07-08-2012, 01:48 PM | #61 |
BLAM!
Posts: 13,477
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
@mmatej: It *should* remove the jailbreak update key (pubdevkey01.pem), but not the kindlet keystore .
I never tried it, so I'm not sure why yifan's package didn't seem to do anything, but it should have removed the updater key. The only potential issues I see with it is that it won't run on some European 3G Touch, the target OTA is a bit low (but still high enough), and it relies on legacy helper functions for progress handling, but none of that should prevent it from removing a single puny file . [Unless the updater system does some black magic in the background with its public keys...] Last edited by NiLuJe; 07-08-2012 at 01:53 PM. |
07-08-2012, 01:51 PM | #62 | |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Quote:
Looks like someone has started creating "the Botnet"... |
|
Advert | |
|
07-08-2012, 01:57 PM | #63 | |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Quote:
|
|
07-08-2012, 02:02 PM | #64 | |
Padawan Learner
Posts: 33
Karma: 86
Join Date: Jul 2012
Location: Galactic Sector ZZ9 Plural Z Alpha
Device: Kindle Touch
|
Quote:
not really... just figured it woud be a (maybe)easier way to disble ota to keep amazon from pushing updates to break the jailbreak or maybe i want to make the first kindle key/touchlogger hehehthough a vnc kind of thing for kindle would be quite awesome... |
|
07-08-2012, 02:22 PM | #65 | |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Quote:
|
|
Advert | |
|
07-08-2012, 02:43 PM | #66 |
BLAM!
Posts: 13,477
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
@mmatej: Nope, if it crashed, you wouldn't get the 'update successful' checkmark . And, yes, I meant progress bar handling, but it's just a hint given to the UI, it doesn't really hurt (The simple usbnet package does the same thing, for example).
|
07-08-2012, 02:50 PM | #67 | |
Padawan Learner
Posts: 33
Karma: 86
Join Date: Jul 2012
Location: Galactic Sector ZZ9 Plural Z Alpha
Device: Kindle Touch
|
Quote:
and i did not intend to write malicious code of any sorts... not even too make a kindle rendition of the squid virus :P |
|
07-08-2012, 03:04 PM | #68 | |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Quote:
|
|
07-08-2012, 03:08 PM | #69 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
So why it doesn't remove the key if it's successful? It's a big mystery for me...
|
07-08-2012, 05:22 PM | #70 |
BLAM!
Posts: 13,477
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
@mmatej: Figured it out. Because the uninstall script isn't marked as an update script, so it isn't run by the update system. Hence nothing actually happening . (ID 128 instead of 129 in the bundlefile).
(For the curious: because it's a .sh and yifan's original kindletool wasn't marking .sh files as scripts, only .ffs). Last edited by NiLuJe; 07-08-2012 at 05:25 PM. |
07-09-2012, 02:20 AM | #71 | |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
Quote:
Last edited by mmatej; 07-09-2012 at 02:23 AM. |
|
07-09-2012, 02:32 AM | #72 |
Wizard
Posts: 1,669
Karma: 2300001
Join Date: Mar 2011
Location: Türkiye
Device: Kindle 5.3.7
|
you can also add the version numbers for the hacks.
|
07-09-2012, 03:04 AM | #73 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
|
07-09-2012, 03:17 AM | #74 |
(offline)
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
|
Woah... guys, it's not like I want to spoil the party. This is indeed a very nice project, and I'm seriously impressed (honest!).
However, it will necessarily come to an end, rather sooner than later. After all, you're exploiting a serious security flaw on the Kindle, which is on Amazon's radar, and which either has been fixed with that ominous 5.1.1 FW (which we're all craving for, but noone seems to have been able to publish yet), or will be fixed soon. In fact, I don't understand at all how, a month after the publishing of such a gaping vulnerability (and they *were* alerted to it), Amazon can still not give a fuck about their customers', and their own security. I'm seriously puzzled. The point is ... this security hole should have actually been closed yesterday - but it hopefully (from a security standpoint) will be closed soon. All IMO of course, but just before you spend too much effort... ... just sayin'. PS: just to make that clear again: I really DO appreciate your work -- I'm just wondering whether the effort will be well-spent in the long run. Last edited by ixtab; 07-09-2012 at 03:29 AM. |
07-09-2012, 03:39 AM | #75 |
Connoisseur
Posts: 91
Karma: 14730
Join Date: Jun 2012
Device: none
|
You are right, Amazon is very late about this issue. Maybe if we created "the Botnet", long time mentioned, but never really made, Amazon would react very quickly.
BTW, does Amazon know about this web jailbreak? As far as I know, it's the first practical use of the exploit. Maybe I should show off them And about that effort... I know that with the next FW released, it won't work. But I've learned a lot of things from this project, so it wasn't that useless. |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hacks Kindle (3) Keyboard : Upgrade and Jailbreak or Jailbreak and Upgrade?? | prado | Amazon Kindle | 3 | 06-11-2021 10:13 PM |
Kindle Fire Web Browser will likely allow for web based games. | sirmaru | Kindle Fire | 10 | 11-15-2011 02:55 PM |
problem browsing web, web's with many links? | KRorschachZ | Amazon Kindle | 1 | 11-20-2010 02:05 AM |
Web Standards for E-books by Joe Clark (web article) | guyanonymous | General Discussions | 2 | 03-18-2010 10:36 PM |
Mobile Web surfing on the rise says Face of the Web | Alexander Turcic | Lounge | 2 | 04-20-2006 01:17 PM |