[bunnie] is up to his old tricks again. He successfully implemented a man-in-the-middle attack on HDCP-secured connections to overlay video in any HDMI video stream. There’s a bonus, too:
his hack doesn’t use the HDCP master-key. It doesn’t violate the DMCA at all.
HDCP is the awful encryption scheme that goes into HDMI-compatable devices. Before HDCP, injecting video overlays or even chroma keying was a valid interpretation of fair use. [bunnie] thinks that HDMI devices should have the same restrictions analog devices have, so he decided to funnel his own video into his TV.
The build uses the NeTV, a handy and cheap FPGA board with an HDMI input and output. [bunnie] got the FPGA to snoop the HDMI bus and decide if a pixel needs to be changed or not. This isn’t much different from what researchers in Germany did a few months ago, but unlike the academic security researchers, [bunnie] gives you a shopping list of what to buy.
As an example of his work, [bunnie] implemented something like a ‘tweet ticker’ on HDCP-encrypted video. There’s very little the NeTV setup can’t do from chroma keying, filters, or simply dumping the HDMI stream to a hard disk. Check out the slides from [bunnie]’s talk to get better idea of what he did.
[PAPPP] found a video of the talk in question. Check that out after the break.
Continue reading “Overlaying video on encrypted HDMI connections”
Check out the new set-top box on the block, the NeTV from Chumby Industries. That link will take you to their video demonstration of the device, which is a humble-looking black box with no apparent user interface. You’ll see a few cool tricks that may impress you, like pairing the device with an Android phone through the use of a QR code. Once the two have mated you can do things like share images on the TV and load webpages from addresses entered into the smart phone. There are options for scrolling alerts when you receive an IM or SMS, and a few other bells and whistles. All of this from a device which connects with two HDMI ports to sit between your TV and whatever feeds it a video signal. Read all about the features here.
But its the hacking potential that really gets our juices flowing. The developer page gives us a look inside at the Spartan-6 FPGA that lives in the little case. We don’t often quote [Dave Jones] but we’re certain he’d call this thing ‘sex on a stick’. They’ve made the schematic and FPGA information available and are just begging for you to do your worst. The power for the device is provided by a USB connection but curiously is just above spec when drawing a max of 700 mA. We have a USB port on the back of our TV and would love to velcro this thing in place and power it from that. What would you plan to do with it?