The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Many efforts have been made to deliver television programming over computer networks, such as the Internet, or even over a local cable television plant operating as a network. The point-to-point nature of computer networks makes these efforts unwieldy and expensive, since additional resources are required for each additional viewer. Fully interactive television systems, where the viewer totally controls video streaming bandwidth through a client set-top device, have proven uneconomical because dedication of server resources to each client quickly limits the size of the system that can be profitably built and managed.
However, television viewers show a high degree of interest in choice and control over television viewing. Currently, the majority of Digital Video Recorder (DVR) devices are client set-top devices that provide television viewers with the choice and control over television viewing that they desire. These are products that receive and record to a hard drive, a large amount of audio/video content (television broadcasts, satellite-TV broadcasts, cable-TV broadcasts, and direct downloads of program materials via the Internet). A commercial example is the TiVo Series 2 DVR, from TiVo, Inc., of Alviso, Calif.
DVR systems may receive and store audiovisual content that has substantial commercial value—first-run and pay-per-view movies, special sporting events, and so forth. The right to record and view such material is usually granted under a license of some sort, and such use-licenses typically have limits. The person buying a use-license to such material is typically not granted permission to make or distribute copies of the material, and in some cases is not permitted to record and replay (“time-shift”) the material at all. In many DVR products, the right to use the DVR features themselves (e.g., program guides, programmed or manual recordings, time-shifting, etc.) is subject to a monthly or other service fee.
Further, DVR devices may be offered with different levels of service or different features that are available only if the user pays an enhanced service fee or higher purchase price. For example, a particular DVR device may be capable of interfacing to another DVR device in a different location to provide multi-room viewing. With multi-room viewing, a person in one room having a first DVR can command a second DVR to deliver content recorded on the second DVR from the second DVR to a first DVR. Further, a DVR device may offer playback or sharing of digitally recorded music. A person who pays a first fee may be entitled to use these services whereas a person who pays a second, lower fee may not be entitled to use these services. Some of these services may be provided through interaction of the DVR with a server that is logically separated from the DVR by a computer network.
Because of the commercial value of content recorded on a DVR, and the commercial value of different levels of services or features, a DVR may be an attractive target for people who seek to avoid the licensing and service fees, or who wish to make copies of the content recorded on the system. Others may seek to activate features of the DVR, or services provided over the network by a service provider, without paying for them.
Many of the methods for accomplishing such subversion involve changing the software and data stored on the DVR. A “pirate” might, for example, try to modify or “patch” the DVR software, or change the contents of an internal database, so that the DVR will interact with a network server or service provider provide a service for which the pirate has not paid. A pirate might also attempt to activate a feature of the DVR for which the pirate has not paid. A “hacker” might attempt to open the DVR and install new software or modify existing software or data to enable particular features.
To deter such attacks, the DVR must not execute any software that provides features or service activated by an unauthorized party or for which a user has not paid. To prevent such execution the DVR needs a way to determine what features or services the DVR is authorized to deliver to the user. Advantages would be provided by a method of securely enabling or disabling features on the DVR or securely informing the DVR what features or services to provide to a user.