Page 1 of 5 123 ... LastLast
Results 1 to 15 of 64

Thread: TTG and MRV announced for S3 Tivos in November

  1. #1
    Join Date
    Feb 2002
    Posts
    6,413

    TTG and MRV announced for S3 Tivos in November

    TivoPony has posted the announcement over at the TCF. TTG and MRV are going to be a reality for S3 Tivos coming this November. Here's the link:

    http://www.tivocommunity.com/tivo-vb...d.php?t=365225
    Please don't PM me or any other members looking for personal assistance. You'll do better by posting (after you've exhausted the search feature, of course) and taking advantage of the collective expertise of the membership instead of a single individual that may or may not be able to help you. Thank you and enjoy your stay at DDB!

  2. #2
    Join Date
    Jan 2004
    Location
    Chicago, IL
    Posts
    155
    I wonder if this will work with the Series 3 content once its activated in Nov.

    TiVoToGo DRM cracked:
    http://arstechnica.com/news.ars/post/20061205-8358.html

    BTW- I hope its okay to discuss DRM workarounds here, I tried searching for a forum rules but did not see anything. I found this thread, but it only talks about theft of DTV or Tivo service and nothing about DRM.

    http://dealdatabase.com/forum/showth...ht=forum+rules
    DSR708 running 6.2 300 GB Seagate, networked, manually hacked

  3. #3
    Join Date
    Jan 2002
    Location
    Sonoran Desert
    Posts
    2,829
    We've been breaking tivo's DRM since 2002 here.
    Before PMing me: I知 not your personal tech support. If you have a question, ask in public so I don't have to repeat if somebody else asks. If you want images or slices, use emule. I will ignore all support PMs.

    Sponsor a vegetarian! I have taken the pledge, how about you?

  4. #4
    Join Date
    Jan 2004
    Location
    Chicago, IL
    Posts
    155
    Well not technically, we are just working around it by disabling the encryption flag on recordings. So we are not messing with DRM, which I believe is against the DMCA act even for fair use. At least thats the way I understood it.

    But since it looks like the only S3 or S3 HD hack available is a hacked PROM, then getting shows off a S3 without PROM hacking it means using TTG and then using something like the DRM remover. That is if the CL DRM has not changed in the S3 Tivos.

    Curious, will it ever be possible for a kernal hack for S3 HD Tivos? I am assuming yes but that it will take time since the kernal code was only recently in the hands of DDB hackers.
    DSR708 running 6.2 300 GB Seagate, networked, manually hacked

  5. #5
    Join Date
    Jan 2004
    Location
    Chicago, IL
    Posts
    155
    Also sounds like MPEG4 editing is planned for VideoReDo. That means frame accurate editing of Tivo MPEG4 files with only recoding on a few frames between cuts which means fast final output.

    Not even sure if the TyTools developer is experimenting with MPEG4 frame accurate editing yet. Is he?

    Here are some excerpts from the VideoReDo forum indicating this:

    08-21-2007, 02:12 PM
    It's been started. No ETA until we get close to a beta.
    Dan Rosen ( VideoReDo )

    09-04-2007
    Please, no more replies to this thread. We hear you load and clear and have already started on this project. Its going to take a number of months so please be patient. When we have product to test we will post a message over in the beta section.
    Dan Rosen ( VideoReDo )

    Original Thread over at VideoReDo forums:

    H.264 (MPEG-4) editing
    http://www.videoredo.net/msgBoard/sh...ighlight=mpeg4
    DSR708 running 6.2 300 GB Seagate, networked, manually hacked

  6. #6
    Join Date
    Jan 2002
    Location
    Sonoran Desert
    Posts
    2,829
    Quote Originally Posted by spaceman1013 View Post
    Well not technically, we are just working around it by disabling the encryption flag on recordings. So we are not messing with DRM, which I believe is against the DMCA act even for fair use. At least thats the way I understood it.
    In the old days we used to modify the kernel so as to disable the crypto wrapper so that the shows would be read and written plaintext (this had the side effect of not being able to play back previously recorded shows that were encrypted.) Today we are modifying tivoapp so that it doesn't even try to encrypt the shows as it stores them to the disk (it also doesn't even generate an encryption key.) Two different methods of achieving the same end result. Both are in effect circumventing the DRM system tivo uses.

    There isn't a whole lot that tivo can do about this though, namely because the copyrights that would be violated aren't held by them. Tivo would have to get the content producers themselves to sue you, and even then, the content producers would have to prove that you used this to circumvent the copy protection on their works in particular.

    It's kind of a catch 22. It would be pretty well impossible to enforce copy controls on DVR's, unlike DVD's which are encrypted and sold by the content producers themselves.

    The only people who could *possibly* be able to sue you would be directv if you did this to a combo unit, since they own the video stream, and not necessarily the content contained within that stream.

    Quote Originally Posted by spaceman1013 View Post
    But since it looks like the only S3 or S3 HD hack available is a hacked PROM, then getting shows off a S3 without PROM hacking it means using TTG and then using something like the DRM remover. That is if the CL DRM has not changed in the S3 Tivos.

    Curious, will it ever be possible for a kernal hack for S3 HD Tivos? I am assuming yes but that it will take time since the kernal code was only recently in the hands of DDB hackers.
    The kernel hack that was done on the HDTivos and all previous generation S2 hardware was accomplished by means of an exploit in the way that the kernel checked the integrity of the ramdisk contained in its own image file. Basically it made it so that the kernel couldn't integrity check all of the boot scripts.

    In order to effectively do this on all hardware later than the HDTivos, we would need to find a similar exploit that can be taken advantage of by modifying any of the non-MFS resources contained on the hard disk that are accessed somewhere in the init stage.

    Any exploits other than that can be easily rendered totally useless (or very impractical) by a simple software update, therefore there is no point in even investigating such an exploit, or publishing such an exploit even if you do manage to find one.
    Last edited by AlphaWolf; 09-09-2007 at 10:33 PM.
    Before PMing me: I知 not your personal tech support. If you have a question, ask in public so I don't have to repeat if somebody else asks. If you want images or slices, use emule. I will ignore all support PMs.

    Sponsor a vegetarian! I have taken the pledge, how about you?

  7. #7
    Join Date
    Jan 2004
    Location
    Chicago, IL
    Posts
    155
    Any exploits other than that can be easily rendered totally useless (or very impractical) by a simple software update, therefore there is no point in even investigating such an exploit, or publishing such an exploit even if you do manage to find one.
    Are you saying then that a PROM hack could be rendered useless? Also with the PROM hack, would it eventually be possible to get all the previous hacks working on Tivo HD?
    DSR708 running 6.2 300 GB Seagate, networked, manually hacked

  8. #8
    Join Date
    Jan 2002
    Location
    Sonoran Desert
    Posts
    2,829
    Quote Originally Posted by spaceman1013 View Post
    Are you saying then that a PROM hack could be rendered useless? Also with the PROM hack, would it eventually be possible to get all the previous hacks working on Tivo HD?
    Well no, because a prom hack allows you to do anything you want with the kernel, and thus by extension, anything you want to any of the files contained on the hard disk. With a prom modification we can update the software all we want, and then modify it all we want, because we have already taken control over the boot stage, which is the key. Without the prom hack on the other hand, we are extremely limited in what we can do to affect the boot stage of a tivo.

    --

    On second thought, I am not quite sure I understood your question earlier. By kernel hack, you were referring to the killhdinitrd kernel exploit, correct? And HDTivo was a rather vague description on my part - by that I meant the HR10-250.
    Last edited by AlphaWolf; 09-10-2007 at 01:26 AM.
    Before PMing me: I知 not your personal tech support. If you have a question, ask in public so I don't have to repeat if somebody else asks. If you want images or slices, use emule. I will ignore all support PMs.

    Sponsor a vegetarian! I have taken the pledge, how about you?

  9. #9
    Join Date
    Jan 2004
    Location
    Chicago, IL
    Posts
    155
    On second thought, I am not quite sure I understood your question earlier. By kernel hack, you were referring to the killhdinitrd kernel exploit, correct? And HDTivo was a rather vague description on my part - by that I meant the HR10-250.
    Yes, I did mean the killhdinitrd hack. Actually, I was more interested in the Series 3 hacking thats going on right now. So by Tivo HD, I meant the Series 3 ones and not the DTivo HD. But its good to know there is a software hack for the DTivo HR10-250 rather than a PROM only hack - am I understanding that right?

    I also don't know what hacks work on the HR10-250. Can you pull off unencrypted shows and run TivoWebPlus and does TyTool work with the ty files?

    I know that it looks like we are a long way from getting the common Tivo hacks we are used to in a Series 3. Seems the ty format even changed. And with most of the hackers here focusing on DTivo units, it seems that S3 hacking may take some time. Does disabling encryption on S3 as simply as finding the hack point in the tivoapp file?

    But hopefully we will see a Series 3 DTivo in the future now that Liberty media has taken over and Tivo and DTV are now talking on a more friendly basis.

    And some news out on the wire seems to indicate this:
    http://arstechnica.com/news.ars/post...o-directv.html
    http://arstechnica.com/news.ars/post...in-august.html
    http://seekingalpha.com/article/2219...t-the-scenario
    http://www.tvpredictions.com/tivo060507.htm

    Which would mean that all those S3 hacks done today could translate into DTivo S3 hacks. So maybe it is not that much of a waste of time for these DTivo hackers here.
    Last edited by spaceman1013; 09-10-2007 at 02:01 AM.
    DSR708 running 6.2 300 GB Seagate, networked, manually hacked

  10. #10
    Join Date
    Jan 2002
    Location
    Sonoran Desert
    Posts
    2,829
    Quote Originally Posted by spaceman1013 View Post
    Yes, I did mean the killhdinitrd hack. Actually, I was more interested in the Series 3 hacking thats going on right now. So by Tivo HD, I meant the Series 3 ones and not the DTivo HD. But its good to know there is a software hack for the DTivo HR10-250 rather than a PROM only hack - am I understanding that right?
    Yeah, killhdinitrd was targeted specifically at the HR10-250 in fact.

    Quote Originally Posted by spaceman1013 View Post
    I also don't know what hacks work on the HR10-250. Can you pull off unencrypted shows and run TivoWebPlus and does TyTool work with the ty files?
    Same as any other S2 unit.

    Quote Originally Posted by spaceman1013 View Post
    I know that it looks like we are a long way from getting the common Tivo hacks we are used to in a Series 3. Seems the ty format even changed. And with most of the hackers here focusing on DTivo units, it seems that S3 hacking may take some time. Does disabling encryption on S3 as simply as finding the hack point in the tivoapp file?
    Don't know yet, I am still waiting for enough free time to begin prom modding my tivohd.
    Before PMing me: I知 not your personal tech support. If you have a question, ask in public so I don't have to repeat if somebody else asks. If you want images or slices, use emule. I will ignore all support PMs.

    Sponsor a vegetarian! I have taken the pledge, how about you?

  11. #11
    Join Date
    Jan 2004
    Location
    Chicago, IL
    Posts
    155
    I am still waiting for enough free time to begin prom modding my tivohd.
    Is that a Series 3 Tivo HD you are talking about?

    If so, how do you like it and what cable provider do you use?
    DSR708 running 6.2 300 GB Seagate, networked, manually hacked

  12. #12
    Join Date
    Jan 2002
    Location
    Sonoran Desert
    Posts
    2,829
    Quote Originally Posted by spaceman1013 View Post
    Is that a Series 3 Tivo HD you are talking about?

    If so, how do you like it and what cable provider do you use?
    Cox, but I haven't really used it yet.
    Before PMing me: I知 not your personal tech support. If you have a question, ask in public so I don't have to repeat if somebody else asks. If you want images or slices, use emule. I will ignore all support PMs.

    Sponsor a vegetarian! I have taken the pledge, how about you?

  13. #13
    Join Date
    Sep 2001
    Location
    West of Bermuda
    Posts
    1,017
    in a way, i almost think it's better that the s3/tivohd hacking be prom-mod-only. tivo will never take hacks that require this with more than a grain of salt, because there are a very, very small number of people that would ever do it (much smaller than the number of people that would take advantage of a software-only exploit).

    having said that, the gpl v3 is coming, and it takes square aim at tivo and other vendors that seek to use gpl content while locking users out of the hardware.

    it'll be interesting to see. if i get a tivohd, i'll do so with the intent to have it prom modded, then the fun can begin.

    ronny

  14. #14
    Join Date
    Jan 2005
    Location
    Narnia
    Posts
    1,263
    Quote Originally Posted by ronnythunder View Post
    having said that, the gpl v3 is coming, and it takes square aim at tivo and other vendors that seek to use gpl content while locking users out of the hardware.
    "Tivozation" and Vonage-ization of the GPL software, i.e. checking that only specific vendor-supplied binaries will run on purchased hardware, is certainly the reason behind all the GPL3 hubub. But in reality I doubt it will have much effect on Tivo. They're still using v2.4-based kernels (GPL2) and probably have no plans to change. Plus, the tivoapp binary isn't GPL anyway. Besides, I was reading a discussion about possible vendor workarounds/loopholes to GPL3 by running hypervisor type systems to restrict access to parts of the hardware.

    I'm guessing the only way we're ever going to get back to software-based exploits is if somebody figures out a valid SHA-1 signature for the Tivo kernel.

  15. #15
    Join Date
    Jan 2002
    Location
    Sonoran Desert
    Posts
    2,829
    Quote Originally Posted by Narf54321 View Post
    "Tivozation" and Vonage-ization of the GPL software, i.e. checking that only specific vendor-supplied binaries will run on purchased hardware, is certainly the reason behind all the GPL3 hubub. But in reality I doubt it will have much effect on Tivo. They're still using v2.4-based kernels (GPL2) and probably have no plans to change. Plus, the tivoapp binary isn't GPL anyway. Besides, I was reading a discussion about possible vendor workarounds/loopholes to GPL3 by running hypervisor type systems to restrict access to parts of the hardware.
    Either that or they'll do like what linksys did and migrate their software over to vxworks or something similar. (though linksys did this because they wanted a lighter kernel than the linux kernel that would require less hardware to run)

    IMO that fat dirty hippie Richard Stalin needs to quit being such a communist bastard because it isn't earning him any favors except among other communists. Even Linus Torvalds doesn't like his ideology.

    Quote Originally Posted by Narf54321 View Post
    I'm guessing the only way we're ever going to get back to software-based exploits is if somebody figures out a valid SHA-1 signature for the Tivo kernel.
    I wonder how much these two nuggets would help:

    http://www.schneier.com/blog/archive...a1_broken.html
    http://nsa.unaligned.org/

    They claim to be able to find any SHA-1 hash collision within a day.
    Last edited by AlphaWolf; 09-11-2007 at 03:01 AM.
    Before PMing me: I知 not your personal tech support. If you have a question, ask in public so I don't have to repeat if somebody else asks. If you want images or slices, use emule. I will ignore all support PMs.

    Sponsor a vegetarian! I have taken the pledge, how about you?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •