> it took about 18 months to [create] an entirely new security stack [...] Android updates aren’t actually that much work compared to DRM security, and some of its partners weren’t that keen on re-certifying older products.
> In February 2025, Nvidia released Shield Patch 9.2 [...] That was the Tegra X1 [security] bug finally being laid to rest on the 2015 and 2017 Shield boxes.
This is a real engineering marvel. Everybody else would have just given up entirely long time ago. DRM bugs are in most case practically unrecoverable for products that shipped already (and physically in the hands of the adversary). The incentive to tell to consumers "Ditch that product you bought from us 2 years ago, and buy the more recent hardware revision or successor" is extremely strong.
This really feels like a platform that is maintained with pride and love by the nvidia engineering teams (regardless of one's opinion about DRM per se).
Pride and love, lol…
I'm pretty sure this is actually Google's fault (even Sony televisions suffer from this bullcrap). Unlike phone Android, Google TV (yes, that's the official name now) enforces certain "standards", one of them is this bullcrap.
Also consider Apple's chips, which have gotten Linux support without Apple ever submitting a single line of code.
While Qualcomm's behaviour is definitely a massive bummer (not to mention Qualcomm's competitors), it doesn't stop manufacturers from supporting their devices. It merely stops maintaining support from being cheap and easy.
It should be noted that Intel makes CPUs, while Qualcomm makes SoCs, which include much more than just a CPU. Usually supporting the CPU is the easiest part, the rest is the issue.
That said, when device OEMs release the kernel sources, modders are able to update custom roms for a long time, so I doubt this is just a Qualcomm issue.
Yeah, so that's not a why, that's a how (and it's not necessary or sufficient anymore, see the Samsung and Pixel reference).
The why seems very much what the article covers.
I (well my mom) had a supported with security updates version of Windows 7 on my 2007 Mac Mini (not a typo) until 2023.
That's not entirely accurate. They do provide chips with extended support, such as the QCM6490 in the Fairphone 5. These are not popular because most of the market demands high performance, and companies profit from churning out products every year, but solutions exist for consumers who value stability and reliability over chasing trends and specs.
Vertical integration makes it possible but motivation makes it happen. Where is Samsung's ultra LTS Exynos device?
It's hooked up to a 4k LG TV, and I have no idea about how it does the upscaling, but 720p content looks perfectly fine on it.
Best (worst?) of all... it still gets updates.
After the ADHD-inducing default Android TV interface, Projectivy is just beautifully clean and simple.
I have quite a few Android TV (or are they called Google TV these days?) devices, and they all get the Projectivy makeover. The TCL TV running Android needs some 'adb' commands run so that the users selection of launcher is maintained across reboots, bit other than that it's been smooth.
But overall, for running it for like 9 years with a cost of less than $200 and essentially zero maintenance, the shield is awesome.
If it were to break, knock on wood it won't happen, what options are there? I have tried to look but haven't really found anything that is free of Chinese backdoors and has decent hardware. For just Plex or Jellyfin a N100 box or similar could do, but I want easy launch of HBO, YouTube etc. And I need that remote control option.
I only have two devices providing material to my media system: a Shield Pro and a Blu-Ray player. The Shield is the critical element, used daily for streaming and playing local media from a USB-connected SSD.
I hope Nvidia revises the Shield with up-to-date hardware and maintains its flexible nature. It's a pretty cool product. The biggest shortcomings I've encountered are the fault of moronic media companies. Great example: Spectrum (the cable company). These dolts have an Android application with which subscribers can watch content. But it doesn't run on Android TVs. It's called "Spectrum TV." It's so gallingly stupid that I hate rewarding them with money every month.
Oh, and I love how they addressed the goddamned Netflix button. If you so much as LOOK at the remote, Netflix launches in the middle of whatever you're watching. I actually removed the button from the remote entirely.
Get the app "button mapper" (or similar name)
On the free version, you can configure the button for-
one click of the netflix button to open Plex, and 2 clicks to open something else (eg youtube).
This also works when the shield and TV are off-
One click of the netflix button turns on the shield, which turns on the tv.
It's not as powerful as an Nvidia Shield, of course, but at least is not a random product from Temu riddled with spyware.
I use the n100 for jellyfin, and shield for streaming and controller with jellyfin client.
Shipped out of the box with Android 2.3, Samsung supported it up until Android 4.1, then I switched to CyanogenMod until my father rage-bought me a new phone in 2016 because it crashed so much he had trouble contacting me. I still kept it up to date with LineageOS and then unofficial versions for fun (it's at Android 13 last I checked).
Do I expect a Samsung Galaxy SII to do as well with 2026 software as it did in 2013? No, but I can run a 2013 computer with 2026 software without needing to track down dodgy homebrews on xdaforums.com and that reflects badly on the smartphone ecosystem.
Even that was amazing for Samsung's standards back then.
For example my former Samsung Note II shipped with Android 4.1.1 Jellybean and they only supported it till 4.4.2 KitKat. Just let that sink in. I basically bought a flagship e-waste device.
Custom ROMs didn't help much since you'd lose S-pen functionality if you went past 4.4.2 as modders couldn't port the needed firmware blobs past that kernel or something like that.
Oh, and also, using custom ROMs could brick your wifi from working as the FW of the wifi chip was tied to Knox tripping the e-fuse on custom ROMs, so then you'd need to use some voodoo to patch wifi back. That is, if you were lucky and your phone wouldn't brick itself due to the FW bug in Samsung's eMMC, that would lock itself to read-only mode out of nowhere.
Seriously, fuck Samsung for that PoS phone, fuck them in the a**. That phone should have been a lemon recall with full refund to consumers.
This was the guide back then, possibly still works. [0]
I love the Shield, compared to even the Chromecast at the time, we noticed a huge difference in colour on the TV. If NVIDIA ever produce a refresh, they'll have my money.
Then again, this is probably why it is still fast :-P
I'm using it pretty much daily as an ebook reader and sometimes i use it to watch videos on bed by transcoding them on my PC (the hardware isn't that good to decode modern formats). Amusingly, these days i use it much more than back when it was new :-P. I keep it offline though (mainly to avoid wasting battery, there isn't anything in it i'd care if it caught malware by net osmosis somehow) and transfer files via a USB cable.
It is one of the only devices (alongside Oppo clones) that can play Dolby Vision Profile 7 FEL (Full Enhancement Layer) with 100% accuracy. The Shield can play P7, but it ignores the FEL data; the Ugoos actually processes it.
That said, people don’t generally use Android on it, instead you boot to CoreELEC from an SD card and use Kodi.
This is the only reason I know about this Ugoos device. I find it so strange that Profile 7 is effectively unsupported outside of Blu-ray players and this one device. It doesn't even seem like it can be a processing power issue because the documentation says that the other profiles have higher maximum pixel rates.
I don't have the Ugoos box myself though. Instead I'm running a series of processing steps on my Blu-ray rips which converts the file to Profile 8. For every movie I've tried so far this has been fine, though I've read that some movies lean far too heavily on the FEL and have color problems without it.
Since DV Profile 7 is only used for Blu-Ray discs, and playing backed up BR copies from a non BR player is not really supported, it kind if makes sense that it's not supported.
For the Ugoos device, I'm not sure, but I thought the chipset inside supports it, but you still need to flash custom firmware (CoreELEC) and provide a Dolby Vision file to unlock this. So it's not supported out of the box.
I actually wish we could run android in a container on the CoreELEC side and switch back and forth between Kodi and the android UI/apps (without needing a reboot, and having a better managed android environment than the provided one).
Each of these Android set top boxes need to be certified to get high quality playback.
I'm constantly surprised how many people are in that narrow category of just dipping thier toe in the water for "self-hosted" content that it's little enough it fits on disk storage you can have in your living room (mine is a half-height server rack in the basement), but also have progressed past thr point of using any streaming services. I guess there are a lot of people without families that also never travel out there.
This is not true. Streaming from a NAS at high speeds is fully supported and works fine. I would suggest to use NFS over SMB though, SMB gives me issues for higher bitrate content
Streaming apps do indeed not work. It's a device for local / NAS media playback.
You can play HDR10+ 4K on Apple TV using Infuse[0] (and whatever DLNA server you want to stand up with your content.)
[0] Since 2017, apparently.
That being said, I think that you get more flexibility and performance with a mini PC and and air mouse. For one, stock (Googled) Android does not give you an easy way to use a browser with an ad-blocker, which is still the best way to stream from many sources without ads. Also all these anemic Android boxes struggle with high bitrate 4K videos.
Firefox supports Ublock origin on Android or am I missing something here?
It's very unfortunate that every streaming service has given up on supporting anything except Google-fied Android and Apple iOS/tvOS. I dont like the services to begin with, but a fully Jellyfin stack can only get you so far when there are niche requests involved as well.
Is there even Blu-ray level content available for series that are streaming only? Or is it restricted to just movie releases?
Edit: actually, now that I think of it, having the audio available in our local language instead of English is a boon for the kids. But otherwise, I don’t know why we bother.
Maybe, but I don't think it's a big loss, and the *arr suite works just fine as a substitute.
If they wanted to really knock it out the park, the next step would be a steamos port with DRM support.
(I think it should happen but that's not the same as that it will.)
The reality though, is that there's likely bigger fish being chased.
It's a corporation, they don't work for free.
The only downside is that more recent versions use the Google Android TV launcher which is filled with a garbage truck full of ads, often for things I would never want to watch (horror movies? Nope!). Yes you can replace the launcher, but that's a pain.
Would love to pay more for a device that has updated codec support, no ads or tracking, and is basically identical.
Sidebar: I like Jellyfin but it is nowhere as turnkey as Plex. Otherwise I’d advocate for that too. That being said, I am slowly trying to get mine nice and stable and user-friendly because the way Plex is going does not give me great confidence about the next 2 to 3 years. But at least right now, it is by far the best experience out there.
Overall, it seems like a recipe to end up in an unknown state where you can no longer easily get updates and the only recovery is to wipe the system.
I've seen similar methods to "Clean up Windows 11", and it always seems like you're just putting the device into an unknown state. A few ads you can become blind to is not as bad as a totally broken system.
Once your find your comfort, you might even find other items of joy that are being gatekept from you like SmartTube.
How different is this from say installing Debian, then picking out a bunch of globally installed software that supports "make install" and spraying files all over the root filesystem, then expecting the next run of "apt update" to work properly without things breaking?
Maybe my concerns are unwarranted, but the vast majority of Android mangling I've done over the years has not generally resulted in long-term stability, for a variety of reasons. Recall that the point of this article is that it's 10 year old hardware still in support!
Google TV apps leak memory like a sieve, so it's pretty common to need to manually close all other apps to make the one you're trying to use work. Even !y wife just dies of now as soon as any one of the apps starts acting up.
I have two of these one in my living room and one in my bedroom. They are the best devices for playing pirate Emby servers 4k Remuxes with dolby vision and dolby audio support direct play.
A refresh comes out I'm not sure I would buy one.
I suspect the last point would be true even if they launched new hardware, though.
Beyond that your choices are to either stick with the same mainstream Google/Amazon/WalMart boxes which are locked down and based on 5+ year-old SoC designs or go with second-tier boxes from Asian vendors on AliExpress/Amazon/eBay, all of which have some different combination of significant compromises:
* Don't work with certain DRM, streaming services or codecs
* Has unreliable manufacturer support (certain firmware works with some DRM/services, next rev fixes one but breaks another)
And even those are built on old hardware designs because there's been no significant advancement in set-top SoC performance for over 5 years. There are only a handful of set-top SoC makers (MediaTek, Amlogic, Rockchip, etc) and while they do occasionally introduce new chips, they mostly only update the video decoding block to support newer codec levels or DRM revisions while keeping the same ancient ARM CPU/GPU cores (or different cores with the same class of 2015-2018 performance).
A good example is the Ugoos AM6B Plus box someone in this thread mentioned as an option for certain use cases. It's been verified to decode DV7 with FEL BUT only works well with local files, not streaming services. And the Amlogic 922x SoC in that box is 5+ year-old tech (I have the same chip in an Amazon Fire TV Stick 4k Max (2nd gen)). The hardware performance of these boxes has been essentially frozen in time due to a 'perfect storm' of factors:
* Most consumers want the cheapest box they can get which plays the main streaming platforms (NetFlix, Amazon, Apple, Disney+, etc). As long as they get a picture of minimally acceptable quality, they don't know or care if the hardware/firmware/drivers properly support the better Dolbyvision levels or adds the enhancement layer or supports ICtCp color space, 12-bit tunneling through RGB or if it handles Source-Based Tone Mapping (SBTM) correctly. They also don't care about playing locally hosted files smoothly or horrendous latency in the Wifi/Ethernet driver stack that nerfs local game streaming.
* DRM is a shit show. The big Hollywood studios require streaming platforms to use specific encryption. So the streaming platform apps will only playback streams on SoCs which have been officially certified (or they nerf the stream to 720p). The certification process is onerous, costly and time-consuming for SoC makers.
* SoC makers, having run the certification gauntlet a couple times now, would like to do it again, approximately... never. On top of that mess, developing and maintaining firmware for their decoding block which properly supports the constantly evolving landscape of divergent codec levels, enhancement layers, color spaces, tone mapping, etc is hard, expensive and requires deep expertise across multiple domains. They just want to sell trays of cheap SoCs and see all the rest as a bottomless money pit eating their slim margins.
NVidia did all this with the Shield and it's grandfathered in on the DRM and they've done a decent job supporting some more recent codecs, levels and layers where they can. But the Tegra X1 platform is 10+ years old now - yet it's still slightly more performant than any other DRM-certified SoC to this day, which just shows what a mess this is.
Which is insanely frustrating if you understand technology platforms, care about actually seeing the full quality modern tech can deliver and would like to do so on a non-ancient hardware platform capable of other trivial things like locally streaming files with actual throughput >100mbps or streaming games with non-glacial latency. But that's just table stakes because the things which could be done with more modern hardware are super-interesting, like AI-based upscaling, frame gen, removing compression artifacts, reformatting content, on-device gaming, etc.
But using standard small form-factor PC/GPU hardware is a non-starter because of DRM certification. So... it would be great if NVidia would make a new Shield based on the new Tegra. But that's a huge new effort and, sadly, NVidia would crazy to divert resources or wafers from the AI-bubble cash printer to anything else - so I highly doubt it's going to happen.
Is it that there is special TV-specific hardware like tuners, HW accelerated audio and video decoders, and PQ/AQ accelerators?
Apple has adapter their A15 chipsets for use in the Apple TV, so it seems possible. But obviously the Apple TV products don't have tuners, aren't driving a display natively, and probably don't have enough I/O interfaces to add all the extra hardware you'd need to embed it in a panel or STB.
There are some boxes which use use Android instead of Android TV but these tend to require using versions of the streaming apps made for mobile phones. I haven't really looked into these as they tend not to work well with remote controls so I haven't been interested.
They were able to build this device and provide a Android TV certified 4K device that didn't need to have planned obsoleteness.
Feels like a reverse Bell Labs approach. They find their cash cow and only invest in their cash cow rather than research new product areas and fields.
Why would Nvidia give 2 hoots about a living room streaming box now?
They do seem to keep building devices for individual use, if not for home, like their new workstation at home for computers.
They look at market segment 1 (gamers) and see millions, possibly hundreds of millions.
They look at market segment 2 (ai) and they see hundreds of billions, possibly trillions.
Its a public company with shareholders and a board of directors to appease, the decision is an easy one.
Google “Gsync Pulsar”.
I think they had done a minor hardware refresh, at the time it came out it was pretty powerful compared to the underpowered alternatives, plus the promise of pure Android TV on it.
I strongly suspect the reality is that they had to give Nintendo so much money back due to the complete failure of the bootloader security that they still produce the Shield as Jensen still demands they claw their way back to break even.