03-11-2011, 10:03 AM | #31 | |
Wizard
Posts: 1,516
Karma: 2567610
Join Date: Oct 2009
Device: Kindles - Keyboard, Fire, 2-US, iPhone, iPAD
|
Quote:
I've had the "log file" hack installed for awhile now but really no way of determining what it is doing or if it is working. For all I know Yifanlu has sent my Kindle log file to his computer and now he's tracking my reading habits and location. |
|
03-11-2011, 10:46 AM | #32 | |
Wizard
Posts: 1,105
Karma: 1025784
Join Date: Oct 2010
Device: WiFi Kindle3
|
Quote:
Obviously, surfing the web, probably through Amazon does mean you accept the fact that they can know where you are surfing and what you are reading. Downloading books - well, they know that, too. But what I'm actually reading and whether I'm an inept very slow reader or one who reads 12 books at once and whether I'm reading a Smashwords book or a freebie I got from Barnes and Noble and "fixed up" is not their business. And for 3g users, the gps location of where they are reading - well, why does Amazon need that info? Well, it may be their BUSINESS but I may not want to share that with them. So, yes, a kindle with links to the outside world is definitely a compromise. The Sony with no connections besides usb would be more private. But if we can prevent some flow of info we don't want to share, I like that prospect. Tradeoffs. Last edited by FF2; 03-11-2011 at 10:54 AM. |
|
03-11-2011, 10:50 AM | #33 |
Wizard
Posts: 1,105
Karma: 1025784
Join Date: Oct 2010
Device: WiFi Kindle3
|
Tarr:
I'd be very interested in what you learn. Someone mentioned a "sniffer" which I guess can log all traffic over wifi (3g is a separate phone system). I don't know what the logs show as far as what "home" (ip address?) they sent the log to, etc. "To dump logs, type in ";dumpMessages" on the home screen in the search box. You need to press a letter, then backspace, then sym to get the semicolon. The logs will be in the documents folder when you plug the kindle into the computer. " |
03-11-2011, 04:01 PM | #34 | |
Kindle Dissector
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
|
Quote:
Also, I would need someone knowledgeable to log overnight. It's a pretty painful process (well not really), but I don't have the time right now (busy with some other stuff), so I haven't touched the kindle in a while. If anyone with linux knowledge read this, install my script and cross-compile (or find a copy of) tcpdump for ARM and run it (log size max please) overnight. Then connect to your computer, scp the .pcap file back and either analyze it yourself (I don't know what information will be logged) or send me a copy. |
|
03-12-2011, 11:35 AM | #35 |
curly᷂͓̫̙᷊̥̮̾ͯͤͭͬͦͨ ʎʌɹnɔ
Posts: 3,002
Karma: 50506927
Join Date: Dec 2010
Location: ♁ ᴺ₄₅°₃₀' ᵂ₇₃°₃₇' ±₆₀"
Device: K3₃.₄.₃ PW3&4₅.₁₃.₃
|
@yifanlu
I have installed a tcpdump arm binary from http://junxian-huang.blogspot.com/20...1-android.html. I will "[root@kindle tcpdump]# ./tcpdump-arm -s 0 -w capture.pcap" overnight and look at the trace with Wireshark. [edit] After two hours the capture only shows that every 27 seconds traceroute packets (UDP datagram’s with a port number of 33434) sent to 184.73.176.175 (ec2-184-73-176-175.compute-1.amazonaws.com). Guess I will have to run it longer. Last edited by PoP; 03-13-2011 at 09:01 AM. Reason: reporting results |
03-12-2011, 01:19 PM | #36 |
Wizard
Posts: 1,105
Karma: 1025784
Join Date: Oct 2010
Device: WiFi Kindle3
|
PoP
If I only understood English, I might understand what you wrote! (g) But looking forward to what you do discover. |
03-15-2011, 11:29 AM | #37 |
curly᷂͓̫̙᷊̥̮̾ͯͤͭͬͦͨ ʎʌɹnɔ
Posts: 3,002
Karma: 50506927
Join Date: Dec 2010
Location: ♁ ᴺ₄₅°₃₀' ᵂ₇₃°₃₇' ±₆₀"
Device: K3₃.₄.₃ PW3&4₅.₁₃.₃
|
Well I ran a 10 hour long tcpdump capture. My analysis doesn't reveal any realy interesting stuff.
Every hour: The Kindle queries DNS for dogvgb9ujhyxbx.jfk1.cloudfront.net and DNS answers with a series of 8 IP addresses in the range 204.246.169.XXX The Kindle queries DNS for pins.amazon.com and DNS answers with 184.73.176.172 Every 27 seconds: The Kindle sends a UDP packet to 184.73.176.172 Every 30 minutes: 184.73.176.172 sends a UDP packet to the Kindle The ports for UDP packets change every hour. The traceroute port 33434 is sometimes, but not always used. The content of the packet is *not* a trace route. I guess it is kind of a keepalive with some Kindle specific information. The Kindle UDP packet always contain the same data. The pins.amazon.com UDP packet data varies. The UDP packets are possibly encrypted, wireshark doesn't decode the protocol, and at any rate the packet data is not otherwise human readable. No log was ever sent to amazon, with or without the nolog hack applied. No other traffic in the capture. |
03-15-2011, 01:05 PM | #38 | |
Kindle Dissector
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
|
Quote:
|
|
03-15-2011, 01:11 PM | #39 |
Wizard
Posts: 1,105
Karma: 1025784
Join Date: Oct 2010
Device: WiFi Kindle3
|
I guess I will wait for someone in the know to translate that into something I can think about.
Sounds like a lot of back and forth. Every 27 seconds and Every 30 minutes... So something is possibly encoded that conveys data to Amazon? |
03-15-2011, 02:08 PM | #40 |
curly᷂͓̫̙᷊̥̮̾ͯͤͭͬͦͨ ʎʌɹnɔ
Posts: 3,002
Karma: 50506927
Join Date: Dec 2010
Location: ♁ ᴺ₄₅°₃₀' ᵂ₇₃°₃₇' ±₆₀"
Device: K3₃.₄.₃ PW3&4₅.₁₃.₃
|
@yifanlu
1) I agree, logs are too big to be routinely transmitted. 2) Just to confirm, there was no SSL packets when leaving the Kindle idle, only the periodic DNS and UDP I described. 3) A while ago, I did trace externally when you powerup/wakeup/sync the Kindle and have seen the SSL encrypted traffic with the "todo" amazon server. Nothing such here. @FF2 Yes, something could possibly be encoded and conveyed to Amazon, but it is so small (149 bytes), and it is always the same data from one packet to the other. Definitely no extensive logs for spying on us. I am not going to worry about it. |
03-15-2011, 08:08 PM | #41 |
Kindle Dissector
Posts: 662
Karma: 475607
Join Date: Jul 2010
Device: Amazon Kindle 3
|
My theory is that amazon CAN spy on you, but are currently NOT doing so. Mainly because of the expense in sending logs all the time. I would guess the logs may be used when you have problems for debugging or something. I've looked in the kindle firmware decompiled source, and there is no function (that I can find) that routinely send logs. But I did not look deeply.
|
04-30-2012, 12:32 AM | #42 |
Connoisseur
Posts: 55
Karma: 46
Join Date: Feb 2012
Device: Kindle
|
In case anyone is still subscribed to this thread, I just posted a new approach to stopping logging on the Kindle Touch that I believe to be safe, as well as an analysis of just what is logged.
https://www.mobileread.com/forums/sho...d.php?t=176972 One nice thing about this approach, in response to what abookreader wrote above, is that you can confirm that it's working by typing ;dm in the search bar, and seeing how no log messages older than 15 minutes are in the results (it stops them from being archived on the device in the first place) |
03-29-2020, 02:22 AM | #43 |
Wizard
Posts: 1,060
Karma: 3000026
Join Date: Feb 2012
Location: Cape Canaveral
Device: Kindle Scribe
|
Does anyone has tcpdump binary for Kindle?
Can you please share it? Links from the source in post 35 are dead |
03-29-2020, 03:02 AM | #44 |
Wizard
Posts: 1,060
Karma: 3000026
Join Date: Feb 2012
Location: Cape Canaveral
Device: Kindle Scribe
|
Nevermind, I found a working arm binary here: https://github.com/andrew-d/static-b...ux/arm/tcpdump
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Hacks Amazon Kindle Hack: Read DRM-protected Mobipocket content | Alexander Turcic | Amazon Kindle | 313 | 03-15-2012 09:05 PM |
n516 - how long to erase flash | Beebeeee | OpenInkpot | 6 | 06-24-2011 03:22 AM |
Info Amazon collects about books I didn't buy from them? | rangepig | Amazon Kindle | 1 | 08-26-2010 01:17 AM |
erase all tags ? | aceflor | Calibre | 6 | 01-01-2010 01:58 AM |