TiVo Awarded Patent For Password You Can't Hack

Davis Freeberg writes "TiVo has always been known for thinking outside of the box, but this week they were awarded an unusual patent related to locking down content on their hard drives. According to the patent, they've invented a way to create password security that is so tough, it would take you longer than the life of a hard drive in order to figure it out. They could be using this technology to prevent the sharing of content or it could be related to their advertising or guide data, but if their encryption technology is really that good, it's an interesting solution for solving the problem of securing networks."

Warranties

[Anonymous Coward]

Dear Seagate,

I lost all my important data on my hard drive from it crashing.

Sincerely,

Unhappy user

======

Dear User,

Here is a new hard drive replacement.

Sincerely,

Seagate

Re:longer than the life of a hard drive in order .

[suraklin]

And what if it's a WD drive they are talking about? The life of those is so low they had to drop their warranty to 1 year because they admitted 3 years would put them out of business. (The reason I only use Segate 5 year warranty drives).

if you check newegg for hard drives most of the WD drives there have a 3 or 5 year warranty on them

Re:longer than the life of a hard drive in order .

[hldn]

i've got a number of WD harddrives that i've had running 24/7 for nearly five years.. one of them has just recently started to fail, but i've definitely had a better record with wd than any other brand.

maybe im just lucky ^^

Re:Yet another reason not to get a Series3 TiVo

[CastrTroy]

This is the reason why SageTV, MythTV, and other free-to-do-what-I-want-to-PVR-software for the computer is the way to go. PVRs that try to control what we can record, when we can fast forward, and what we can do with the recorded content aren't giving the consumers what they want. You can buy a $300 PC, add a $100 TV Tuner, and buy a copy of sageTV for $80 (because setting up MythTV is more complicated than it should be), and you have a complete PVR that doesn't try to control what you do. You can even get it with an IR Blaster to control that set top box.

Re:Read the patent...

[CedgeS]

Nope, no encryption; just hash-based Challenge-response authentication [wikipedia.org].

It's the diffie-helman key exchange

[bluefoxlucid]

An authentication system for securing information within a disk drive to be read and written to only by a specific host computer such that it is difficult or impossible to access the drive by any system other than a designated host is disclosed. While the invention is similar in intent to a password scheme, it significantly more secure. The invention thus provides a secure environment for important information stored within a disk drive. The information can only be accessed by a host if the host can respond to random challenges asked by the disk drive. The host's responses are generated using a cryptography chip processing a specific algorithm. This technique allows the disk drive and the host to communicate using a coded security system where attempts to break the code and choose the correct password take longer to learn than the useful life of the disk drive itself.

Drive sends random junk. Host responds with digital signature on random junk. Drive verifies signature. It's a diffie-hellman key exchange derived system called a digital signature. RSA and DSA (El Gamal is DSA's corresponding cryptosystem) are examples.

BeyondTV

[tedgyz]

I use BeyondTV and couldn't be happier. No restrictions. They also have SmartChapters which identify distinct blocks of video (cough, commercials, cough). I can also burn to DVD with an extra plugin. You get free TV listings - you just have to buy the software. Sure - they get you with upgrades, but you can choose not to upgrade.

Re:A really long one?

[Anonymous Coward]

No it didn't. Control+H got translated back to backspace by the client.

Re:So....

[PC-PHIX]

Quite true because at that point there is nothing to stop a person simply copying everything off the disk (just a raw copy even if it is still encrypted).

As soon as you can do that, 3 things are true:

(1) You can preserve it on something more reliable (longer life) than the original drive and work on cracking it from there.
(2) You can make multiple copies and work on it x times faster by attacking each drive/copy with a separate part of the list of possible solutions.
(3) You can spend as long as you like working on cracking it and when the drive reaches the end of it's life, pick up where you left off working on your clone disk.

More importantly how many copies would you need to make to solve it within a useful time period at all? Would you get the data within a useful time frame? Within years? Within your own life time?

Obviously if they have made it so that you can only access the drive with a specific controller then the idea of taking copies is significantly more difficult, but from what I've read it's just a regular Western Digital drive which means you could hook it up and take a raw image of the entire disk even without being able to decode the contents at that point. So as the parent said, you're not hacking it "in situ" and as soon as the drive gets into a consumer's home, you've handed of a the data to be copied.

This is just a patent for making hacking difficult, but since when does that stop anyone?

Meanwhile, I am not even going to bother trying to figure out how this is a solution for "securing networks".

IANAL...

[untree]

...but I am a law student and just took an introductory IP course, so I'll try to answer. A patent must actually do what you claim it does. But they don't claim it can't be cracked:

...difficult or impossible...

...significantly more secure...

Re:Sure, uncrackable like every uncrackable code

[Torvaun]

There's still a difference. Firmware is much more difficult to reverse engineer. If you can get your hands on a binary and a system that runs it, you can capture every bit of code. If you've got a ROM chip, then you can only see what goes in, and what goes out. There are ways to prevent it from being opened and examined, photosensitivity being the big one.

Crypto on a chip is more secure than crypto in a binary.

Re:oh i found it on google with 1.9 mln results!

[Solra Bizna]

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

To quote Spock, "I believe that is what [he] said."

sbizna ~$ base64 --decode <<< "MDlGOTExMDI5RDc0RTM1QkQ4NDE1NkM1NjM1Njg4QzA="
09F911029D74E35BD84156C5635688C0

I only caught it because I read RFC 2045 the other day. (specifically, the section on Base64 encoding...)

-:sigma.SB

Not on Series2 Tivos...

[bdjohns1]

Hopefully what they're talking about patenting isn't the protection scheme that's on Series2/2.5 Tivos, because that's been owned for a couple of years now. Series3 Tivos have been hacked to get shell access so far, but AFAIK, encryption hasn't been cracked.

On a Series2 Tivo, it's not rocket science:
1) Pull hard drive
2) Replace kernel with another kernel that doesn't do an integrity check of files at boot time.
3) Make the startup scripts spawn a telnet daemon (Tivo was thoughtful enough to provide one)
4) Change 8 bytes in 'tivoapp' to disable encryption.
(and copying files off the Tivo this way is at least 2x faster than TivoToGo transfers)

Series2.5 (nightlight and dual-tuner) and Series3 (dual CableCard HDTV) require that a PROM chip be desoldered, reflashed to remove file integrity checking, and then put back in. All the Series3 Tivo lacks is step 4, but it'll only be a matter of time.

Re:IANAL...

[Anonymous Coward]

No, they do not claim the password cannot be cracked during the HD lifetime. Since claims are what define the boundaries of any patent's protection, read the 20 items under the "Claims" heading. That's what they're claiming - the equipment and methodology. That's it. Nowhere in there do they claim "unbreakable" or "totally secure" or anything like that. So if someone does break it, their claims won't be invalidated ... they'll still be the only ones legally allowed to use equipment and software that can do this particular set of things.

The only way to invalidate this would be if someone could come up with prior art ... and I don't know enough to know how likely that is.