Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Amazon Kindle > Kindle Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 05-07-2015, 01:02 AM   #1
zfu
Member
zfu began at the beginning.
 
Posts: 17
Karma: 10
Join Date: Apr 2015
Location: Shanghai, China
Device: Kindle4, KT2
Question Can we setup a DNS server to fake amazon's server and remote apply the jailbreak?

As 5.6.1.x can not do jailbreak by apply the update pack from /mnt/us/xxx.bin..
Can we set up a DNS server..
Kindle will check update, download and apply xxx.bin from the fake update server..

As amazon's file server not https....

http://s3.amazonaws.com/G7G_Firmware...le_5.4.3.2.bin
zfu is offline   Reply With Quote
Old 05-07-2015, 07:55 AM   #2
NiLuJe
BLAM!
NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.
 
NiLuJe's Avatar
 
Posts: 5,910
Karma: 5592483
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW & PW2; Kobo H2O
Won't make our packages magically signed by Amazon's keys .
NiLuJe is offline   Reply With Quote
Old 05-07-2015, 08:17 AM   #3
knc1
Helpdesk Junkie
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 8,100
Karma: 7040098
Join Date: Feb 2012
Device: Too many.
Our Kindle "jail break" provides the device with **our** developer keys, we do not (because we can not) sign our update packages with Amazon's keys.

Unlike Sony, Amazon has not (yet) leaked their signing key, forcing us to use our own.
knc1 is offline   Reply With Quote
Old 05-07-2015, 08:29 AM   #4
Akirainblack
abibliophobic
Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.
 
Posts: 193
Karma: 219708
Join Date: Aug 2012
Device: Kindle Touch + Paperwhite + PW2 all jailbroken and a Kindle Voyage
I've been wondering, how do you decrypt the image files without the key?
I can't find any documentation about how KindleTool works. But that may be because I'm blind. I've searched this forum and the Wiki.
If that info has to come via PM then fair enough.
Akirainblack is offline   Reply With Quote
Old 05-07-2015, 08:41 AM   #5
knc1
Helpdesk Junkie
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 8,100
Karma: 7040098
Join Date: Feb 2012
Device: Too many.
Quote:
Originally Posted by Akirainblack View Post
I've been wondering, how do you decrypt the image files without the key?
I can't find any documentation about how KindleTool works. But that may be because I'm blind. I've searched this forum and the Wiki.
If that info has to come via PM then fair enough.
They use a public key system - that is the key (no pun intended; key == crucial; here) phrase to google for.

That is: two keys (a key pair), one public (for decrypting) present on every Kindle and one private (for encrypting) stored in Amazon's I.P. security vault.

Just read the source of KindleTool for the details of how it works.
It has the Amazon public keys embedded in it for handling Amazon packages and our key-pair for handling our packages.
That is: no Amazon private key == can not create Amazon signed packages.

Last edited by knc1; 05-07-2015 at 08:48 AM.
knc1 is offline   Reply With Quote
Old 05-07-2015, 09:26 AM   #6
Akirainblack
abibliophobic
Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.Akirainblack ought to be getting tired of karma fortunes by now.
 
Posts: 193
Karma: 219708
Join Date: Aug 2012
Device: Kindle Touch + Paperwhite + PW2 all jailbroken and a Kindle Voyage
Fair enough, I hadn't realised they used a key pair, which is why I asked.
I have to deal with encryption on a daily basis in my job due to sensitive data so am fully aware of how they work.
Thank you for explaining how you guys do it.
Plus looking through the source, my other idea would take an eternity (brute force the key) due to the length of the key.
Akirainblack is offline   Reply With Quote
Old 05-07-2015, 09:35 AM   #7
zfu
Member
zfu began at the beginning.
 
Posts: 17
Karma: 10
Join Date: Apr 2015
Location: Shanghai, China
Device: Kindle4, KT2
Unhappy


ok, ignore me..
The update package signed by the amazon private magic cert/keys..
zfu is offline   Reply With Quote
Old 05-07-2015, 09:45 AM   #8
knc1
Helpdesk Junkie
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 8,100
Karma: 7040098
Join Date: Feb 2012
Device: Too many.
Quote:
Originally Posted by Akirainblack View Post
Fair enough, I hadn't realised they used a key pair, which is why I asked.
I have to deal with encryption on a daily basis in my job due to sensitive data so am fully aware of how they work.
Thank you for explaining how you guys do it.
Plus looking through the source, my other idea would take an eternity (brute force the key) due to the length of the key.
Ah, then I can use buzz words -

If you can brute force that RSA key, then Ron Rivest, Adi Shamir, and Leonard Adleman would like to know about it.
So would any number of National Governments.

PS: Amazon still offers free accounts on their Super Computer (the 9th most powerful Super Computer in the world, IIRC - see top 500 list to check) -
which might interest anyone serious about trying.
http://en.wikipedia.org/wiki/RSA_problem

- - - - -

There are actually two (2) updater mechanisms in the Kindle firmware.

One put there in the very early days when Amazon thought that they would support (and encourage) third party add-ins as active documents.
That is the one we use for our packages here.

The other one, for the OTA updates, remains the sole domain of Amazon (we haven't even tried to disturb that one).

That all means that our packages can **only** be installed by owner action.
No chance that they can be forced onto a Kindle via the OTA updater (which just earns you an error code 3, IIRC).

Last edited by knc1; 05-07-2015 at 10:14 AM.
knc1 is offline   Reply With Quote
Old 05-07-2015, 10:01 AM   #9
NiLuJe
BLAM!
NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.NiLuJe ought to be getting tired of karma fortunes by now.
 
NiLuJe's Avatar
 
Posts: 5,910
Karma: 5592483
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW & PW2; Kobo H2O
We do use the OTA updater, it's the factory one bundled in the initrd shell that we don't (since the pubkeys are buried in there too, messier to make it like ousr) .
NiLuJe is offline   Reply With Quote
Old 05-07-2015, 10:08 AM   #10
knc1
Helpdesk Junkie
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 8,100
Karma: 7040098
Join Date: Feb 2012
Device: Too many.
Quote:
Originally Posted by NiLuJe View Post
We do use the OTA updater, it's the factory one bundled in the initrd shell that we don't (since the pubkeys are buried in there too, messier to make it like ousr) .
I was trying to keep it simple.
But of course your correct.

and there are links here to projects that have replaced the factory kernel (and embedded initrd) if a reader cares to dig enough.

But what's the point? We don't need to disturb it, so we don't.
knc1 is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Calibre Content Server issue with DNS rysktkr Devices 0 09-04-2013 10:47 AM
[Old Thread] Remote library support (not content server) mikew Calibre 18 05-29-2013 07:27 AM
Porting Calibre's built-in web server to a remote server? perryja Related Tools 6 05-02-2013 09:05 AM
Book directory on remote server sasilk Library Management 3 08-13-2011 11:10 AM
Headless Calibre Server Setup godzilla8nj Related Tools 4 03-10-2010 01:39 PM


All times are GMT -4. The time now is 10:53 AM.


MobileRead.com is a privately owned, operated and funded community.