[Erdem] is leading up the efforts to reverse engineer Samsung TV firmware with a project called SamyGo. Official Samsung firmware uses the Linux kernel, making it a familiar system to work with for many developers. So far they’ve implemented NFS and SAMBA for sharing files over the network, improved playback from USB devices, and unlocked the ability to use non-Samsung WiFi dongles.

In order to make changes to the system, you need to enable a telnet connection on the device. The SamyGo team accomplished this by changing an official version of the firmware in a hex editor to start the telnet daemon at boot time. This altered firmware is then flashed using Samsung’s built in upgrade system. Once telnet is enabled, non-official firmware can be manually flashed.

We’d love to see this project expand to other TV Brands in the future. In fact, we were looking for something like this back in June when we realized that our Sony Bravia runs a Linux kernel and can be updated via USB drive.  Be careful if you want to try this out. We can only imagine the fallout after telling your significant other that you bricked a high-priced LCD.

Firmware v0g for all Bus Pirate revisions is now available. Updates in this release include a bootloader, frequency generator/pulse-width modulator, SPI bus sniffer, MIDI library, configuration reports, improved user interface, and bug fixes. v0g is also the first firmware to fully support the v2 hardware branch.

We’re really proud of this release as it brings a much more consistent structure to the internal operation of the Bus Pirate. It lays the foundation for future CAN, LIN, and OBDII libraries, and it supports localization and translations.  Install and upgrade instructions are included with the firmware. Report bugs on the project issue tracker.

We document the new features after the break.

Read the rest of this entry »

D-Link is adding captcha support to its line of home routers. While default password lists have been abundant for many years, it was only recently that we started seeing the them implemented in malware. Last year, zlob variants started logging into routers and changing their DNS settings. It’s an interesting situation since the people who need the captcha feature are the ones who will never see it, since they won’t log in to change the default password.

[photo: fbz]

It’s been many months since the T-Mobile G1 was initially rooted. In that time, the process has been streamlined and tools have been built to make it much easier. Having a rooted phone has become even more desirable with the recent release of the 1.5 firmware that includes an onscreen keyboard along with other improvements. Having a rooted phone means you can do tricks like setting up a 3G/WiFi bridge. [Taylor Wimberly] has written a guide to help you easily root your G1 without having to go digging through forums for software bits. The process starts by using [Mike Moussa]’s rooting app to revert the phone to the RC29 build. You then use the “Android stupidly executes everything you type” exploit to launch telnetd and upgrade the bootloader. After that, the upgrade process is fairly easy. You just flash a new baseband and build. Once you’ve got your new custom firmware, you can do future updates using an app from the Android Market. We recently updated our Android Dev Phone 1 to 1.5 and haven’t had any issues.

[photo: tnkgrl]

Many G1/ADP1 owners have been using the app Tetherbot to get internet access on their laptop via USB to the phone’s data connection. The app relied on the Android Debug Bridge to forward ports. It worked, but people wanted a solution better than a SOCKS proxy. The community figured out a way to create a properly NAT’d connection using iptables and then [moussam] rolled them up into easy to use applications. There’s one for setting up a PAN device on Bluetooth and another for adhoc WiFi networking. It requires you to have root on your phone, but hopefully you’ve achieved that and are already running the latest community firmware.

[photo: tnkgrl]

Working as quick as ever, the iphone-dev team have updated the PwnageTool and QuickPwn to work with the new iPhone 2.2 firmware update. The trouble with the new firmware is that it updates the baseband of the phone, which could potentially undo any progress made towards an iPhone 3G unlock in the future. If you don’t care about that, you can use QuickPwn to jailbreak your phone after the upgrade, so you can run any app you want. If a future unlock is important to you, use the PwnageTool to strip the baseband update out of the firmware update.

[photo: edans]

We remember the halcyon days of firmware 1.00 for the PSP. It was wide open to run any code you wanted. Once the handheld game console was released outside Japan, Sony locked it down and began an arms race to prevent any sort of homebrew usage of the device. Nearly four years later and we’re at firmware 5.00. The hackers are on top of their game though. It’s only been a couple days since the official release and a custom firmware has already been published. Sony has traditionally supported development on their home consoles and we hope they’ll take that approach on their next portable instead of this stupid back and forth.

[via Gizmodo]

Over at the ArchosFans.com forums, [grond] has posted some screenshots of his cracked archos 5th generation. Using a custom bootloader, they’ve unlocked the ability to swap hard disks as well as some hidden plugins. The plugins seem to be used mainly for dev tools, like core dumps and screenshots, but this opens the door to possible future homebrewed plugins.

[via Engadget]

The iphone-dev team hasn’t been resting on their laurels since releasing the iPhone Pwnage Tool 2.0 nearly two weeks ago and decided to update everyone on their progress. Despite the iPhone 2.0 jailbreak, there still isn’t a way to unlock a 3G phone. They’ve managed to do other things like downgrade a 3G to an older baseband firmware, which demonstrates their ability to bypass security checks and run unsigned code on the baseband. A nice side effect of all the downgrade work is that they’ve perfected the percautions they take to prevent bricking. The team has been following threads about using SIM proxy devices for unlocks as well, but concluded that the devices are a kludge at best and reliability can vary wildly depending on the phone’s location. They also pointed out the fine work that RiP Dev has been doing on Installer 4 which will help you install software that isn’t from the AppStore.

Oh, iPhone Dev Team, you are a hoot. It isn’t that you managed to jailbreak the iPhone 2.0 firmware on the day of its release, although we can’t help but smirk at that. It isn’t even that you revealed your handiwork in a playful way. We simply love that you expertly work us into a frenzy for the new jailbreak installer with few casual images and some aloof words. Now give us the installer before we get too antsy, please.

Not to be outshined, though, iFixit has posted a full iPhone 3G teardown, stripping away the sleek casing to feast on the goodness inside. They found some interesting changes from the last model: the glass screen, for example, is no longer glued to the LCD, which will no doubt make repairs less expensive. The battery is also unsoldered, meaning you won’t have to send the phone in for repair if the only battery needs maintenance.