There is some functionality in Kindle firmware which I consider violating user privacy and I intend this thread to provide information on how to disable such stuff.

Regular system log upload to Amazon servers. Kindle firmware is quite chatty even in a normal mode (;debugOn enables much more print outs). Here is a sample syslog output showing what kind of info Amazon regulary receives from your Kindle:

090719:144532 cvm[26415]: I BookletManager:SwitchingBooklets:from=Home,to=Book worm:
090719:144532 cvm[26415]: I Reader:BOOK INFO:title=Kindle DX User's Guide,authors=Amazon.com,ASIN=B0026P3LTE,content type=ebook,publisher=Amazon.com,publication date=4/25/2008,sorted title=Kindle DX User's Guide,display authors=Amazon.com,length=MobiPosition_ 211399,last access=1980-01-01 00.00.00 +0000,last read position=MobiPosition_ 12977,isEncrypted=false,isSample=false,isNew=false ,path=/mnt/us/documents/Kindle_Users_Guide.azw,isTTSMetdataPresent=false,i sTTSMetadataAllowed=true:
090719:144534 cvm[26415]: I ReaderGUI:SWITCH VIEW:name=com.amazon.ebook.booklet.reader.gui.lf:


Here is another interesting piece of info from the logs sent to Amazon:
090719:161519 wand[1661]: I e725:diag: t=4a644ff6,SID=4183,NID=87,
Base ID=744,Network Svc Type=EVDO,Bars=5,
Latitude=37.321441,Longitude=-122.030612,
RSSI dBm=-125,Active Set EC IO dBm=-31.500000,Active Set PN Offsets=264,
HDR Latitude=37.334167,HDR Longitude=-122.031113,
EVDO RSSI dBm=-65,ASET Pilot Energy=-0.53,
HDR Active Set PN Offsets=264,DRC=2,n=1:


If you don't want Amazon to know what you are reading, where you are or know that you are exploring their device, there is a simple way to disable sending anything. Script responsible for packaging this information is /usr/bin/showlog. Here is a simple patch you can use:

--- showlog 2009-05-08 17:22:51.000000000 -0700
+++ showlog_none 2009-07-19 14:44:08.000000000 -0700
@@ -188,8 +188,8 @@
echo $OLDEST | awk '{ printf "%08d", $1 }' > $LASTFILESENT
fi
fi
- print_stream_header $NUMFILES
- print_gzip_files $ALLFILES
+ print_stream_header 0
+ print_gzip_files ""
else
ALLFILES=`ls -1 $ARCHIVE_DIR/${LOG}_*.gz | xargs`
if [ -n "$ALLFILES" ]; then


In other words, just change lines 191/192 to use 0 instead of $NUMFILES and "" instead of $ALLFILES. This will cause this script to send empty payload to Amazon.

I don't have a Kindle, but if I did, I'd definitely be using your update.

Thanks for sharing!

It is really a shame that Amazon is allowing our Kindles to upload this kind of personal information without our permission. Ebs, thank you very much for investigating this and providing a patch.

-robert

Here is some information about "todo" server.

Periodically Kindle connects to a special "todo" web service and downloads list of items it then "executes". These items can be download/upload requests (to get a new book you just bought, upload syslog, etc), there is also a delete request (this is what I think was used in the recent debacle)... Firmware updates are probably also pushed this way.

Default location is https://todo-g7g.amazon.com/FionaTodoListProxy.
Kindle uses "getItems" request to download "todo"list:
https://todo-g7g.amazon.com/FionaTodoListProxy/getItems?software_rev=337560062&device_lto=-420&count=10&prl_rev=402
When all items are processed, "removeItems" request is used to clean-up todo list.

You can completely disable this functionality (although I don't recommend this) by redirecting all requests to some other location. I chose to direct all requests to a fake server running on my host which
emulates (to a some extent) standard Amazon services. To do this, edit /opt/amazon/ebook/config/framework.mario.conf:

These are my changes (CDE_SERVER and uploadServer point to another webservices - metadata sync/download and upload servers).

TODO_SERVER : http://192.168.2.1/FionaTodoListProxy/
CDE_SERVER : http://192.168.2.1/FionaCDEServiceEngine/
uploadServer : http://192.168.2.1/DeviceEventProxy/


Also, edit HTTP_NON_PROXY_HOST, otherwise firmware will go through amazon proxy:
HTTP_NON_PROXY_HOST : *.amazon.com|*.images-amazon.com|192.168.2.1


Now, you can use your fake webservice (I used lighthttpd + simple bash CGI scripts) to feed real data after you reviewed it. To get it, use default URLs with your favorite web browser with client SSL certificate assigned to your Kindle (this is how Amazon authenticates you). You can find that certificate in /var/local/java/prefs/certs. Install it into your browser (use password "pass"). BTW, with this approach you can have a Kindle-like software running on your PC, although Amazon can always disable such access if it wants to.

Somebody can even write a simple http/https proxy running locally on Kindle doing some kind of filtering :).

Personally, I don't really care about Amazon deleting my books (I always make sure I take full control of stuff I buy from them - nothing can compete with good old backups :)), my only worry is unexpected firmware update which can interfere with my hacking.
However, I have proof of concept hack that disables remote ebook removal, I've been running it since last weekend and it doesn't seem to break anything for me. I can post firmware update here if somebody thinks it will be useful.

If you don't want Amazon to know what you are reading, where you are or know that you are exploring their device, there is a simple way to disable sending anything.

You said it, they act like it is their device, and you're just being allowed to use it.

You said it, they act like it is their device, and you're just being allowed to use it.

Well, I'm not a fan of conspiracy theories and I don't think there are any evil intentions. That syslog upload thing is probably a diagnostic feature, however this doesn't change a fact that they do receive this kind of information and I don't really feel like sharing this stuff with some Amazon engineer. I hope it is still a learning process for them, we'll see...

I'm not a conspiracy theorist either, but they really are doing very little to make it seem like it is actually yours.

As I described previously, "todo" server pushes download requests to Kindle, firmware update files are automatically downloaded to the user partition and later applied when Kindle goes to sleep.

If you want to disable automatic update "execution", change /usr/bin/process_update script:

--- process_update~orig 2009-07-25 22:08:55.000000000 -0700
+++ process_update 2009-07-25 22:41:11.000000000 -0700
@@ -39,9 +39,7 @@
exit 0
fi

- # Start updatewait in background and exit
- ${_UPDATE_WAIT} &
- msg "Started ${_UPDATE_WAIT}" I
+ msg "Auto updates are disabled, exiting..." I
exit 0
fi

Note that manual updates are not disabled - you can still apply downloaded updates from UI.

If you want to disable automatic update "execution", change /usr/bin/process_update script:

Thanks again ebs. This seems like a good idea. I've made the change to my unit. I'd hate to lose shell access due to an automatic firmware update.

Many thanks EBS.

Now if you discover the registration info (that confirms the device has been activated once on whispernet) on your firmware travels I will be forever in your debt

Well, registration is done through Amazon webservice, so it's not just some piece of data on Kindle, it's also a record at Amazon. I think you have to go through this process if you really want you Kindle to be registered - no amount of local hacking will do this.

As far as I can tell, there is very little on Kindle which is device specific - serial number written in NOR flash, SSL client certificate signed by Amazon (probably Kindle downloads it during registration process) and some simple text file that tells UI that Kindle is indeed registered.

Ebs,

Can you tell us which file is the COMMS log, the one with the Base ID etc?

How does one apply the patch?

Thanks!

Do the logs only contain information about content you downloaded from Amazon? Does the Kindle also log data (and send said data to Amazon) regarding, for instance, a random text file you put on your Kindle?

Great thread, but answers to the questions asked in the last few posts would be really nice :)