Not sure if anyone has been following the news but a rather large bug was found in most Unix systems.

and associated proof of concept hack that might work with TiVos or another avenue would be via the built in web interface for browsing shows.

Not posting this to scare anyone but I just tested my modded TiVo Series 3 and it is susceptible. This could be a good thing though.

TiVoHD/ $ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
this is a test

TiVoHD/ $ bash -version
GNU bash, version 2.02.0(1)-release (i686-pc-linux-gnu)
Copyright 1998 Free Software Foundation, Inc.

So if someone was able to craft some sort of "hack" it might be possible to put modded code onto a unhacked TiVo.

Sadly it is probably a pretty difficult thing to do though as there are two levels of protection as far as I know.

1st Level
The PROM chip which checks that the boot kernel is unmodified. This is currently the only way known to mod Series 3 units.

2nd Level
The Kernel which checks certain files on the drive to make sure they have not been modded.

Does anyone know what these files are?

I am guessing tivoapp is one of them?

Possible Benefits
If someone could craft an attack it could be possible to modify some of the files on the TiVo without tripping the 2 levels of protection. You could also in theory blow away the second level of protection completely but it would be detected by the first level on the next boot and you would have a brick on your hands.

Anyway just thought I would mention it if anyone wanted to dig around a bit.