One Kindle launcher to rule them

kindle-launcher

Ask around and chances are you can find a friend or family member that still has their early generation Kindle but doesn’t use it anymore. There are quite a number of different things you can do with them, and now there’s a single Launcher that works for all models of hacked Kindles. KUAL is the Kindle Unified Application Launcher.

Loading the launcher on your device does require that it be Jailbroken/Rooted, but that’s really the entire point, right? Once on your device the system is easy to configure. Menus themselves can be customized by editing the XML and JSON pair for each list. The screenshot on the left illustrates some of the applications you might want to run. We could see a VNC viewer being useful, and everyone likes to have games — like Doom II or the entire Z-machine library — on hand when they unexpectedly get stuck somewhere. But MPlayer? Does anyone actually use their ePaper device to watch videos?

Getting root on a Sony TV

The Sony Bravia series of HDTVs are a great piece of kit; they’re nice displays that usually have enough inputs for the craziest home theatre setups. These TVs also run Linux, but until now we haven’t seen anything that capitalizes on the fact these displays are wall-mounted Linux boxen. [Sam] sent in an exploit to root any Bravia TV – hopefully the first step towards replacing our home media server.

The exploit itself is a regular buffer overflow initialized by a Python script. The script sets up a Telnet server on any Sony Bravia with a USB port, and provides complete root access. [Sam] was able to get a Debian install running off a USB drive and all the Debian programs run correctly.

If you have a Bravia you’d like to test [Sam]‘s script on, you’ll need a USB network adapter for the TV and a Telnet client to explore your TV’s file system. Right now there’s not much to do with a rooted Bravia, but at least now running XMBC or other media server on a TV is possible.

If anyone would like to start porting XMBC to a Bravia TV, [Sam] says he’s more than willing to help out. We’re not aware of any HDTV modding communities on the Internet, so if you’re part of one post a link in the comments.

Petition for DMCA exemptions regarding Rooting/unlocking gadgets

So you’ve been rooting devices eh? If you get caught you’re headed for the big house, the lockup, the pen, the joint, they’ll send you up the river, you better be careful! Seriously though, if you buy a device and circumvent the security features should that in itself be breaking the law? We’re not talking about stealing intellectual property, like playing copied games on a chipped system (yeah, that’s stealing). We mean unlocking a device so that you can use it for what you wish. Be it your own prototyping, or running open-source applications. Unfortunately if the current Digital Millennium Copyright Act exemptions expire it will be a crime.

Thankfully, [Bunnie] is doing something about this. You may remember him as the guy that found most of the ridiculous security holes in the original Xbox, or the brain behind the Chumby. Now’s he’s got an online petition where your voice can be heard. Speak up and let the US politicians know why unlocking a device isn’t a crime.

[via Twitter]

How the Kindle Touch jailbreak was discovered

The Kindle Touch has been rooted! There’s a proof video embedded after the break, but the best part about this discovery is that [Yifan Lu] wrote in-depth about how he discovered and exploited a security hole in the device.

The process begins by getting a dump of the firmware. If you remove the case it’s not hard to find the serial port on the board, which he did. But by that time someone else had already dumped the image and uploaded it. We guess you could say that [Yifan] was shocked by what he found in the disassembly. This a ground-up rewrite compared to past Kindle devices and it seems there’s a lot to be hacked. The bootloader is not locked, but messing around with that is a good way to brick the device. The Javascript, which is the language used for the UI, is not obfuscated and Amazon included many hooks for later plugins. Long story short, hacks for previous Kindles won’t work here, but it should be easy to reverse engineer the software and write new ones.

Gaining access to the device is as easy as injecting some HTML code into the UI. It is then run by the device as root (no kidding!). [Yifan] grabbed an MP3 file, changed its tag information to the HTML attack code, then played the file on the device to exploit the flaw. How long before malicious data from illegally downloaded MP3 files ends up blanking the root file system on one of these?

[Read more...]

Wii homebrew hack – no game discs required

Jailbreaking hacks have come and gone for the Wii, ever changing as Nintendo tweaks their software to prevent homebrew from running. Piracy concerns aside, there is a legitimate Wii homebrew scene, and a  new, easy to use tool has been released for those looking to give it a try.

Many of the previous jailbreaks relied on bugs found within official Wii games, but there’s a new kid on the block that requires nothing more than an Internet connection and an SD card. LetterBomb is the latest jailbreaking tool, which was created by an individual named [blasty]. It seems incredibly easy to use, requiring little more than entering your Wii’s MAC address into a web form. The site generates a customized jailbreak file, which your run on your Wii via the SD card – that’s all there is to it!

If I had a Wii, I would be hesitant to enter any sort of globally-unique number that could identify my console into a random web site, but perhaps I am being overly paranoid. Either way, it would be great to see an open-source version of this tool released so that jailbreaks could be done offline, without any risk of having your MAC address recorded.

[Thanks, blurry]

Hacking LG’s Netcast

netcast_hack

LG released a line of Internet-connected TVs in both the US and Europe that utilize Yahoo TV widgets to bring interactive content to the living room. While it sounds like a great idea in theory, users have been disappointed to find that LG has approved a measly 15 widgets since the TVs were released.

OpenLGTV.org.ru user [xeros] has started working on a project that aims to enable more useful content as well as homebrew widgets. The project is known as OpenLGTV BCM, and not only covers LG television sets, but all sets based on the Broadcom platform.

A ton of progress has been made already, as they have been able to install their own busybox environment as well as open the sets to accept more widgets via some clever signature spoofing. The ultimate goal for the project is to completely divorce the sets from the Yahoo platform and replace it with their own open marketplace.

It’s a great start, and we can’t wait to see what sort of progress they make as time goes on.

[Thanks, T]

Sony Ericsson promotes Android bootloader unlocking

Sony Ericsson recently added a new section to their developer world portal called Unlocking the boot loader. They provide all the information and tools needed to root some of their newer Android phones.

Of course, this information comes from Sony Ericsson dripping with warnings, disclaimers and warranty-voiding rhetoric. Once you’ve waded through all of that, you’ll have to enter your phone’s IMEI number, your name and email address in order to get your phone’s unique bootloader unlock key. Here’s hoping they don’t use the form information to instantly void warranties.

Unlocking doesn’t come without consequences, but from UI tweaks and performance improvements to custom apps and tethering, there are probably more reasons to unlock your Android device than there are reasons to leave it alone. In an age where people are making a fuss about companies adding stumbling blocks for would-be jailbreakers, it’s good to see that at least one of them is doing what they can to help hackers take the plunge. Anyone want to clear up why Sony Ericsson feels like supporting hackers but Sony sues people for doing similar things on the ps3?

Thanks to [flip] | remixed image credit (cc by-sa 2.0): [taka@p.p.r.s]