5,606,347 Members 33,373 Now Online
XDA Developers Android and Mobile Development Forum

[Bounty] cracked bootloader - 7" [$475]

Tip us?
 
richardpwnsner
Old
(Last edited by richardpwnsner; 11th March 2014 at 11:05 PM.)
#51  
Member
Thanks Meter 19
Posts: 32
Join Date: Jan 2013
Quote:
Originally Posted by murso74 View Post
I'm hesitant to add the 8.9 to the bounty, or to add a time frame. I think you guys may be better off starting a new thread for that. We don't know if what works for one size will work for the other

Sent from my XT1058 using Tapatalk

I'll bedazzle something leather with 'Code Princess'.

Edit: for the 8.9. Don't want a stampede.
 
GSLEON3
Old
#52  
GSLEON3's Avatar
Retired Senior Moderator
Thanks Meter 1147
Posts: 2,273
Join Date: Dec 2006
Location: McKinney, Texas

 
DONATE TO ME
Quote:
Originally Posted by murso74 View Post
I'm hesitant to add the 8.9 to the bounty, or to add a time frame. I think you guys may be better off starting a new thread for that. We don't know if what works for one size will work for the other

Sent from my XT1058 using Tapatalk
From my research, I can tell you that if it works for the HDX7, it will work for the HDX8,9, albeit with some minor alterations to address space, etc.

I think I have found a way to retain the signature while modifying the update bin. I plan on testing it this weekend & if things go well, then I'll push it out to a small group for more testing. Even though I use a HDX8.9, the initial file will be for the HDX7, since the 7" model is the only one in the house that both runs the newer firmware & is not rooted. I have to wait because it is not mine & I won't have access to it till this weekend. I am running 14.3.2.1 rooted on my 8.9 & unable to test the method on it since I use it daily & require certain root & system level modifications for work. Once I know it works on the 7", then I will update it for the 8.9 & test it personally. I just can't justify the loss of root on the 8,.9 atm, particularly with the ig... well never mind that.


At any rate, this still will not be an unlocked bootloader & is likely only be a temporary work-around until the next update, unless you modify the build.prop & never update again.
Ingress Resistance - Rainbow6


Click HERE to buy me a cheeseburger if I helped you! Or even better, find a charity or local family fighting childhood cancer & help out however you can!

A brief & incomplete timeline of my love affair with mobile technology:

 
The Following 4 Users Say Thank You to GSLEON3 For This Useful Post: [ Click to Expand ]
 
cf9182
Old
#53  
Member
Thanks Meter 2
Posts: 37
Join Date: Oct 2010
Quote:
Originally Posted by GSLEON3 View Post
....is likely only be a temporary work-around until the next update, unless you modify the build.prop & never update again.
Do you still have access to amazon services and videos on your 8.9 since you are rooted and not updated? I donated a beer to you the other day for your work on the first root/helping some not get unrooted. Unfortunately, I was updated prior to reading your posts about it. Get me rooted again, however temporary, and I'll buy you dinner!
 
Sj12345
Old
#54  
Junior Member
Thanks Meter 2
Posts: 17
Join Date: May 2012
Quote:
Originally Posted by GSLEON3 View Post
From my research, I can tell you that if it works for the HDX7, it will work for the HDX8,9, albeit with some minor alterations to address space, etc.



I think I have found a way to retain the signature while modifying the update bin. I plan on testing it this weekend & if things go well, then I'll push it out to a small group for more testing. Even though I use a HDX8.9, the initial file will be for the HDX7, since the 7" model is the only one in the house that both runs the newer firmware & is not rooted. I have to wait because it is not mine & I won't have access to it till this weekend. I am running 14.3.2.1 rooted on my 8.9 & unable to test the method on it since I use it daily & require certain root & system level modifications for work. Once I know it works on the 7", then I will update it for the 8.9 & test it personally. I just can't justify the loss of root on the 8,.9 atm, particularly with the ig... well never mind that.

So if that is possible, Might you make a .bin file containing the root and working gapps ?

Well, I have a KFHDX unopened, still no root no update
The Following 2 Users Say Thank You to Sj12345 For This Useful Post: [ Click to Expand ]
 
Tomen8r
Old
#55  
Member
Thanks Meter 6
Posts: 42
Join Date: Jul 2012
Location: New England
Quote:
Originally Posted by Sj12345 View Post
So if that is possible, Might you make a .bin file containing the root and working gapps ?

Well, I have a KFHDX unopened, still no root no update
I have an updated 8.9 and would be willing to help test.
 
PariahNine
Old
#56  
Junior Member
Thanks Meter 7
Posts: 9
Join Date: Sep 2009
I have a guy that's willing to tackle the project, but he doesn't have access to the device nor the funds to purchase one. He did some amazing work on the Toshiba Thrive, making it a viable device well beyond its shelf life.

Sent from my Nexus 5 using Tapatalk
The Following User Says Thank You to PariahNine For This Useful Post: [ Click to Expand ]
 
eldecanopy
Old
#57  
eldecanopy's Avatar
Senior Member
Thanks Meter 23
Posts: 212
Join Date: Nov 2011
Location: Asunción
15$ for 8.9''

Enviado desde mi KFAPWI mediante Tapatalk
_______________________

Nexus 5
_______________________
The Following User Says Thank You to eldecanopy For This Useful Post: [ Click to Expand ]
 
S_transform
Old
#58  
Member
Thanks Meter 12
Posts: 64
Join Date: Oct 2012
Quote:
Originally Posted by PariahNine View Post
I have a guy that's willing to tackle the project, but he doesn't have access to the device nor the funds to purchase one. He did some amazing work on the Toshiba Thrive, making it a viable device well beyond its shelf life.

Sent from my Nexus 5 using Tapatalk
I find this interesting. Is there any way you could point him towards this forum, maybe make a post in the Q&A section. I would be interested in helping fund getting him an hdx if he's truly up to it.
 
fattire
Old
#59  
fattire's Avatar
Recognized Developer
Thanks Meter 4371
Posts: 1,517
Join Date: Oct 2010
Info 2 Why there is no fix (yet) (and how you can look for one)...

Quote:
Originally Posted by wiseguyy View Post
I dont get why devs aren't on this tablet. With such great specs and potential for cm and a hefty cash incentive it boggles my mind. Near every chincy android phone gets cracked and Im sitting here dumbfounded as to why someone wont take the leap.
Quote:
Originally Posted by Faznx92 View Post
Hashcode said he's sure the bootloader is patched up well. Perhaps in a year or two? Hopefully sooner if ever.
FYI: Hashcode, verygreen,and I went through the bootloader source like maybe 5 months ago when it first dropped, and it appeared to be locked up pretty tight. We revisited it a few weeks ago just kind of cursorily and nothing new popped out. This is the third generation of Kindles, and Amazon has learned a lot from two previous releases-- version one didn't lock the bootloader at all, then the HDs did, but I happened to notice some unverified header input (below), and indeed it was born out by Hashcode & verygreen who could actually try it. The HDXs are the third round of kindles, and they did a MUCH more diabolical job restricting your freedom to use your own hardware w/all kinds of "improvements" (or as I see them, new flaws)... That's not to say there isn't something to be found, but it's not as obvious as it was for other locked devices I've in some way been involved with (cited here for historical reference):
  • The Nook Tablet - (Bawks' discovery) about an unchecked memory address. He posted some working code, which I enhanced a bit w/ a menu'd fork of uboot, Cyanoboot.
  • The Nook HD/HD+ (I noticed this whoopsie that was confirmed/exploited by verygreen-- though he later found a second, better solution, really a variation of bawks' discovery)
  • Kindle 2 + 7"/8.9" HDs (unverified input found by me, implementation by Hashcode w/help from Verygreen).
Funny thing is, I've never actually bought or even used any of those devices.

I can't imagine any bounty will make any difference as that's not really why people look for these "holes" -- though I consider them more "bug fixes" than "exploits" as any locked bootloader should be seen as bug-ridden and flawed. We've had a lot of discussions about how much effort to put into locked bootloaders. People shouldn't buy devices with them just expecting them to be magically unlocked. I'd rather discourage people from buying them in the first place (I never have), so speaking for myself it isn't worth spending time on a one-sided arms race. I sure as hell am not buying any Kindle anything so long as it's shıtty like that. Even worse, Intel is getting into this .😱. Makes me wanna puke.

In the meantime, Hashcode has his safestrap stuff as a workaround. I assume it's still working.

Anyone who feels adventurous: the bootloader source code for the Kindle HDX is as mentioned here. It's been five months since I really looked at this, but if I remember right, the general process of booting from emmc, that is, the steps it takes when it starts, is around here. The boot image verification stuff is here. Crypto/verification-related headers like image_verify.h are here. If I remember right, the master boot record itself is signed, as I think is partition schemes, etc... And Hashcode had mentioned a few other issues that also make this hard to keep any discovery, if made, relevant for any period of time.

Some other quick things off the top of my head-- the shared/common kernel implements device tree so DEVICE_TREE will be set. You can look at the Nook HD, Kindle HD, and Nook Tabletposts by Bawks discussion linked above for some ideas of the sorts of things that might constitute a way around the chained boot... there's some explanation and info there for anyone interested.

All that said, good night, and good luck.
The Following 16 Users Say Thank You to fattire For This Useful Post: [ Click to Expand ]
 
kalte
Old
#60  
Member
Thanks Meter 8
Posts: 45
Join Date: Nov 2010
Location: Santiago
I'm in with $15 for HDX 7". I'm hating Amazon launcher and services, I just wanted a cheap and powerful tablet to watch movies and YouTube videos. If someone finds another root I won't care about losing access to Amazon things xD

The Following 2 Users Say Thank You to kalte For This Useful Post: [ Click to Expand ]
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes