By Dan Cornell
The UI was very well done – certainly better than my Tivo. I liked the way that the current show playing never completely left the screen. While I was searching for other channels to watch or on-demand movies to buy the current channel was always playing. Very nice.
I did some crudimentary poking around as to how the service worked (sans-benefit of any technical documentation) and it looks like the service works on a combination of TCP and UDP multicast. Very cool stuff if they can run three receivers from a single Lightspeed connection. If they can make three HD connections work over the cabling allocated to a single house – fantastic!
If they are actually using multicast UDP to transfer the content it would be interesting to see what sort of encoding and encryption facilities that have included in the system. If those weren’t well-put-together it should be straightforward for a reasonably technical attacker to pick them apart. Given an understanding of the encoding and encryption protocols for the UDP packets an attacker could potentially:
- Observe and snoop what another television in your household is watching
- Store pay-per-view movies indefinitely and possibly convert the content to other, more portable formats
- Force another television in your household to watch arbitrary programs
If AT&T has done a good job securing the service these things shuld not be possible. I only looked at the service to a very cursory degree and didn’t really have a chance to formulate an opinion of how well they did. And I am more of a (web) software security guy than a network and infrastructure security guy. I am sure, however, that the attacker community will be watching and taking notes. Hopefully AT&T did their homework.
dan _at_ denimgroup.com