> The key has to be somewhere, but it doesn't have to be in the box.  This box
> didn't work after the service was over, which surprised and disappointed me.
> I had a bunch of stuff I wanted to watch, but after the service terminated
> (several days ahead of schedule), the box refused to show me anything.  In
> fact, it never worked without internet service (it was connected to
> ethernet).  I was wondering if the TV shows were even stored on the box.
> Maybe the video files were on the box but the keys were not -- the keys
> might be in a server somewhere.

That is possible, but i think it is more likely to be phoning home,
asking if there is still a subscription, and if not, refusing to do
anything. A tcpdump when it was still in service would of been
interesting, compared to not in service.

In terms of security, you try to minimise what you do with keys. You
don't really want to be sending them over the Internet. The security
of the key then becomes as good as the security of the key used to
make the secure connection to the server. And that communication key
needs to be on the disk somewhere. So you don't actually gain much
over just asking if the device is still in service.

	     Andrew