Oculus Go VR Headset Gets Root Access, No Jailbreak Needed

October 21, 2021 by Donald Papp 16 Comments

The Oculus Go, Facebook’s first generation standalone VR headset, hit the market back in 2018 but it’s taken until now for owners to get an official unlocked OS build. The release was hinted at by former Oculus CTO John Carmack in a recent Tweet as something he had been pushing for years. This opens the hardware completely, allowing root access without the need for an unofficial jailbreak.

Oculus Go headset [image: WikiMedia Commons]

The Oculus Go is Android-based and has specifications that are not exactly cutting edge by VR standards, especially since head tracking is limited to three degrees of freedom (DoF). This makes it best suited to seated applications like media consumption. That said, it’s still a remarkable amount of integrated hardware that can be available for a low price on the secondary market. Official support for the Go ended in December 2020, and the ability to completely unlock the device is a positive step towards rescuing the hardware from semi-hoarded tech junk piles where it might otherwise simply gather dust.

When phone-based VR went the way of the dodo, millions of empty headsets went obsolete with it for a variety of reasons, but at least this way perfectly-good (if dated) hardware might still get some use in clever projects. Credit where credit is due; opening up root access to old but still perfectly functional hardware is the right thing to do, and it’s nice to see it happening.

Software Removes The Facebook From Facebook’s VR Headset (Mostly)

October 13, 2021 by Donald Papp 18 Comments

It’s not a jailbreak, but [basti564]’s Oculess software nevertheless allows one the option to remove telemetry and account dependencies from Facebook’s Oculus Quest VR headsets. It is not normally possible to use these devices without a valid Facebook account (or a legacy Oculus account in the case of the original Quest), so the ability to flip any kind of disconnect switch without bricking the hardware is a step forward, even if there are a few caveats to the process.

To be clear, the Quest devices still require normal activation and setup via a Facebook account. But once that initial activation is complete, Oculess allows one the option of disabling telemetry or completely disconnecting the headset from its Facebook account. Removing telemetry means that details about what apps are launched, how the device is used, and all other usage-related data is no longer sent to Facebook. Disconnecting will log the headset out of its account, but doing so means apps purchased from the store will no longer work and neither will factory-installed apps like Oculus TV or the Oculus web browser.

What will still work is the ability to sideload unsigned software, which are applications that are neither controlled nor distributed by Facebook. Sideloading isn’t on by default; it’s enabled by putting the headset into Developer Mode (a necessary step to installing Oculess in the first place, by the way.) There’s a fairly active scene around unsigned software for the Quest headsets, as evidenced by the existence of the alternate app store SideQuest.

Facebook’s control over their hardware and its walled-garden ecosystem continues to increase, but clearly there are people interested in putting the brakes on where they can. It’s possible the devices might see a full jailbreak someday, but even if so, what happens then?

PS2 Emulation On The Xbox Series S: A Story Of Walled Gardens

December 15, 2020 by Maya Posch 25 Comments

It’s hardly a secret any more at this point that today’s game consoles from Microsoft and Sony are essentially AMD gaming rigs packed up into a custom package and with tweaked system software. So it’s not too surprising that enterprising hackers got the Playstation 2 emulator of RetroArch running on an Xbox Series X|S game console despite Microsoft’s attempts to stop them. (Video, embedded below.)

It’s possible to sneak the RetroArch app past Microsoft’s security checkpoints by shelling out $19 for a Microsoft Developer Account, setting up Developer Mode on the XBox console, and getting the Universal Windows Platform (UWP) port of RetroArch from the official website. This has the advantage of it being a blessed-by-the-Redmond-gods approach. But one cannot play retail games in Developer Mode and large games due to a 2 GB limit.

More recently, a hacker by the name of [tunip3] found a flaw in the Xbox app distribution system which allows one to download a ‘retail’ version of RetroArch. This involves marking the RetroArch app as ‘private’, allowing it to skip a review by Microsoft. People whose email address is on a whitelist are then granted download permission for that app on their Xbox console. The advantage of this ‘retail’ approach is that it does not feature the 2 GB filesize limits. The disadvantage is that Microsoft is free to take the app down and ban [tunip3]’s developer account.

My Way Versus the Highway

A lot about this comes down to a simple question of ‘why?’. Why even jump through these hoops to set up a limited, possibly ToS-breaking emulator on what is ultimately a gaming PC running Windows 10? Why not use that Raspberry Pi 4 or NUC system that’s been giving you sad eyes for the past months from where it’s been stuffed into a dusty corner?

Continue reading “PS2 Emulation On The Xbox Series S: A Story Of Walled Gardens” →

As Facebook Tightens Their Grip On VR, Jailbreaking Looks More Likely

November 3, 2020 by Donald Papp 57 Comments

The Quest 2 wireless VR headset by Oculus was recently released, and improves on the one-and-a-half year old Quest mainly in terms of computing power and screen resolution. But Oculus is owned by Facebook, a fact that Facebook is increasingly keen on making very clear. The emerging scene is one that looks familiar: a successful hardware device, and a manufacturer that wants to keep users in a walled garden while fully controlling how the device can be used. Oculus started out very differently, but the writing has been on the wall for a while. Rooting and jailbreaking the Quest 2 seems inevitable, but what will happen then? Continue reading “As Facebook Tightens Their Grip On VR, Jailbreaking Looks More Likely” →

DMCA Review: Big Win For Right To Repair, Zero For Right To Tinker

October 26, 2018 by Elliot Williams 35 Comments

This year’s Digital Millennium Copyright Act (DMCA) triennial review (PDF, legalese) contained some great news. Particularly, breaking encryption in a product in order to repair it has been deemed legal, and a previous exemption for reverse engineering 3D printer firmware to use the filament of your choice has been broadened. The infosec community got some clarification on penetration testing, and video game librarians and archivists came away with a big win on server software for online games.

Moreover, the process to renew a previous exemption has been streamlined — one used to be required to reapply from scratch every three years and now an exemption will stand unless circumstances have changed significantly. These changes, along with recent rulings by the Supreme Court are signs that some of the worst excesses of the DMCA’s anti-circumvention clause are being walked back, twenty years after being enacted. We have to applaud these developments.

However, the new right to repair clause seems to be restricted to restoring the device in question to its original specifications; if you’d like to hack a new feature into something that you own, you’re still out of luck. And while this review was generally favorable of opening up technology to enable fair use, they didn’t approve Bunnie Huang’s petition to allow decryption of the encryption method used over HDMI cables, so building your own HDMI devices that display encrypted streams is still out. And the changes to the 3D printer filament exemption is a reminder of the patchwork nature of this whole affair: it still only applies to 3D printer filament and not other devices that attempt to enforce the use of proprietary feedstock. Wait, what?

Finally, the Library of Congress only has authority to decide which acts of reverse engineering constitute defeating anti-circumvention measures. This review does not address the tools and information necessary to do so. “Manufacture and provision of — or trafficking in — products and services designed for the purposes of circumvention…” are covered elsewhere in the code. So while you are now allowed decrypt your John Deere software to fix your tractor, it’s not yet clear that designing and selling an ECU-unlocking tool, or even e-mailing someone the decryption key, is legal.

Could we hope for more? Sure! But making laws in a country as large as the US is a balancing act among many different interests, and the Library of Congress’s ruling is laudably clear about how they reached their decisions. The ruling itself is worth a read if you want to dive in, but be prepared to be overwhelmed in apparent minutiae. Or save yourself a little time and read on — we’ve got the highlights from a hacker’s perspective.

Continue reading “DMCA Review: Big Win For Right To Repair, Zero For Right To Tinker” →

Kindle Tells The Time By Quoting Literature

August 1, 2018 by Sven Gregori 10 Comments

People love books, and if you’re anything like [tjaap]’s girlfriend, you may easily devour your eighty books and more a year. Maybe to keep better track of time during her reading sessions, her wish was to get a clock for the living room, so [tjaap] stepped up. Being a maker at heart, he decided to skip the ready-made options, and instead build one in the most fitting way imaginable: by displaying the time as literary quotes on a jailbroken Kindle.

Unlike your average word clock, [tjaap]’s literary clock displays (almost) every minute a different sentence that, in one form or another, contains the current time. Thanks to the internet, he didn’t have to compile the whole list of book quotes for each and every minute of the day by himself, but it still required some work to put it all in the form he needed. Eventually he had a script that converted each quote into an image, and a shell script on the Kindle to display them according to the time. As a bonus, the origin of the quote is displayed only optionally, turning the clock into a simple trivia quiz along the way.

It shows that themed, personalized clocks are always a great subject for a gift, just like the one made from analog meters we saw around Father’s Day.

Hacking When It Counts: Prison Locksmithing

November 10, 2017 by Dan Maloney 28 Comments

In 1978, Tim Jenkin was a man living on borrowed time, and he knew it. A white South African in his late 20s, he had been born into the apartheid system of brutally enforced racial segregation. By his own admission, he didn’t even realize in his youth that apartheid existed — it was just a part of his world. But while traveling abroad in the early 1970s he began to see the injustice of the South African political system, and spurred on by what he learned, he became an activist in the anti-apartheid underground.

Intent on righting the wrongs he saw in his homeland, he embarked on a year of training in London. He returned to South Africa as a propaganda agent with the mission to spread anti-apartheid news and information to black South Africans. His group’s distribution method of choice was a leaflet bomb, which used a small explosive charge to disperse African National Congress propaganda in public places. Given that the ANC was a banned organization, and that they were setting off explosives in a public place, even though they only had a few grams of gunpowder, it was inevitable that Jenkin would be caught. He and cohort Steven Lee were arrested, tried and convicted; Jenkin was sentenced to 12 years in prison, while Lee got eight.

Continue reading “Hacking When It Counts: Prison Locksmithing” →