[Steven Troughton-Smith] figured out how to push signed firmware through to the iPod Nano 6g. This is accomplished by modifying iRecovery to recognize the device on the USB after forcing a recovery mode reboot. So no, this doesn’t mean that it has been cracked since it checks the firmware you push and reboots if it’s not approved. But if you can figure out how to craft a custom image that passes the check you can call yourself a jailbreak author.
Continue reading “iPod nano 6g closer to being cracked”
[Rossum] developed a host board that makes it easy to drive a TFT screen using an inexpensive microcontroller. He’s looked around at a bunch of LCD’s that are easy to get your hands on and decided that the iPod Nano 2G screens are the right balance of performance (176×132 TFT) and low cost ($1-$5). They’re not particularly difficult to talk to, but with 22 pins they’re a bit hardware hungry.
He takes us through the signal sniffing he used to figure out the communications process. From there he harness the power of an ARM Cortex M0 processor, which he’s worked with in the past, to drive the screen. His implementation results in a driver board called the SmartLCD that takes care of the screen’s parallel protocol, power, and backlight. From there it’s just four connections and you can use a small microcontroller like the Arduino seen above with ease. See what it can do after the break.
Continue reading “SmartLCD makes video for microcontrollers easy”
If you’ve been waiting in the wings for the next Jailbreak to be release you should know there’s been a bit of a speed bump. [ChronicDevTeam], which has been working on an exploit for A4-based iOS devices called SHAtter, tweeted last Thursday that the fully tested, untethered, and unpatchable package knows as greenpois0n would be released today. But on Friday [Geohot], who you may remember from the PlayStation 3 Hypervisor exploit, rolled out his own mostly untested and admittedly beta jailbreak called limera1n.
So where does that leave the situation? Because [geohot] used a different exploit, the [ChronicDevTeam] decided not to release greenp0ison. If they did, it would give Apple a chance to block two different exploits. Instead they are working feverishly to incorporate, test, and repackage using the same exploit as limera1n.
If you don’t want to wait, jailbreak now, but you risk problems with an unstable exploit method that is only available for Windows.
The newest member of the PS3 jailbreaking tool crowd is the iPod family. More specifically, iPods running the open source media firmware Rockbox. Even better news, theoretically it should be possible to use this same method on any MP3 player running the Rockbox software. Right now the exploit package only works on select generations of the iPod Nano and iPod Classic line, but if the trend set by the PSX-scene forums continues, it would be worth checking back in the near future if your device is not already supported. Thanks to [shuffle2] for providing the hack, and [DanAdamKOF] for the heads up.
If Apple isn’t your device of choice, you can also check out some of your other jailbreaking options.
[Dave] pulled the head unit out of his dashboard to add an iPod input. He took a much more invasive route than the other hack we saw a few days ago. He actually patched into the audio lines going from the Dolby reader head chip to the amplifier.
The first step was to trick the deck into thinking it had a cassette inserted. He scoped an enable pin on one of the chips to discover the timing and emulated that signal using a PIC microprocessor. From there he popped off the chip that reads the tape data, patching directly into the audio out traces. This presented some noise issues when charging the iPod but [Dave] fixed that with some decoupling capacitors.
[Thomas] found a paper from 2006 that describes using the Nike + iPod system as inexpensive tracking devices. Yep, it’s old as dirt but we think it’s fascinating reading! [Scott Saponas] and his fellow authors take a hard look at the lack of security in the system in a twelve-page PDF. They cover several different ways to capture and track one of the $29 tags in someone’s shoe, including using the Gumstix reader above, or a slightly modified 3G iPod. If the sensors are not removed or manually switched off when not in use they can be picked up by any RF reader within range. Because the tags are cheap and available, one could be planted on an unsuspecting victim James-Bond-style. Maybe this is what prompted Apple’s half-hearted attempt to restrict hacking the devices to do things like unlock doors.
Of course if you don’t want to do the reading you could download their video presentation or just stream it.
Ah, the heady aroma of damp engineers! It’s raining in Silicon Valley, where the 2010 Embedded Systems Conference is getting off the ground at San Jose’s McEnery Convention Center.
ESC is primarily an industry event. In the past there’s been some lighter fare such as Parallax, Inc. representing the hobbyist market and giant robot giraffes walking the expo. With the economy now turned sour, the show floor lately is just a bit smaller and the focus more businesslike. Still, nestled between components intended to sell by the millions and oscilloscopes costing more than some cars, one can still find a few nifty technology products well within the budget of most Hack a Day readers, along with a few good classic hacks and tech demos…
Continue reading “Report from ESC Silicon Valley 2010″