posts: 108
Quote:
Originally Posted by MickeS
Which never has made any sense to me, since recording devices for the PC are allowed.

Yes but recording devices using a cable card on a PC is not allowed. The only machiena cbale card can be installed into is an approved cable card computer. You can't make a home brewed media center PC that can read cable cards.
Aflat is offline   Reply With Quote
Old 12-04-2006, 12:51 PM   #13
jmoak
Beware of Conky!
 
Join Date: Jun 2000
Location: florida
Posts: 2,573
Quote:
Originally Posted by ZeoTiVo
I think you have it now. That is exactly how the content providers will think it through
Who can blame 'em? Engadget (home of the famous "Tivo Deathwatch") titles it "TiVo DRM cracked, non-Windows users rejoice", this thread says "TiVoToGo DRM cracked", and I'll betcha a goggle search tomorrow will display at least a half dozen more "Tivo Cracked!" headlines.

Content providers, et. all.

Even though you still need the tivo key to do anything and even sourceforge plainly states "it cannot be used to circumvent their protection", many will loudly proclaim "it has been officially cracked!"

edit:
Woah! No sooner than I thought it, even before I posted it....
jmoak is offline   Reply With Quote
Old 12-04-2006, 12:55 PM   #14
rainwater
Registered User
 
Join Date: Sep 2004
Posts: 5,981
Quote:
Originally Posted by Aflat
Yes but recording devices using a cable card on a PC is not allowed. The only machiena cbale card can be installed into is an approved cable card computer. You can't make a home brewed media center PC that can read cable cards.
It doesn't matter what you call it. Anyone who can get .tivo files off their TiVo is going to have the MAK anyways. Sure, you couldn't distribute .tivo files around, but that is not really a big concern anyways if you can just strip the DRM off immediately and have a MPEG-2 file. Of course you have been able to easily do this for a while so its not a big deal to Windows users. The big question will be what will TiVo do if someone writes a piece of software that mimics TiVo Desktop on the Mac.
rainwater is offline   Reply With Quote
Old 12-04-2006, 01:01 PM   #15
mportuesi
As seen on TV
 
Join Date: Nov 2002
Location: San Francisco, CA
Posts: 1,891
Quote:
Originally Posted by rainwater
The big question will be what will TiVo do if someone writes a piece of software that mimics TiVo Desktop on the Mac.
I imagine it should be pretty straightforward to modify Galleon to call-out to this unlocking utility. That would pretty much put Galleon on par with TiVo Desktop.
mportuesi is offline   Reply With Quote
Old 12-04-2006, 01:07 PM   #16
jmoak
Beware of Conky!
 
Join Date: Jun 2000
Location: florida
Posts: 2,573
Quote:
Originally Posted by rainwater
Sure, you couldn't distribute .tivo files around, but that is not really a big concern anyways
That IS "The Big Concern", to the program providers, anyway.
Quote:
Originally Posted by rainwater
The big question will be what will TiVo do if someone writes a piece of software that mimics TiVo Desktop on the Mac.
If this sourceforge development had been touted correctly, it would have been a boon to tivo. Heck, writing a workaround that allows other os's to work with tivo files while maintaining the need to use the tivo keys and authorization method? I'd imagine they'd say, "Thanks!!"

But to have it touted as a "crack" and therefore thought of as a circumvention of their drm system... WHEW! Lord only knows how they'll react.
jmoak is offline   Reply With Quote
Old 12-04-2006, 01:21 PM   #17
id242
Registered User
 
id242's Avatar
 
Join Date: Feb 2006
Posts: 61
Wow, I guess the people who do run this forum, DO censor messages posted.

Even if you follow the guidelines listed in the forum rules, posts that the moderators don't personally agree with, somehow disappear.

All the regulars know this already, I guess that's what they mean when they write "IBTL", which either means "In Before The Lock" (Censorship) or "I Better Tellyou Later", which means "Hush Hush. We are not suppose to talk about such things in public".
id242 is offline   Reply With Quote
Old 12-04-2006, 01:23 PM   #18
Dan203
Super Moderator
 
Dan203's Avatar
 
Join Date: Apr 2000
Location: Nevada
Posts: 24,513
Your post was deleted because it was a duplicate, not because it was censored.

Dan
__________________
Dan Haddix
Super Moderator
Developer for VideoReDo
Dan203 is offline   Reply With Quote
Old 12-04-2006, 02:20 PM   #19
davezatz
Funkadelic
 
davezatz's Avatar
 
Join Date: Apr 2002
Location: Northern Virginia
Posts: 4,273
Quote:
Originally Posted by rainwater
Since the DRM scheme has been reverse engineered and you can circumvent the DRM without the TiVo software, then it has been officially cracked (whether it requires the MAK or not).
I think it's fair to say it's been cracked. Perhaps there are varying levels of 'crack' but deconstructing the decryption mechanism is a very big deal. If we want to argue that needing a MAK means it's not been cracked, someone will build us a brute force MAK testing engine and solve that lickity split.

I think most folks will use this for legit reasons. People want TiVoToGo on the Mac and TiVo hasn't delivered. As was mentioned above, let's plug this into Galleon and call it a day.
davezatz is offline   Reply With Quote
Old 12-04-2006, 02:24 PM   #20
TydalForce
Registered User
 
Join Date: Feb 2006
Location: Philadelphia, PA
Posts: 1,013
Anybody who wants to record TV, edit out the commercials, and then distribute it under questionable circumstances is already doing so via computer-based TV Tuner cards.

This really doesn't change anything. TV shows are still going to show up on BitTorrent, with our without TiVo around.

This is, however, good news for those of us on Mac or Linux (or other?) who want to download a few shows from their TiVo to take on the go with them.
TydalForce is offline   Reply With Quote
Old 12-04-2006, 02:25 PM   #21
rainwater
Registered User
 
Join Date: Sep 2004
Posts: 5,981
Quote:
Originally Posted by davezatz
I think it's fair to say it's been cracked. Perhaps there are varying levels of 'crack' but deconstructing the decryption mechanism is a very big deal. If we want to argue that needing a MAK means it's not been cracked, someone will build us a brute force MAK testing engine and solve that lickity split.

I think most folks will use this for legit reasons. People want TiVoToGo on the Mac and TiVo hasn't delivered. As was mentioned above, let's plug this into Galleon and call it a day.
Yeah, the big deal is you can now remove the DRM without any dlls or TiVo software. This can't sit well with TiVo, but I'm not sure what they can do now that the source code is out there.

And I agree, I think this was all brought about due to lack of support from TiVo for platforms other than Windows (even though Tivo Desktop Plus removes the DRM itself for portable devices).

I would disagree that this affects the S3 because I have a hard time believing TTG will ever be possible on the S3 for digital cable recordings and I don't see how this affects MRV anyways.
rainwater is offline   Reply With Quote
Old 12-04-2006, 02:29 PM   #22
davezatz
Funkadelic
 
davezatz's Avatar
 
Join Date: Apr 2002
Location: Northern Virginia
Posts: 4,273
Quote:
Originally Posted by TydalForce
Anybody who wants to record TV, edit out the commercials, and then distribute it under questionable circumstances is already doing so via computer-based TV Tuner cards.
TiVo, Inc could make the argument that bypassing their DRM scheme violates the DMCA if they or their partners feel threatened. Megazone suggested this could lead to an arms war, though I wonder if TiVo has the skills on hand to come up with a new mechanism and get it out there in a timely fashion. (Mac TTG is nearly two years late...)

I don't mind republishing DirectShow Dump or GraphEdit stuff because we're essentially letting TiVo software decrypt the show (as designed) and we just happen to be saving the results. I briefly thought of hosting some of this new stuff on my site, but I think it's a grey area I don't want to touch. I will however try it out tonight on my Mac.

Quote:
Originally Posted by rainwater
I would disagree that this affects the S3 because I have a hard time believing TTG will ever be possible on the S3 for digital cable recordings and I don't see how this affects MRV anyways.
TTG for the S3 has always been a long shot due to political and technical issues, though it's more likely SD content could be moved around. MRV could be impacted just from a perception stand-point. If CableLabs feels like TiVo hasn't built a secure platform they could be reluctant to certify features they may not fully trust as it is.
davezatz is offline   Reply With Quote
Old 12-04-2006, 02:51 PM   #23
minckster
Registered User
 
Join Date: Aug 2006
Location: Manhattan NYC
Posts: 642
Edit: D'oh! Forget my question! I just noticed that --mak says "required."

Are you guys sure that the program requires the MAK? One of the flags (?) is "--noverify, do not verify MAK while decoding." I'm not sure what else that would mean.
Quote:
Usage: ./objects.dir/tivodecode [--help] [--verbose|-v] [--no-verify|-n] {--mak|-m} mak [{--out|-o} outfile] <tivofile>

--mak, -m media access key (required)
--out, -o output file (default stdout)
--verbose, -v verbose
--no-verify, -n do not verify MAK while decoding
--help print this help and exit

minckster is offline   Reply With Quote
Old 12-04-2006, 03:03 PM   #24
petew
Registered User
 
petew's Avatar
 
Join Date: Jul 2003
Location: San Jose, CA
Posts: 1,446
Quote:
Originally Posted by minckster
Are you guys sure that the program requires the MAK? One of the flags (?) is "--noverify, do not verify MAK while decoding." I'm not sure what else that would mean.
The MAK is part of the decrypt key. I presume if it's wrong and you use --noverify you'll just get a scrambled MPG output.
__________________
TivoHD, 1Tb upgrade, 96" Front Projection Screen.
petew is offline   Reply With Quote
Old 12-04-2006, 03:16 PM   #25
ZeoTiVo
I can't explain
 
ZeoTiVo's Avatar
 
Join Date: Jan 2004
Posts: 25,486
Quote:
Originally Posted by id242
All the regulars know this already,
that is was a duplicate thread of a thread right at the top of the first page with the obvious title "TiVoToGo DRM cracked"? - yah - we knew that
__________________
You just need to disable your sense of shame for all humanity and click past the break
ZeoTiVo is offline   Reply With Quote
Old 12-04-2006, 03:25 PM   #26
ZeoTiVo
I can't explain
 
ZeoTiVo's Avatar
 
Join Date: Jan 2004
Posts: 25,486
Quote:
Originally Posted by davezatz
If we want to argue that needing a MAK means it's not been cracked, someone will build us a brute force MAK testing engine and solve that lickity split.
If someone could come up with a way to do that then I would call it cracked and that would indictae weak encryption/security.

but to use the same pipe and filter method that TiVo does and require the MAK itself to do the decryption is a hack. A good hack, and one that will make Mac users with TiVos happy that they can do all the processing on a Mac now.

even the early ability to get content off a TiVo DVR before/without desktop was a hack and not a crack as they simply truned off the flag that said to decrypt the content as it was being recorded. All of this is still illegal under the DMCA as it all circumvents the security mechanisms so in court it would be a small distinction


I think the distinction is important due to the perception of content providers as they argue with TiVo over how secure content is on the TiVo box. And that argumnet is brewing now at cablelabs over certifying TiVoToGo in hardware with cable cards
__________________
You just need to disable your sense of shame for all humanity and click past the break

Last edited by ZeoTiVo : 12-05-2006 at 07:24 AM.
ZeoTiVo is offline   Reply With Quote
Old 12-04-2006, 04:42 PM   #27
MickeS
Registered User
 
MickeS's Avatar
 
Join Date: Dec 2002
Location: AZ
Posts: 25,883
Quote:
Originally Posted by jmoak
Even though you still need the tivo key to do anything and even sourceforge plainly states "it cannot be used to circumvent their protection", many will loudly proclaim "it has been officially cracked!"
Since every single person who owns a TiVo Series 2 has a MAK, and this requires ownership of a Series 2 to extract files in the first place, I think "cracked" is fairly accurate shorthand for what they've done, since it doesn't require any official TiVo software. ZeoTivo's suggestion "hack" is probably better though.
MickeS is offline   Reply With Quote
Old 12-04-2006, 04:49 PM   #28
Redux
No intent to annoy
 
Join Date: Oct 2004
Posts: 1,564
Do .tivo files have any advantage over .ty files?

Trying to manufacture an excuse to play with a new toy.
__________________
"I know I've known how to do that at some point, but I don't remember how at the moment." - a truth learned on TCF
Redux is offline   Reply With Quote
Old 12-04-2006, 05:01 PM   #29
sommerfeld
Lucky (?) 200 member
 
Join Date: Feb 2006
Location: Arlington, MA
Posts: 270
Quote:
Originally Posted by ZeoTiVo
Well it is not really a crack per se as it still requires the Media Access Key from the user and just basically does the same pipe and filtering in a C program.
Except that the MAK is apparently only 32 bits long, which puts the crypto into the "good against your kid sister" class rather than the "good against a determined adversary" class.

To put this into concrete terms: a 32-bit key means that there are only 2^32 possible keys - just over 4 billion. This may seem like a lot, but current commodity desktop computers are clocked at around 2GHz - two billion ticks per second. Even if you need tens of thousands of cycles to try each key, modestly tuned key-search software running on commodity hardware most likely could try all four billion in a day.
sommerfeld is offline   Reply With Quote
Old 12-04-2006, 05:15 PM   #30
sommerfeld
Lucky (?) 200 member
 
Join Date: Feb 2006
Location: Arlington, MA
Posts: 270
Quote:
Originally Posted by MickeS
ZeoTivo's suggestion "hack" is probably better though.
I'll stay professional and say that the file encoding has been reverse-engineered; as is typical for proprietary encodings not subject to public peer review, the encoding scheme appears to be cryptographically weak.
sommerfeld is offline   Reply With Quote
Reply
Forum Jump




Thread Tools


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Advertisements

TiVo Community
Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
vBulletin Skins by: Relivo Media

(C) 2013 Magenium Solutions - All Rights Reserved. No information may be posted elsewhere without written permission.
TiVoŽ is a registered trademark of TiVo Inc. This site is not owned or operated by TiVo Inc.
All times are GMT -5. The time now is 12:07 AM.
OUR NETWORK: MyOpenRouter | TechLore | SansaCommunity | RoboCommunity | MediaSmart Home | Explore3DTV | Dijit Community | DVR Playground |