Amit’s lab

Television is not a new concept. We are watching television for more than three decades. But, as everyone knows, technology is ever evolving which is leading towards the exponential changes in the world of television. With the advent of Digital TV, people got more choices to select the medium of their television viewing experience. Every one is going beyond terrestrial broadcast to get the best quality and enhanced television viewing experience.

There are three kinds of digital television broadcast systems existing today including Satellite TV, Digital Cable TV and IP TV (Internet Protocol Television) being the latest entrant in the world of television content broadcasting.

Internet Protocol Television (known widely as IP TV), being the newest arrival on the block, threatens the other two mediums by promising to give a tough competition. IP TV is a mechanism of viewing the regular television channels over IP. Similar to Satellite TV and Cable TV, the signal is encrypted using vendor specific security mechanisms and can only be decrypted by a receiver (STB). The video is sent in the form of IP packets over the existing broadband infrastructure and is assembled at the viewers’ end with the help of a Set Top Box. This becomes advantageous as existing broadband distribution infrastructure can be used to deliver television signals enabling the user to enjoy television over the same broadband connection used for surfing the internet. This is beneficial for broadcasters as they can offer “Triple Play” service of voice, data and television over the same network using the same infrastructure. “Triple Play” service refers to three different services of VoIP, Internet and IP-TV bundled together and offered over the same network. With IP TV, one can be assured of better video quality and stereophonic sound much like in case of DTH & Digital Cable TV. Even the customer specific services of Video on Demand (VOD) become a reality. Also, this enables broadcasters to have two way communications with the viewers as opposed to in case of DTH and Cable TV. IP –TV, still being in its stage of infancy, is not very stable. Due to high bandwidth requirement (approximately 5 Gbps, even ADSL2+ technology can support only up to 25 Mbps), hundreds of channels cannot be broadcasted simultaneously. Every channel change request by the user goes to the content server resulting in a delay for changing a channel. Currently, IP-TV is in roll out phase with broadcasters being BSNL, MTNL, Airtel and Reliance only in selected cities of India.

Continue Reading

Quote of the Day:"Too bad drinking scotch isn't a paying job or Kenny's dad would be a millionare!" -- Cartman

Finally, I have logged on to my blog site after quite a few months. My personal and work life kept me busy for these few months …

Anyway, So I thought to get back with one of my favorite topics : Gaming.

Recently, I read about XBox Live new development kicked off by Microsoft, called, Project Natal. It is all about a different gaming style or I should call it as an attempt to the next generation gaming experience. Now, Nintendo has already started in that direction with the launch of Wii. And how can Microsoft be far behind in copying the idea. So, here comes the annoucement of Project Natal, a “controller free gaming and entertainment experience”.

With this, a gamer will be able to use his whole body for a rich gaming session just like in Nintendo Wii, except that there will not be any device tagged to the gamer’s body. The Xbox live sensor device will be able to capture the complete body movements of the gamer and translate them in action in the gaming scenario. The game will move according to user bodily reactions. Even to make the experience much better, there will be microphones embedded so as to enable to gamer to interact with the characters in the game. So, it seems like you can actually become “Templer” in “Kill Zone” (some future XBox version) and fire in whichever direction by just pointing your fingers. The sensors should also be able to recognize your facial expressions to understand you feelings and who knows, might be, “Lara Croft” falls in love with you.

As per the claims mentioned on Wikipedia, technical demos of the basic games are done and Microsoft is keen to invest more towards this technology.

I seriously doubt, not about the evolution of rich gaming experience, but about Microsoft’s credibility in producing such high end gaming experience. For Microsoft, sticking to Windows OS and making it stable should be a better and safer option.

Anyway, Lets wait and watch. Meanwhile, just have a look what Microsoft has to say about Project Natal here …

Quote of the Day:"If there are any questions, direct them to that brick wall over there." -- Network President

Hi All,

My brother, Shantanu Goel and I, have started another blog called http://www.safercode.com which is an aim to tell people about some tips and tricks to make your code safer, secure and faster.

You’ll find quite a few interesting discussions and concepts about code optimization, securing coding, safety and reverse engineering on this website. The aim of this website is to cover those apects of programming and security which are not taught in schools and technical institutes.

Also, This site aims to bring all the information together on one page which is spread out or too vague or is not available on the internet.

The site supports RSS feeds also for the people who wish to be the regular readers.

Please do visit the site and leave your comments if you liked the posts there.

Regards,
Amit Goel

Quote of the Day:"You can't fight ideas with bullets." - Leo Gold

” Abguvat zhpu.. V unir orra hfvat guvf fznyy hgvyvgl sbe n ybat gvzr jurarire V jvfu gb jevgr fbzrguvat rapelcgrq.

Jul naq Jura qb V jevgr rapelcgrq? V qb vg jura V nafjre fbzr dhrfgvbaf va n choyvp sbehz naq fgvyy, qb abg jvfu gb fcbvy gur sha sbe bguref. Guvf jnl V gryy gur ubfg nobhg gur pbeerpg nafjre naq trg uvf npxabjyrqtrzrag naq fgvyy, V qba’g cynl n fcbvy fcbeg sbe bguref.

Tbg gur guvat abj. “

What is this all about? is it all gibberish ? hey, i am just playing around being stupid. Just copy paste the above text in www.rot13.com and see what is written above and below?

” Vg vf whfg n cynva fhofgvghgvba pvcure. Vg ebgngrf rirel punenpgre ol 13 cynprf naq rapelcgf gur vasbezngvba. Vg vf whfg hfrq sbe cynva sha naq fvzcyr fghss naq fubhyq arire or nccyvrq ba erny frphevgl vffhrf. Vg vf n irel cbchyne pvcure bayvar hfrq va sbehzf, tnzrf rgp. “

Why I wrote a post like this? I am in a mood of fun. Most of the people know about this. In case you did not know, a good learning for you then.

For more details, check out the rot13 entry at wikipedia

Enjoy… I am just playing around..

Quote of the Day:Morpheus: Throughout human history, we have been dependent on machines to survive. Fate, it seems, is not without a sense of irony.

Cracking softwares is one of the favorite pastimes for everyone. Everyone loves to use cracked versions of games, IDEs, utilities et cetera so that they don’t have to pay for the licensing fee. Now, Licensing schemes vary from company to company and software bundling too. I definitely appreciate the efforts put by engineers in cracking the license keys so as to get the software working till eternity. Cracking license keys work till the time software is just a demo version and opens up only if the license key is provided to the system or it belongs to different licensing schemes which vary from node lock to server based licensing. But, there are still good softwares which do not put in too much of security. I don’t know the reasons. either they really don’t care about the licensing of their highly used softwares or they just don’t know about it. I believe that the former must be true as latter questions the capabilities of engineers sitting in that company.

 

To cut the long story short, If we target such softwares, we actually don’t need to crack the license keys. In turn, what we can apply is the simple reverse engineering philosophy of reading the assembly and modifying it. This works with quite a few softwares. For example: Source Insight is a very popular IDE used for coding in C/C++/Java like languages and it widely used in the world. Its license is also very costly which is about INR 10,000 or approximately $200. Now, if you go wish to use this software, then you need to buy the license otherwise it won’t work after 30 days. Changing the system clock etc are outdated techniques which are no longer valid. Moreover, changing system clocks might affect the functioning of other softwares installed on your machine.

So, For softwares like Source Insight, you can try out few basic things. Disassemble the binary of the targeted software, for example: Source Insight binary is “insight3.exe”. Once disassembled, you need to look for pop up like “trial screens/license key input screen” etc. How does this occurs? Software itself might be checking for some date of installation reading from somewhere. In most of the cases, it is registry files but then, it can vary. So, Attach a debugger (Ollydbg/IDAPro) to this software and try to trace the call looking for date of installation. Once you find it, replace it with calls of NOP instruction. Yes, this is one of the most useful redundant instructions assembly language provide. Once you suppress this call, software thinks that it is a fresh installation. After that, just suppress the function call which displays the “trial version” popup. After this, just reset the installation date by again putting NOP instructions in place of function call of date replacement. There are lot of tools available to make changes to the binary like “HexEdit” etc. Once you do this, Source Insight will never ask you for a license as it thinks itself as a fresh installation every time.

Now, This leads us to think that why a company like source dynamics keeps such a weak licensing system? Either this is their marketing strategy or mere stupidity. I still give benefit of doubt to the former.

Quote of the Day:"Too bad drinking scotch isn't a paying job or Kenny's dad would be a millionare!" -- Cartman

Isn’t the title of the post geeky enough? Atleast I think so, I never thought of something like this even in my dreams until I came across this research from the Security and Cryptography Laboratory at Ecole Polytechnique Federale de Lausanne.

Can you just imagine, Everything you type on your keyboard sitting alone in your room on a highly secured PC is still captured by someone else sitting in another room 20 metres away. The technology being experiemented out is compromising the Electro Magnetic Radiations emitted out by a PS/2 , USB or a LAPTOP keyboard. These EMR (electro magnetic radiations) are captured by a receiver and the whole spectrum is analyzed to get the key presses. So, If you are typing an email or a password or your banking account details, some one can still sniff them out without using any spywares or keyloggers.

Although Electro magnetic eavesdropping is not a new stuff and people keep on doing it. But This is some startling finding I could never ever thought of.

The two researchers have outline four separate attack methods, some that work at a distance of as much as 65 feet from the target. And you thought, Even disconnecting the PC from internet makes it secure..

Watch out the following two videos demonstrating the hack.

And the second one…

Get the actual paper here…

“COMPROMISING ELECTROMAGNETIC EMANATIONS OF WIRED KEYBOARDS” by Martin Vuagnoux and Sylvain Pasin.

The paper is still under review and not much details are available about it.

…

Quote of the Day:Homer: Kids, you tried your best and you failed miserably. The lesson is, never try.

Just an update to my previous post.

This War intensifies with Tata Sky annoucing its PVR Set Top Box to be launched Soon. Check out Tata Sky Website for details. With this, you’ll be able to pause, rewind, record Live TV.

I won’t talk much about it right now and will wait for its official launch

Till then, keep thinking whether to buy Airtel OR wait for this launch

…

Quote of the Day:Grandpa: My Homer is not a communist. He may be a liar, a pig, an idiot, a communist, but he is not a porn star.

ALRIGHT!!! THE PARTY IS ON. The war has begun with the latest entrant being Bharti in the Indian Satellite TV (DTH) space. Bharti entered the market with the brand name “Airtel Digital TV” a day before. For the past one week, Airtel was running teaser campaign (”See you at home soon”) for its Digital TV launch. Reliance retaliated almost overnight by takign over this teaser campaign almost same to Airtel one and played the spoiler for Airtel. Remember that age old Pepsi Vs. Coca Cola advert battles. That’s what Reliance did to Bharti.

Please make sure to read the complete post if you are planning to buy one or shift to another broadcaster.

First things first. I’ll explain the basics of satellite TV so that many of you can understand the logic behind all this hooplah. Satellite TV or DTH (Direct To Home) is not a new concept. Many of the other countries are already into this for donkey years. US being the leading brat among everyone as usual. DirecTV has been there for long enough with best of technology to offer. Satellite TV offers you to watch everything directly on to your TV sets beamed from the Satellites. That means, no more hassles of cable operators. If you are from India, you must have faced irrational charges, cable operator strikes, power outages, not getting your favourite channels, channels shifting their channel number positions, bullying of cable operator staff bullying, monopolized area distribution. And the list of problems goes on. Satellite TV puts an end to all the woes of the customers. Because, in DTH, your cable operator is a satellite now which never goes down on a strike.

In Satellite TV, the signal is beamed directly from a satellite which the broadcaster has hired. The signal is received directly by the small dish antenna installed at your house or premises. Broadcaster provides a Set Top Box which connects to this dish antenna directly with a cable and in turn, this Set Top Box connects to your TV. Bang!!! Watch the channel you wish. The best part is that you pay for only those channels you wish to watch. For example, you don’t need to pay for Sports channels if you don’t like sports. Or why to pay for Fashion TV if there is no more “Midnight Hot” being allowed in India.

Continue Reading

Quote of the Day:Morpheus: If real is what you can feel, smell, taste and see, then 'real' is simply electrical signals interpreted by your brain

Alright!! this news is an old shit. I was thinking to write about it for many months but was always wary of the leagal bindings I have with my company. Now, that the news is old, stale and widely public, I feel like talking about it.

Satellite TV hacking has been in a lot of focus in the past, especially, in the western world, when the technology was in its infancy stage and was trying to grow. Cryptographers and mathematicians were busy round the clock trying to produce new algorithms to keep hackers at bay. and then, emerged the two guys, Boris Floricic (better known as Tron) and this guy , Chris Tarnovsky (better known as Big Gun) in the underground world.

Satellite TV hacking in the past has been considered as on the lines of hacking smart card (From the Eye of a Legal Storm, Murdoch’s Satellite-TV Hacker Tells All , Also see the video given below ). But now, I feel that trying to hack a smart card is a waste of energy, time and money. It needs a lot of know how and knowledge to break the pay TV smart card and is no where, similar to internet hacking. I agree that if you wish to watch free TV, then you’ll definitely need to hack the smart card. But then, you can still pay the bills and try to break the system to get more out of it. So, it always goes on in my mind that if instead of trying to reverse engineer the smart card, we try to exploit the system, then it will be much easier to get more information on your TV.

Okay, lets take an example as usual. Lets say that, you social engineer the programmer sitting in of the software companies writing code to enable EPGs. Although, every code written passes strigent code reviews, but it is still very easy to leave easter eggs in the code which can enable you view some information you are not entitled to. :-) 

May be, we can try the other route. Third party companies writing interactive applications always uses the API’s and the SDK provided by the above referred product vendors. So, As you know, every software has bugs, it might take quite a while, but using tainted object technique, these interactive applications can exploit the information stored on the Set Top Box. and you never know, this might compromise a big system.

Talking about all this, we still know that it is a closed system development and is not available to outside world. Also, it passes stringent checks, code reviews and quality assurance, it is still possible to leave small gaps to enable the hackers to exploit these possibilties.

I am a novice in this reverse engineering field and bound by my company laws, I cannot talk more details about it.

But, I leave you to think more and meanwhile, watch this awsome hacking video.

 

…

Quote of the Day:"Human beings may not be perfect, but a computer program with language synthesis is hardly the answer to the world's problems." - JC Denton

This is an idea which is doing rounds in my mind for quite a while. I tried promoting it but people could not see it realizing. So, I am just posting it out here. If any VC is reading and likes it, please mail me.. and if any developer likes it and gets it through, atleast drop me a word of appreciation if nothing else is possible.

Okay, After reading this post, you might say that whatz so new about this? this already happens on STB using the metadata. but then, I have left some hint towards the end of the post what doesn;t exist and I want to achieve. If you read carefully & get the feel of the actual stuff, you might like to take it forward. Ofcourse, I have taken out many important pieces in this post for obvious reasons.

Abstract
Search Engine on TV is one thing that looks similar to search on internet and it is. Till now, we used to have search based on program name, time, actor, channel etc. and now, is the time to move one step forward to search the content of the program and choose the content among different channels. This paper deals with a concept of searching the whole content at the broadcaster’s end. The user just needs to key in the keywords he wants to search and he gets the search results on TV Screen. The user, then, can play the item selecting from the search. Of course, the catch is that the content can contain only the results from the programs or channels permitted by the broadcaster and user may need to pay for the item to be seen. This paper is attempted to create a search engine of the internet world in TV domain.

Continue Reading

Quote of the Day:"If there are any questions, direct them to that brick wall over there." -- Network President