Originally Posted by murg
I'm sure we can find people on here that can write this snippet in any language or scripting language you want.
Armchair pseudocode is one thing. Actual code is another. As you guys can see, the files in the payload of the firmware are writable and changeable by anyone. This is evidenced by some of the cool stuff that I've seen happening on the developer sub-forum here.
How does the e-reader actually know that these files are the correct ones? There's an MD5 manifest to verify that the files are not corrupt but there is no way to validate that the kernel or bootloader are actually targetted for that device's particular hardware, moreover this doesn't actually prevent tampering or DIY'ing. This is why we rely on the backend server to serve out the correct files for the device's firmware during a Wi-Fi update or desktop update.
Locking down the firmware update mechanism has been proposed, but why would we want to stifle hacking? It really wouldn't accomplish anything in the end.
Put it another way: what happens when you use fastboot to flash a new ROM on an Android phone or tablet? Does it do any validation? Nope. If you flash the wrong bootloader then you're pretty much on your own.