I was bored one weekend and decided to jailbreak the new Kindle firmware. It was time consuming to find bugs, but not difficult. Unlike the iPhone, the Kindle doesn’t really have security. They have a verified FS and signed updates and that’s it, but I will still call my jailbreak an “exploit” just to piss you off. Previous Kindle 3 jailbreaks worked (AFAIK, I haven’t really looked into it) by tricking the Kindle into running a custom script by redirecting a signed script using a syslink. This worked because the updater scans only “files” that do not end with “.sig” (signature files to validate the file). They fixed this now by scanning all non-directorys that do no end with “.sig”. This is the first bug I’ve exploited. Part one is getting the files into the update, which I did by conventionally renaming them to “.sig” even though they’re not signature files. Part two is harder, getting the unsigned script to run. Continue reading
I finally took some time from my busy schedule and made some changes to the site.
- I stopped being cheap and finally bought www.yifanlu.com
- Thanks to WPTouch, the site can be viewed on the iPhone & Android with ease
- Added a contact form
- Made tweaks here and there in the designs, fixed some typos & style errors
Also, quick update: I’m still working on that Facebook app, with all the homework and exams, I barely have any free time, however, here’s some screens on Facebook.