Oct 8, 2011

Hacking Digital Cable

Repost from article I did over at Rocket City Hackers

Save money by using a QAM tuner to get HD local channels and anything else your cable provider left unencrypted (including your neighbor's on demand purchases)

I have been wanting to get rid of directv.  The one thing that stops me is live sporting events, news, etc. My cable internet provider  has recently readjusted prices from 56 dollars to 36 dollars a month for 12Mb/s download and 2Mb/s upload internet speeds.  This made it somewhat reasonable to get cable internet alone without bundling in phone or digital cable.  So with my "internet only" plan  I can stream movies / TV from Netflix, Amazon, and Hulu.  This leaves me looking for a way to get at least HD local channels for free.  There are two options: use an antenna for over-the-air HD or tune QAM channels over your coax cable.

QAM Tuning, what is it?

Straight from Wikipedia,  QAM stands for quadrature amplitude modulation, the format by which digital cable channels are encoded and transmitted via cable television providers.  So if you have a QAM tuner in your TV, computer, or digital cable box you can tune these channels.   Cable companies can encrypt these channels so that only the digital cable box or cable card can decrypt these channels.   I have not seen a good crypto attack published.  It is either pretty strong or the ones that have figured it out want to keep their free digital cable.

Testing your local cable provider for QAM channels

I don't have a QAM tuner in my TV so I will be using a Silicon Dust HDHome run to connect to my computer.  I have the older version but this new Dual below solves some of the shortcomings of my tuner mainly having two coax inputs, one for each tuner while the DUAL uses an internal splitter.  This also works out because I want to make a DVR of my computer and this is compatible with every program I would want to use.

I know from testing that my service provider blocks analog cable channels with a notch filter or band-stop filter either in my box or the box at the street.  This article will not suggest or condone bypassing this filter to get analog cable for free because this is illegal.  What you probably didn't know is that when you get cable internet you also get the higher frequency digital channels usually reserved for tuning with your rented cable box and corresponding digital cable plan.    I have heard there is some law that says that if it is available over-the-air then the cable company has to leave the channels unencrypted.  These signals are not blocked because it may be costly to have a filter that blocks digital cable and not cable internet, not possible, or they just don't care (winner).
So in my case I plug in the HDHomeRun connected to my coax cable split from my cable modem and install the software.   You put in info like zip code and provider to get the device set up.  For the provider you want to choose digital cable because this is what we are after.  The below screen is finding a QAM channel.  On the Program tab 941:0 appears meaning this is not encrypted.  You can then hit view and see the channel.  In this case it turns out to be CNN HD which is the first channel I happened to find.

So this was not normal, it looks like my cable provider was accidentally leaving various channels unencrypted.  That means that I wanted to search for more than just my HD locals such as ABC, CBS, NBC, PBS, FOX which were also there.  You can manually seek or you can scan and see what is found.  I came up with the list below.  What is not shown on this list was Discovery HD which is one of my favorite channels.  SCORE!  More than this there is no copy protection on these recordings because they are completely unencrypted.   In part two of this article I will tell you about options on recording these digital cable channels with MythTV or Windows Media Center 7.

Double Bonus Time

When I was searching through these channels which will change on the whim of your cable provider,  I noticed something.  Every once in a while a new channel would pop up at the end of the range of channels such as 114-123 for example.  When I actually tuned these transient streams I figured out that these where OnDemand choices that people were buying and watching on their digital cable boxes.  They ranged from SD to HD quality.  They also were being remotely controlled by the person's box who was watching it.  The stream would pause, rewind, and stop as controlled.  This made it slightly less fun to watch but if one stream paused you could usually find the same movie etc on another channel.  Using this method I could see and record every new release that was out there.  Word of caution, people rent some crazy stuff and you don't know what is going to show up so some parental guidance is needed starting around 9pm.   Since I found this flaw I think the service provider upgraded the encryption of the OnDemand system for encryption because I have not seen a stream like that pop up recently.

Try it yourself for free with no setup or hardware purchase!!!

So all you really need to try this out is a newer TV set with QAM tuners.  You connect your coax cable to the TV set and look for scanning the digital channels.  See what you find for free.  Also there is another feature that the Silicon Dust HDHomeRun website provides.  You can go here and put in your zip code and pull down your cable provider.  Apparently silicondust samples (with consent in the app) the tuners that are deployed in your area and show what they are able to tune.  You can basically find out what free channels your are going to be provided with no setup or hardware purchase.  You can see beforehand if your provider encrypts as they should or left some gaping holes for you to find.
Thinking about a part two of this article where I will tell you about options on recording these digital cable channels with MythTV or Windows Media Center 7.  Let me know in the comments what you think.

Feb 24, 2011

Google storing Wi-Fi AP names and passwords?

I just picked up a Motorola Xoom and noticed something odd when checking it out.  I turned on the Wi-Fi for the first time after syncing with my Gmail account, that my home network (which I was not in range of) showed up.  I also noticed that the Xoom connected to my local network at work.  I found it odd because it was obtaining an IP address before I told the Xoom what to connect with and more importantly what the password was.  I own an Android device (Droid X) and these networks it had as "remembered" were all the AP's I had connected to with my phone previously.  I have allowed Android to sync my contacts and some application info. 

The obvious implication is that Google was storing the names of the AP's that I had previously joined and more importantly the passwords that I had entered and saved on my Android phone.  I have not read any information reporting this previously nor can I find similar stories when I do a quick Google search.  Most importantly I don't remember authorizing storing of this data but who knows what fine print I overlooked in various EULA's.  I don't know if this is specific to Android Honeycomb 3.0 or Xoom but this is the first time I have noticed such activity.  I guess more testing needs to be done by others for verification.    Let me know in the comments if you have seen this behavior before or can test on the Xoom or other devices.

Another observation I have made is that all the applications from my phone restored on the Xoom rather than just the paid applications.  This is an upgraded Honeycomb 3.0 sync functionality because Android 2.2 only let one restore paid applications from the Android Market.   This may mean that storing the AP names and passwords was part of this upgraded capability in Honeycomb.  I then noticed that under settings and the privacy tab that they have added "Backup my application data, Wi-Fi passwords, and other settings to Google servers.  The Droid X Android phone that I have under the same tab has "Back up my settings and other application data.   This definitely confirms that Google is now backing up Wi-Fi names and passwords so uncheck this if you don't want Google to have this info.  The problem I have is clearly they stored that information before from my phone without advertising this until it restored this data on my Xoom.  Now I wish they broke out the options so I choose yes for contacts and no for passwords.  Bad Google, ...again!