Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 06-15-2012, 06:25 PM   #1
pwr
Member
pwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with others
 
pwr's Avatar
 
Posts: 18
Karma: 2602
Join Date: Mar 2012
Device: Kindle 4NT
De-sandboxed kindlet loader

Hello,

I've written a small tool that allows loading Kindlets outside of their sandbox. Right now it only works for the Kindle 4 (software version 4.1.0), but I think it could be easily ported to Kindle 3 and Touch.

It implements a custom classloader for the kindlets, which skips all the sandboxing checks: certificates, java permissions and class whitelisting. With it, when launching a Kindlet for the first time, you will get a dialog (see attached screen-shot) asking if you want to allow it full permissions (using the custom classloader) or load it normally (inside the regular Kindlet API sandbox).

If you load it with full permissions:
  • the certificate checks will not be performed; so the kindlet can be signed with a developer key, or not signed at all, it does not matter; you will not need to install any developer certificates.
  • the kindlet will have full access to the device's filesystem, not just inside the regular sandbox -- it will be able to read and write any file.
  • the kindlet will have full access to the Java framework's classes, not just to the Kindlet API. This is not as useful as it may sound due how heavily obfuscated the framework is.

Detailed documentation is available, as well as an already-built .jar ready-to-use.

Hope you find it useful .

Cheers,
-pwr
Attached Thumbnails
Click image for larger version

Name:	screen_shot-27320.png
Views:	400
Size:	5.5 KB
ID:	87782  
pwr is offline   Reply With Quote
Old 06-15-2012, 06:36 PM   #2
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
Its an entire function, it deserves a copyright statement and a license statement.
What OSI license are you releasing this under? MIT? Something else?
knc1 is offline   Reply With Quote
Old 06-15-2012, 06:48 PM   #3
pwr
Member
pwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with others
 
pwr's Avatar
 
Posts: 18
Karma: 2602
Join Date: Mar 2012
Device: Kindle 4NT
Haven't thought of that. BSD, I guess?

I'll update the sources and upload a license file.

Cheers,
-pwr
pwr is offline   Reply With Quote
Old 06-15-2012, 07:03 PM   #4
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
Quote:
Originally Posted by pwr View Post
Haven't thought of that. BSD, I guess?

I'll update the sources and upload a license file.

Cheers,
-pwr
Thanks, that tells people your willing to let them re-use your work.
knc1 is offline   Reply With Quote
Old 06-15-2012, 07:09 PM   #5
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by pwr View Post
... I've written a small tool that allows loading Kindlets outside of their sandbox. Right now it only works for the Kindle 4 (software version 4.1.0), but I think it could be easily ported to Kindle 3 and Touch.

It implements a custom classloader for the kindlets, which skips all the sandboxing checks: certificates, java permissions and class whitelisting.
How is this different from ixtab's class loader replacement?
Quote:
Originally Posted by ixtab View Post
...It allows to escape the restrictive class loader, and also allows you to do other nifty things, like gaining additional permissions to write to the file system, read additional properties etc.
...
Alternative implementations are welcome. We can learn things from parallel development efforts. Sometimes combining the best ideas from them can result in a much better hybrid implementation. Thanks for sharing this.

Last edited by geekmaster; 06-15-2012 at 07:16 PM.
geekmaster is offline   Reply With Quote
Old 06-15-2012, 07:24 PM   #6
eureka
but forgot what it's like
eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.
 
Posts: 741
Karma: 2345678
Join Date: Dec 2011
Location: north (by northwest)
Device: Kindle Touch
Nice. If you are looking for KT Java libraries, you can take them from mmcblk0p1 images floating somewhere in this forum.
eureka is offline   Reply With Quote
Old 06-17-2012, 03:27 AM   #7
pwr
Member
pwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with otherspwr plays well with others
 
pwr's Avatar
 
Posts: 18
Karma: 2602
Join Date: Mar 2012
Device: Kindle 4NT
Quote:
Originally Posted by geekmaster View Post
How is this different from ixtab's class loader replacement?
It only allows for more powerful Kindlets. While using the available Java framework classes is possible, is quite limited compared to ixtab's; certainly it does not offer the possibility to change the Java bytecode on-the-fly. On the plus side, it does not require having to mess about with the bytecode . It's more high-level, if you like, with all the benefits and disadvantages it implies.

Cheers,
-pwr
pwr is offline   Reply With Quote
Old 06-17-2012, 12:59 PM   #8
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by pwr View Post
It only allows for more powerful Kindlets. While using the available Java framework classes is possible, is quite limited compared to ixtab's; certainly it does not offer the possibility to change the Java bytecode on-the-fly. On the plus side, it does not require having to mess about with the bytecode . It's more high-level, if you like, with all the benefits and disadvantages it implies.

Cheers,
-pwr
Great! More power (than stock firmware) with less "tampering" may not break so quickly with the next firmware update, requiring less "end-user maintenance".

Your method may be more desirable for beginners, while power users may prefer ixtab's method (which I use myself).
geekmaster is offline   Reply With Quote
Old 06-17-2012, 02:05 PM   #9
eureka
but forgot what it's like
eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.
 
Posts: 741
Karma: 2345678
Join Date: Dec 2011
Location: north (by northwest)
Device: Kindle Touch
Quote:
Originally Posted by pwr View Post
It only allows for more powerful Kindlets. While using the available Java framework classes is possible, is quite limited compared to ixtab's; certainly it does not offer the possibility to change the Java bytecode on-the-fly. On the plus side, it does not require having to mess about with the bytecode . It's more high-level, if you like, with all the benefits and disadvantages it implies.

Cheers,
-pwr
I think, you've confused ixtab's jbpatcher with ixtab's Kindlet jailbreak (read also post #6 in that thread).

You're describing jbpatcher, while geekmaster spoke about Kindlet jailbreak.
eureka is offline   Reply With Quote
Old 06-17-2012, 04:27 PM   #10
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by eureka View Post
I think, you've confused ixtab's jbpatcher with ixtab's Kindlet jailbreak (read also post #6 in that thread).

You're describing jbpatcher, while geekmaster spoke about Kindlet jailbreak.
I believe that jbpatcher also uses a replacement classloader, so the same argument applies in that case.
geekmaster is offline   Reply With Quote
Old 06-17-2012, 05:12 PM   #11
eureka
but forgot what it's like
eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.eureka ought to be getting tired of karma fortunes by now.
 
Posts: 741
Karma: 2345678
Join Date: Dec 2011
Location: north (by northwest)
Device: Kindle Touch
Quote:
Originally Posted by geekmaster View Post
I believe that jbpatcher also uses a replacement classloader, so the same argument applies in that case.
jbpatcher is definitely using custom classloader, but described major technical differencies between jbpatcher and pwr's solution are pretty obvious and uninteresting for me. It's also obvious that pwr's solution has goals different to jbpatcher, despite the fact that it takes similar approach. I'm [persistently] pointing exactly to ixtab's Kindlet jailbreak as I'd like to know whether pwr personally will find it targeted at the same goals as his solution or not.
eureka is offline   Reply With Quote
Old 06-17-2012, 05:43 PM   #12
geekmaster
Carpe diem, c'est la vie.
geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.geekmaster ought to be getting tired of karma fortunes by now.
 
geekmaster's Avatar
 
Posts: 6,433
Karma: 10773668
Join Date: Nov 2011
Location: Multiverse 6627A
Device: K1 to PW3
Quote:
Originally Posted by eureka View Post
jbpatcher is definitely using custom classloader, but described major technical differencies between jbpatcher and pwr's solution are pretty obvious and uninteresting for me. It's also obvious that pwr's solution has goals different to jbpatcher, despite the fact that it takes similar approach. I'm [persistently] pointing exactly to ixtab's Kindlet jailbreak as I'd like to know whether pwr personally will find it targeted at the same goals as his solution or not.
It may be as I suggested that a better kindlet jailbreak can be made by combining ideas from both pwr and ixtab methods.
geekmaster is offline   Reply With Quote
Reply

Tags
hack, kindle4, kindlet

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
loader problem with old Ubuntu Hardy silver84 Calibre 10 01-04-2011 02:47 PM
loader processes don't die VulcanRidr Calibre 2 06-11-2010 11:07 PM
Micro Boot Loader v1.3 OrcaBlue iRex 2 03-06-2010 11:59 AM
loader rogue_ronin Calibre 9 12-13-2009 02:36 PM
Gmail Loader (GML) Colin Dunstan Lounge 0 06-18-2004 03:23 AM


All times are GMT -4. The time now is 11:21 AM.


MobileRead.com is a privately owned, operated and funded community.