View Poll Results: How much will you contribute to this bounty - READ 1st post before voting

Voters
50. You may not vote on this poll
  • $10

    9 18.00%
  • $20

    13 26.00%
  • $50

    4 8.00%
  • $100 - (WHEW! sure glad I didn't have to void the warrenty with a prom mod)

    7 14.00%
  • $0 - (gonna let somebody else foot the bill & HOPE the exploit appears)

    5 10.00%
  • $5 - don't even own a hd unit but hey...

    11 22.00%
  • $250 - category added by request

    1 2.00%
Multiple Choice Poll.
Page 4 of 9 FirstFirst ... 23456 ... LastLast
Results 46 to 60 of 126

Thread: HD-TIVO exploit bounty

  1. #46
    Join Date
    Mar 2002
    Posts
    1,339
    Quote Originally Posted by redstone
    Question: This exploit will allow one to setup a USB-ethernet connection and use HDTytool?
    the hack prevents the kernel from undoing changes to the root filesystem - any drivers or utilities you install stay installed


    nsysblh:

    it's functionally equivilant to a monte chain or prom mod, but not logically equivilant to a prom mod. it's better because tivo could choose to lock out units with modified proms & this sidesteps that... see what I mean?

    monte works btw. you could use say the authentic 3.1.5/2.4.20 kernel to boot with full lba48 support, then insmod monte & chain load your own with support for whatever (network mfs partions, usb video capture devices, etc)
    ---
    Give a man a fish and he will eat for a day. Teach a man to fish and he will sit in a boat all day and drink beer

  2. #47
    Join Date
    Sep 2001
    Posts
    69
    Quote Originally Posted by rc3105
    the hack prevents the kernel from undoing changes to the root filesystem - any drivers or utilities you install stay installed


    nsysblh:

    it's functionally equivilant to a monte chain or prom mod, but not logically equivilant to a prom mod. it's better because tivo could choose to lock out units with modified proms & this sidesteps that... see what I mean?

    monte works btw. you could use say the authentic 3.1.5/2.4.20 kernel to boot with full lba48 support, then insmod monte & chain load your own with support for whatever (network mfs partions, usb video capture devices, etc)
    I meant that if you could do it with a prom change, you should be able to do it with this method (in my currently uninformed opinion). So, maybe it is virtually equivalent, not logically.

    What is the total up to now? We are all on the edge of our seats out here.

    Edit: Oh, ok the total is on the first page.
    Last edited by nsysblh; 08-02-2004 at 08:01 PM.

  3. #48
    Join Date
    Jul 2003
    Posts
    202
    Quote Originally Posted by nsysblh
    I meant that if you could do it with a prom change, you should be able to do it with this method (in my currently uninformed opinion). So, maybe it is virtually equivalent, not logically.

    What is the total up to now? We are all on the edge of our seats out here.
    Looks about $830 now... should cross the line tonight or tommorow I'd gather.

  4. #49
    Join Date
    Jul 2003
    Posts
    202
    Quote Originally Posted by rc3105
    $250 - ntesla
    Damn dude! Thats pretty generous... I dunno if you can deduct "Tivo Hack" on your taxes though .

  5. #50
    Join Date
    Feb 2003
    Posts
    155
    Quote Originally Posted by rc3105
    not necesarily. learn a little, how many ways do you think there are to defeat an el-gamel signature check???

    yep, that's true. send the EFF some $ or volunteer to be the victim of a precedent setting case and maybe that'll improve

    maybe, mabye not. some people really can keep secrets
    I'm glad you didn't get too angry
    I'm sure that if there is code involved in the hack it could be rearranged in such a way to be non infringing and still perform the same function. You can flame me later if I'm wrong

    I actually do know quite a bit about copyright and intellectual property. I have personally been financially scalded by the direct theft of my work. I firsthand know the FUTILITY in designing and protecting hardware and software in embedded systems. I'm not being a smart ass. In China, they can duplicate ANYTHING. However I have also used some of these methods to my own advantage

    Perhaps I came off as supporting scammers who make money off these development efforts. I have reverse engineered for profit myself. Never anything here. There is no profit here. It's just for fun! Will some try to profit? Yep. Will they make any REAL money? Nope. So why worry about them. F*** 'em. When you commit a Federal Crime, your sentancing is DIRECTLY proportional to the amount of profit you made from illegal activity. As another user noted, HDTeam has now exposed themselves to more risk than if they just released the hack. They probably realize that now but it's a little too late.

    If you play here, give your shit away for free. Don't try to make money. Don't worry about dirtballs on ebay. Since it's just for FUN, GLORY is OK (I don't know why it gets a bad rap here) and is DESERVED! Those who profit have the most to lose. Share those hacks boyz, they are not doing any good sitting on your private machine.

  6. #51
    Join Date
    Sep 2001
    Posts
    69
    Ack, the $250 one went away. What gives? Isn't this the telethon to raise money for Tivo exploits? Riley, did you start singing "my way" and drive the biggest contributor away?

    Oh, well...I did my $5 part. Not worth too much right now though.

    Edit: According to the poll results totals, we have $1035.
    Last edited by nsysblh; 08-02-2004 at 08:44 PM.

  7. #52
    Join Date
    Jan 2003
    Posts
    388
    Quote Originally Posted by rc3105
    learn a little, how many ways do you think there are to defeat an el-gamel signature check???
    Unless you can get them to sign something with a compromised public key file, I would say the only way would be to steal the private key. Can you copyright a stolen/deduced private key?

  8. #53
    Join Date
    Jan 2003
    Posts
    11

    31

    I dont know why it went away. I did not cancel and have recieved no word on why. My card was charged. I bet it shows backup.

    I was just about to buy some equipment to do this or send it to someone. When I saw the money was going to the eff. Which seems to be one of the few entities that stands up for people who buy technology and believe they own it. I have benefited from several people on this board and I appreciate that.

    You should all consider joining eff.



    Quote Originally Posted by nsysblh
    Ack, the $250 one went away. What gives? Isn't this the telethon to raise money for Tivo exploits? Riley, did you start singing "my way" and drive the biggest contributor away?

    Oh, well...I did my $5 part. Not worth too much right now though.

    Edit: According to the poll results totals, we have $1035.

  9. #54
    Join Date
    Aug 2004
    Posts
    1

    from /.

    i will donate $1000 to eff by personal check.
    rc3105 has my contact information in order to verify with eff,
    which he will not post publicly, lest my offer be rescinded.

    theaphila

  10. #55
    Join Date
    Jul 2003
    Posts
    202
    Well, if thats the case, lets get that hack posted rc3105

  11. #56
    Join Date
    Mar 2002
    Posts
    1,339
    Quote Originally Posted by nsysblh
    Ack, the $250 one went away. What gives? Isn't this the telethon to raise money for Tivo exploits? Riley, did you start singing "my way" and drive the biggest contributor away?

    Oh, well...I did my $5 part. Not worth too much right now though.

    Edit: According to the poll results totals, we have $1035.
    no such luck, hadda go do some real work this afternoon & got behind on updating the results apologies to ntesla

    now I gotta go catch a movie with a cute nurse


    pay no attention to the poll, when I get back tonight I'll send pledge reminders to delinquent voters & update the total based on recieved contributions as reflected by the paypal account statement instead of "paypal recieved" e-mail. apparently some of the slashdot crowd took this opportunity to try some paypal spoof e-mail. I'm NOT amused


    rung: notice I said defeat, not pass. the devil's in the details for this sort of thing. there's been some serious "why didn't I think of that" forehead slapping in irc lately...
    Last edited by rc3105; 08-02-2004 at 09:43 PM.
    ---
    Give a man a fish and he will eat for a day. Teach a man to fish and he will sit in a boat all day and drink beer

  12. #57
    Join Date
    Jan 2002
    Location
    Sonoran Desert
    Posts
    2,829
    /me lets off a deep sigh

    The slashdot crowd thinks it's wonderful to set a $100k bounty for the xbox exploit so that it can run linux, yet $1k is too much for something that already runs linux? I swear those guys lean way too damn far on the socialist liberal pussy side of things to the point that they chuck their sanity right out the window. Damn hippies.
    Last edited by AlphaWolf; 08-02-2004 at 09:56 PM.
    Before PMing me: Iím not your personal tech support. If you have a question, ask in public so I don't have to repeat if somebody else asks. If you want images or slices, use emule. I will ignore all support PMs.

    Sponsor a vegetarian! I have taken the pledge, how about you?

  13. #58
    Join Date
    Sep 2001
    Posts
    69
    Quote Originally Posted by rc3105
    rung: notice I said defeat, not pass. the devil's in the details for this sort of thing. there's been some serious "why didn't I think of that" forehead slapping in irc lately...
    Oh, you mean like an overflow in the checking code that lets it through even though it is still incorrectly signed.

    So, you should be able to generate a lba48 kernel and fix it the same way? If you still have to monte for lba48, it is more complicated than I'm speculating.

  14. #59
    Join Date
    Jan 2002
    Location
    New York
    Posts
    2,407
    An update for those interested:

    The senior management of Dealdatabase is currently evaluating the code release from HD TeAm.

    As rc3015 has alluded to in past posts, Dealdatabase is commited to making sure that there is no malicious code and that it functions as advertised.

    rc3105 is still collecting monies that will be forwarded to the EFF per the HD TeAm request. It is our intention to honor their request if they have indeed met or exceeded the expectations articulated in the bounty challenge.

    This process might very well take a day or so. Once the $1000 threshold has been met, it does not mean that the code will be released to the public on DDB immediately, however, it will be released once it has met our approval. Please be patient.

    This is not a stalling tactic, and there is nothing underhanded going on. For what it's worth, it is my impression that you will all get your money's worth (both the contributors and non-contributors alike) in very short order.

    Unless things go horribly wrong in the next day or so, I think we may have a winner on our hands.

    Stay tuned....

    JJBliss
    Dealdatabase Administrator

  15. #60
    Join Date
    Jan 2002
    Location
    New York
    Posts
    2,407
    Quote Originally Posted by nsysblh
    Oh, you mean like an overflow in the checking code that lets it through even though it is still incorrectly signed.

    So, you should be able to generate a lba48 kernel and fix it the same way? If you still have to monte for lba48, it is more complicated than I'm speculating.
    In the release I've seen, you will NOT have to monte for lba48.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •