Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book General > News

Notices

Reply
 
Thread Tools Search this Thread
Old 08-27-2009, 09:42 PM   #16
carlobee
Fanatic
carlobee has learned how to read e-bookscarlobee has learned how to read e-bookscarlobee has learned how to read e-bookscarlobee has learned how to read e-bookscarlobee has learned how to read e-bookscarlobee has learned how to read e-bookscarlobee has learned how to read e-bookscarlobee has learned how to read e-books
 
Posts: 535
Karma: 972
Join Date: Jul 2009
Device: The new iPad
Good news from Sony!

carlobee is offline   Reply With Quote
Old 08-27-2009, 10:15 PM   #17
sminarovich
Connoisseur
sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.sminarovich could sell banana peel slippers to a Deveel.
 
sminarovich's Avatar
 
Posts: 95
Karma: 3133
Join Date: Jan 2008
Location: Ontario, Canada
Device: sony ereader 500 & 600
What's the good news from Sony? I only have duo pro, even with the firmware does this mean I will have to switch to SDs.
sminarovich is offline   Reply With Quote
Advert
Old 08-28-2009, 07:00 AM   #18
Jer
Member
Jer doesn't litterJer doesn't litter
 
Jer's Avatar
 
Posts: 20
Karma: 169
Join Date: Feb 2008
Location: Colorado
Device: Sony PRS-600
Nah, the problem was corrected. It was user error. lol. Seems the 600 really doesn't like ntfs formatted memory cards. After formatting to default, both my pro-duo and the sd card I scrounged up work great.
Jer is offline   Reply With Quote
Old 08-28-2009, 03:23 PM   #19
apswartz
e-book reader
apswartz began at the beginning.
 
apswartz's Avatar
 
Posts: 41
Karma: 16
Join Date: Feb 2009
Location: North Carolina
Device: Kindle Paperwhite, Google Play Books on Samsung Tablet
Uh! I'm using Linux. How can I update it?
apswartz is offline   Reply With Quote
Old 08-28-2009, 04:20 PM   #20
igorsk
Wizard
igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.
 
Posts: 3,442
Karma: 300001
Join Date: Sep 2006
Location: Belgium
Device: PRS-500/505/700, Kindle, Cybook Gen3, Words Gear
Find a machine with Windows or OSX, or use a VM.
igorsk is offline   Reply With Quote
Advert
Old 09-09-2009, 06:21 PM   #21
RyeBrye
Member
RyeBrye began at the beginning.
 
Posts: 14
Karma: 10
Join Date: Sep 2009
Device: PRS-600
Quote:
Originally Posted by igorsk View Post
Damn, the firmware images are encrypted.
What makes you say they are encrypted? I see a checksum file with insanely large hashes, and I see the raw images. I haven't delved into it much further.

What encryption mechanism are they using?

You probably already found this, but their GPL code is up here:

http://www.sony.net/Products/Linux/Audio/PRS-600.html
RyeBrye is offline   Reply With Quote
Old 09-09-2009, 06:38 PM   #22
igorsk
Wizard
igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.igorsk ought to be getting tired of karma fortunes by now.
 
Posts: 3,442
Karma: 300001
Join Date: Sep 2006
Location: Belgium
Device: PRS-500/505/700, Kindle, Cybook Gen3, Words Gear
Quote:
Originally Posted by RyeBrye View Post
What makes you say they are encrypted? I see a checksum file with insanely large hashes, and I see the raw images. I haven't delved into it much further.

What encryption mechanism are they using?
The hash is not new, it was already used in the first firmware update for PRS-500. It's an RSA signature checked at device side against a hardcoded public key. However, the firmware images themselves (cramfs.Rootfs.img) were not encrypted; you could see "Compressed ROMFS" text in the binary.
We don't know what they use for PRS-600, I suspect some AES variant.
The firmware updater code is Sony's own, not GPL, so it's not included in the public sources.
igorsk is offline   Reply With Quote
Old 09-10-2009, 01:01 PM   #23
RyeBrye
Member
RyeBrye began at the beginning.
 
Posts: 14
Karma: 10
Join Date: Sep 2009
Device: PRS-600
Quote:
Originally Posted by igorsk View Post
The hash is not new, it was already used in the first firmware update for PRS-500. It's an RSA signature checked at device side against a hardcoded public key. However, the firmware images themselves (cramfs.Rootfs.img) were not encrypted; you could see "Compressed ROMFS" text in the binary.
We don't know what they use for PRS-600, I suspect some AES variant.
The firmware updater code is Sony's own, not GPL, so it's not included in the public sources.
Interesting.

I just bought one of these (PRS-600) for my wife. I'm not sure how much face time I will get with it once I give it to her for her birthday tomorrow, but I'm definitely motivated to hack this baby just on principle alone.

Is there a place to go to discuss hacking these things? I see there is a lightly trafficed #mobileread chan on freenode - is that a good place to go talk specifics and start banging on this thing?

I'm mostly interested in getting an understanding of what is known about this device and then figuring out a plan of attack. If the updates have been signed with a key and verified with on the device before, I'm interested in how that was worked around before (did you find a way to replace the public key it was checking against on the device?) - also interested if you have any way to execute arbitrary code on these things.

One more question - there are "updates" but how about "downgrades" to these devices?

I'm guessing that the recent patch probably contains a fix to the null pointer dereference bug discovered in august - but if we have a way to execute unprivileged code on the device and a way to downgrade to a version with a kernel produced prior to august 11th or so, we might be able to poke a hole in the security layer on the device very easily by running whatever we want as root. (although I guess this kernel might be stripped down and not have any of the vulnerable options in it - since I know we are using the bluetooth module on the android one to poke through it... not sure which other modules might be vulnerable but there is at least one or two more)

I'm definitely new to these devices, my most recent forays have been in the Android world where we just used that same kernel bug to create a "one click root" app to 'root' or 'jailbreak' the phone in one click.

I don't know what kernel version it is running (is there a way to check?) - but I see that after the update it has 1.0.01.08040 as a prefix - perhaps for August 4th being the date of the software that it is running?? (I don't know their version numbering strategies, 08040 could just be a build number).

If you pop onto freenode, drop me a pm and we can discuss a plan of attack - I go by RyeBrye there.

Last edited by RyeBrye; 09-10-2009 at 01:07 PM. Reason: updating
RyeBrye is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Round 4: Calling Sony Style re: PRS-500 Firmware upgrade AprilHare Sony Reader 12 12-19-2009 10:40 PM
Final Round 3: Calling Sony Style re: PRS-500 Firmware upgrade AprilHare Sony Reader 10 12-09-2009 10:02 PM
Round 2: Calling Sony Style re: PRS-500 Firmware upgrade AprilHare Sony Reader 3 12-09-2009 10:01 PM
Will the PRS-500 get a firmware upgrade? AprilHare Sony Reader 23 11-27-2009 09:45 PM
PRS-600 Why PRS-600 Is a 505 UPGRADE maeludir Sony Reader 16 09-12-2009 04:21 PM


All times are GMT -4. The time now is 05:16 AM.


MobileRead.com is a privately owned, operated and funded community.