unbricking

3 Articles

Photo of the back of a slingbox appliance, with ports shown and arrows going to them describing what each of the ports does.

Slingbox Getting Bricked – You Have Less Than 24 Hours

November 8, 2022 by 41 Comments

The Slingbox devices used to let you catch up with the programming on your TV when you weren’t near it, using your Internet-connected mobile device. As cable TV became less popular, their business model faded away, and in 2020, they scheduled a service shutdown for November 9th, 2022. If you own a Slingbox, it’s getting bricked tomorrow – for those reading this in EU, that’ll be today, even. Do you have a Slingbox? You might still be able to repurpose it, let’s say, for local media streaming – but only if you waste no time.

[Gerry Dubois] has been developing the “Slinger” software for the past few months, a small app you run locally that proxies commands and video for your Slingbox, thanks to reverse-engineering communications with Slingbox servers. However, it needs a “hardware password” alphanumeric string, that you need to get from the Slingbox service web interface – which is to be promptly shut down. If you think you might have a use for what’s essentially a network-connected analog/digital video capture card with decent hardware, the GitHub repo has a lively discussion tab for any questions you might have.

One one hand, Slingbox shouldn’t be bricking the devices in a way that requires you act fast – perhaps, releasing a final update that makes the device hacker-friendly, like O2 did with their Joggler appliance back in the day, publishing the hardware documentation, or at least setting up a service up that lets anyone retrieve their hardware password indefinitely. On the other hand, at least they gave us two years’ notice, something less than usual – the amount of time between bricking and an announcement can even be a negative number. For those of us stuck with no operational device, a hardware exploration might be in order – for instance, we’ve torn down the Sling Adapter and even ran simple custom code on it!

Bricked Intel Tablet Lives Again

May 17, 2016 by 51 Comments

We’ve probably all taken a look at the rash of cheap Intel-Atom-based tablet computers and wondered whether therein lies an inexpensive route to a portable PC. Such limited hardware laden down with a full-fat Windows installation fails to shine, but maybe if we could get a higher-performance OS on there it could be a useful piece of kit.

[donothingloop] has an Intel tablet, a TrekStore Wintron 7, bought for the princely sum of $60. Windows 10 didn’t excite him, so he decided to put Ubuntu on it, or more specifically to put Ubuntu on an SD card to try it on the Wintron before overwriting the Windows installation. His problem with that was a bug in the Baytrail Atom chipset which limits the speed of SD card access and made Ubuntu very slow, and in trying to fix the speed issue he managed to disable a setting in the BIOS which had the effect of bricking the machine. A show-stopper when the BIOS is in a tiny SPI Flash chip and can’t be wiped or restored.

What followed was an epic of desoldering the BIOS chip and reflashing it, though that description makes the process sound deceptively easy. The specification says it is a 1.8V device, so after attempts to flash it using an ESP8266 and then a home-made level-shifter failed, he was stumped. With nothing but a cheap tablet to lose, he tried the chip in a 3.3V programmer, and to his amazement despite the significant overvoltage, it survived. Resoldering the chip to the motherboard presented him with a working tablet that would live to fight another day.

We’d have said that this work might reside in the “Don’t try this at home” category, but since Hackaday readers are exactly the kind of people who do try this kind of thing at home it’s interesting and reassuring to see that it can be done, and to see how someone else did it. A tablet that can be bricked through a mere BIOS setting though is something a manufacturer should be ashamed of.

We like unbricking stories here at Hackaday, something about winning against the odds appeals to us. In the past we’ve covered Blu-ray drives crippled by dodgy DRM and routers rescued with a Raspberry Pi, but the crown has to be taken by the phone rescued with a resistor made using paperclips and pencil lead.

Unbricking A BluRay Drive

September 8, 2014 by 79 Comments

All BluRay player, devices, and drives contain a key that unlocks the encryption and DRM present on BluRay discs. Since 2007, the consortium responsible for this DRM scheme has been pushing updates and revocation lists on individual BluRay releases. Putting one of these discs in your drive will brick the device, and this is the situation [stephen] found himself in when he tried to watch Machete Kills. Not wanting to update his software, he searched for a better solution to unbrick his drive.

Every time [stephen] played or ripped a disc, the software he was using passed a key to the drive. This key was compared to the revocation list present on the drive. When a match was found, the drive bricked itself. Figuring the revocation list must be stored on a chip in the device, [stephen] broke out the screwdriver and started looking around inside the drive.

There aren’t many chips inside a modern BluRay drive, but [stephen] did manage to find a few Flash chips. These Flash chips can be dumped to a computer using a BusPirate, and comparing the dump to a publicly available ‘Host Revocation List Record’, [stephen] was able to find the location on the Flash chip that contained the revocation list.

The next task was to replace the revocation list currently on the drive with an earlier one that wouldn’t brick his drive. [stephen]’s MakeMKV install made this very easy, as it keeps a record of all the revocation lists it runs across. Updating the Flash in the drive with this old list unbricked the drive.

This is only a temporary fix, as [stephen] still can’t put a new disc in the drive. A permanent fix would involve write protecting the Flash and preventing the drive from ever updating the revocation list again. This would be a very complex firmware hack, and [stephen] doesn’t even know what architecture the controller uses. Still, the drive works, saved from terrible DRM.