March 31, 2015


Who Killed the Open Set-Top-Box?

A few years ago, I lived in Cambridge, Massachusetts. With my trusty Hauppauge WinTV-PVR-150 I enjoyed the ability to watch and record Comcast TV on my desktop computer — and even to occasionally edit and re-upload it to YouTube along with fair use critical commentary. When I moved across the river to Boston, Comcast required me to pay for a set-top box that would tune channels on my television. However, when I plugged my PVR-150 into the cable connection, it got almost no channels at all. As it turns out, the Comcast system in Boston had been migrated to use mostly digital signals, but my tuner card worked only with analog cable signals. Fair enough, I thought, I’ll buy a digital cable tuner. As it turned out, that wouldn’t help much. The cable companies had implemented encryption to fight “service theft” of most channels that subscribers had not paid for. As a result, I lost the ability to view channels I had paid for on a device of my choosing.

The FCC saw this problem on the horizon all the way back in 1996, when it included requirements for compatibility of consumer-provided “navigation devices” in the 1996 Telecommunications Act. The FCC ultimately settled on a solution called CableCard, which specified a universal standard for a small device that would perform the decryption and tuning functions of a full set-top-box, but in a form factor that could be inserted into third-party “host” devices. The problems with CableCard have been many-fold. To begin with, the long process of implementation (both technically and politically) failed to facilitate a competitive market for devices that are a viable alternative to set-top-boxes provided by the cable companies. Second, the functionality of CableCard was outdated almost as soon as it was designed. For instance, it did not anticipate two-way interactive services, program guides, or video-on-demand. Third, the standard mandated particular hardware, which contributed to the implementation delays and difficulties. Finally, and perhaps most problematic for the standard, all devices that wish to be CableCard “host” devices must first pass certification by the cableco-surrogate organization CableLabs. This means that cable companies still hold de facto control over the market.

The FCC has struggled with how to address these problems. In 2007, it realized that the industry players were not going to update CableCard to support two-way interactions, and issued rules intended to force it to do so. This ushered in the “true2way” standard at the heart of what was commonly referred to as “CableCard 2.0.” It also ushered in yet another certification regime. This time, CableLabs imposed an even greater degree of restriction on the design of third-party devices, insisting that the manufacturers surrender control of major portions of the user interface to their own restrictive “middleware”. This undermined one of the competitive advantages of these devices (better user interface), and mired their developers in the process of trying to comply with these arbitrary “compatibility” requirements. Although several consumer electronics vendors initially indicated their plans to support the standard, the last major vendor aborted its plans in 2010.

The next stage of this battle began when public interest groups filed a petition in 2010 asking for several fixes to the system, including ways to encourage the anemic third-party “smart video devices” market. Consumer electronics manufacturers supported this effort, and TiVo sent a letter explaining the various ways in which CableCard through its various instantiations had failed to facilitate a competitive market (reversing decades of a vibrant market for VCRs and other “cable ready” devices). The Commission released a Notice of Inquiry (NOI) (see the docket here) asking several questions about a possible new approach to the CableCard issue, which would ideally resolve some of the regime’s existing shortcomings. At the center of the FCC’s NOI was the notion of an “AllVid” standard that defines a single set of protocols that a video provider’s equipment must support so that other devices can both control tuning/interaction/etc and receive a video stream for display. The NOI then noted that the FCC may suggest Ethernet as the universal port, IP as the base protocol, and DTCP-IP (“Digital Transmission Content Protection over IP”) for encryption. Of course, this depends on “smart video devices” being able to receive and decrypt the digital video signal coming from one of these devices. The CableCard experience demonstrated that industry-based standards groups tend to use certification and encryption to restrict competitive consumer devices from displaying and recording content. In that sense, the Commission’s suggestion that the new adapters use DTCP-IP (and public interest groups’ surprising endorsement of this approach) represented more of the same. The DTCP-IP specification and licensing is closely held by the five corporations that developed it, and they only license the technology to implementers who pledge to restrict what end-users can do with the video.

The AllVid proceeding has not progressed. In the meantime, the FCC received a petition from cable companies that asked permission for them to encrypt the last bastion of unencrypted digital cable — “basic service” cable. The FCC has always required cable companies to continue providing this service in an unencrypted format because of the historical connection to “free and open” over-the-air broadcast. As a result, a small market for non-CableCard set-top-boxes that receive these “basic service” channels has been able to survive (in a bizarre twist, because they are not CableLabs-certified, they can record many of these unencrypted digital cable channels that third-party CableLabs-certified devices cannot). This ability to receive “basic tier” programming was likely to end if the FCC goes along with the cable companies’ petition. That possibility upset the startup company Boxee, whose users rely on this functionality in their Boxee set-top-boxes. Nevertheless, we learned last week that Boxee and Comcast sat down together and hashed out a workaround that they were both happy with. Here is what they claim to have come up with:

The initial solution involves the development as soon as possible of a high-definition digital transport adapter with an ethernet connector (“E-DTA”). This solution would enable a customer with a third-party device to access basic tier channels directly through an ethernet input on such third-party device or via the home network, and to change channels remotely in the E-DTA via a DLNA protocol.

The long-term solution, which would follow shortly after the initial solution, involves the creation of a licensing path for integrating DTA technology into third-party devices (“Integrated DTA”). Such a device could access encrypted basic tier channels without the need for a cable operator-supplied DTA or set-top box.

What do folks think of this approach?


  1. avatar Stuart Lynne says:

    Abandon all hope, ye who enter here!

    Cancel your too expensive cable subscription and pay for Netflix until the cable companies figure out what to do or get bought from receivership by someone who does.

    There is enough content on Netflix to keep us going a few years while this process takes place. :-)

  2. avatar dr2chase says:

    “Abandon all hope” works for me, too. I don’t have time to watch cable, and I have never been able to get over the proposal that I would pay a monthly fee for content that is continually interrupted by commercials. We had Comcast once, after believing their pitch (that turned out to be a complex and confusing obfuscation of the truth, if not an outright lie).

    For now, we borrow DVDs from the public library, and on rare occasions, watch sports or public television. Because I watch TV so rarely, I avoid the boiled-frog effect, so that when I do watch I am stunned at both the content and quantity of the advertising now spliced into the programming.

    I realize that I am very much in the minority, and I think that’s a shame. If more media consumers behaved like they actually had a choice, they might get somewhat better treatment from the providers.

    • avatar Joe Zim says:

      Absolutely the way to go. If you want to pay, get something like Netflix and get over it. I don’t even have bunny ears hooked up to my TV. If I want to watch anything (which is only football games) that is on television, I go to a friend’s house.

  3. avatar Lex Spoon says:

    I agree about a Netflix-like model working better. And as an aside, thank goodness Netflix has had the opportunity to develop their approach. An overly active FCC might well have prevented them from doing so.

    Essentially, Netflix is operating at a higher layer of the network stack, and it just works better. Instead of having custom cabling and custom equipment to decode and watch it, Netflix works on top of standard Internet protocols. Anyone with an Internet connection can use the service. They don’t even need a specific software install, due to the ability of the web to automatically deploy the software when it loaded.

    If I wanted to save cable as we know it, I might suggest standardizing an IP protocol for cable-like content distribution. That is, shift away from custom set top hardware, and allow any hardware to connect so long as it speaks the correct protocols. Crypto protocols can be specified just like any other, and people will not be able to cheat so long as the protocols are good.

    Really, though, it seems better to shift to alternatives. Cable is a dinosaur, much the way Prodigy, AOL, and Compuserve gave way in the face of the general-purpose Internet.

    • avatar Steve Schultze says:

      One of the most common responses I get when describing this issue to people is some flavor of “it’s all going to be over-the-top soon anyway.” I find this partially persuasive, but I also wonder whether the market structure of broadband (which is dominated by the same companies that provide cable) would really allow this alternative to thrive. The threat to Netflix may come not from an overzealous FCC, but from their competitors, who they are beholden to. My friend Timothy Lee has a great article examining this question in detail. An excerpt:

      The rise of online video has given large providers of internet access even greater incentive to pursue a more active gatekeeper role. Growing numbers of consumers are “cutting the cord,” using online video services such as Netflix as substitutes for traditional cable-television subscriptions. And since some of the largest incumbent providers of internet access are cable-television companies, this trend poses a serious competitive threat to their core business. It is logical that these firms would want to neutralize, or at least reduce, this threat by restricting the flow of rival internet content through their networks. Up to now, the internet’s decentralized architecture has made such anti-competitive behavior difficult; with the continued consolidation of broadband, however, this obstacle could be swept away.

      Imagine, for instance, that a single broadband provider — call it Broadband, Inc. — had gained enough leverage to reverse the flow of payments, forcing backbone companies to pay Broadband, Inc. to deliver traffic to the ISP’s users. This would dramatically alter the internet’s structure, effectively transforming the internet’s largest backbone providers into mere re-sellers of access to Broadband, Inc.’s network. Broadband, Inc. would then have both the ability and incentive to vertically integrate into the backbone market and gradually displace independent backbone firms.

      That, in turn, would transform web-content companies such as Yahoo!, Twitter, and Hulu into customers of Broadband, Inc.; essentially, these companies would have to purchase access to potential users of their services. And Broadband, Inc. would have enormous power over these content producers. For example, if Broadband, Inc. believed the video site Hulu was a threat to its own pay-television business, it could charge Hulu more for bandwidth: It would charge backbone providers more for delivering Hulu traffic to Broadband, Inc. users, and those backbone providers would pass the added cost on to Hulu. Broadband, Inc. could then also give discounts to online video services with which it had commercial ties, further advantaging them and strengthening the company’s own position. The economics of the internet would never be the same, and the competitiveness so critical to its great success would suffer most of all.


      Broadband, Inc. is not wholly hypothetical: The past 15 years have been a period of rapid consolidation among incumbent phone and cable companies. Between 1996 and 2006, six of the seven original “Baby Bells” merged to produce two telecommunications giants, AT&T (which got the name after acquiring its former parent company) and Verizon. Rapid consolidation also occurred in the cable-television industry during the same period, with several small cable firms merging to form two giants: Comcast and Time Warner.

  4. avatar Maimon Mons says:

    Where does the requirement for 1394/Firewire interface on the cable boxes come in?

    • avatar Steve Schultze says:

      Great question. What you’re referring to is the FCC’s 2003 attempt to mandate “functional” FireWire ports on cable boxes. Why specify that they must be “functional?” Well, cable providers had been distributing set-top-boxes that had a physical FireWire port, but didn’t actually send the signal out. After the FCC opened a proceeding on the matter, the cable companies and set-top-box manufacturers got together and emerged with a letter outlining their compromise, which was essentially adopted in its entirety by the FCC.

      This compromise allowed the cable companies to encrypt the output of these ports using the so-called “5C” standard, a.k.a. DTCP. As I mentioned, the IP-based version of DTCP (DTCP-IP) was proposed as the encryption standard for the consumer-side of the AllVid device (and it is the standard generally favored in existing devices).

      The DTCP encryption on the FireWire port was a major hurdle, and its licensing regime prevented the integration of any open devices and the flourishing of a market for devices. That’s why I was disappointed when the public interest groups in the AllVid proceeding suggested DTCP-IP. There’s a belief in DC that digital encryption of cable signals within the home is non-negotiable, regardless of how much trouble it causes for paying consumers and how little it helps prevent true pirates. As a result, the FCC requirement for “functional” ports does not extend to devices that have not passed the certification regime.

      (Incidentally, DTCP even allows for copy-limiting flags (“CCI”) on unencrypted content, which certified devices must respect even though they technically could display or record the stream.)

  5. While I have empathy for those used to unencrypted basic cable signals, fact is it _still_ sounds like “more of the same”. The “licensing path for integrating DTA technology into third-party devices” is likely to be just like the current licensing path for devices that want to support CableCard.

    As a paying customer, DRM has _not once_ made my life better, but has on a regular basis made my life worse:

    — My PC, AV receiver, and TV get confused and restrict me from watching encrypted TV until I cycle the power on the AV receiver. Of course, then Windows Media Center gets confused about what screen resolution is current, and I have to exit and restart _that_ just to get my UI back to 1080p

    — About half the time I start up my system, it gets confused about what audio device is or is not available, leaving the Windows audio muted or, worse, the default switched to a non-existent device.

    — In spite of network streaming features in Windows Media Center and Media Player, I cannot actually watch shows I’ve recorded with any PC except the one in which the tuner is installed. Which of course means TV watching in my household is serialized, preventing my wife from watching one show I don’t want to watch while I watch one she doesn’t want to watch. We have to watch each other’s “crap” together.

    Of course, all of the above describes the situation when things are _working_ as designed. It gets even worse when serious failures occur in any of the related components. Heaven forbid anything should happen to my hardware or I should want to upgrade any component in my PC. The encryption stuff will complain that it’s not actually the same PC and prohibit me from watching any existing recorded TV, and there’s no path to recovery. At all. Likewise if I should need to reinstall the OS for any reason.

    On top of all that, there is of course the much worse problem that if I want to watch encrypted content (and on our Frontier FiOS service, nearly everything is encrypted), Windows Media Center is my only option, in spite of the fact that there’s been no evidence of any improvement in it for years (and while it’s nice in a lot of ways, it’s due for a number of obvious bug-fixes and UI enhancements). There’s basically no competition in the space (though Microsoft continues to see Windows Media Center as a paying proposition, evidenced by their statement that it will be a fee-based add-on in Windows 8).

    Bottom line: while the government has a vested interest in protecting commerce and providing a regulatory environment in which companies can make investments in technology without worrying that their investments will be pre-empted or otherwise undermined, that cuts both ways. There are plenty of companies who would like to make investments in media technology but who can’t do that today because their business models are subject to the whim on the media content owners.

    More to the point, any protection offered a commercial enterprise has to be balanced with the rights of the _individual_. Government has an interest in protecting corporations only inasmuch as doing so preserves the rights of individuals to “life, liberty, and the pursuit of happiness”. Much of the time, the interests of corporations and consumers is aligned, but when they are not, consumers’ rights must take priority. One thing the government should _not_ consider itself to have a vested interest in is to help corporations extract more and more money from consumers. Corporations deserve profit only so far as they are able to make a profit while providing goods to consumers at a fair price in a competitive environment.

    DRM is the foundation on which the opposite of that scenario is built. Any DRM-based solution that does not still permit the consumer the same unfettered access to the media that they’ve paid for that they’d have with unencrypted content is untenable.

    And of course, that describes pretty much every implementation of DRM that exists so far. The FCC ought to be making rules to fix that, rather than perpetuating the current situation.

  6. avatar John Millington says:

    “What do folks think of this approach?”

    I think they’re still saying no to my money. They made many thousands of dollars from me over many years, but then flubbed up the switch from analog to digital cable. Had it been done properly (i.e. plug it into digital tuner and it Just Works), the bank draft would still be happening every single month. But instead, they don’t want that money anymore. So far, the transition away from the having-customers business model has cost them 5 years worth of revenue (about $3600 at the analog rate I was paying when it stopped). Every month, the cost of their decision to leave the having-customers business, costs them a little more.

    When you pay them, all this nonsense is _your_ problem. When you don’t pay them, all this nonsense becomes _their_ problem, with an easy solution staring them in the face. It’s that simple. The encryption means “customer, go away.”

    There is no reason to bend over backwards to accomodate them. There are plenty of people out there who have the time, energy, and drive to deal with all the DRM hassles, so that _you_ don’t have to. The files they produce will work perfectly, until the cable company decides to return to offering a service that people are able to use, like they did back when I paid them.

    You can wave money in peoples’ faces but you can’t force them to put it into their wallets. Just cancel your service and if enough people do it, eventually Comcast’s stockholders will find out that management is telling paying customers NO, and they’ll demand a return to doing business.

  7. avatar John Laur says:

    All of the first generation of DVRs could control a set top box with IR or serial control and capture and encode their output. Why doesn’t anyone just crack open that hole again (lawsuit be damned) and go back to this model?

    Just build a DVR with HDMI+HDCP inputs and H.264 encoders. At this point the cost and complexity is probably a cheaper alternative than paying and waiting for a bunch of certifications that won’t ever come to you if your product poses a threat to the consortium that has to put their stamp on it (ie if it is any good).

    • avatar Steve Schultze says:

      You’ve identified one attractive target for solving this dilemma (The HDMI interface that is now ubiquitous and HDCP, the encryption protocol that “protects” these signals). Unfortunately, the HDCP licensing regime does not permit decrypted output, and thus anyone seeking to implement such a system could be liable for direct infringement, contributory infringement, and inducement. As noted in the current HDCP License Agreement:

      3.3 Digital Outputs. No output of Decrypted HDCP Content is permitted except as follows:

      3.3.1 Audiovisual Content. A Presentation Device shall not permit the output of Audiovisual Content to digital outputs, except, if the Presentation Device is also a Repeater, as expressly provided in Section 5.3 of these Compliance Rules.

      A “fair use” claim for distributing such tools seems unlikely to prevail under the DMCA anti-circumvention provisions. So, the fact that HDCP is cracked does not help help.

      Incidentally, the “IR blaster” and serial control workarounds have been theoretically obviated by HDMI “Consumer Electronics Control” (CEC), but that of course presumes the ability to decrypt the signal that you tune to.

      I have no actual knowledge, but I’m guessing that that it is not a coincidence that products such as Google TV set-top-boxes that rely on HDMI/HDCP do not permit recording.

      The Hauppauge HD PVR is the closest thing to a product that implements the approach you describe, but it actually relies on the “analog hole” that is still mandated by the FCC to exist in set-top-boxes. The analog hole this is being eroded by exceptions in the name of “selectable output control” (despite the fact that SOC has not seemed to help bring consumers more content, as promised.

      • avatar John Laur says:

        To be clear I wasn’t really talking about a device that would enable circumvention. I believe a device such as a DVR with HDMI inputs could be produced and comply with HDCP licensing as a Repeater so long as the output and storage were appropriately secured. I also believe that a DVR could be built into a display and be more broadly permitted as a pure presentation device. Although such a machine certainly would not be as “open” as you or I might really desire, it’s better than being tied to CableLabs on the manufacturing side and more universal on the consumer side, and it would be a step in the right direction. I disagree with you that the lack of an existing product is evidence that it is not permitted. In many parts of the world it is in fact permitted, and yet still there is no consumer device.

        There are some interesting products out there pushing the envelope though. Bunnie’s NeTV is certainly a device that I am keeping my eye on. I own an HDFury (My Westinghouse TV has a botched HDCP implementation that readily fails to sync at 1080p). And SiliconImage continues to crank out chipsets that are really pushing what one can build into an inexpensive product.

        • avatar Steve Schultze says:

          I agree that it would be great if a DVR could be ruled to be HDCP-compliant by being considered a “Repeater”, but it seems telling to me that none exist. Such a product would have been profitable to build and market for a long time, but no major manufacturer has. U.S. copyright law and contract law have a long arm worldwide, and I suspect that this is enough to stifle any significant attempts to produce such a device. Dave Zatz (former Sling employee) claims that this is why we don’t see such devices.

          In the comments on that post, Zatz links to the HDFury legal analysis, which is worth a read.

          Zats did review an HDMI-based DVR way back in 2008, but it had a bit of a “black market” feel. I challenge you to find a way to purchase it (or any comparable device) today.

        • avatar Wes Felter says:

          Retail PVRs are pretty much dead as a category. OTA ATSC PVRs are possible, but there’s only one (?) on the market. Tivo seems to be treading water. It seems to be the case that people will not spend hundreds of dollars on a PVR when they can rent one for a few dollars a month. Even assuming that an HDMI PVR is legal, I don’t think it’s viable as a product.

  8. Stuart & Lex’s opinion that the only viable option is to ignore the problem & use internet-backed video providers speaks volumes about what a market that doesn’t allow accessibility and competitiveness brings down upon itself.

    True2way looked to craft an environment for people to write code in: that would have lead to different player devices, but it would have allowed the provider to define the programs that get executed. The fact is, most of what the cable companies provide is an undecorated video stream, and the fact is that we need standards that allow media-devices to pick the relevant data off the wire, and to build their own UI navigation systems for moving between these streams. The core of the service is simple, and that simple service ought have many devices playing and creating new accessibilities for the medium.

    It’s a shame the FCC hasn’t done anything to try to increase the accessibility of streamed television media, hasn’t made any attempt to enforce their mandates: it was a solid regulation, meant to allow interoperability and to invigorate a market and allow competition, and after the mandate passed there’s just been zero, absolutely zero attempts to enforce & get the mandate used.

  9. avatar Mike Lippert says:

    I can see NO reason to allow cable companies to encrypt basic service channels. Those channels are unencrypted when broadcast over the airwaves, and should be forced to remain unencrypted by the cable company delivering them over their wires.

  10. avatar Joe_0001 says:

    I found this article while searching for a set top box that would work with the digital channels that my cable company has not encrypted and also provide a program guide, without a monthly fee. I have been surprised that no such device exists at a reasonable price. The closest things are DVR’s (like Tivo) with lifetime subscriptions, and they retail for many hundreds of dollars. I already get all the channels, as my new TV tunes them in just fine. All I want is an interactive program guide, and I am not willing to pay the cable company $10 a month for it when there is a TV Guide app for my phone for free. Now I just have to check what’s on using my phone, and then navigate to that channel using the list of channels that I printed out because everything on the digital tier does not tune to the cable company’s channel number. The TV tuner assigns it a number that I assume is based on the radio frequency and subchannel, like 129-6. This is a hassle, but the cable company is not getting $10/month from me for the glorified TV guide that should be free. If not for a couple of channels that the wife and kids demand, I would call them up and cancel. I have a rooftop antenna that gets plenty of channels for free.

  11. I also had a nice, very functional way to watch Comcast tv. I paid for the extended channels coming in. I ran them to my computer, with 2 hauppauge PVR-150 tuner cards. It was great, I could watch live tv, and record another show. Comcast was getting their subscription price, and I was happy. Then Comcast FORCED this evil mandatory set top box encrypted garbage on all of us. Now I can’t just pay them for what I want and watch it. No. Now they want to force all of us to rent a separate box for each tv, and have “them” de-crypt the signal. What a load of BS! Remember back in the 80′s when Comcast and other cable companies tried to stop customers from using splitters and running their own cables to tv’s in other rooms? Well, there was a big ‘ol lawsuit, and guess what? Comcast and the other cable companies LOST in court. The court ruled that all they could do is make you pay for the signal going to your house, that’s it. The court said the customer could split it and have as many tv’s as they wanted connected. Well, Comcast finally found a way back to FORCING us to pay for EACH tv set we have connected to their service. And, they now are blocking our ability to use whatever device WE choose to use, namely, our computers. This is all about greed and control, nothing more. I wish we could all agree to a specific date, and all call and cancel our Cable TV subscriptions. Imagine how quickly they would BEG us to accept the old non-restricted methods. It won’t happen until we refuse to be bulied around.