How gizmo maker's hack outflanked copyright trolls When the master encryption key locking down millions of Blu-ray players and set-top boxes was mysteriously leaked last year, Hollywood moguls worried their precious high-definition movies would face a new flurry of piracy. Instead, it spawned the Chumby NeTV, a tiny, Wi-Fi-connected box that sits between a television and a set- …
about a year's worth of dealing with lawyers, all I can say is they'll find a way.
I've found that, with a smile on their face, a spring in their step, a song in their heart, and, most importantly with their bloody meter running they'll quite happily argue;
black == white,
white==black,
legal == illegal,
illegal == legal,
criminal == civil,
civil==criminal
and that's just before breakfast
Give them food (or the promise of fees++, sorry ++fees) watch their minds go into legalistic gobbledygook overdrive...
Thy'd probably tackle it along the lines of, hey, he's still using a circumvention enabling device (the leaked key) to make monies even though he isn't circumventing the copyrighted material, the key belongs to our clients, we wants the monies...with the right judge/legal system, they might stand a chance.
Smart as it is they'll probably still try.
Don't make the mistake of thinking that copyright or patent actions are always about recompense for damages, they're often used to destroy a competing company by removing their market and/or financially ruining them.
Sad fact of life, the courts are used as a business tool these days.
Maybe, maybe not, but that doesn't stop someone claiming that you need a license to join their party.
ISTR that HDCP also uses the keys to verify that the device connected at the other end is OK to talk to? If his box is in the middle, and convinces the source to talk to it because it is a valid receiver then I'm sure some lawyer can wangle something. After all, if they can claim that executing a program is copying, because the content is read out of a ROM chip into the processor, then they can claim anything.
>> ...However when lawyers and big tech. are involved it's not likely...
I disagree. The British/American legal sytem generally results in common sense winning the day. That's why we have independent judges and juries (not appointed by government). Juries can even disagree with the law, and find someone "not guilty" where it's obvious that they actually did commit the crime. Judges don't have this privilege, but can make it obvious that they disagree with the law by saying so, and by allowing appeal to a higher court.
Unfortunately, the triumph of common sense may have to wait a long time for a ruling of the supreme court, or even for a legislative change (where the supreme court is forced into a decision it doesn't agree with).
This is where the lawyers for the massive corporations make their money - not in obtaining the desired verdict, but in delaying the undesired ultimate verdict for as long as possible, while their clients continue to cream the market.
Life's a bitch, innit? Keep hoping, though. It might work one day.
Read the article again. Neither device performs an HDCP handshake with the NeTV box, since it passes the signal through. From the description, it sounds like it snoops on the handshake to determine the session key used to encrypt the video data.
From that point, all it does is encrypt the video overlay using the session key and overlay it on the encrypted video stream. Because it is a streaming cipher, the changes to the data do not corrupt the original video data.
Everyone owns a copy of the key -- or at least everyone with HDCP equipment. The key is in the displays as well.
So one way of getting it would be to break into the tamper-proof hardware where key origination is done.
Miind you, protecting a secret with licence agreements with multiple players, multiple jurisdictions and (of course) multiple employees, is totally for the birds.
Devices only contain a device key, which is derived from the master key. Around the time HDCP was deployed, a paper was published showing that it was possible to derive the master key from a relatively small set of device keys ( 40 under favourable conditions). So not everyone has the master, but it's only necessary to break 40 or so devices to be able to derive it. Presumably some hardware implementations are/were weaker than others in protecting the key material, leading to the break.
...maybe be good for businesses, say someone like tesco's showing a BluRay while overlaying it with pricing, what isle it's located in etc etc....
Or maybe you're bidding on something on the tat bizzare and don't want to check evey five mins for an update.
Or your waiting for an important email, but don't want to keep running off to check your pc....
Also,
sod the Yanks, just sell it everywhere the DMCA doesn't apply (yes we all know USA law = World law)
Lacking an HDMI projector, and having not had a TV for years, I don't have a use for this, but I want to reward this kind of creativity - even better if I don't have to cause the creator to go to the expense of actually building and shipping me something, so perhaps a "happy to accept cash-based recognition for this kind of creativity" approach.
I really hope this little fella doesn't get pancaked by the lawyers, because I would definitely want to check it out. Sadly, as Mat Child says (06.30), if the Big Players want to put a stop to a product which threatens their world view, they often have the cash to find a way.
I wonder how much Chumby are asking for the NeTV - if they can bring it in under £100, that moves me into the "definitely interested" bracket...
I reckon taking these guys to court would be a difficult case to prove and open up anyone making a claim to allegations that they are using the courts to prevent innovation rather than protect their rights.
Doubt any one will go to court though as probably cheaper to buy them than pay the really expensive lawyers.
How about in the 24 hours petrol station to tell the numpty, who is in a semi coma watching a film, that the guy by pump number 2, who is jumping up and down and waving his arms, would like the magically locomotion potion to pour from said pump into the containing vessel cunningly built into his 4 wheeled tin box?
That would be useful until they legalise connecting an HT circuit to numpty's family jewels.
Does this not though actually still break copyright?
IANAL but surely the picture that the user sees at the end is still modified even though it is an overlay?
But then because it is a user actively using the device does that mean that the user wanted the overlay and therefore does not break copyright?
Headache, this is why IANAL :)
The DMCA criminalises production and dissemination of technology, devices, or services intended to circumvent DRM measures, and the act of circumventing such DRM measures and controls.
The Chumby doesn’t do any of that, and the security of the original HDMI signal is still intact. The only issue I can see is that Chumby have not received an HDMI licence.
"The Chumby definitely doesn't infringe copyright or require a licence for HDCP or anything to do with HDMI"
I would think that the lawyers would be poring over this. Take their time and get it right. The outcome if they were successful would be to ensure that anyone who wants to send data compatible with X, in any form, must be licensed. I would have thought a precedent like this would be worth billions to any of the big players.
Hell, It would be worth getting a Chinese clone of this, importing it, and then throwing a legal hissy at the straw man company you setup, take that to court in Texas. Your out of pocket for more than the legal fees (you need to hire loosing lawyers), but you have a hell of a chance to structure things so you get that precedent.
If there's ever a risk of that happening, the big guys settle out of court, preferably with a confidentiality agreement. E.g. Murdoch vs selected 'celebs' (eg Gordon Taylor, Max Clifford) in recent years. Obviously the relevant Met high-ups didn't tie that one down as hard as they should have, and consequently it ain't over yet.
What exactly is a "copyright troll"
"Patent troll" I understand because patents can be a very, very grey area. But copyright is hard and fast, either it's been broken by the unlicensed and unapproved reprodiction or duplication of copyrighted material or it hasn't.
Does the author really see no difference between the actions of the likes of Lodsys and those of film and record companies?
Incidentally I'm not making a judgement on Chumby with this comment, it's just the bias of the headline that concerns me.
Similar to Patent trolling, copyright trolling is using the threat of legal action regarding copyright to prevent or dissuade someone from doing something, or to directly extract monies from a victim.
In many cases copyright has not actually been infringed, the troll is simply trying to scare the victim into doing (or not doing) something - the case almost never gets to court.
Intellectual Property is a grey area pretty much by definition.
CoS is well known for bullying critics with "copyright infringement" lawsuits, which is why Anonymous came to be well.. Anonymous.
Anyone pimping off dead author's works is potentially one of these; the one that screwed over The Verve for "Bittersweet Symphony" being one of them (the Rolling Stones are still alive, but the one with the rights who sued isn't one of 'em)
It might also apply to anyone holding copyrights for works not made by them; they can and will do things against the spirit of the original author.
There is the fair use doctrine. Posting lyrics from a song to make a point about the singer is one area. Eminem has sued a number of Rap magazines over this issue. He has only won the ones where they posted the entire song. Fragments are ok but the question becomes how big is the fragment.
You can also use copyrighted material to make a parody.
Paris, because she is a parody of herself.
Oh - when to stop laughing.
So you're OK with the programmes, most of which are inane poo,
And you're OK with the adverts - which are mostly a waste of everyones' time and rarely even entertaining.
And you're OK with the channel breaks where they tell you (and sometimes show you) what will be shown - which is another waste of your time.
But you're not OK that you can MAKE A CHOICE to buy this device then install and configure it yourself?
What I would like would be to decide for myself what I wanted on my screen:
Adverts - No,
Breaking News - yes in a bottom banner please,
Anti-piracy 'adverts' - No,
Trailers for other films - maybe remind me at the end of the film rather than showing credits,
The film / programme - Yes please.
ttfn
As also said earlier to virtually the same retort.
Ultimately it doesn't have to be twitter, doesn't even have to be there if you don't want it, but is a means to provide an overlay when that's desired. Maybe people want an alarm clock indicator to pop-up on their screens, want to be told when a particularly flagged email arrives, perhaps just want a reminder to say stop watching this and change channel. How many people have put a meal on, sat down in front of a telly and become so engrossed that the meal was cooked and on the way to incinerating before they realised?
I don't want a twitter or email stream on my TV but there are certainly times I'd have appreciated it if there had been an on-screen indication of something.
It's not what it's actually used for; it's the ability to do it that is the real story here.
My Onkyo amp can overlay a menu via HDMI, complete with translucency. Suggests there's a HDCP-sanctioned method of doing this, and I fear any judge would want an explanation of why NeTV apparently has devised this method for the purpose of avoiding the HDCP licensing fees/requirements...
Yes, the path of least legal resistance is to buy an HDMI decoder chip with HDCP functionality (e.g. http://www.analog.com/en/audiovideo-products/analoghdmidvi-interfaces/ad9381/products/product.html) and buy an HDCP key. What this device does is only impossible if you don't want to pay to play.
If the big boys pull out their razors to intimidate this guy, I would recommend he gives the technology away, allowing every man and his dog to really keep the legal eagles busy!
I am still stuck on DVDs so it really doesn'y impact me, I would just like to see the innovator stick one to the megaliths of creative suppression.
Bunny Huang has also written a fascinating book documenting how he reverse engineered the original XBOX, as a bit of fun to take his mind off his PhD. A truly fascinating read, and demonstrates this guy operates on a different level. Genius doesn't come close to describing the skill involved:
http://www.amazon.com/Hacking-Xbox-Introduction-Reverse-Engineering/dp/1593270291
E.g he needed to dump the comms going across the northbridge interface, the equipment to do this was several million dollars, so he builds his own out of spare parts.
I am not clued into this kind of stuff but I am interested in the answer if anyone knows
If modifying the content (meaningfully) requires the "secret" key, could it not be argued that the encryption was not only there to protect the content but also protect modification of the content? Or does the law not cover protection of content against modification?
Also a slightly related question: If I encrypted some stuff with a private key but intentionally published the private key publicly, would it therefore become legal for people to decrypt the data? Or would it still be illegal to decrypt it? Just interested in this one, not sure where to find the answer other than ask here.
Something I've been doing for years, and now the triple play CableCOs here in the USA have started to do too is use video overlay like this to flash up caller ID when the phone rings.
Works great, no need to interrupt the movie and go get the phone if it's a Telemarketer. Works even better if you mute the ringer before you sit dow. Now all you have is a couple of seconds of a name & number at the bottom of the screen.
The bugger is you need to be watching content from the STB. If you're watching a BluRay you're screwed. This device opens the door around that.
My dodge is averything goes through my HTPC, so I can overlay anything I like on the TV (Monitor really) before it gets onto the HDMI cable. Chumby makes the same thing practical for "The Consumer".
The only people who may have a case against it are Intel as they are picky about getting licencing fees for HDMI. That doesn't sound insurmountable.
Finally the NY Hall of Science is down the road from me, think I might go to the "Maker's Fair" sounds fun. Particularly if I wear my "I void Warranties" T-Shirt...
If you can write decent copy, Dan (this piece's author), might be interested.
This would be great for me. I can sit at home watching TV/Movies, and without having to keep my phone handy be able to get system/network alerts at the bottom of the screen.
This might even make ESPN worth watching, just feed it a constant stream of spaces to cover that annoying banner they think we like.
HDMI this is the worst transport i have seen to date. You got incredible trouble reaching over 15 m , the cables that allow you to are garden hoses , extenders over cat5 cost an arm and a leg .. ( literally ) , and you cant do what you want with it .. eg show on multiple displays without using yet more hardware that cost a fortune to the consumer. .. hey .. wakeee wakeee .. we used to do WAY more over simple coax : just look at hdsdi , or component .. all over coax , all with way longer transmission distance ( like 300 feet ) and that without annoying cat5 adapters that break every few years and need replacement. Copyright protection is one thing, but when it messes with the ability of the consumer to do what he needs to with the signals for his uses it becomes counterproductive and as a whole we should refuse to use technologies like that one on the grounds that it is a technically inferior product.
ftb
won't bother with this guy until/unless he starts to make serious money with it. Then they'll decide whether or not he's the kind of material they want in their echelon of power, and if not then they'll sue him into bankruptcy; if he is then they'll see to it that he becomes a multibillionaire like themselves.
...and they were connected to each other by CAT6 cable with standard RJ45 plugs, then I would be interested...
Oh, they do that already, so can I extend 300ft of Furukawa cable between my TV and my Blu-ray player?
OTOH, great idea for running ads, and on screen alarms...
Since I own the output media (TV, Monitor, etc.) I would defend my right to be able to display whatever I like on it. Since I am not tempering with the content, simply adding more content on the output I would argue that it is fair use. For instance, PIP (as mentioned by a fellow Reg Reader) and even OSD falls in this category (those lovely menus our currents TV sets use control them).
Nevertheless, I never doubt lawyers to be able to convince people that black is white, red is blue and cows can fly.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
