Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Patents Security IT

TiVo Awarded Patent For Password You Can't Hack 291

Davis Freeberg writes "TiVo has always been known for thinking outside of the box, but this week they were awarded an unusual patent related to locking down content on their hard drives. According to the patent, they've invented a way to create password security that is so tough, it would take you longer than the life of a hard drive in order to figure it out. They could be using this technology to prevent the sharing of content or it could be related to their advertising or guide data, but if their encryption technology is really that good, it's an interesting solution for solving the problem of securing networks."
This discussion has been archived. No new comments can be posted.

TiVo Awarded Patent For Password You Can't Hack

Comments Filter:
  • So.... (Score:5, Funny)

    by revlayle ( 964221 ) on Saturday May 12, 2007 @07:48PM (#19100193)
    3-4 weeks tops?
    • Re:So.... (Score:5, Insightful)

      by Anonymous Coward on Saturday May 12, 2007 @08:00PM (#19100275)
      I want to know if the patent is invalidated when it's broken.

      (ie: does making outlandish and incorrect claims in a patent invalidate it?)
      • IANAL... (Score:5, Informative)

        by untree ( 851145 ) on Saturday May 12, 2007 @10:09PM (#19100941)

        ...but I am a law student and just took an introductory IP course, so I'll try to answer. A patent must actually do what you claim it does. But they don't claim it can't be cracked:

        ...difficult or impossible...

        ...significantly more secure...


      • Re:So.... (Score:5, Insightful)

        by jddj ( 1085169 ) on Saturday May 12, 2007 @10:29PM (#19101037) Journal
        I don't think so.

        In the US at least, there's no requirement that a patented idea or invention or system actually do anything useful or work or even do what it claims.

        There are numerous patents for mind-reading devices, nutjob free energy systems and perpetual motion machines, and searching the USPTO database for the "hyper-light-speed antenna" will produce some interesting reading.

        Might as well patent completely unbreakable DRM.
      • Not sure about the being broken part, but this patent sounds like it would fail on obviousness grounds, especially after the recent Supreme Court ruling that lowered the bar for obviousness defenses. The algorithm described (I've only read the first dozen claims or so, not the whole patent) is basically a textbook challenge-response algorithm, used to lock access to a disk. Since there's prior art for passwords built into a hard disk (see several of the patents this one references), and the challenge-respo
      • Does it matter? (Score:3, Insightful)

        by Opportunist ( 166417 )
        Let's be honest and blunt here. When (note, when, not if) the password is cracked, what does it mean? That you can strip the ads and distribute what's on the HD. Do you care about patents when you got that in mind? No.

        So, why is it in any way meaningful whether that invalidates a patent which doesn't mean jack in the first place?
        • Re:Does it matter? (Score:4, Interesting)

          by sumdumass ( 711423 ) on Sunday May 13, 2007 @09:17AM (#19103803) Journal
          The password might not be cracked. Well, at least not cracked in a meaningful or useful way. I can think of several ways this could be accomplished. Tying the drive to the mainboard with a kill switch that burns out the firmware controler could be one. This could mean all ads and all content is useless outside the tivo and the drive is borked if tried outside it too.

          But if this patents is invalidated, it is meaningful in several ways. First is other devices might be forced into using it by the media companies or something and this will raise the costs of consumer electronics. The next thing is, suppose someone discovers this as a way to keep usable information out of anyone's hands who don't have permission to use it. There is another royalty that needs to be payed and it will come out of our pockets too. But most importantly, A patent takes an entire piece of software off the market for most. Imagine if the word processor was patented when it originally was developed. Whatever the first word processor was and anyone willing to pay the royalties to them are the only word processors we would have. Openoffice.org wouldn't be here, Microsoft could have bought the patent and stopped everyone from using it other then them, so on and so on.

          So what happens when computers are fast enough that to be somewhat reasonable secure, you need this patent. If it is still valid, again, everyone pays TIVO to use it. But if it was copy written instead of patented, then many other players could attempt to do similar things and hopefully competition would make things better and all. But if we are stuck with this one implementation and it turns out not to work, any working implementations from other companies will have a payment to TIVO associated with any costs.
    • Re:So.... (Score:5, Insightful)

      by rob1980 ( 941751 ) on Saturday May 12, 2007 @08:01PM (#19100283)
      No shit. The second your product gets into a consumer's home, its "unhackable" status vanishes.
      • Re:So.... (Score:5, Informative)

        by PC-PHIX ( 888080 ) * <jonathan AT pcphix DOT com> on Saturday May 12, 2007 @10:05PM (#19100927) Homepage
        Quite true because at that point there is nothing to stop a person simply copying everything off the disk (just a raw copy even if it is still encrypted).

        As soon as you can do that, 3 things are true:

        (1) You can preserve it on something more reliable (longer life) than the original drive and work on cracking it from there.
        (2) You can make multiple copies and work on it x times faster by attacking each drive/copy with a separate part of the list of possible solutions.
        (3) You can spend as long as you like working on cracking it and when the drive reaches the end of it's life, pick up where you left off working on your clone disk.

        More importantly how many copies would you need to make to solve it within a useful time period at all? Would you get the data within a useful time frame? Within years? Within your own life time?

        Obviously if they have made it so that you can only access the drive with a specific controller then the idea of taking copies is significantly more difficult, but from what I've read it's just a regular Western Digital drive which means you could hook it up and take a raw image of the entire disk even without being able to decode the contents at that point. So as the parent said, you're not hacking it "in situ" and as soon as the drive gets into a consumer's home, you've handed of a the data to be copied.

        This is just a patent for making hacking difficult, but since when does that stop anyone?

        Meanwhile, I am not even going to bother trying to figure out how this is a solution for "securing networks".

        • Re:So.... (Score:5, Interesting)

          by cgenman ( 325138 ) on Sunday May 13, 2007 @12:43AM (#19101573) Homepage
          Why not encrypt the HDD at the level of the drive electronics? That way a user would have to physically remove the platter to read any useful data. That process would cost more than most data one could recover from an average user's tivo.

          On the other hand, yes, this does appear to be a simple patent on tying a hard drive to an electronics unit. Viable attack vectors are already obvious.

    • by DrYak ( 748999 ) on Saturday May 12, 2007 @08:30PM (#19100465) Homepage
      "Unhackable" passwords ?!?

      At least you know nobody is going to get sued over this one. Ever.
      • by eonlabs ( 921625 )
        The idea isn't unheard of, and it's not exactly a password system from the sound of it.

        Examples of similar systems:
        http://en.wikipedia.org/wiki/Challenge-response_au thentication [wikipedia.org]

        The concept is that if the system has a set of information (which could be an extensive database of info specific to a given system), another chip or element in the system could theoretically ask questions about it. If the two chips exist in the same system, there are limitless resources available for them to mutually read off of t
    • Re:So.... (Score:5, Funny)

      by thrillseeker ( 518224 ) on Saturday May 12, 2007 @08:48PM (#19100549)
      3-4 weeks tops?

      At least ... it's triple rot-13 after all.
      • by Romancer ( 19668 )
        So here we go:

        Someone hacks a tivo to get the content... Tivo gets mad and sues...

        Tivo loses because the person says they couldn't have broken the tivo code because the code is unbreakable, if they did, then Tivo loses the patent.

        • Re:So.... (Score:5, Insightful)

          by Dun Malg ( 230075 ) on Saturday May 12, 2007 @10:18PM (#19100993) Homepage

          Tivo loses because the person says they couldn't have broken the tivo code because the code is unbreakable, if they did, then Tivo loses the patent.
          Don't be daft. The vague boasts in the patent abstract are irrelevant to the validity of the patent. You could claim in the abstract that your patented method will grant the user perpetual happiness. All that's relevant to the validity are the claims, and those are purely descriptive of function.
    • Re: (Score:2, Insightful)

      by gregarei ( 1001697 )
      Now, nobody mess this one up like HDDVD and release a crack until a substantial amount of media has been released on the platform.
      • by OECD ( 639690 )
        Really. You'd think the /. crowd would have learned something from the submarine patent guys by now....
    • Re:So.... (Score:5, Funny)

      by Achoi77 ( 669484 ) on Saturday May 12, 2007 @10:21PM (#19100999)

      *in the underground lair of tivo*

      tivo suit guy 1: Those lousy internet people keep cracking our encryption!

      tivo suit guy 2: How do they keep doing it?

      tivo suit guy 1: Because time is on their side, and they have no life! grr

      tivo suit guy 2: How long can a 'really hard' encryption take?

      tivo suit guy 1: I have no idea, maybe like a month? A week?

      tivo suit guy 2: A WEEK? You can't be serious!

      drive manufacturer suit: Well, if you can't beat crackers at their own game, what needs to get done is to beat them from a different angle.

      tivo suit guy 1: what do you mean?

      drive manufacturer suit: Think about it, every time you come up with a new password, it gets cracked in a week, there is no control over that. So, what needs to get done is to beat them where they have no control. TIME!

      tivo suit guy 2: Time? And how do you expect us to control TIME?

      drive manufacturer suit: Easy. Since we know that a password can be cracked within a week, what needs to get done is to prevent them from getting access to the password before that week. All we have to do is manufacture drives that will fail within a week!

      tivo suit guy 2: That's brilliant!

      tivo suit guy 1: Wait a minute. We can't have customer's drives dying withing one week. That's just no good for business.

      drive manufacturer suit: Don't worry about it. We'll use flash drives. Flash ram wears out overtime. We can explain to the customer that the new flash drives will use less energy, have no moving parts, and are cheaper!

      tivo suit guy 1: Will they really be cheaper?

      drive manufacturer suit: only to you they will be. That way you won't have to pass off the savings to the customer. Plus, you can add in an additional subscription fee to have new flash drives mailed to them every week when they mail back their old flash drives! Think: netflix, but instead of dvds, flash drives. More money for you!

      tivo suit guy 2: kinda like the photo-copier industry with their toners.. hrm, I like it!

      tivo suit guy 1: Wait wait wait! Those drives will still cost us a pretty penny, so what's the secret?

      drive manufacturer suit: *grins* we will be using _OLD_ flash drives. Just like the old flash drives that croaked so quickly. The manufacturing technology to build them was very cheap. We can churn those out like nobody's business.

      tivo suit guy 1: hrm, so essentially they are disposable drives?

      tivo suit guy 2: It's an excellent plan! We can add in the additional 'service' and bleed our customers dry!

      drive manufacturer suit: soo, do we have a deal?

      tivo suit guy 1 & 2: it's a deal! I think I'm gonna patent that idea!

      *shakes hands, and the meeting is ended, tivo suit guys leave*

      drive manufacturer gets on cell phone

      drive manufacturer boss: so, how did it go?

      drive manufacturer suit: They accepted project 'disposable drive.' Those fools have no idea we're playing them for our pawn.

      drive manufacturer boss: Eeeexxxeeeelent~

      drive manufacturer suit: Phase 1 is complete. I've finished talking to Apple and Creative already. I'm scheduled to meet with Sprint and Verizon tomorrow.

      drive manufacturer boss: Once we have all the mp3 players, cell phones, and tivos supplied with our disposable drive, users will be upset that only after a week of use, their electronics became useless! This will soil the name of flash drives in a larger scale never seen before, and drive customer confidence towards flash down! They will be forced to lower their prices, and eventually perish under their manufacturing costs. Harddrives will RISE AGAIN! MUHWAHAHAHAHAHA!

  • by kihjin ( 866070 ) on Saturday May 12, 2007 @07:50PM (#19100207)
    MDlGOTExMDI5RDc0RTM1QkQ4NDE1NkM1NjM1Njg4QzA=

    Don't tell anyone.
  • A really long one? (Score:4, Insightful)

    by loftwyr ( 36717 ) on Saturday May 12, 2007 @07:53PM (#19100221)
    So it's like a really character password with random characters and punctuation and stuff?

    That doesn't sound like it would be worth a patent.

    Then again, it might be more interesting and have non-typeable characters...

    Or maybe just "Joshua"
    • Re: (Score:3, Interesting)

      by Anonymous Coward
      Reminds me of a trick I pulled on an old HP-UX box. I somehow managed to put a backspace keystroke in my password I could log in on the console (which treated backspace as a normal keystroke) but not over ssh or ftp (since there is no obvious way to type a backspace into one of those clients).

      I suppose if I ever figured out how to put a newline into my password I would have one heck of a time logging on.
    • Re: (Score:3, Funny)

      by ImaLamer ( 260199 )
      Enter the show that would you like to watch:

      > Global Thermo-Nuclear War

      May we also suggest: Genocide In These Modern Times, NASCAR


  • I have a... (Score:2, Funny)

    by Awod ( 956596 )
    I have a torrent that says otherwise.
  • by Dunbal ( 464142 ) on Saturday May 12, 2007 @07:57PM (#19100255)
    Patent For Password You Can't Hack

    Hack available for download from the internet in 5, 4, 3, 2....
    • by zCyl ( 14362 )

      Hack available for download from the internet in 5, 4, 3, 2....

      1. No profit!
  • by frovingslosh ( 582462 ) on Saturday May 12, 2007 @07:58PM (#19100257)
    Wasn't about the same thing said for the DVD protection system? All security systems like this fall apart when the user had the device being hacked in his hands.

    And what if it's a WD drive they are talking about? The life of those is so low they had to drop their warranty to 1 year because they admitted 3 years would put them out of business. (The reason I only use Segate 5 year warranty drives).

    • Warranties (Score:2, Informative)

      by Anonymous Coward
      Dear Seagate,

      I lost all my important data on my hard drive from it crashing.

      Sincerely,

      Unhappy user

      ======

      Dear User,

      Here is a new hard drive replacement.

      Sincerely,

      Seagate
      • Re: (Score:2, Insightful)

        by Nazlfrag ( 1035012 )
        I think you meant, "I lost all my important data on my hard drive from failing to make backups."
    • Re: (Score:3, Informative)

      by suraklin ( 28841 )
      And what if it's a WD drive they are talking about? The life of those is so low they had to drop their warranty to 1 year because they admitted 3 years would put them out of business. (The reason I only use Segate 5 year warranty drives).

      if you check newegg for hard drives most of the WD drives there have a 3 or 5 year warranty on them

      • Re: (Score:2, Informative)

        by hldn ( 1085833 )
        i've got a number of WD harddrives that i've had running 24/7 for nearly five years.. one of them has just recently started to fail, but i've definitely had a better record with wd than any other brand.

        maybe im just lucky ^^
        • Every WD drive I've owned -which is around 10- has failed. Every damn one of them, and their under warranty replacements too.

          I've lost drives from other brands too, sure. But only WD has a 100% failure rate.

          Why did I keep using them? The first one I thought was fluke. Then it's warranty replacement died too.

          Won another WD in a contest. It died. When that replacement came, I gave it to someone else. Never even opened it. It died too and victimized the lucky new owner.

          Then I went some years before getti
    • Hamel's Folly (Score:5, Interesting)

      by eddy ( 18759 ) on Saturday May 12, 2007 @08:27PM (#19100445) Homepage Journal

      On the dangers of assuming keyspace => security:

      The mechanical ciphering machine invented by Alexander von Kryha in 1924 received the Prize of the Prussian Ministry of the Interior at the 1926 Police Fair and a Diploma from the famous postwar Chancellor of Germany, Konrad Adenauer, at the International Press Exhibition in Cologne two year later. Von Kryha was not only an inventor, but also an astute entrepreneur. To promote his commercial venture Internationale Kryha Machinen Gesellschaft of Hamburg, Kryha turned to the famous mathematician Georg Hamel for an endorsement. Hamel calculated the size of the key space to be 4.57*10^50 and concluded that only immortals could cryptanalyze Kryha ciphertext. Not withstanding Hamels estimate, a cryptanalysis of the Kryha machine by Friedman did not require as much time and is described in the ''2 Hours, 41 Minutes,'' a chapter in Machine Cryptography and Modern Cryptanalysis [Devoirs and Ruth, 1985].

      from ''Computer Security and Cryptography'', Alan G. Konheim.

    • Its odd. There are lots of people who say that about WD but I've never had a problem.

      My computer has a 120gig WD drive which has been going for years and my 6 month old server has 4 of the drives.
      Never had a problem.
  • Clone Drives? (Score:5, Interesting)

    by Tuoqui ( 1091447 ) on Saturday May 12, 2007 @08:01PM (#19100277) Journal
    If it exceeds the life of the drive theres an easy way to just clone the drive or remove the platters and put them into another hard drive (yeah very sensitive operation likely requiring the conditions of a clean room).

    Its hard to make something undefeatable and if you claim such it is only going to attract people as a challenge. Maybe that is what they want?

    Of course if someone proves that it isnt 'impossible' then does that void the patent?
    • They meant it in a "this'll take centuries" way, not in a "your hard drive lasts 5 minutes and the cracking session 6" way...
    • Of course if someone proves that it isnt 'impossible' then does that void the patent?
      No, why would it? The contents of the abstract are irrelevant. The only relevant portion of a patent is the claims, and they are very simply descriptions of the process. The validity of the process doesn't change just because someone finds a way to reverse it.
  • by figleaf ( 672550 ) on Saturday May 12, 2007 @08:02PM (#19100285) Homepage
    The hard disk must have a really short life :/
  • by Mr2001 ( 90979 ) on Saturday May 12, 2007 @08:02PM (#19100295) Homepage Journal
    I have two Series2 units and I love them. But there's no way in hell I'd spend PS3-level prices on a Series3 recorder, especially with the lack of TivoToGo and now this bullshit.

    Look, if I buy a device that has a hard drive in it, that hard drive is mine. The data on it is mine. If you don't want me to access it from the "wrong" host, maybe you shouldn't have sold it in the first place. You can have all the control you want over that hard drive while it's gathering dust in your warehouse.
    • Re: (Score:3, Interesting)

      by daeg ( 828071 )
      I've already canceled my TiVo service due to their rapidly-decaying "rights" issues. For the obscene price lately on TiVos, plus service, it's cheaper to buy a few components and build a MythTV or similar box.
      • by dgatwood ( 11270 )

        Ditto, give or take. I have a Series 1 that I've kept limping along, but the last hard drive upgrade didn't go too well. The bigger the hard drive, the more the P.O.S. stutters---at 500 gigs, it doesn't go more than 5 mintues without glitching during playback, and it also only boots up about one out of every five or six boots, so I have to keep power cycling it to get it to boot. At that point, I realized that keeping the TiVo working was more trouble than it was worth.

        So I had a choice: upgrade to a n

        • by Mr2001 ( 90979 )
          After all that MythTV hacking and griping about subscription fees, why would you turn around and buy an AppleTV? Let alone one for each room?

          An old Xbox costs under $100, and to mod it and install XBMC costs nothing and takes no longer than an hour. Even if you have to buy a wifi/ethernet bridge for each one, it still costs half as much as AppleTV.
          • Re: (Score:3, Interesting)

            by dgatwood ( 11270 )

            There are a lot of reasons:

            • It's old hardware with no warranty that could die tomorrow and I'd be screwed. Free old hardware is okay, but spending money on it doesn't make sense to me.
            • An Xbox (unless you get one with the DVD kit) doesn't have IR remote control, so I'd have to add hardware to that, too. I've already done more hardware hacking in the past six weeks than in the five years previous. While it's fun to a point, I'd really like most of the rooms to be as turnkey as possible---either by being
    • by CastrTroy ( 595695 ) on Saturday May 12, 2007 @08:39PM (#19100511)
      This is the reason why SageTV, MythTV, and other free-to-do-what-I-want-to-PVR-software for the computer is the way to go. PVRs that try to control what we can record, when we can fast forward, and what we can do with the recorded content aren't giving the consumers what they want. You can buy a $300 PC, add a $100 TV Tuner, and buy a copy of sageTV for $80 (because setting up MythTV is more complicated than it should be), and you have a complete PVR that doesn't try to control what you do. You can even get it with an IR Blaster to control that set top box.
      • by asavage ( 548758 )
        You can also use GB-PVR [gbpvr.com] for free. I use it at home and it works pretty well.
      • I haven't looked into all the hardware needed, but for me the the deal breaker on a diy DVR is the use of IR blasters. I would love to use a serial cable to control the cable box, but both Comcast and Verizon seem to have disabled that feature. I've even given thought to upgrading to a Series 3, so I can get a cablecard and do away with the IR blasters. So how does one setup a diy DVR to work with digital cable without the use of IR blasters?

        • by croddy ( 659025 )
          Well, the way I did it was by refusing delivery on that useless "cable box" Comcast tried to send me. Then I just screwed the tuner's coax directly into the wall and went on my merry way.
    • Re: (Score:3, Insightful)

      by tlhIngan ( 30335 )

      I have two Series2 units and I love them. But there's no way in hell I'd spend PS3-level prices on a Series3 recorder, especially with the lack of TivoToGo and now this bullshit.

      Look, if I buy a device that has a hard drive in it, that hard drive is mine. The data on it is mine. If you don't want me to access it from the "wrong" host, maybe you shouldn't have sold it in the first place. You can have all the control you want over that hard drive while it's gathering dust in your warehouse.

      The blame for that

  • by asdfghjklqwertyuiop ( 649296 ) on Saturday May 12, 2007 @08:02PM (#19100297)

    it's an interesting solution for solving the problem of securing networks.


    This has nothing to do with networks at all. The patent is about making sure a hard disk can only talk to a certain host.

    Its just another attempt to prevent people form using their own hardware how they want to.

  • by pembo13 ( 770295 ) on Saturday May 12, 2007 @08:04PM (#19100305) Homepage
    ... to work against the consumer?
  • The invention described is nothing more than salt and hash.
    • by Simon80 ( 874052 )
      indeed, the first claim is so general, it's ludicrous..
      • by CedgeS ( 159076 ) on Saturday May 12, 2007 @08:24PM (#19100429) Homepage Journal
        Essentially they are claiming: Using a wire-secure challenge system between a hard drive and a host.

        In the text they mention prior art of both:
        1. Using a challenge system between a hard drive and a host
        2. a wire-secure challenge system

        Even if no one has ever put cryptographic functions into a hard drive (I'd be surprised) virtually every cryptography paper talks about all of the communications in the only meaningful terms, abstract ones, implying in a way obvious to non-experts that it can be used between any equipment.

        This, like many other bad patents, is at best a land-grab for a specific piece of territory so well discovered, mapped, and understood that claiming a portion of it is just ridiculous.
        • by Simon80 ( 874052 )
          I didn't even bother reading that much, but I agree, it's so horribly ridiculously obvious that it's a shining example of how the patent system is broken. Someone clearly dropped the ball here, given how long it takes to informally invalidate this patent.
  • by ProdigySim ( 817093 ) on Saturday May 12, 2007 @08:10PM (#19100345)
    Make a security claim so wild that every hacker will buy your product to try to crack it. $$$$
  • by mmurphy000 ( 556983 ) on Saturday May 12, 2007 @08:17PM (#19100381)

    When I was a wee tot, I remember seeing a single-panel _Dennis The Menace_ cartoon. The cartoon itself had Dennis' father at a boardroom-type table with a few other people, his briefcase open, and various parts spilling out. The caption was something like "Gentlemen, our new bathroom scale did not pass the 'Dennis test'. We cannot refer to it as 'unbreakable'".

    Since then, whenever I've heard about something claiming to be unbreakable, I picture a very broken bathroom scale...

  • by zappepcs ( 820751 ) on Saturday May 12, 2007 @08:18PM (#19100391) Journal
    I love it when someone says that 'x' can't be done.... that is sure to bring on the people that show it can be done
    • Re: (Score:2, Insightful)

      by El_Oscuro ( 1022477 )

      Larry Ellison once said of Oracle "can't break it, can't break in". From a security view, Oracle then was a total POS. Even worse than Windows - the worst was 9i release 1. Now, it is a little better as long as you are running 10g R2. If you are running any earlier version of Oracle, upgrade now before your databases are 0wn3d. Better yet, secure them behind firewalls from your corporate intranet. I think Larry used the quote to get some free R&D from the hackers. Now, they can't use any sales pi

    • by Anonymous Coward
      "I love it when someone says that 'x' can't be done.... that is sure to bring on the people that show it can be done"

      Geeks can't get laid.
  • by smartin ( 942 ) on Saturday May 12, 2007 @08:29PM (#19100459)
    I know that I'm probably not their target audience, but the one reason that I have two subscribed tivos is that I can hack them and disable the DRM and generally they've been pretty cool about it. But the day they lock me out of my one boxes is the day that I cancel my subscriptions and either continue with the hardware on my own or switch to MythTV.
  • Read the patent... (Score:3, Interesting)

    by guruevi ( 827432 ) on Saturday May 12, 2007 @08:32PM (#19100481)
    It's basically just a DRM-machination with the cryptography on chip. Basically, the same that AACS has on HD-DVD, and the patent specifies that guessing the password woud take longer than the lifetime of a drive. Euhm, I guess even guessing 56-bits encryption would be enough.

    The problem is still, the user has HIS content, he can do whatever he wants with it as long as he can see it. Unless you encrypt the lightwaves that reach our eyes and plant a DRM chip in our brain, we're going to be able to copy your precious content.
    • by CedgeS ( 159076 ) on Saturday May 12, 2007 @08:40PM (#19100517) Homepage Journal
      Nope, no encryption; just hash-based Challenge-response authentication [wikipedia.org].
  • What good...? (Score:2, Insightful)

    by Torodung ( 31985 )
    ...is a message in a HERMETICALLY SEALED bottle?

    Imagine what the historians and archaeologists are going to do with these doorstops. The quest for perfect data security is beginning to sound an awful lot like the final pages of _Fahrenheit 451_.

    --
    Toro
    • The hermetically sealed humans in the last few pages of the novel might be resistant, but the ones standing around in the snow at the end of the film are still vulnerable to "hot cup'a'soup" attacks.
  • by bluefoxlucid ( 723572 ) on Saturday May 12, 2007 @08:44PM (#19100533) Homepage Journal

    An authentication system for securing information within a disk drive to be read and written to only by a specific host computer such that it is difficult or impossible to access the drive by any system other than a designated host is disclosed. While the invention is similar in intent to a password scheme, it significantly more secure. The invention thus provides a secure environment for important information stored within a disk drive. The information can only be accessed by a host if the host can respond to random challenges asked by the disk drive. The host's responses are generated using a cryptography chip processing a specific algorithm. This technique allows the disk drive and the host to communicate using a coded security system where attempts to break the code and choose the correct password take longer to learn than the useful life of the disk drive itself.

    Drive sends random junk. Host responds with digital signature on random junk. Drive verifies signature. It's a diffie-hellman key exchange derived system called a digital signature. RSA and DSA (El Gamal is DSA's corresponding cryptosystem) are examples.

    • by Cerebus ( 10185 )
      No, it's not. Not even close.

      It's a simple keyed hash challenge-response protocol. The host & controller share a key. The controller generates a nonce and sends it to the host. The host XORs the nonce with the key and returns the SHA-1 hash. The controller compares the hash to a hash it calculates and if they match you're off to the races.

      The XOR of key & nonce seems extraneous to me, but I don't think it impacts the algorithm.

      The flaw, of course, is the assumption that the attacker--who posses
  • BeyondTV (Score:4, Informative)

    by tedgyz ( 515156 ) * on Saturday May 12, 2007 @09:00PM (#19100599) Homepage
    I use BeyondTV and couldn't be happier. No restrictions. They also have SmartChapters which identify distinct blocks of video (cough, commercials, cough). I can also burn to DVD with an extra plugin. You get free TV listings - you just have to buy the software. Sure - they get you with upgrades, but you can choose not to upgrade.
  • by dircha ( 893383 ) on Saturday May 12, 2007 @09:01PM (#19100601)
    "The information can only be accessed by a host if the host can respond to random challenges asked by the disk drive. The host's responses are generated using a cryptography chip processing a specific algorithm. This technique allows the disk drive and the host to communicate using a coded security system where attempts to break the code and choose the correct password take longer to learn than the useful life of the disk drive itself."

    In what novel way - or any way for that matter - does this differ from standard cryptographic challenge-response authentication? I mean, maybe they are using an extremely long generated series of psuedorandom keys, secrets, responses, or all 3 but I don't see how that is novel. Or perhaps incorrect responses result in the disk controller becoming non-responsive for a short period to increase the time required to exhaust the series, but that isn't novel either.

    Any ideas?
  • How is this news? (Score:5, Insightful)

    by Sycraft-fu ( 314770 ) on Saturday May 12, 2007 @09:02PM (#19100611)
    It's not like good crypto is hard to come by. I mean if I pick a good password with AES you aren't cracking that in your lifetime, much less the life of a harddrive. The problem isn't a good password, the problem is that DRM tries to use crypto for something it isn't made for. Crypto is about keeping out non trusted parties. That's how SSH works. You have the key, the server has the key and thus only you and the server can decrypt the traffic. Anyone else can capture everything if they want, and they are going to get all of nowhere with it.

    The problem with DRM is that the person who is the recipient is also one of the people they want to keep out. This creates a problem: To decrypt the message (by message I mean whatever they are giving you, video, song, game, whatever) you have to give them the key. However, if they have the key, well then they can decrypt it and do what they want with it.

    This leads to all the tricky, and ineffective, stuff we see these days. They try to hide the key so that only the device can find it and you can't get at it. Well that just don't work. It can make it so it isn't as simple as just copying a disk, but as we've seen with the AACS break, you can't hide that shit from a determined attacker. The key IS on there, it CAN be found.

    So I don't care how good their password scheme is. AES-256 with a 64 character password is good enough to last until the sun goes dark (or at least until quantum computing becomes a reality) but that doesn't buy you anything if you have to hand out the key as part of your scheme as is required by DRM.
    • From TFA:

      within a disk drive to be read and written to only by a specific host computer

      When I read this I though "Okay, so you have to steal the box to get the content or do a lot of work to get the data off of the drive using the chip in the machine.. no big deal right?"

      Then it occurred to me, maybe the host computer isn't the local Tivo box, maybe it is Tivo's system (remote) that they're calling the host. What does that mean? Now you can't get data off of the drive unless the Tivo calls home, swaps k

  • by Midnight Warrior ( 32619 ) on Saturday May 12, 2007 @10:06PM (#19100931) Homepage

    Quickly, before Cringely ruins it with bad math, I need to point out some very obvious weaknesses in making this work correctly:

    • SHA-1 has been (somewhat) broken [schneier.com]. Not highly repeatable yet, but they're getting there.
    • Encryption does not hide a message forever. Most of us picked up on that in one form or another. It just hides it long enough to make the information useless. If I can only break a single machine 6 years after it was written, the video isn't going to be very useful to me.
    • Good encryption methods assume two things. One is the attacker does not have the key. Smart card attacks have shown [iacr.org] (PDF) that even though an attacker has to guess the key, a poor implementation may provide useful hints during the guessing phase.
    • The second assumption is that the message is not highly predicatable. Disk drives are known for having highly-predicable components on them which makes finding the plaintext all that easier.
    • These folks are so cocky about SHA-1's entropy space, they claim "there is no need to abort the authentication process from a specific host. For example, there is no need to abort the authentication process if a specific host generates three wrong passwords. " Zeroization [cerberussystems.com] is the only way to do this right. You can also vary this so that after three failures, an automatic delay is introduced to slow down the guessing.
    • Reading the patent text indicates that new "commands" will be added. No mention of a bus protocol (ATA or SCSI) is mentioned. Presumably, they won't make the drives themselves, so it will need standardized. The hard drive community is open to using patents, but only if the terms are reasonable or a cross-licensing deal is in the works. If this is a forced attempt, it will fail miserably or cost so much that the drives will be considered custom, low-volume, high-cost components.
    • The likelihood of them screwing the implementation up are so high, they should pursue FIPS 140-1 [cerberussystems.com] certification for every hard drive made. Then, the patent can apply outside the domain of Tivo.
    • This scheme works better as a general hard drive protection measure than for a Tivo. People who own a Tivo might probe the memory chips for the crypographic module to sweep for the drive or system keys. AACS recent events ought to make it obvious that people are motivated to do this. The general case may prevent a lost hard drive from being very useful.
    • It would appear that the cryptographic module does NOT actually encrypt data on the platters. It seems to only cover communication between the host and the disk controller. If an attacker were to replace the circuit board with one whose path was trusted, they could read the platters without issue. They do this all the time in the hard drive repair business; no clean room required.

    Okay, you all can go back to your regularly scheduled cheap shots.

  • Paging... (Score:3, Funny)

    by Nom du Keyboard ( 633989 ) on Saturday May 12, 2007 @10:06PM (#19100933)
    Paging DVD Jon. Report to the TiVo on Deck 7.
  • by hcmtnbiker ( 925661 ) on Saturday May 12, 2007 @10:46PM (#19101111)
    FTA: According to the patent, they've invented a way to create password security that is so tough, it would take you longer than the life of a hard drive in order to figure it out.

    So it's security is that a brute-force/birthday attack is just so improbable that the drive will wear out before i can test enough possibilities to have a measurable chance of getting it? Besides, twofish, blowfish, AES, any virtually any other standard encryption algorithm could boast the same thing. Tell me if I'm wrong, but couldn't i make a bunch of 1:1 copies of the disk and use those to crack it?
  • by babyrat ( 314371 ) on Saturday May 12, 2007 @10:55PM (#19101135)
    but I do know this nifty card trick:

    Give your friend a deck of cards. Turn around and have them shuffle it, select a card at random, memorize the card and put it back in the deck. Have them shuffle it some more (without you looking at it). Take the deck from them and take a card from it and say 'this was your card'.

    In the long run, you'll be right about 1 in 52 times. If you happen to be right the first time with a particular friend, and never do the trick again, they will be scratching their head for a long time trying to figure out how you did it.

    So, the point I'm trying to make is that it could take longer than the life of a hard drive to crack the super secret code, or you get get it right on the first guess (or the second one, or the third one...). So it seems rather silly to claim that it is uncrackable.

  • I can't wait for them to GPL their implementation. Hopefully there will be enough software in the Tivo that gets licesed under GPLv3 to put these assholes out of business.

    Anyone out there have any examples of prior art?

  • Hopefully what they're talking about patenting isn't the protection scheme that's on Series2/2.5 Tivos, because that's been owned for a couple of years now. Series3 Tivos have been hacked to get shell access so far, but AFAIK, encryption hasn't been cracked.

    On a Series2 Tivo, it's not rocket science:
    1) Pull hard drive
    2) Replace kernel with another kernel that doesn't do an integrity check of files at boot time.
    3) Make the startup scripts spawn a telnet daemon (Tivo was thoughtful enough to provide one)
    4) C
  • ...by a patent for squaring the cube.

    Hey what, it's obviously now allowed to patent the impossible!
  • This patent sucks (Score:4, Interesting)

    by Tom Womack ( 8005 ) <tom@womack.net> on Sunday May 13, 2007 @05:58AM (#19102793) Homepage
    That is a dreadful patent, and it would be ridiculous to see it issued; hardware challenge-response dates back to at least the first IFF machines in the second world war, they're not even mentioning having a deliberately slow password-hashing algorithm, which is itself at least as old as UNIX, and the technique is vulnerable to bump-in-the-ATA-cable extraction of the data from the disc in the first place, and probably also to an attack where you swap the drive controller board for one from a drive of similar model without Special Tivo Sauce.

"Our vision is to speed up time, eventually eliminating it." -- Alex Schure

Working...