Story from So I lost my NAS password

Hi d-fens, thanks for sharing.

There are some clever and determined people out there, and this does look like a basic vulnerability.

I once read a post (probably on xda-developers) from a guy who had designed and built a clock glitch inserter that allowed him to crack the image encryption on a NowTV box, that allowed him to convert it into a full Roku box. I think he might have used a power supply side channel attack, too…  A lot of these attacks rely on commonly-used bootloaders, giving a way in.  I think the Roku/NowTV uses the same boot loader as the TiVo.

Ah, yes; here we are:

Follow the progress through next few pages, as xXhighpowerXx recovers the AES key, and then gets it to load and run unencrypted images…  That’s impressively scary work, and I wouldn’t be surprised if he attracted some ‘official interest’…