So you’ve been rooting devices eh? If you get caught you’re headed for the big house, the lockup, the pen, the joint, they’ll send you up the river, you better be careful! Seriously though, if you buy a device and circumvent the security features should that in itself be breaking the law? We’re not talking about stealing intellectual property, like playing copied games on a chipped system (yeah, that’s stealing). We mean unlocking a device so that you can use it for what you wish. Be it your own prototyping, or running open-source applications. Unfortunately if the current Digital Millennium Copyright Act exemptions expire it will be a crime.

Thankfully, [Bunnie] is doing something about this. You may remember him as the guy that found most of the ridiculous security holes in the original Xbox, or the brain behind the Chumby. Now’s he’s got an online petition where your voice can be heard. Speak up and let the US politicians know why unlocking a device isn’t a crime.

[via Twitter]

[Kubbur87] put together a guide to replacing the Non-touch Kindle 4 screensavers with your own images. We’ve already seen a way to remove the Special Offers banners from the newest version of Kindle Hardware, this hack lets you use your own 600×800 Portable Network Graphics (.png) file instead of the images pushed to the device by Amazon.

Frankly, we’re shocked at how easy this hack is. [Kubbur87] puts the device into developer mode, enables SSH, and then goes to work on the Linux shell within. It seems the only line of protection is the root password which he somehow acquired.

After the break you’ll find his videos which show how to enable developer mode and how to perform this hack. By putting a file named “ENABLE_DIAGS” with no extension on the device when it is recognized as a USB storage device you’ll gain access to the diagnostic menu system. From there it’s just a matter of cruising that menu to get SSH access. Like we said, you’ll need the root password, that that’s as easy as naming your favorite video game character from the 1980′s.

Getting into developer mode:

Replacing the screensavers:

[Chris'] family made the mistake of giving him a hackable Christmas gift. We’d bet they didn’t see much of him for the rest of the day as he set about rooting this Android wristwatch.

This thing has some pretty powerful hardware under the hood. It’s sporting an OMAP3 processor running at 600 MHz along with 256 MB of RAM. [Chris] needed to get his hands on a firmware image in order to look for security holes. He found a way to spoof the update application in order to intercept an upgrade image from the Internet.

He dumped the firmware locations and got to work searching for a way to exploit the device. Details are a bit scarce about want exactly he did, but you can download his modified image, letting you root your own Motorola Actv using the Android Debug Bridge.

We’ve embedded a demo video after the break. The OS is pretty snappy on the tiny device. We’re not sure what will come of this functionality, but we assume [Chris] was really only interested in the challenge of rooting process itself.

The Kindle Touch has been rooted! There’s a proof video embedded after the break, but the best part about this discovery is that [Yifan Lu] wrote in-depth about how he discovered and exploited a security hole in the device.

The process begins by getting a dump of the firmware. If you remove the case it’s not hard to find the serial port on the board, which he did. But by that time someone else had already dumped the image and uploaded it. We guess you could say that [Yifan] was shocked by what he found in the disassembly. This a ground-up rewrite compared to past Kindle devices and it seems there’s a lot to be hacked. The bootloader is not locked, but messing around with that is a good way to brick the device. The Javascript, which is the language used for the UI, is not obfuscated and Amazon included many hooks for later plugins. Long story short, hacks for previous Kindles won’t work here, but it should be easy to reverse engineer the software and write new ones.

Gaining access to the device is as easy as injecting some HTML code into the UI. It is then run by the device as root (no kidding!). [Yifan] grabbed an MP3 file, changed its tag information to the HTML attack code, then played the file on the device to exploit the flaw. How long before malicious data from illegally downloaded MP3 files ends up blanking the root file system on one of these?

[via Reddit]

Amazon’s new tablet reader, the Kindle Fire has been rooted. Early this morning [Death2All110] posted the steps he took to gain root access to his device (which is so fresh out of the box it still smells new). The heavy lifting is done by a package called SuperOneClick which aims to root all manner of phones and devices running Android.

There’s a bit more than the one click necessary, but not by much. Using the Android Developer Bridge in conjunction with the SDK you need to put in a value that will be recognized as the VID. From there, turn on the ability to install apps from unknown developers, re-enumerate the device on your PC and run the one-click package.

What can you do with this? Well, it completely opens up the Android OS so that you can bend it to your will. We haven’t seen any demonstrations yet, but it should be even better than what we saw done with the Sony PRS-T1.

[Addictive Tips via Reddit]

Cries of “I am root!” abound once again with the rooting of Sony’s PRS-T1 eBook reader. The eBook Reader Blog took the original rooting directions and then looked at some of the things you can do with root access.

This hardware is based around an ePaper display, but we must say that the performance seems to be fantastic. There may be a few missing features from the original user interface (like how pages are turned) that can be fixed with root access, but we think it’s the added Android access that makes this worth it. In the video after the break you’ll see that you can drop through to the Android 2.2 desktop and install any application you’re interested in using. This is a multi-touch display so it’s well suited for navigation although applications don’t work well yet because of excessive screen refreshing. But we’re sure that will improve with time. Of note is the ability to play music through apps like Pandora, and the ability to load content from other providers like Amazon books via the Kindle app.

Every time we write one of these rooted features we can’t help but think back to this I’m a Mac spoof video…. you’ll see why in the last few seconds.

[Thanks Nathan]

Apparently Verizon customers are expected to pay for a second data plan if they want to be allowed to use a cellphone as a mobile hotspot. This means one data plan for the phone, and a second for the tethering. [DroidBionicRoot] thinks this is a little silly since there is already a data cap on the phone’s plan. But he’s found a way around it if you don’t mind rooting the phone to enable free tethering.

Not surprisingly it’s a very simple alteration. The phone is already capable of tethering, to enable the feature without Verizon’s permission just edit one database value. In the video after the break, [DroidBionicRoot] starts the process with a rooted Droid Bionic handset. He purchases an app for $2.99 which allows him to edit SQL databases on the handset. From there he navigates to the ‘Settings Storage’ database and changes the ‘entitlement_check’ key value to 0. Reboot the phone and tethering is now unlocked.

[Thanks Max]

[Shawn] emailed us some pictures and a description of his latest hack. He cracked open a Rosewill RXS-3211 IP Camera because the output of the web interface made him certain that it was running Linux and he wanted to unlock some more potential from the device. These cameras are used for security, and offer a browser-based interface via a WiFi connection. After studying the circuit board he started poking around an unpopulated set of four pads and managed to get a serial connection up and running. The device’s serial terminal operates at 115200 baud using eight data bits, one stop bit, and even parity.

He wonder where to go from here and we have a few ideas. You can see in the terminal readout above that it announces when motion is detected. We think this motion detection would be quite useful with a small rover while adding live video broadcasting at the same time. An embedded Linux system should be able to interface with the device and we think that a bit of creative coding would open up the WiFi connection for other use as well. Not bad for a module that can be had for as little as $29. We’ve included all the images [Shawn] sent us after the break and we’d love to hear your thoughts on what you’d use this for in the comments.

Sony Ericsson recently added a new section to their developer world portal called Unlocking the boot loader. They provide all the information and tools needed to root some of their newer Android phones.

Of course, this information comes from Sony Ericsson dripping with warnings, disclaimers and warranty-voiding rhetoric. Once you’ve waded through all of that, you’ll have to enter your phone’s IMEI number, your name and email address in order to get your phone’s unique bootloader unlock key. Here’s hoping they don’t use the form information to instantly void warranties.

Unlocking doesn’t come without consequences, but from UI tweaks and performance improvements to custom apps and tethering, there are probably more reasons to unlock your Android device than there are reasons to leave it alone. In an age where people are making a fuss about companies adding stumbling blocks for would-be jailbreakers, it’s good to see that at least one of them is doing what they can to help hackers take the plunge. Anyone want to clear up why Sony Ericsson feels like supporting hackers but Sony sues people for doing similar things on the ps3?

Thanks to [flip] | remixed image credit (cc by-sa 2.0): [taka@p.p.r.s]

[Deeper-blue] has released all the files necessary to get Android honeycomb working on your nook color. We had a chance to play with the nook color for a bit, but ours was only on Android version 2.1. It seems like they’ve come a long way with the capabilities of this simple e-reader since then.  While he’s built out the majority of the features, it is still lacking some fundamentals, like sound. As you can see in the video after the break, the scrolling is a tiny bit choppy but the applications themselves see to be fairly snappy. We can’t wait to see how this works after a little improvement.

[via engadget]

Nookdevs have released information on how to root your nook color. So naturally, I had to run out and get one.  Who doesn’t want a multitouch android tablet for $250?  The instructions for rooting are extremely simple. You really only need microSD card and a Linux/Windows/Mac computer to connect to.  After rooting, your nook will work exactly as it did before, but you can now install android applications on it.  Many applications are built for a phone that has more physical buttons, so I have run into some issues, but over all, the applications that work tend to work well.

Join me after the break for more thoughts, a video of it in action, and a few pictures.

The specs are decent, with a 1024×600 screen, 8GB internal storage with microSD expansion slot, wifi, and an 800MHz ARM A8 processor. As you can see in the last picture, the viewing angle on the screen is fantastic. The battery probably won’t last the advertised 8 hours playing games, but I haven’t had to charge it yet and it has been playing music, browsing the web, and amusing children for about 24 hours now.

Installing software is a bit of a pain. You can’t install things directly from android stores online through the device yet. Instead, you have to search the web for the .apk file to download then install it via the command line on your computer. This can be a pain because the .apk files are rarely labelled with which release they are, so I’ve gotten a few older versions of software that simply wouldn’t work even though I’ve seen them working in other youtube videos.  So far I’ve gotten decent use out of the Dolphin browser, Google Maps, Pandora, and Angry birds.  I wouldn’t be surprised to see torrents popping up with bunches of tested applications for nook. hint. hint.

Removing applications can be a pain too. The theory is easy, you open the console and view what files are installed, then issue a simple command to remove the one you want. However, they don’t necessarily install with an obvious file name. For example, I installed google voice search. Realizing I don’t have a microphone, I went to remove it. However, there are several files labelled google and none have the word voice. How do I know which one it is? A quick google search would probably find me the answer, but I can’t wait till I can just drag the icon to the trash can.

Over all, I can’t wait to see how much better this gets. If I could install software from the android stores I find online, have flash, and remove applications easier, I’d be very happy.

The g2 has finally been rooted. Even though a temporary root exploit was found shortly after the phones release, a NAND lock prevented modifying the non-volatile RAM for a permanent root. Some controversy surrounded the g2 when it was erroneously thought to have a rootkit protecting the OS.  Supposedly the rootkit would watch for changes to the file system and then reset the phone to default settings when any unauthorized changes were made.  On the other hand a NAND lock functions by fooling the operating system into thinking there isn’t any memory available, essentially “locking” the memory in key areas.  Once it was discovered to have the NAND lock it was only a matter of time before the g2 was permanently rooted.  NAND locks have become a popular (and unsuccessful) deterrent employed by device makers to stop the jailbreaking comunity.  While this exploit is nothing groundbreaking it is another notch in the belt for the jailbreaking community and a welcome benefit to g2 users.

That is a blurry image of a Barnes & Noble Nook eReader stuck in an infinite reboot loop. This is the result of trying to downgrade the firmware to 1.0 in preparation to soft-root the device. So after a few failures the device will recover itself, right? It doesn’t look that way. No problem, don’t you just pop it open and re-write the OS to the SD card inside to do a hardware root? Nope, it looks like the newest hardware revision has replaced that convenient SD card with a memory chip.

For now it’s a brick, but we’re sure there will soon be a way to fix this. A bit of solder, some wires, and a reflash should work much in the same way an EEPROM recovery does. That is, if you have an original image to work with.

So for now, be careful not to attempt to root your nook if the serial number starts with 1003.

[Thanks Ken]

[Birdman] has managed to push a custom recovery image to the DroidX. This previously impossible action opens the doors to all kinds of fun hacking. While you can’t just drop a custom Rom on the phone right now, this is the first step in making that happen. You can find the directions in the post, but they’ve got a while to go before they become as easy as something like a jailbreak.

[via phandroid]

[Sven Killig] Has managed to get his Nexus One into USB host mode. This allows him to plug in all kinds of peripherals such as web cams, keyboards, even a displaylink unit. This is fantastic as it really opens up the possibilities of this device. You can see that he now has an amazingly functional and portable system running. He mentions that it is pretty stable unless he runs big programs, we wonder if he has added any RAM to it. It is worth noting that the Droid can be USB host as well.