Kindle Paperwhite 3 (fw 5.9.2.0.1) Jailbreaking Questions

[Griphen116]

Have lurked around a lot and hopefully this post will get down to the straight answer for me and others like me without having to do a lot of forum scrubbing.

I have a Kindle PW3 (G090G1) with firmware version 5.9.2.0.1
From what I've been able to find on these forums is that there is No Way to software downgrade from firmware 5.9.2.0.1, or anything 5.8.8 and above, right now.
https://wiki.mobileread.com/wiki/5_x_Jailbreak

It is possible for anyone like me with any model Kindle on any firmware 5.8.8 and above (outside of the Oasis model) to use the Serial Port jailbreak method to force a firmware downgrade.
(This is also possible for anyone with a touchscreen model in the 5.x.y fw)
https://www.mobileread.com/forums/sh...d.php?t=267541
this requires skills and tools for soldering, taking apart the kindle, and installing a VM of Linux on my pc. As possible as it is, it's something I'd rather not do if I didn't have to.

Please correct me if any of the information i posted above was incorrect, but my questions regarding my situation are this:

1) Is it worth waiting for a software downgrade and jailbreak path to release for fw 5.9.2.0.1?
2) How possible is it that a software jailbreak path for this fw is going to be released any time soon?
3) Should I just give in, bite the bullet, and go for the serial port method in lieu of a possible software jailbreak for this fw not appearing soon?

[HarryT]

Moved to the dev forum.

[knc1]

1) No.
2) Zip, Zero, Nada
3) That is your only choice.
But the "should I give in" part is a subjective question, only you can answer that one.

The KT3 (still available from Amazon) continues to be an exception to the above rule(s).

[Griphen116]

Quote:

Originally Posted by knc1

2) Zip, Zero, Nada

The KT3 (still available from Amazon) continues to be an exception to the above rule(s).

Zip, Zero, Nada as in you don't think it will be available SOON or you don't think a software jailbreak will ever be available for this fw?

also, in what way is the KT3 an exception?

[knc1]

Quote:

Originally Posted by Griphen116

Zip, Zero, Nada as in you don't think it will be available SOON or you don't think a software jailbreak will ever be available for this fw?

also, in what way is the KT3 an exception?

Both. Unless never is coming soon to a web site near you.
It can be jail broken, any firmware version.

[Gatoecampo]

Quote:

Originally Posted by knc1

Both. Unless never is coming soon to a web site near you.
It can be jail broken, any firmware version.

any firmware?
I have the KT3, with 5.9.2.0.1 running and i have no luck.

[coplate]

Quote:

Originally Posted by Gatoecampo

any firmware?
I have the KT3, with 5.9.2.0.1 running and i have no luck.

I think he is referencing the fact that you can definitely jailbreak it with the serial port - 100%.

Other than that, I think the KT3 are the ones that still allow you to downgrade, but I cannot remember the thread. when you said " i have no luck" what specifically have you tried that didn't work - and what did it do instead of working.

[knc1]

Quote:

Originally Posted by Gatoecampo

any firmware?
I have the KT3, with 5.9.2.0.1 running and i have no luck.

Quote:

Originally Posted by coplate

I think he is referencing the fact that you can definitely jailbreak it with the serial port - 100%.

Other than that, I think the KT3 are the ones that still allow you to downgrade, but I cannot remember the thread. when you said " i have no luck" what specifically have you tried that didn't work - and what did it do instead of working.

More than anyone every wanted to know about the prior jail break:

Amazon/Lab126 added protection against a "downgrade attack" to firmware versions more recent than those subject to this jb:
https://www.mobileread.com/forums/sh...d.php?t=275877

But they, like all too many readers, got it wrong -
The significant part of the process was to install a firmware version that was never intended to reach the customer.
It was intended to be restricted to use only in the factory's production process.
That is where the word: factory in the image name originates.

Believe it or not, every single Kindle produced has its operation tested while still on the production line.
Done before the firmware version intended for use outside of the factory production environment (that is; by the customer) is installed.
This operational testing firmware is the first* firmware the device runs.
That is where the word: initial in the image name originates.

The first and last word (and some punctuation) is required by the Kindle system to recognize a file as something intended to be installed.
That is where the: Update_*.bin in the image name originates. Here the '*' means any sequence of (printable, seven bit, ASCII) characters.

The legacy markup language for HTML has two fields for a network link - the one displayed to the reader and the one used by the networking function.

Put all of that together and you have:

Code:

Human readable name          Machine usable name
factory_PW3_5.7.4_initial    update_PW3_5.7.4_initial.bin

People with a PW3 would look at their device info panel and see that firmware version 5.8.7.0.1 was installed.
Correctly noticing that 5.8.7.0.1 indicates a more recent version than 5.7.4
And 99 44/100% (tm) of the people leaped to the conclusion: Oh, look, the firmware has to be 'downgraded' (since that is what such a change is usually called in the human world - rather than the geek world).

Even more surprising is that leap to an apparently significant assumption was not limited to non-technical people.
(although I sometimes wonder about the people Lab126 hires) it is P.C. to refer to them as paid, professional, computer science types (a.k.a: geeks).
It took them nearly 18 months to figure out that it WAS NOT the change to firmware of an earlier version number that was significant.

What is significant is the change from running customer firmware to running the production testing (factory) firmware. The version number in the filename is just noise.

The Kindles run Amazon/Linux (with the possibility of running Google/Linux (a.k.a: Android) hanging on the horizon like a heavy, gray cloud).
Linux, as common in Unix-like systems (*nix), do not identify a file's type by the name extension.
Their files use a 'magic number' written into the file's binary contents.
In the case of Kindle image files, the first four bytes have an ascii character type identifier.

Now the hidden part of all of this -
The type identifier for factory-use-only image files is not the same as the type identifier for released-to-customer image files.
Once this Epiphany ** struck the highly paid professionals at Lab126, they disallowed the factory-use-only type identifier from being installed by released-to-customer image files.

End of our all-model jail break method.
Although the internal error message is still "downgrade attack". Another Lab126

(*) Not quite so, all of the dual system boot Kindles have the "diags" system written to the flash storage chip before the chip is soldered to the board. So technically, 'diags' is the first thing run on a Kindle when it first has power applied in the assembly process.

(**) With the oversight that the VoiceView capable Kindles can have their VoiceView files destroyed by the customer pressing "Reset (to factory defaults)"
So Amazon has to distribute those VoiceView install images to the customers, so they can 'fix' their Kindles after a "Reset".
The oversight was (is) that the VoiceView install images use the same type indicator as the factory-use-only image files we use to jail break the Kindles with.
Q.E.D: VoiceView capable devices do not have "downgrade attack" protection enabled ***. If they did, the customer could not 'fix' their broken VoiceView feature.

(***) With the observation that Amazon/Lab126 isn't very consistent from firmware version to firmware version for those devices.
Some can load the "factory (and VV)" images, some can not.

The KT3, with VV/over Bluetooth is one of those which (most often) has the "downgrade attack" protection removed.
Plus a scattering here and there of other model/firmware versions also have that protection (erroneously) left out.
Yeah Lab126 - Thanks again for keeping this all so simple.

[datanoise]

Quote:

Originally Posted by knc1

The KT3, with VV/over Bluetooth is one of those which (most often) has the "downgrade attack" protection removed.
Plus a scattering here and there of other model/firmware versions also have that protection (erroneously) left out.

Very interesting post, thanks for writing it!

So the protection should be at the code / firmware level only, right? As all units are supposed to receive the same firmwares (either on the factory, before leaving to retailers, or when doing an OTA upgrade) - how come some seem to be downgradable while other aren't?

What about 5.8.9.0.1? The protection isn't enabled at all on this one?

[knc1]

Quote:

Originally Posted by datanoise

- - - -
What about 5.8.9.0.1? The protection isn't enabled at all on this one?

Seems to be more correct than false (so far).
Intended for the PW3-64, but also shows up on the PW3-4 in some parts of the world.

Now that was a long post, but I didn't get into national differences.
Some countries (other than the USA) guarantee the purchasing end-user more or different access rights to the firmware controlling their electronic devices.
(Such things as installing the firmware version of their choice, "their" -- the owner after purchase, not the builder or vendor.)

Some of our Germany members could probably add/correct the next, but...
From the little reading I have done, the laws in Germany give the end-user/owner the most control.

I was writing from the USA prospective.

I, and some others here, believe that when the end-user purchases an electronically controlled device, they own both the device and its behavior.
Amazon, from their actions, clearly believe that control of the device's behavior remains Amazon's, although the responsibility for the device's behavior is not.
(Such as: When they ship a firmware that bricks a device, they will not replace it or fix it. Such has been reported here.)

In the case of such basic corporate policy, when we write: "Amazon" we are using a politically correct, code term for: "Jeff Bezos". *
Keep in mind, the Kindle's where built and sold at below-cost for the purpose of being a reader's operated, marketing data gathering device. **
Any change in the device's behavior would or could seriously effect the device's usefulness for that purpose.

(*) Yes, I am aware that members of Amazon management are subscribed to the rss feed of my posts.
(they are one of my most avid readers. )

(**) For instance, read the legal document that ships on the K2/DX(G) devices (and probably other models).
The intent of the device was disclosed in that document (which can not be easily removed from the device).
Probably on other models also, it is just that the DX(G) is the only model where I have read the entire document.
Which rivals War and Peace in length.

PS: And according to the fine print, when you register the device, you also agree to the terms of that document. If you don't register the device, then various things will not work or work as expected when you purchased it.
The "complete setup" (as it is now called) is clearly the "click and approve EULA" button and they don't give you much choice about clicking it (see the runme scripts thread).

[datanoise]

Thanks again, great read!

Interesting, selling devices with slightly different firmwares to fit with the local law would make sense, and could explain why some people have more luck than other downgrading...