# Is TiVo hacking dead?



## Saturn

Is TiVo hacking dead? I fondly remember poking around with my S1 getting it to do PPP over serial. The S2 was a little trickier, requiring a particular software version and hacked kernel, but still possible. The S3 was a PITA, requiring a modded EEPROM (BIOS?). I modded one of mine so I could hack around the idiotic "do not copy bit" that Time Warner set on every single channel. 

Now I've got a TiVo Mini (and a Bolt on the way) and it would be really nice if I could get SSH access to it so I could bridge the Ethernet and MoCa ports and use it as a MoCa bridge, but I don't see that happening. 

I never quite understood the Linux community's severe negative reaction to TiVo, but I'm starting to...


----------



## lpwcomp

I'm pretty sure that the Bolt has bridging capability built-in. As do the Roamio Plus and Pro.


----------



## Saturn

Yea, they do, which means it was probably a conscious decision on the part of TiVo to disable it for the Mini. Which also means it is probably about 4 lines of bash script away from being enabled. That way I could use the Mini as a bridge for the TV and/or game consoles near the Mini. 

That said, I have 4 MoCa bridges in use already - two Netgear, two MI424s, and a couple more sitting in a box. So I don't NEED to do this hack, but it irks me that can't.


----------



## Wil

The Tivo was so unique that a large band of hackers was originally attracted. Of course we got lucky with the unique tridge, on whose work so many built. These hackers essentially defined what Tivo and its copiers became.

Simultaneously to virtually all the old hackers losing interest and moving on, Tivo (post-original series 3 and model HD) made hacking lots tougher. There are few benefits to hacking anymore since most of the old hacks are now built in, so new hackers are not highly motivated to take up the craft. There are other solutions to the cci problem.


----------



## lpwcomp

Saturn said:


> Yea, they do, which means it was probably a conscious decision on the part of TiVo to disable it for the Mini. Which also means it is probably about 4 lines of bash script away from being enabled. That way I could use the Mini as a bridge for the TV and/or game consoles near the Mini.


More likely they just didn't add the capability.



Saturn said:


> That said, I have 4 MoCa bridges in use already - two Netgear, two MI424s, and a couple more sitting in a box. So I don't NEED to do this hack, but it irks me that can't.


May I ask why you have so many isolated Ethernet networks?


----------



## Saturn

lpwcomp said:


> More likely they just didn't add the capability.


Bridging network adapters can be done in software via the Linux kernel pretty easily. I don't know if the full units are doing it in hardware or software.



> May I ask why you have so many isolated Ethernet networks?


Because I don't have Ethernet run through my house - I use MoCa to link everything together. 3 TVs with 3 (old) TiVos, all have MoCa bridges next to them. The 4th sits next to the main router. The two smart TVs are also hooked to the MoCa bridges because it is faster and more reliable than WiFi.


----------



## emuman100

I really enjoy Tivo hacking. It's highly technical and very rewarding. With Series 4, the Broadcom Soc used a keyladder mechanism for securing boot, and there hasn't been and way to defeat that yet. I always thought the Premiere would be the a really good hacking platform. Unfortunately, many of the Tivo hackers have lost interest with newer hardware. With Tivo choosing not to activate older boxes, a rewarding hobby is now no more. Defeating the security in newer platforms is much harder, requiring more expensive tools and expertise that before. Some Tivo hackers don't have the hardware expertise to find workable exploits.

All in all, it's a shame. The following and customer base Tivo once had is now dwindling. Choosing not to activate older platforms further distanced Tivo. Tivo hackers wanted to make the Tivo better for everyone. They did. It was hacking that got me into Tivo, and have not used another set top box since Series 1.


----------



## ggieseke

It's dead as far as hacking the units themselves. Even rechipping a Series 3 was beyond most people and by then the only thing it really got you was the illegal ability to defeat the CCI byte.

Other development is still going strong. Kevin improves kmttg almost daily and Dan's pyTivo Desktop is just the latest of many client apps. I remember the TiVoWebPlus / TurboNET days, but the tools we have now are much more versatile and you don't have to be a rocket scientist to install or use them. I'm still doing file system development when I can find the time even though 8TB is more than enough for me.


----------



## emuman100

A "PROM'd" Tivo HD can defeat the CCI byte, disable encryption, allow for video extraction (no need to enable TTG or mess with MAK's), caller ID display, and TivoWebPlus to name a few. It also gives access to logs. I was also hacking since the Series 1 Tridge and TurboNET days, and it was super fun. Desoldering and soldering the Tivo HD PROM is a bit much if you don't have the right tools, but it is worth it.


----------



## JosephB

emuman100 said:


> caller ID display


What's caller ID?


----------



## Anotherpyr

My guess is not only is it a difficulty issue with hacking the newer units as well as the number of cheaper options available today.

Either I’m talking to myself, or the post I replied to was deleted.


----------



## unitron

There's a nasty rumor floating around that some people only buy TiVos so that they can use them to watch shows on their TV.


----------



## zangetsu

unitron said:


> There's a nasty rumor floating around that some people only buy TiVos so that they can use them to watch shows on their TV.


that is a myth, something parents tell their kids to make them behave.


----------



## Wil

zangetsu said:


> that is a myth, something parents tell their kids to make them behave.


Actually, it was once true. I was there. Tivo HD's and to some extent the original series 3 still serve that function today, for that very tiny subset niche of an always tiny niche of Tivo believers.


----------



## ronsch

I still have my DSR6000 running even though DirecTV keeps threatening to turn off the SD signals.


----------



## HerronScott

ronsch said:


> I still have my DSR6000 running even though DirecTV keeps threatening to turn off the SD signals.


But how can you watch SD TV (unless you only watch original SD content)? 

Scott


----------



## QuadraQuack

emuman100 said:


> A "PROM'd" Tivo HD can defeat the CCI byte, disable encryption, allow for video extraction (no need to enable TTG or mess with MAK's), caller ID display, and TivoWebPlus to name a few. It also gives access to logs. I was also hacking since the Series 1 Tridge and TurboNET days, and it was super fun. Desoldering and soldering the Tivo HD PROM is a bit much if you don't have the right tools, but it is worth it.


I'm new here. Where can I find more info on how to do this? It's exactly what I want to achieve, but I'm not sure where to start.


----------



## philhu

i actually have a lifetime subscribed tivohd, with hacks from way back

Still works, still d/l to it, then copy pgms to other tivos i have


----------



## waynomo

QuadraQuack said:


> I'm new here. Where can I find more info on how to do this? It's exactly what I want to achieve, but I'm not sure where to start.


I remember looking into this years ago. I did some googling, etc. and found the chip, but decided it wasn't worth it. It's so old and the TiVohd is almost obsolete that it might not be available anymore.

What are you trying to accomplish? Does your provider copy protect everything? Depending upon your goals there are probably easier ways to achieve what you want to do.


----------



## Wil

philhu said:


> lifetime subscribed tivohd, with hacks from way back


It's sad that many of these have been landfilled, some after being deactivated for the lifetime transfer, which is just an awful thing to do. I have found homes for HDs over the years; running into a modded one is a real treat as the process is a bear. The modded series 3s also still have a place as there are cable systems with few or no mpeg4 channels.


----------



## philhu

believe it or not, my fios in boston has few mp4 channels

It is a shame when they did the software upgrade a few years back to update the certificate, they didnt fix the mp4 thing. The TivoHD harware wise can do it, they just never put in the software.


----------



## Wil

philhu said:


> The TivoHD harware wise can do it, they just never put in the software.


The s3 has the hardware capability as well. In both cases, my understanding from insiders was the software simply had to be turned on (and was, accidentally and temporarily at one point on the HD [probably during the Australian marketing of the HD] even before the official upgrade).


----------



## ggieseke

If memory serves only the original 648 S3s with the OLED display could be PROM modified. Once the 652s and 658s came out they moved the encryption chip to the main CPU. I may be wrong.

I don't think the 648s were capable of MPEG-4 which is why only the later models supported it first in Australia and much later in the US.


----------



## Wil

ggieseke said:


> If memory serves only the original 648 S3s with the OLED display could be PROM modified


No; both the s3 648 and HD 652.



ggieseke said:


> I don't think the 648s were capable of MPEG-4 which is why only the later models supported it first in Australia and much later in the US.


The s3 648 plays back mpeg4 just fine; the hardware capability is there. The capability of receiving mpeg4 channels is uncertain, but a moot point since the software (if it exists) has not been turned on and never will be.


----------



## stevel

FWIW, the DDB forum, where a lot of TiVo hacking knowledge resided, has been shut down by its owner. (For many years, I was the only active moderator, but it's not my site.) I am trying to see if I can get a copy of uploaded files, though I discovered that a bunch of old scripts had been deleted. I'm not sure what value, if any, is left there.


----------



## wmcbrine

Well, that sucks. I had a lot of issues with the attitudes on that forum, but without that resource, I think we can pretty much answer "yes" to the thread subject.


----------



## stevel

I am discussing the issue with the site owner. The main issue is that the forum runs an ancient version of vBulletin and he doesn't see the value in paying for an upgrade (I agree). I pointed him to resources for converting to phpBB or xenforo.


----------



## Wil

He provided an environment there in which the DVR we eventually came to know became defined, from the bare bones of the original Tivo. An important historical site. Tell him one of the early contributors says hi.


----------



## HerronScott

philhu said:


> It is a shame when they did the software upgrade a few years back to update the certificate, they didnt fix the mp4 thing. The TivoHD harware wise can do it, they just never put in the software


The HD was upgraded to support MPEG4 at least as far as recording shows. Are you referring to the fact that they did not update the ability to download an MPEG4 show from an HD?

Scott


----------



## HerronScott

ggieseke said:


> I don't think the 648s were capable of MPEG-4 which is why only the later models supported it first in Australia and much later in the US.


As Wil indicated, the S3 OLED has MPEG4 hardware support but they never released any software update to support it unfortunately.

S3 OLED (648) CPU/decoder
Broadcom BCM7038 system-on-a-chip, including the MPEG-2 decoder
Broadcom BCM7411 MPEG-4 AVC/H.264 and VC-1/WMV9 decoder

HD (652/658) CPU/decoder
Broadcom BCM7401 system-on-a-chip, including the MPEG-2, MPEG-4 AVC/H.264, and VC-1/WMV9 decoder

Scott


----------



## reneg

stevel said:


> FWIW, the DDB forum, where a lot of TiVo hacking knowledge resided, has been shut down by its owner. (For many years, I was the only active moderator, but it's not my site.) I am trying to see if I can get a copy of uploaded files, though I discovered that a bunch of old scripts had been deleted. I'm not sure what value, if any, is left there.


I didn't expect my Tivo HD to last longer than the DDB forum. If you get the text from the forums, I'd be interesting in the text from the very long patching the Tivo HD thread. This past week, I cloned my Tivo HD drive just to have a backup handy in case of drive failure.


----------



## stevel

Don’t hold your breath.... I have heard nothing from the forum owner.


----------



## jmbach

Well you probably can get information from the internet archive.I doubt if you can download any files.


----------



## Wil

reneg said:


> I didn't expect my Tivo HD to last longer than the DDB forum. If you get the text from the forums, I'd be interesting in the text from the very long patching the Tivo HD thread. This past week, I cloned my Tivo HD drive just to have a backup handy in case of drive failure.


The place is back up. At least some files are still there.


----------



## Sapphire

Saturn said:


> I never quite understood the Linux community's severe negative reaction to TiVo, but I'm starting to...


The "Linux community" never really hated TiVo. Open source zealots like Richard Stallman did because they want everything that touches open source software to be open source. That's why GPLv3 exists, and what it aims to do. It's also why many people stayed on GPLv2 for licensing.


----------



## reneg

Wil said:


> The place is back up. At least some files are still there.


Thanks, I archived off a couple of threads.


----------



## All-In

Is there any way to affect the 'do not copy' bit on the Bolt? My cable company also sets it on every show and it makes the Tivo rather useless. Before the cable system went digital I had a couple of shows I would set the Tivo to grab every episode of and then copy them off to a hard drive to have a complete archival copy, but now I can't get anything off the Tivo...


----------



## Wil

All-In said:


> Is there any way to affect the 'do not copy' bit on the Bolt?


No.

What you do is _also_ have a modified Tivo HD on your home network to record those shows. Once recorded, the show can be moved to the Bolt or any other Tivo on your LAN, through normal means since the show is fully functional for all normal Tivo mrv and ttg uses, and also kmttg, pyTivo and such (hydra issues still apply though). You can also use a modified Tivo s3 if the channels you're interested in are not mpeg4.


----------



## All-In

Thanks Wil. I happen to also have another lifetime Tivo... so I guess I need info on how to modify that unit. Is there a method that still works?


----------

