Feeds

How gizmo maker's hack outflanked copyright trolls

Chumby NeTV: A triumph for mankind

High performance access to file storage

When the master encryption key locking down millions of Blu-ray players and set-top boxes was mysteriously leaked last year, Hollywood moguls worried their precious high-definition movies would face a new flurry of piracy.

Instead, it spawned the Chumby NeTV, a tiny, Wi-Fi-connected box that sits between a television and a set-top box or DVD player so email alerts, Tweets and other internet content are scrolled across the bottom of the screen – all without interrupting the flow of the video.

Making the NeTV break into the encrypted video stream passing through an HDMI cable required the elite hacking skills of Bunnie Huang, an engineer and co-founder of Chumby, the maker of net-connected alarm clocks that display weather forecasts, news headlines, and other internet content. Using the leaked master key at the heart of the HDCP, or high-bandwidth digital content protection, encryption scheme to modify the content was clever enough. Doing it without violating draconian copyright laws was nothing short of brilliant.

picture of Chumby NeTV

The Chumby NeTV in all its glory

That's because HDCP was created by Intel for the express purpose of thwarting piracy by restricting access to video passing between set-top boxes and TVs. It establishes a secret key that's unique to each pair of devices, creating a barrier for would-be pirates out to capture and copy the high-definition content. Tampering with this scheme runs the risk of violating the Digital Millennium Copyright Act, a law that carries stiff criminal and civil penalties for circumventing technology intended to prevent access to copyrighted material.

Ignorance is bliss

Faced with the challenge of crashing the party that only HDCP-compliant devices can join without running afoul of the DMCA, Huang employed the leaked master key in a way that allows the Chumby NeTV to use the shared secret key to inject Tweets and other content into the encrypted stream without decrypting the restricted video. His device intentionally remains oblivious to the protected work, a distinction he believes keeps it from violating the law's anti-circumvention provisions.

“It's important to note that nowhere in the pipelines is the video data decrypted,” Huang wrote in an email to The Register. “We don't use the master key to break any locks, or circumvent any copyright protection. We use it to enable interoperability and we do so without ever decrypting the source data: encrypted pixels are just replaced with different encrypted pixels.”

Huang's claims have been confirmed by two experts.

“What's interesting here is that although the device does have the keys needed to do decryption, it isn't actually doing that,” Keith Irwin, a professor of computer science at Winston-Salem State University in North Carolina, wrote in an email. “A conceptually simple means of modifying encrypted video would be to have the NeTV decrypt the video signal from the video device, modify it, then re-encrypt it. However, this isn't what the NeTV does.”

Cryptographer Nate Lawson, who heads the Root Labs security consultancy, has analyzed the open-source code that runs the NeTV and provides an analysis here.

High performance access to file storage

More from The Register

next story
Report: Apple seeking to raise iPhone 6 price by a HUNDRED BUCKS
'Well, that 5c experiment didn't go so well – let's try the other direction'
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Nvidia gamers hit trifecta with driver, optimizer, and mobile upgrades
Li'l Shield moves up to Android 4.4.2 KitKat, GameStream comes to notebooks
AMD unveils Godzilla's graphics card – 'the world's fastest, period'
The Radeon R9 295X2: Water-cooled, 5,632 stream processors, 11.5TFLOPS
Sony battery recall as VAIO goes out with a bang, not a whimper
The perils of having Panasonic as a partner
NORKS' own smartmobe pegged as Chinese landfill Android
Fake kit in the hermit kingdom? That's just Kim Jong-un-believable!
Gimme a high S5: Samsung Galaxy S5 puts substance over style
Biometrics and kid-friendly mode in back-to-basics blockbuster
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.