Is anyone tried to do this https://github.com/freedreno/freedreno/wiki/FireTV
It looks like it's possible and done by Rob Clark even in start of May. But lack of root prevent us to use it widely.
Booting process a little bit unclear for me.
Also check this out
I've just asked Rob about locked bootloader on G+, his response was:
To run custom kernel (ie. to get drm/msm driver) you would need an unlocked bootloader. Root the device, and then as root 'pm disable com.amazon.dcp' to block further updates (to avoid existing bootloader being updated). Hopefully the relevant people will be able to release more info about bootloader exploits soon.. having root is the first part of being able to do something useful w/ bootloader.
Click to expand...
Click to collapse
Hey, guys!
Rob posted some details about vulnerability allowing to unlock bootloader in his blog http://bloggingthemonkey.blogspot.ru/2014/06/fire-in-root-hole.html?showComment=1403624931085#c3252639689847494536
Also check the demo using this hole and providing ability to write to physical memory https://github.com/robclark/kilroy
Just need to figure out how to use it, is anyone have an ideas o hints?
iRet said:
Hey, guys!
Rob posted some details about vulnerability allowing to unlock bootloader in his blog http://bloggingthemonkey.blogspot.ru/2014/06/fire-in-root-hole.html?showComment=1403624931085#c3252639689847494536
Also check the demo using this hole and providing ability to write to physical memory https://github.com/robclark/kilroy
Just need to figure out how to use it, is anyone have an ideas o hints?
Click to expand...
Click to collapse
anyone know what this stuff does?
https://github.com/robclark/firetv-grub
unfortunately it seems like there aren't a whole lot of users here with the knowledge to put this information to good use, while i understand what is happening i couldnt begin to make use of any of that information Rob posted. maybe we could we start a bounty on unlocking the bootloader? or should we all just wait it out for jcase and rclark? once the exploits are patched and a update is released im pretty sure your going to see the bootloader unlock made public. Great job in advance to jcase and robclark!
nhumber said:
anyone know what this stuff does?
https://github.com/robclark/firetv-grub
unfortunately it seems like there aren't a whole lot of users here with the knowledge to put this information to good use, while i understand what is happening i couldnt begin to make use of any of that information Rob posted. maybe we could we start a bounty on unlocking the bootloader? or should we all just wait it out for jcase and rclark? once the exploits are patched and a update is released im pretty sure your going to see the bootloader unlock made public. Great job in advance to jcase and robclark!
Click to expand...
Click to collapse
GRUB is a most popular and widely used linux bootloader for PCs
This repo looks like a fork tuned to use in fire tv, I think this one will be used to boot linux on AFTV.
Talking with Rob, he expected, exploit will be issues as soon as amazon will release update.
iRet said:
GRUB is a most popular and widely used linux bootloader for PCs
This repo looks like a fork tuned to use in fire tv, I think this one will be used to boot linux on AFTV.
Talking with Rob, he expected, exploit will be issues as soon as amazon will release update.
Click to expand...
Click to collapse
any new updates on this recently? maybe Robs installation could be easier now that we have the custom recovery option available? pretty interested in getting this running if i can use it for a dedicated xbmc box with proper 24hz support. maybe we could start a bounty for someone who can make an installation that works with cwm if theres interest.
nhumber said:
any new updates on this recently? maybe Robs installation could be easier now that we have the custom recovery option available? pretty interested in getting this running if i can use it for a dedicated xbmc box with proper 24hz support. maybe we could start a bounty for someone who can make an installation that works with cwm if theres interest.
Click to expand...
Click to collapse
Still no news, you could try to ask Rob directly on G+. Not sure if it could be possible through cwm. As for bounty I will pay my $5.
The one thing confusing me, how Rob achieved result in video. Probably there is a way, but some guy still want to make money on it. Another option is a hardware modification.
Yep with linux this box will be very interesting, with Fire OS it's a very specific devise, far from perfect.
iRet said:
Still no news, you could try to ask Rob directly on G+. Not sure if it could be possible through cwm. As for bounty I will pay my $5.
The one thing confusing me, how Rob achieved result in video. Probably there is a way, but some guy still want to make money on it. Another option is a hardware modification.
Yep with linux this box will be very interesting, with Fire OS it's a very specific devise, far from perfect.
Click to expand...
Click to collapse
i did ask him on G+, he said he could upload a pre built boot.img and pointed me to the kernel branch hes using on his firetv, https://github.com/freedreno/kernel-msm/commits/firetv-drm , rbox said its possible if we can get the kernel on there via his recovery.. its all just out of my league. Rob documents how he did it minus the bootloader and root on this page https://github.com/freedreno/freedreno/wiki/FireTV , the instuctions are there so is it possible to flash the kernel with cwm ? and then is it possible to do everything he does with partitioning and file moving via recovery? or if someone gets it on there via his directions is it possible to just make a backup or flashable zip of the whole system? that people can just restore? I'll donate 5$ myself, so that puts the bounty at 10$ i guess.
nhumber said:
i did ask him on G+, he said he could upload a pre built boot.img and pointed me to the kernel branch hes using on his firetv, https://github.com/freedreno/kernel-msm/commits/firetv-drm , rbox said its possible if we can get the kernel on there via his recovery.. its all just out of my league. Rob documents how he did it minus the bootloader and root on this page https://github.com/freedreno/freedreno/wiki/FireTV , the instuctions are there so is it possible to flash the kernel with cwm ? and then is it possible to do everything he does with partitioning and file moving via recovery? or if someone gets it on there via his directions is it possible to just make a backup or flashable zip of the whole system? that people can just restore? I'll donate 5$ myself, so that puts the bounty at 10$ i guess.
Click to expand...
Click to collapse
If he can provide a kernel and the missing link of what to do once you have the kernel and an empty root fs... is it doing an install or is it copying a premade rootfs, then I could probably make some kind of flashable package. I won't have time until next week though.
rbox said:
If he can provide a kernel and the missing link of what to do once you have the kernel and an empty root fs... is it doing an install or is it copying a premade rootfs, then I could probably make some kind of flashable package. I won't have time until next week though.
Click to expand...
Click to collapse
wow guys,
this sounds and looks amazing. This should also enable to run something like OpenELEC natively. Would prefer this much more than having to run Android with all the refresh rate issues.
My box is still in preorder, Amazon says it will ship in about 6weeks. Think this could be an amazing toy
https://github.com/freedreno/kernel-msm/commits/firetv-drm
From some of the commits here, it looks like the Linux kernel does actually support the GPU more or less? Anyone knows if this means 2D/3D or what exactly?
freezer2k said:
My box is still in preorder, Amazon says it will ship in about 6weeks. Think this could be an amazing toy
Click to expand...
Click to collapse
If by preorder you mean Germany/UK... it's going to come with 51.1.3.0 which isn't currently rootable.
rbox said:
If by preorder you mean Germany/UK... it's going to come with 51.1.3.0 which isn't currently rootable.
Click to expand...
Click to collapse
Yes Germany,
Pretty sure it will either be possible due to another exploit by then or worst case with a little bit of soldering The eMMC thing looks promising.
freezer2k said:
Yes Germany,
Pretty sure it will either be possible due to another exploit by then or worst case with a little bit of soldering The eMMC thing looks promising.
Click to expand...
Click to collapse
I wouldn't put too much faith in a new exploit coming out by then, but I guess wishful thinking... The eMMC "hack" is the best route, but I don't think anyone has actually figured it out yet.
Just to update this for those who care, We've got a pre compiled kernel now (located here) and i was informed using the prebuilt fedora f21 images (located here) should include everything needed for graphics drivers to work out of the box with the ftv. Rbox said he would try and throw something together when he gets some time which is great but i figured i'd still throw it out there for anyone else who was curious. I was told a good approach would be to flash the kernel and have the fedora file system on an external USB leaving the amazon file system alone, maybe one day it will be possible to kinda select between two kernels and be able to boot either fedora from external usb or the stock amazon OS from the onboard storage. Bounty is still at 10$
nhumber said:
Just to update this for those who care, We've got a pre compiled kernel now (located here) and i was informed using the prebuilt fedora f21 images (located here) should include everything needed for graphics drivers to work out of the box with the ftv. Rbox said he would try and throw something together when he gets some time which is great but i figured i'd still throw it out there for anyone else who was curious. I was told a good approach would be to flash the kernel and have the fedora file system on an external USB leaving the amazon file system alone, maybe one day it will be possible to kinda select between two kernels and be able to boot either fedora from external usb or the stock amazon OS from the onboard storage. Bounty is still at 10$
Click to expand...
Click to collapse
This sounds great,
would love to try it Biggest issue remaining would probably be rooting the devices that are shipped out now...
Just saw this:
http://bloggingthemonkey.blogspot.de/2014/06/fire-in-root-hole.html
Looks like there is a CVE that allows to root the FireTV, which is different from Towelroot?
Anyone knows if this has been fixed by Amazon?
Here is some proof of concept code:
https://github.com/robclark/kilroy
nhumber said:
Just to update this for those who care, We've got a pre compiled kernel now (located here) and i was informed using the prebuilt fedora f21 images (located here) should include everything needed for graphics drivers to work out of the box with the ftv. Rbox said he would try and throw something together when he gets some time which is great but i figured i'd still throw it out there for anyone else who was curious. I was told a good approach would be to flash the kernel and have the fedora file system on an external USB leaving the amazon file system alone, maybe one day it will be possible to kinda select between two kernels and be able to boot either fedora from external usb or the stock amazon OS from the onboard storage. Bounty is still at 10$
Click to expand...
Click to collapse
Thanks for links, I'm going to try. One thing confusing me, Rob mentioned we have to use diag partition for kernel and rename it to boot because boot is not big enough. Will play around this weekends.
freezer2k said:
Just saw this:
http://bloggingthemonkey.blogspot.de/2014/06/fire-in-root-hole.html
Looks like there is a CVE that allows to root the FireTV, which is different from Towelroot?
Anyone knows if this has been fixed by Amazon?
Here is some proof of concept code:
https://github.com/robclark/kilroy
Click to expand...
Click to collapse
iRet said:
Thanks for links, I'm going to try. One thing confusing me, Rob mentioned we have to use diag partition for kernel and rename it to boot because boot is not big enough. Will play around this weekends.
Click to expand...
Click to collapse
Yes, UK/GER/UnRooted-US FTV's, there is a Santa Claus"
iRet said:
Thanks for links, I'm going to try. One thing confusing me, Rob mentioned we have to use diag partition for kernel and rename it to boot because boot is not big enough. Will play around this weekends.
Click to expand...
Click to collapse
I gave some tips in the cwm thread on how to avoid bricking. I don't even know of how you'll boot in to recovery from a running linux in the first place. Unless you know how to write the bootloader message.
Y314K said:
Yes, UK/GER/UnRooted-US FTV's, there is a Santa Claus"
Click to expand...
Click to collapse
Except that post is extremely old.
rbox said:
I gave some tips in the cwm thread on how to avoid bricking. I don't even know of how you'll boot in to recovery from a running linux in the first place. Unless you know how to write the bootloader message.
Click to expand...
Click to collapse
Can we patch this boot image outside your cwn to try it with fastboot boot?
Related
Here's a basic stock rom in case you need it sometime
the only modifications made are the su and flash_image binaries are included and ro.secure has been turned to 0 so you can adb remount.
How to flash download the rom from here
Place rom on sdcard
wipe data and all else
then flash rom
reboot and do what you need to do
Cool, you never know when you might need this.
Thank you! Appreciated.
Sent from my VM670 using XDA App
Asadullah said:
Here's a basic stock rom in case you need it sometime
the only modifications made are the su and flash_image binaries are included and ro.secure has been turned to 0 so you can adb remount.
Click to expand...
Click to collapse
How is this comparable to the rom listed here?
bit ly backslash fBEJnU
I want to have a known working recovery before I make any more changes to my phone. I am not exactly a newbie to this stuff (I have a Pandigital Novel that has been rooted and hacked into a nice tablet) but this is taking things to a whole new level for me and I need my phone. So I'm a bit nervous.
Of course I really wish I'd asked around some before I got to work on removing some of the stuff on it already (mostly known junkware from Virgin Mobile and stupid stuff like weblinks pretending to be native apps) after rooting it with superoneclick and installing root explorer. I need to know if your rom or the one I linked to will be able to allow me to roll back to a default installation that I can revert to if there are any issues down the road. Can you help me?
I apologize if this isn't the right place for this question. Thank you for the many mods I have seen you do already. I look forward to trying them once I have a fallback plan.
--bornagainpenguin
PS: I am a new user here so not allowed to post links. I hope you got the idea of where I was trying to point you to.
bornagainpenguin said:
How is this comparable to the rom listed here?
....................................................................................................
PS: I am a new user here so not allowed to post links. I hope you got the idea of where I was trying to point you to.
Click to expand...
Click to collapse
I'm not actually sure what your talking about but I've posted this on three different sites so far. I do that for the guys that don't go to other forums. There probably isn't any difference in the roms.
Asadullah said:
I'm not actually sure what your talking about but I've posted this on three different sites so far. I do that for the guys that don't go to other forums. There probably isn't any difference in the roms.
Click to expand...
Click to collapse
I'm talking about the one by takehull posted on sdx-developers here.
Yours is not exactly stock since you added su and flash_image binaries--or does that really not matter?
Thanks for the reply.
--bornagainpenguin
PS: I appreciate that you try to post your work as far and wide as possible, it made it easier for me to find it.
PPS: Which forum is best to follw for work relating to the LG Optimus V?
For the record, I like it as is.
Saves me the trouble of having to root all over again.
Sent from my VM670 using XDA App
I'm not sure exactly how his is different since I didn't build it. I'm gonna guess and say his probably doesn't have the binaries in it, I'm not sure exactly how his is different since I didn't build it. I'm gonna guess and say that his doesn't have the binaries in it. I don't know. Honestly the only way to know for sure that it's stock rom is to get someone that hasn't rooted yet flash the recovery and get a backup of system. I've been waiting for someone like that to come along but ... It hasn't happened yet.
I won't tell you which forums to watch but I'm partial to xda cuz I been on here since my first android phone and it doesn't have those flash ads that pop up cover your entire screen until you click the x.
Asadullah said:
I'm not sure exactly how his is different since I didn't build it. I'm gonna guess and say that his doesn't have the binaries in it. I don't know.
Click to expand...
Click to collapse
Well upon further re-reading the other thread I saw this posted:
takehull said:
The only modifications this has are the two binaries that you put into /system/bin when you root. You can remove them by using Superoneclick Root and selecting "unroot."
Click to expand...
Click to collapse
My only excuse is that it was late when I found the thread and I wasn't reading clearly. Going by that statement his rom and your rom basically seem to be the same things.
Asadullah said:
Honestly the only way to know for sure that it's stock rom is to get someone that hasn't rooted yet flash the recovery and get a backup of system. I've been waiting for someone like that to come along but ... It hasn't happened yet.
Click to expand...
Click to collapse
Forgive my ignorance, but isn't rooting actually a requirement of obtaining the backup? Or did I misread the instructions somewhere? It'd be nice if someone at Virgin Mobile were to leak the complete rom somewhere so people had a fall back option besides trying to return the phone as bricked. (If that's even possible?)
Asadullah said:
I won't tell you which forums to watch but I'm partial to xda cuz I been on here since my first android phone and it doesn't have those flash ads that pop up cover your entire screen until you click the x.
Click to expand...
Click to collapse
Sounds like a good reason to pick a forum. Not sure if I'm a member of any places that do that since I run with adblock and noscript enabled most of the time.
Any chance you could link me to written instructions on how to flash the rom you have here? I know you have video tutorials but those are harder to follow for me because I am hard of hearing. Music I can do because it is "beautiful noise" and I can usually find some lyrics to get the words of. Your video HOWTOs are not good for me because I have to strain to hear what is being said.
Thanks again for your time and patience in replying to me.
--bornagainpenguin
Thanks. Dude above me, there is a rom flashing tutorial at prepaidandroids.net. We will help you out there. Its a site that specializes in on the Optimus v itself.
(Optimus V - Contracts Suck)
Thanks for posting this. It just came in handy when I was changing my virgin phone number. Part of the process is dialing ##841446# to bring up the activation menu, but the ## prefix on CM7 does not work, apparently only a stock ROM can do that.
Any way to put it on a phone friendly site? No matter what browser I use on my phone it will not download from google docs.
Sent from my VM670 using Tapatalk
THANKS, this worked perfectly.
It's pretty much as described, a stock Opt V rom, with Super User already set up and installed.
Titanium worked on it no problem as well.
thanks a ton man! i needed to flash back to stock to get my 3G working again. if you flash a custom rom while youre between payments, you know, during down time, you may need to flash back to stock and run the activation app next time you put service on your phone.
worked like a charm. i thought my 3G was broken. im doing a happy dance now!
Anyway I can get a link to the stock rom with all the bloatware removed but not rooted?
DarkLG said:
Anyway I can get a link to the stock rom with all the bloatware removed but not rooted?
Click to expand...
Click to collapse
Tell me what you consider bloatware and ill make it for you.
tvall said:
Tell me what you consider bloatware and ill make it for you.
Click to expand...
Click to collapse
Well those apps that come preinstalled like the virgin radio and such .If you could add in the newest market,g+,music I would greatly appreciate it
DarkLG said:
Well those apps that come preinstalled like the virgin radio and such .If you could add in the newest market,g+,music I would greatly appreciate it
Click to expand...
Click to collapse
Zipping, will flash and test then upload.
Its just de-bloated. Nothing added (yet)
http://db.tt/fsvq1JB6
Haven't tested yet. I'm lazy
tvall said:
Zipping, will flash and test then upload.
Its just de-bloated. Nothing added (yet)
http://db.tt/fsvq1JB6
Haven't tested yet. I'm lazy
Click to expand...
Click to collapse
haha let me know normally I would do it myself the whole making and adding but everything java and android based don't woprk o my pc :/
ES file explorer is a great way to remove bloat from your phone
Hello,
Im not sure if anyone was aware, but the source code for the kernel is available from the Acer website. Im not sure if this would help with the dev of roms or cracking the bootloader. Thought I would throw it out there.
Its available on the Acer support page under the A100, and is around 100mb
mvan4310 said:
Hello,
Im not sure if anyone was aware, but the source code for the kernel is available from the Acer website. Im not sure if this would help with the dev of roms or cracking the bootloader. Thought I would throw it out there.
Its available on the Acer support page under the A100, and is around 100mb
Click to expand...
Click to collapse
Yeah, I saw that. Doesn't make a difference though, we need a unlocked bootloader before a custom kernel we can make with that is useful.
Back in my Xperia x10 days they were able to find a way to crash the stock kernel and were able to load custom kernels with a locked bootloader. Its probably not feasible considering it was a much older kernel version and from a different manufacturer...but one can only hope right? lol
Don't know if it helps, but the thunderbolt also came with a locked bootloader and devs figured out how to flash a custom kernel. The custom was also locked but supported what they needed it to. It was flashed with the same process as our flashing updates manually. Maybe some of the tbolt devs could help?
Sent from my A100 using Tapatalk
We could do a custom rom that through 2nd-init, but so far its been an uphill battle trying to figure it out. I'm not a kernel developer, but I've done some work modifying and working with cm7 kernels but nothing to this scale.
I do know that we wouldnt be able to change the kernel on this device or a modified recovery because there's some checking going on with the checksum of the disk images.
@crossix
Have you seen this thread in the Nook Tablet forums?
They found a way around the the bootloader problem.
I was thinking the above. Maybe we can make a work around through the kernal code. I havnt done programming on this low of a level but can scan through to see if and what checks there are and if there are any loopholes... I like to think they have a backdoor somewhere in there...
Excuse me, I was wrong. The tbolt with its locked bootloader was solved a little differently. I think what they did was flash an entirely different bootloader to it. One that was still encrypted but unlocked. Don't know if that's possible in this case but thought it was something to mention.
Sent from my LG-VM670 using Tapatalk
Maybe we should talk to nemith and fattire and they may have some suggestions. I am no where shilled at this level of development to talk intelligently to them. My development skills lie in the .Net field and at the application level. So I am not much help.
@painter... i have been looking through the nook forums that you referred to and i certyainly think that this is possible route to go with the a100. this is also way above my skillset, however i will be more than happy to do what i can if there are any developers interested. i have been doing alot of research into the locked bootloader and this is the most promising news that i have heard so far. I wish we could get more devs interested in this little tablet because it has great potential if we could get past the bootloader.
What Ill do later is download the code again, had before, but accidentally deleted it, and look through some of the more important code to see what can be found. Why would Acer put up the source code if there isnt a way to alter the kernel? Seems counter-intuitive to put it up without a purpose...
here is some info on 2nd init, if anyone smarter than me is interested in having a look.....good luck!..... http://cvpcs.org/blog/2011-06-14/2nd-init._what_it_is_and_how_it_works
mvan4310 said:
What Ill do later is download the code again, had before, but accidentally deleted it, and look through some of the more important code to see what can be found. Why would Acer put up the source code if there isnt a way to alter the kernel? Seems counter-intuitive to put it up without a purpose...
Click to expand...
Click to collapse
Because they have to, its required by gpl to make the source public. Just because they make it public, doesnt mean that it'll compile properly though. But, in this case it does compile cleanly and with it we could probably take bits and pieces of cwm for the a500 and get it to work (their gpl version not thor's recovery). How to do that tough with our current encrypted recovery I dunno.
I looked at the thread and it definitely looks like something doable but what offset would we use and how would we tell the boot partition to go look for a custom recovery when we cant even open it to alter its contents since it and the recovery partitions are both encrypted.
If you make a image of either partition using dd and try to mount it and read its contents you see gibberish rather then editable files in the images. might be able to poke at it with a hex editor, but that's beyond my skill level.
Sent from my MB860 using XDA App
Im still in the extraction process, and it is a rather large image. Its around 500mb compressed. I can take a look into it, but cant make any promises that Ill find anything at all. I understand the gpl and whatnot, and the partitions being encrypted, and am just hoping that somewhere in the kernel is a clue as to what is being done that can help us along the way to cracking this thing.
I didnt think of this until now, but is the newer A500 encrypted? If s, maybe we can find the difference between the older and the newer version somehow and see what they are using. Just a thought, could be completely wrong.
from what I understood (I could be completely wrong though) one of the newest updates that brought the a500 up to 3.2.1 changed their encryption method so itsmagic (their security hole) no longer worked. The work around for that was to downgrade to 3.2 and install cwm / itsmagic and them flash a recovery 3.2.1 image.
Sent from my MB860 using XDA App
Hmm, Not sure. Ill look around. Im still trying to root my tab, have been unsuccessful thus far, and about 3 hours into trying..
is there any benefit in opening the device and sniffing around? I know the bootloader's encrypted but some of it might not be? That's how GeoHot found the first iPhone unlock exploit; by shorting two pins or something?
I also know it's possible to read NAND chips with an Arduino to some extent. I dunno, just talking out loud...
Never thought of finding a way through the hardware itself. I have never opened my Acer, probably wont. I have a Chromebook and they only way to install another OS on it was to flip a switch and pop the cover off, since it has a button thats enabled with the case on that prevents writing to specific portions and whatnot... Good thought. Maybe someone will look into this further.
A100 teardown
http://www.techrepublic.com/blog/it...eardown-lots-of-tech-crammed-into-7-case/3028
Sent from my PG86100 using Tapatalk
I think its very nifty that it has an expansion slot for a cellular chip. All the specs I can find on the 3g a101 show it as having half the RAM. Wonder what it would take to pop a 3g chip in there and get it working. :-\ You would probably have to flash the firmware from the 101 to get it to see the chip...
I would like to know how many forum members would be willing to donate funds to any developer willing to seriously work at creating a recovery program and maybe one rom for the Xyboard 10.1 4G/LTE device.
I realize the bootloader is still locked, but devs have managed to bypass the bootloader on other devices using some very creative thinking. The bootloader on my Droid Razr is still locked, but we have Safestrap, CWM
There is also a member i saw that would be willing to donate a xyboard for testing.
I would be willing to donate $100 towards this project.
We need to show the manufacturers that our platform is truely OPEN SOURCE?
so, here we meet again, chumboy
well i'm in, offering 50$ for unlock/bypass
nchantmnt said:
so, here we meet again, chumboy
well i'm in, offering 50$ for unlock/bypass
Click to expand...
Click to collapse
welcome! hey again.
fair amount of views, not many investors.
surprised, it's verizon's main tablet that has 4g (besides the galaxy tab 10.1 which i heard is discontinued).
patience.
I would get in on this. I have actually been trying to figure out Hash's safestrap to see how it is replicated for different devices.
Sent from my Droid3 using xda app-developers app
I know it can be done...it's just a matter of interest. Is some dev interested in spending time to figure it out.
we have recovery for many, many devices whose bootloaders are locked.
SafeStrap would be great....or TWRP.
So far, we have $150 available for anyone who creates a recovery. Come 'n git it, devs!
why not create a simmilar thread at xoomforums.com... guess the most of interested useres aren't reading much @ XDA since atm there is no development going on for this device.
if you do so, just be sure to link to each other thread, list the users & amount and sync those two threads in their first post like:
"chumboy (xda/xoomforums) - 100$
nchantmnt (xda/xoomforums ) - 50
.....
hopefully many many more
_____
total funds until 28th of Sept - 150$
ill try and see if i can get some users @ androild-hilfe.de to join in
maybe u know of some other forums as well
cheers
25 from me if the recovery will working for international xoom2 too.
Hello guys,
i want to help you to get a custom recovery for your XOOM2,
because i´ve long waited for a cwm that could be used on my phone - Motoluxe XT615.
And i got sick of all those devs out there who don´t want to help us to make it even easier.
So my mates and me tired a lot together. Finally a chinese developer team got it.
So i hope i can charge my knowledge with you.
My first few questions are:
- Any tries of implementing 2nd init?
- Which type of internal storage (MTD, EMMC)?
- Locked bootloader (realy think so )?
- Can you upload the init.* script in the root of your phone?
I hope you have rootaccess
luxxx123 said:
Hello guys,
i want to help you to get a custom recovery for your XOOM2,
because i´ve long waited for a cwm that could be used on my phone - Motoluxe XT615.
And i got sick of all those devs out there who don´t want to help us to make it even easier.
So my mates and me tired a lot together. Finally a chinese developer team got it.
So i hope i can charge my knowledge with you.
My first few questions are:
- Any tries of implementing 2nd init?
- Which type of internal storage (MTD, EMMC)?
- Locked bootloader (realy think so )?
- Can you upload the init.* script in the root of your phone?
-and yes we have root
I hope you have rootaccess
Click to expand...
Click to collapse
for 2nd init i really lack the knowledge of how to do this, but atm trying to get to know more about it. is this even working on ics?
internal storage should be mtd if i'm not totally wrong...
the bootloader is locked, we are sure about that and about the init... will upload it for you later... first got to recharge^^
what kind of approach is it that you have in mind? i may lack the knowledge about bootstrapping etc, but i'm eger to learn
nchantmnt said:
for 2nd init i really lack the knowledge of how to do this, but atm trying to get to know more about it. is this even working on ics?
internal storage should be mtd if i'm not totally wrong...
the bootloader is locked, we are sure about that and about the init... will upload it for you later... first got to recharge^^
what kind of approach is it that you have in mind? i may lack the knowledge about bootstrapping etc, but i'm eger to learn
Click to expand...
Click to collapse
The 2nd init should not be a problem. Internal storage is /mnt/sdcard/ external drive can be loaded on /mnt/usbdisk_1.0/
The bootloader is locked, Motorola has not released this yet. However, I did decode a file that had the agreement for unlocking the bootloader so this leads me to believe it will happen in the future.
My knowledge of bootstrapping is limited as well but I do know that if Motorola's system catches anything of another system trying to run, it will reject it and either bootloop or reboot. The secret is in the boot stage not interacting with factory boot at all.
wow...you guys are talking way over my head. i understand somewhat, but at this time, i can't contribute anything but funding.
and emotional support !!!
let me know what a non-coder like myself can do to help you.
so far, we have $175 available to dev who creates recovery.
Devs,
Just want to make sure you dev's are working on the Xyboard 10.1" with LTE connectivity and not just the wifi only device.
It's the Xyboard MZ617 7444.
Realy guys i don´t want your money
On my phone we got a CWM recovery via hijacking battery_charger.
That means when your phone is of and connect it to any kind of power supply it normaly starts this huge battery loading animation.
We simlinked this battery_charger script to a folder that excutes the CWM.
So everytime i shutdown the phone and connect it to powersupply i´ll enter CWM.
I´m quite sure this will work on your tablet, too.
I just can help you with this kind. When your aim is to get a real 2nd Init i can´t help you,
because there my knowledge ends too.
But for beginning i think it would be nice to have any kind of custom recovery, or?
To beginn i realy need the init scripts guys. Open your filebrowser and go to internal storage root, there they should be.
Sorry was abroad for some days
Yes, any kind of custom recovery would be nice. Here you go with the init.
Any information on how you are going to do this would be nice so we can alter this to our needs (thinking about some bootloader to choose weather to load cwm or automatic just charge after some seconds would be nice)
What are the limits of this way? Guess we will not be able to flash kernels, right?
First off, sorry for double-posting
having read myself enough into 2nd init i guess there will be no way to get this running on our xoom2/xyboard models, as the devices need to be running some froyo-kernel to get this working. Maybe even a tweaked gingerbread-kernel can be used for 2nd init, but it should not be possible with honeycomb or even ics. So i guess our best bet is to concentrate on the option luxxx123 is going to give us.
Wow...interest seems to be picking up! That's great.
the Xyboard is really a pretty good tablet.
What you guys are discussing is slightly over my head so i'll just lurk and help when i can.
The kernel version is 3.0.8 Does froyo go into the 3's? I thought it stopped at 2.6.
Sent from my Droid3 using xda app-developers app
Youre right... Froyo stopped at 2.6 but if i recall it correctly the hijack of 2nd init doesnt work with newer kernel versions. But i would be glad if i was wrong here
Gesendet von meinem XOOM 2 mit Tapatalk 2
I tried pulling the 2nd init and hijack from my Droid 3 which has Hash's Safestrap. I customized a few things for my Xyboard and put the files in place but it put it into a bootloop. You just may be right.
Sent from my Droid3 using xda app-developers app
I'll save you guy some trouble, boostrap and safestrap won't work, bootstrap hijack method will not work, bootstrap is open source and you can find all the stuff on github by koush, safe strap by hashofcode will not work, it utilizes the same hijack binaries of bootstrap, this is also open source on his github,
Both can be built from the source, with the recovery files build from cm9 or cm7 .
I have built the recovery and the bootstrap they simply do not work.
That said i have gotten rid of my two (I even at one point offered to send one of mine to a known developer, not one took me up on the offer that's why I learned how to do it myself.
Now someone here brought up a way that peaked my interest, syslinking the charge while battery off script to a custom script to boot into a custom recovery' (cwm or twrp) this seems like the most likely at this could be done.
Someone with some time could find the script in question and post it I'm sure myself or someone else could get something going.
Sent from my Nexus 7 using Tapatalk 2
Is there anyone developing for the Kindle Fire 2?
As far as I can see, the answer is no but I'm not sure if you're all just been busy and work and don't have much to post yet.
If there is no dev team(s), or devs at all working towards getting this thing with a working Recovery and ROM, I will most likely put together a team this weekend.
Also, assuming there are devs, may you share any findings you have? Why or why not the recovery is being a difficult process and whatnot.
I will probably put together a team just in case, I just can't make promises until I meet this weekend and see if they want to work on this.
If/when i get a team I will make a thread for it and post any news updates as they happen. I really hope we can all get this thing cracked open soon!
Thank you in advance!
UPDATE!:
I hit reply instead of save, so I lost my post sadly, so bullet points!
-I could not contact the main dev.
-I do not plan on making a full dev team anytime soon.
-Powerpoint45 and Hashcode are making progress, moreso Powerpoint, although eventually it seems Hashcode plans to have a workaround, just no ETA or promises from him, but there is more hope than before!
-I will still help and try and offer advice to any newer people, I am not a dev, but I have a decent amount of experience that would be enough to help new people.
Good luck to all!
I too would like to know this. I don't have much but I would donate what I can to the first dev or team to get us past this locked bootloader.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
LegendaryCatalyst said:
I too would like to know this. I don't have much but I would donate what I can to the first dev or team to get us past this locked bootloader.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
Click to expand...
Click to collapse
Thanks I'll let you all know what gets decided this weekend. One coder agreed so far but their experience with Android is limited. The main person I have yet to talk to but he is the one that constantly messes with his android devices since android first came out. The issue is that he does not have a kindle fire, so I may have to buy them ones or lend mine to them to get the coding started.
I have been flashing ROMs and whatnot for a couple years, done my vibrant, galaxy s2, and a few others, but have no coding or developing skills whatsoever. I imagine everyone starts somewhere but I don't have the slightest idea where to begin. I would love to learn though. A locked bootloader seems like a steep challenge compared to obtaining root or developing a ROM. I might be wrong in that regard too.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
Depends on how the bootloader is signed. The Motorola Droid and Droid X were relatively easy to crack but other devices may never be cracked without help from the manufacturer.
LegendaryCatalyst said:
I have been flashing ROMs and whatnot for a couple years, done my vibrant, galaxy s2, and a few others, but have no coding or developing skills whatsoever. I imagine everyone starts somewhere but I don't have the slightest idea where to begin. I would love to learn though. A locked bootloader seems like a steep challenge compared to obtaining root or developing a ROM. I might be wrong in that regard too.
Sent from my SAMSUNG-SGH-T989 using xda app-developers app
Click to expand...
Click to collapse
Since this device already has Root, I don't know that the bootloader will be an issue. The Gen 1 Kindle Fire has JellyBean running on it already so it may be a (somewhat) simple task to port that to the Gen 2. I'll have to pull it and see what may be device specific to get things running on the Gen 2, but it can be done. We'll need to first get a custom recovery going to allow the ROM to install.
This looks promising from the Gen 1 forum. Perhaps someone can reach out to the dev and see 1) if he's ok with us using it and 2) if he can help get it going on the Gen 2.
http://forum.xda-developers.com/showthread.php?t=1399889
A locked bootloader generally means no custom kernels. Kexec is the only workaround (that I know of) other than unlocking, to start a new kernel . Root simply gives su access, it can't, in and of itself provide kernel customization.
Didn't the recovery for the KFHD's get put on hold? The stock recoveries won't usually let you flash anything that's not signed.
I'm not a dev but it seems like porting the KF1 ROM over to the KF2 should be pretty easy. Other than the bootloader, the hardware changes were minor, just bumping the CPU/GPU up one model and doubling the RAM. Again, it all hinges on unlocking the bootloader or reverse engineering the key it's signed with. Anybody have access to Amazon's EC2 system?
Antoine.WG said:
Didn't the recovery for the KFHD's get put on hold? The stock recoveries won't usually let you flash anything that's not signed.
I'm not a dev but it seems like porting the KF1 ROM over to the KF2 should be pretty easy. Other than the bootloader, the hardware changes were minor, just bumping the CPU/GPU up one model and doubling the RAM. Again, it all hinges on unlocking the bootloader or reverse engineering the key it's signed with. Anybody have access to Amazon's EC2 system?
Click to expand...
Click to collapse
I just toured google today and made a new friend. He doesn't work on the android side, and that building is the most secure on the campus (That and the google+ are the only buildings regular employees can't enter fully without special permissions)
I am hoping he can introduce me to people on the android side of things and see if they would be willing to offer any insight that wouldn't involve an NDA heh.
LaserChicken said:
A locked bootloader generally means no custom kernels. Kexec is the only workaround (that I know of) other than unlocking, to start a new kernel . Root simply gives su access, it can't, in and of itself provide kernel customization.
Click to expand...
Click to collapse
This is true, however the question was around custom ROMS, not kernels. You do not need a custom kernel to run a custom ROM, it's just nice to have the flexability.
Has anyone tried a Kindle fire HD rom? I think the specs are identical except for the screen. I'll do a little research and see what I can do. I would like to see otg working on my son's 2nd generation fire. Sent from my Nexus 7 using Tapatalk HD
I might make a kf2 root app
tjmack3rd said:
Has anyone tried a Kindle fire HD rom? I think the specs are identical except for the screen. I'll do a little research and see what I can do. I would like to see otg working on my son's 2nd generation fire. Sent from my Nexus 7 using Tapatalk HD
Click to expand...
Click to collapse
That's not quite how it works. I would also recommend to NOT TRY ANYTHING ON THE OTHER KINDLE FORUMS. If you check here, people have posted what works. I believe there is one guide for the basic rooting, and another for the steps on using root to make your Kindle do some decent stuff (new launchers, lockscreens, marketplace, all the good stuff!)
However, the issue with the KF2 is not really getting ROMs on, it's the step before it which is getting a working recovery so we can safely flash ROMs onto the device. Once that's done it shouldn't be hard to get a ROM, and it may be even possible to just use a KFHD ROM without any issues, BUT we need the recovery on here first, and getting around the locked bootloader.
To my all caps warning, just check the Q & A forums to see all the people who tried the recovery, rom, and rooting methods for their KF2. Most end up bricked.
If you are experienced in the sort of thing, go ahead and try at your own risk, just be careful. As you may notice, yes, most if not all (can't remember off the top of my head) of the methods we use to root ARE from the KFHD, so yes, some things do work, but way too many times I read about people that tried to put software that wasn't for the KF2 on it and it ends up bricked. Thankfully people seem to be fixing the bricked Kindles, but it's a very unfortunate experience people shouldn't have to go through.
powerpoint45 said:
I might make a kf2 root app
Click to expand...
Click to collapse
Forgot to multi quote :\
This would be great I think! We have the tools so far, it's just that none have been made specifically for the KF2.
Good luck on the app as I'm sure many new KF2 users will appreciate it!
iytrix said:
That's not quite how it works. I would also recommend to NOT TRY ANYTHING ON THE OTHER KINDLE FORUMS. If you check here, people have posted what works. I believe there is one guide for the basic rooting, and another for the steps on using root to make your Kindle do some decent stuff (new launchers, lockscreens, marketplace, all the good stuff!)
However, the issue with the KF2 is not really getting ROMs on, it's the step before it which is getting a working recovery so we can safely flash ROMs onto the device. Once that's done it shouldn't be hard to get a ROM, and it may be even possible to just use a KFHD ROM without any issues, BUT we need the recovery on here first, and getting around the locked bootloader.
To my all caps warning, just check the Q & A forums to see all the people who tried the recovery, rom, and rooting methods for their KF2. Most end up bricked.
If you are experienced in the sort of thing, go ahead and try at your own risk, just be careful. As you may notice, yes, most if not all (can't remember off the top of my head) of the methods we use to root ARE from the KFHD, so yes, some things do work, but way too many times I read about people that tried to put software that wasn't for the KF2 on it and it ends up bricked. Thankfully people seem to be fixing the bricked Kindles, but it's a very unfortunate experience people shouldn't have to go through.
Click to expand...
Click to collapse
I burnt out my usb port trying to make a fastboot cable. I tied the wrong pin in... I'm waiting on my replacement. I'm going to try to use the revrom to get the cwm on my kf2 if that works, I'm sure we could get someone to make a touch cwm or twrp for the kfhd. If the kfhd cwm works, we could use the touch cwm/twrp. Perhaps it will need to be modified... perhaps not. I suspect that the cwm won't work perfectly and we need to modify it to use the correct partition table.
I should mention that using my current factory cable, I can get to fastboot. I just burnt out the data pin. I tried to use dd to flash the revboot stuff, but I forgot to do the part where you get past the locked bootloader... instabrick
fmkilo said:
I burnt out my usb port trying to make a fastboot cable. I tied the wrong pin in... I'm waiting on my replacement. I'm going to try to use the revrom to get the cwm on my kf2 if that works, I'm sure we could get someone to make a touch cwm or twrp for the kfhd. If the kfhd cwm works, we could use the touch cwm/twrp. Perhaps it will need to be modified... perhaps not. I suspect that the cwm won't work perfectly and we need to modify it to use the correct partition table.
I should mention that using my current factory cable, I can get to fastboot. I just burnt out the data pin. I tried to use dd to flash the revboot stuff, but I forgot to do the part where you get past the locked bootloader... instabrick
Click to expand...
Click to collapse
I was trying to make a fb cable earlier today but the connectors were too hard to solder so I need a new cable to work with. I had same idea as u. Trying to boot into a recovery like cwm
Sent from my DROIDX using xda app-developers app
Nvm
you should be able to delete a post...
powerpoint45 said:
I was trying to make a fb cable earlier today but the connectors were too hard to solder so I need a new cable to work with. I had same idea as u. Trying to boot into a recovery like cwm
Sent from my DROIDX using xda app-developers app
Click to expand...
Click to collapse
I bought one on eBay for £3 including free next day delivery. I'll try to find the link as he was selling lots and it was delivered fast (in UK).
EDIT :
http://item.mobileweb.ebay.co.uk/viewitem?itemId=140893291002
Sent using my Jelly fingers.
Not devving yet, but as soon as we have our own recovery...
Sent from my SAMSUNG-SGH-I727 using Tapatalk 2
Hey.
Did anybody know or can explain why it should not be possible to redirect the update process of an AFTV to local older Fimrware to make downgrade?
I thinking about this idea some days and found now this topic here, while I was searching for a solution of my update block problem.
Perhaps we could test it with bind9 on windows first and later we can port it just to an device like the Rpi.
Greetings by I_did_it_just_tmrrow
EDIT:
I think I can guess what is the problem.
The 51.1.3.0_user_513011520 brings the new recovery, wich blocks downgrades.
But is there now way to refer to "signed" rom wich the old recovery?
I_did_it_just_tmrrow said:
Hey.
Did anybody know or can explain why it should not be possible to redirect the update process of an AFTV to local older Fimrware to make downgrade?
I thinking about this idea some days and found now this topic here, while I was searching for a solution of my update block problem.
Perhaps we could test it with bind9 on windows first and later we can port it just to an device like the Rpi.
Greetings by I_did_it_just_tmrrow
EDIT:
I think I can guess what is the problem.
The 51.1.3.0_user_513011520 brings the new recovery, wich blocks downgrades.
But is there now way to refer to "signed" rom wich the old recovery?
Click to expand...
Click to collapse
This has been brought up and explained countless times. The update.zip as a whole is signed and cannot be modified. The very first line in the script checks the timestamp of recovery vs the timestamp of the update. If the update is old, it will fail.
In addition to there be no way to get an old update.zip to be downloaded by the software in the first place.
rbox said:
In addition to there be no way to get an old update.zip to be downloaded by the software in the first place.
Click to expand...
Click to collapse
That's not entirely true. You just need to wait for the Fire TV to find an official update and then run your own DNS server to redirect the download to a file you host yourself.
I've successfully done it (could have swore I told you about it), but regardless, it doesn't matter because like you said, there are checks in place that keep the Fire TV from installing an old update.
AFTVnews.com said:
That's not entirely true. You just need to wait for the Fire TV to find an official update and then run your own DNS server to redirect the download to a file you host yourself.
I've successfully done it (could have swore I told you about it), but regardless, it doesn't matter because like you said, there are checks in place that keep the Fire TV from installing an old update.
Click to expand...
Click to collapse
If you remember the last time someone tried that, the Fire TV rejected it because the manifest version didn't match what it was expecting.
rbox said:
If you remember the last time someone tried that, the Fire TV rejected it because the manifest version didn't match what it was expecting.
Click to expand...
Click to collapse
Ah ok, I must have missed or forgot that discussion.
I'm a couple of years behind. Last working with roms on ICS, but I remember being able to alter update.zip files without loosing signature by opening it in winrar and making the changes. Memory is fuzzy, but I know it worked for me when developing a rom for the Toshiba Thrive. Could this not still work. For example, pull the official source code, open and add SU with permissions, then save. Then intercept the update as stated before. I know, not as simple as that, but it seems plausible from my experience with altering signed files.
xm41907 said:
I'm a couple of years behind. Last working with roms on ICS, but I remember being able to alter update.zip files without loosing signature by opening it in winrar and making the changes. Memory is fuzzy, but I know it worked for me when developing a rom for the Toshiba Thrive. Could this not still work. For example, pull the official source code, open and add SU with permissions, then save. Then intercept the update as stated before. I know, not as simple as that, but it seems plausible from my experience with altering signed files.
Click to expand...
Click to collapse
You would have to bring some links with direct info how it is done to show the guys what it might take. And how feasible it is on the FireTV. If you find some link. please post them.
md5sum or other checksum will fail