MobileRead Forums - View Single Post - 5.6.5 Jailbreak (closed-kindle) -- released!

notimp · 10-25-2015, 11:01 AM

Kindles dont usually communicate with each other, they communicate with Amazon services.

So to mitigate the connected PC would become the driver of this process at which point, we could just as well talk about the security of USB sticks (which we all know is broken, and we all know it for years already and it just continues to be that way, because manufacturers dont want to sign their drivers on those cheap devices).

I restrained myself from talking about the mitigation side of the issue almost on purpose, as I caught myself not having mentioned it in the posting before and then decided not to edit.

Also, you are right, at this point, we are talking about probabilities and not about whatever someone can dream as a risk profile. We should look at the broader implications - but really an inner drive to protect companies interest through seeding an inkling of fear, that we all should resent the possibility of opening the "secure Kindle package", because somehow - we all could end up with broken devices, doesnt feel right.

Also - this is not the platform to talk about this in all its specifics, just rest assured, that the OP can release the exploit, and responsible public disclosure is a widely recognised way of handling such affairs.

10-25-2015, 11:01 AM	#191
notimp Addict Posts: 248 Karma: 892441 Join Date: Jul 2010 Device: K2i	Kindles dont usually communicate with each other, they communicate with Amazon services. So to mitigate the connected PC would become the driver of this process at which point, we could just as well talk about the security of USB sticks (which we all know is broken, and we all know it for years already and it just continues to be that way, because manufacturers dont want to sign their drivers on those cheap devices). I restrained myself from talking about the mitigation side of the issue almost on purpose, as I caught myself not having mentioned it in the posting before and then decided not to edit. Also, you are right, at this point, we are talking about probabilities and not about whatever someone can dream as a risk profile. We should look at the broader implications - but really an inner drive to protect companies interest through seeding an inkling of fear, that we all should resent the possibility of opening the "secure Kindle package", because somehow - we all could end up with broken devices, doesnt feel right. Also - this is not the platform to talk about this in all its specifics, just rest assured, that the OP can release the exploit, and responsible public disclosure is a widely recognised way of handling such affairs. Last edited by notimp; 10-25-2015 at 12:42 PM.