Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 07-19-2009, 05:52 PM   #1
ebs
Zealot
ebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enough
 
Posts: 100
Karma: 627
Join Date: Jun 2009
Location: California, USA
Device: Kindle DX
Disable BigBrother features

Please note that the modification/patch doesn't work on the K2i. [note added by moderator in 2012]

WARNING: Multiple Kindle Touch owners have reported that their Kindle Touch was bricked (no longer usable) after applying this modification. This may be dangerous for the Kindle Touch!
[note added by moderator in 2012]


There is some functionality in Kindle firmware which I consider violating user privacy and I intend this thread to provide information on how to disable such stuff.
  1. Regular system log upload to Amazon servers. Kindle firmware is quite chatty even in a normal mode (;debugOn enables much more print outs). Here is a sample syslog output showing what kind of info Amazon regulary receives from your Kindle:

    Code:
    090719:144532 cvm[26415]: I BookletManager:SwitchingBooklets:from=Home,to=Bookworm:
    090719:144532 cvm[26415]: I Reader:BOOK INFO:title=Kindle DX User's Guide,authors=Amazon.com,ASIN=B0026P3LTE,content type=ebook,publisher=Amazon.com,publication date=4/25/2008,sorted title=Kindle DX User's Guide,display authors=Amazon.com,length=MobiPosition_ 211399,last access=1980-01-01 00.00.00 +0000,last read position=MobiPosition_ 12977,isEncrypted=false,isSample=false,isNew=false,path=/mnt/us/documents/Kindle_Users_Guide.azw,isTTSMetdataPresent=false,isTTSMetadataAllowed=true:
    090719:144534 cvm[26415]: I ReaderGUI:SWITCH VIEW:name=com.amazon.ebook.booklet.reader.gui.lf:
    Here is another interesting piece of info from the logs sent to Amazon:
    Code:
    090719:161519 wand[1661]: I e725:diag: t=4a644ff6,SID=4183,NID=87,
    Base ID=744,Network Svc Type=EVDO,Bars=5,
    Latitude=37.321441,Longitude=-122.030612,
    RSSI dBm=-125,Active Set EC IO dBm=-31.500000,Active Set PN Offsets=264,
    HDR Latitude=37.334167,HDR Longitude=-122.031113,
    EVDO RSSI dBm=-65,ASET Pilot Energy=-0.53,
    HDR Active Set PN Offsets=264,DRC=2,n=1:
    If you don't want Amazon to know what you are reading, where you are or know that you are exploring their device, there is a simple way to disable sending anything. Script responsible for packaging this information is /usr/bin/showlog. Here is a simple patch you can use:

    Code:
    --- showlog     2009-05-08 17:22:51.000000000 -0700
    +++ showlog_none        2009-07-19 14:44:08.000000000 -0700
    @@ -188,8 +188,8 @@
                     echo $OLDEST | awk '{ printf "%08d", $1 }' > $LASTFILESENT
                 fi
             fi
    -        print_stream_header $NUMFILES
    -        print_gzip_files $ALLFILES
    +        print_stream_header 0
    +        print_gzip_files ""
         else
             ALLFILES=`ls -1 $ARCHIVE_DIR/${LOG}_*.gz | xargs`
             if [ -n "$ALLFILES" ]; then
    In other words, just change lines 191/192 to use 0 instead of $NUMFILES and "" instead of $ALLFILES. This will cause this script to send empty payload to Amazon.

Last edited by pdurrant; 01-31-2012 at 04:06 PM. Reason: added note regarding k2i.
ebs is offline   Reply With Quote
Old 07-19-2009, 11:35 PM   #2
FizzyWater
You kids get off my lawn!
FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.FizzyWater ought to be getting tired of karma fortunes by now.
 
FizzyWater's Avatar
 
Posts: 2,919
Karma: 5788215
Join Date: Aug 2007
Location: Columbus, Ohio
Device: Dell Axim, PRS350/650, Nook Glow, PB Touch Lux 623
I don't have a Kindle, but if I did, I'd definitely be using your update.

Thanks for sharing!
FizzyWater is offline   Reply With Quote
Old 07-20-2009, 08:30 AM   #3
Gearhead
Enthusiast
Gearhead began at the beginning.
 
Posts: 32
Karma: 45
Join Date: Dec 2007
Device: Kindle DX, PRS505
It is really a shame that Amazon is allowing our Kindles to upload this kind of personal information without our permission. Ebs, thank you very much for investigating this and providing a patch.

-robert
Gearhead is offline   Reply With Quote
Old 07-24-2009, 12:17 AM   #4
ebs
Zealot
ebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enough
 
Posts: 100
Karma: 627
Join Date: Jun 2009
Location: California, USA
Device: Kindle DX
Here is some information about "todo" server.

Periodically Kindle connects to a special "todo" web service and downloads list of items it then "executes". These items can be download/upload requests (to get a new book you just bought, upload syslog, etc), there is also a delete request (this is what I think was used in the recent debacle)... Firmware updates are probably also pushed this way.

Default location is https://todo-g7g.amazon.com/FionaTodoListProxy.
Kindle uses "getItems" request to download "todo"list:
https://todo-g7g.amazon.com/FionaTod...10&prl_rev=402
When all items are processed, "removeItems" request is used to clean-up todo list.

You can completely disable this functionality (although I don't recommend this) by redirecting all requests to some other location. I chose to direct all requests to a fake server running on my host which
emulates (to a some extent) standard Amazon services. To do this, edit /opt/amazon/ebook/config/framework.mario.conf:

These are my changes (CDE_SERVER and uploadServer point to another webservices - metadata sync/download and upload servers).
Code:
TODO_SERVER : http://192.168.2.1/FionaTodoListProxy/
CDE_SERVER : http://192.168.2.1/FionaCDEServiceEngine/
uploadServer : http://192.168.2.1/DeviceEventProxy/
Also, edit HTTP_NON_PROXY_HOST, otherwise firmware will go through amazon proxy:
Code:
HTTP_NON_PROXY_HOST : *.amazon.com|*.images-amazon.com|192.168.2.1
Now, you can use your fake webservice (I used lighthttpd + simple bash CGI scripts) to feed real data after you reviewed it. To get it, use default URLs with your favorite web browser with client SSL certificate assigned to your Kindle (this is how Amazon authenticates you). You can find that certificate in /var/local/java/prefs/certs. Install it into your browser (use password "pass"). BTW, with this approach you can have a Kindle-like software running on your PC, although Amazon can always disable such access if it wants to.

Somebody can even write a simple http/https proxy running locally on Kindle doing some kind of filtering .

Personally, I don't really care about Amazon deleting my books (I always make sure I take full control of stuff I buy from them - nothing can compete with good old backups ), my only worry is unexpected firmware update which can interfere with my hacking.
However, I have proof of concept hack that disables remote ebook removal, I've been running it since last weekend and it doesn't seem to break anything for me. I can post firmware update here if somebody thinks it will be useful.
ebs is offline   Reply With Quote
Old 07-24-2009, 12:37 AM   #5
Hellmark
Wizard
Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.
 
Hellmark's Avatar
 
Posts: 2,520
Karma: 3638167
Join Date: Jun 2009
Location: Maryland Heights, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight
Quote:
Originally Posted by ebs View Post
If you don't want Amazon to know what you are reading, where you are or know that you are exploring their device, there is a simple way to disable sending anything.
You said it, they act like it is their device, and you're just being allowed to use it.
Hellmark is offline   Reply With Quote
Old 07-24-2009, 12:46 AM   #6
ebs
Zealot
ebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enough
 
Posts: 100
Karma: 627
Join Date: Jun 2009
Location: California, USA
Device: Kindle DX
Quote:
Originally Posted by Hellmark View Post
You said it, they act like it is their device, and you're just being allowed to use it.
Well, I'm not a fan of conspiracy theories and I don't think there are any evil intentions. That syslog upload thing is probably a diagnostic feature, however this doesn't change a fact that they do receive this kind of information and I don't really feel like sharing this stuff with some Amazon engineer. I hope it is still a learning process for them, we'll see...
ebs is offline   Reply With Quote
Old 07-24-2009, 08:48 AM   #7
Hellmark
Wizard
Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.Hellmark ought to be getting tired of karma fortunes by now.
 
Hellmark's Avatar
 
Posts: 2,520
Karma: 3638167
Join Date: Jun 2009
Location: Maryland Heights, Missouri, USA
Device: Nokia N800, PRS-505, Nook STR Glowlight
I'm not a conspiracy theorist either, but they really are doing very little to make it seem like it is actually yours.
Hellmark is offline   Reply With Quote
Old 07-26-2009, 01:45 AM   #8
ebs
Zealot
ebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enough
 
Posts: 100
Karma: 627
Join Date: Jun 2009
Location: California, USA
Device: Kindle DX
Disable auto updates

As I described previously, "todo" server pushes download requests to Kindle, firmware update files are automatically downloaded to the user partition and later applied when Kindle goes to sleep.

If you want to disable automatic update "execution", change /usr/bin/process_update script:

Code:
--- process_update~orig 2009-07-25 22:08:55.000000000 -0700
+++ process_update      2009-07-25 22:41:11.000000000 -0700
@@ -39,9 +39,7 @@
                exit 0
        fi

-       # Start updatewait in background and exit
-       ${_UPDATE_WAIT} &
-       msg "Started ${_UPDATE_WAIT}" I
+       msg "Auto updates are disabled, exiting..." I
        exit 0
 fi
Note that manual updates are not disabled - you can still apply downloaded updates from UI.

Last edited by ebs; 07-26-2009 at 01:45 AM. Reason: Fix typo
ebs is offline   Reply With Quote
Old 07-31-2009, 11:15 AM   #9
Gearhead
Enthusiast
Gearhead began at the beginning.
 
Posts: 32
Karma: 45
Join Date: Dec 2007
Device: Kindle DX, PRS505
Quote:
Originally Posted by ebs View Post
If you want to disable automatic update "execution", change /usr/bin/process_update script:
Thanks again ebs. This seems like a good idea. I've made the change to my unit. I'd hate to lose shell access due to an automatic firmware update.
Gearhead is offline   Reply With Quote
Old 07-31-2009, 06:28 PM   #10
mobelby
Zealot
mobelby doesn't littermobelby doesn't littermobelby doesn't litter
 
Posts: 107
Karma: 224
Join Date: Sep 2008
Device: eeepc 901
Many thanks EBS.

Now if you discover the registration info (that confirms the device has been activated once on whispernet) on your firmware travels I will be forever in your debt
mobelby is offline   Reply With Quote
Old 07-31-2009, 09:22 PM   #11
ebs
Zealot
ebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enoughebs will become famous soon enough
 
Posts: 100
Karma: 627
Join Date: Jun 2009
Location: California, USA
Device: Kindle DX
Well, registration is done through Amazon webservice, so it's not just some piece of data on Kindle, it's also a record at Amazon. I think you have to go through this process if you really want you Kindle to be registered - no amount of local hacking will do this.

As far as I can tell, there is very little on Kindle which is device specific - serial number written in NOR flash, SSL client certificate signed by Amazon (probably Kindle downloads it during registration process) and some simple text file that tells UI that Kindle is indeed registered.
ebs is offline   Reply With Quote
Old 08-25-2009, 11:24 PM   #12
amitlu
Junior Member
amitlu began at the beginning.
 
Posts: 3
Karma: 10
Join Date: Aug 2009
Device: Kindle DX
Ebs,

Can you tell us which file is the COMMS log, the one with the Base ID etc?
amitlu is offline   Reply With Quote
Old 09-11-2009, 09:07 PM   #13
zT2pdR8Bvf
Junior Member
zT2pdR8Bvf began at the beginning.
 
Posts: 1
Karma: 10
Join Date: Sep 2009
Device: none
How does one apply the patch?

Thanks!
zT2pdR8Bvf is offline   Reply With Quote
Old 09-29-2009, 07:18 PM   #14
cyli
Junior Member
cyli began at the beginning.
 
Posts: 1
Karma: 10
Join Date: Sep 2009
Device: Kindle
Do the logs only contain information about content you downloaded from Amazon? Does the Kindle also log data (and send said data to Amazon) regarding, for instance, a random text file you put on your Kindle?
cyli is offline   Reply With Quote
Old 10-25-2009, 01:58 AM   #15
zxc
Junior Member
zxc began at the beginning.
 
Posts: 1
Karma: 10
Join Date: Oct 2009
Device: none
Great thread, but answers to the questions asked in the last few posts would be really nice
zxc is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacks Kindle DX - Any way to disable screensaver? schulzmc Amazon Kindle 165 01-23-2014 02:37 AM
How do I disable iPhoto from opening up? thadiyan Amazon Kindle 3 09-12-2010 07:12 PM
How to disable the accelerometer ? askyn PocketBook 4 05-23-2010 12:38 PM
Disable Synchronization help please charlesp Sony Reader 2 01-10-2009 01:18 PM
I don't understand the screensaver (+ how do I disable it?). GatorDeb Amazon Kindle 8 10-02-2008 07:05 PM


All times are GMT -4. The time now is 06:12 AM.


MobileRead.com is a privately owned, operated and funded community.