Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Books Handhelds Hardware Hacking Build

Kindle Touch Gets World's Simplest Jailbreak 161

Posted by Soulskill
from the music-to-amazon's-ears-i'm-sure dept.
Nate the greatest writes "Can you play an MP3 file? Then you can jailbreak the new Kindle Touch. A new hack was posted this morning that roots the Kindle Touch/K5 and opens the way for future hacks. The hacker also reveals that the K5 runs on HTML5, which should make it a lot easier to come up with new apps. Epub, anyone?"
This discussion has been archived. No new comments can be posted.

Kindle Touch Gets World's Simplest Jailbreak

Comments Filter:
  • Garden Picnic (Score:5, Insightful)

    by mugnyte (203225) on Saturday December 10, 2011 @04:20PM (#38329576) Journal

    The walled gardens are full of splendor, as we pay the entrance fee for a reason. Bringing your own picnic, despite the guards, will never be prevented.

  • Re:Doubleplusgood! (Score:2, Insightful)

    by Anonymous Coward on Saturday December 10, 2011 @04:20PM (#38329582)

    True, but they had legally good grounds for doing so, and really bent over backwards to make it right. I don't like the idea that they can do it at all, but I don't see how they really did anything morally wrong.

    http://news.softpedia.com/news/Amazon-Makes-Amends-for-039-1984-039-Incident-120948.shtml

    If they removed paid for copies and refused to return the money, you'd have an excellent argument. But they didn't, so I'm not sure what the big deal is now.

  • Re:Doubleplusgood! (Score:4, Insightful)

    by Hotweed Music (2017854) on Saturday December 10, 2011 @04:22PM (#38329592)
    They were hosting illegal content. I know it's nice to get outraged about (especially because of the books banned), but you're picking a fight.
  • Re:Doubleplusgood! (Score:5, Insightful)

    by causality (777677) on Saturday December 10, 2011 @04:34PM (#38329700)

    True, but they had legally good grounds for doing so, and really bent over backwards to make it right. I don't like the idea that they can do it at all, but I don't see how they really did anything morally wrong.

    What's morally wrong is they didn't even attempt to obtain consent. The entire notion of a marketplace is based on a willing buyer and a willing seller doing business without coercion of any kind. The initial sale of the book was done in this consentual, voluntary fashion. The revocation of the book and refunds etc. were done against the will of many customers. It was not a voluntary transaction.

    If you don't want to sell something of yours to me, I don't have the right to simply take it against your will and leave you the money. If I did that but you didn't want to sell it then I just coerced you into a sale. I am certain you have some possession you are unwilling to part with and would be outraged if someone did this to you. Others feel the same way about other things they purchase.

    That they sold a book they didn't have the right to sell is their problem, to be resolved between them and the rightsholder. It's not like Amazon is struggling to financially survive and couldn't have possibly worked out some kind of royalty. To make that your customers' problem is a shitty way to do business. A good business looks after their customers better than that and cleans up its own messes without involving unwilling third parties. Even if the only reason they do it is selfish, to avoid losing sales from pissed off former customers.

    I'm sure it's not legally wrong since they almost definitely had the multiple pages of fine-print legalese in some kind of EULA to legally cover their asses. So no surprise the state isn't intervening here. The idea here is that coming up with a clever legal way to coerce someone into a bargain is still morally wrong. It makes some people not want to do business with you.

    I don't understand this trend of making apologetics for large organizations. At all. It's as though they have to murder kittens or something before some of you will say "hey, that doesn't look right to me!". To make your problem into your customers' problem when the customers did nothing wrong (while you did) is simply unethical.

  • by geekprime (969454) on Saturday December 10, 2011 @04:35PM (#38329716)

    It dosen't disturb anyone that an mp3 can be used to crash this thing and run arbitrary code on it?

    It seems like the fact that everyone "knows" that mp3's are safe and can not give you a virus is not at all true for this device.

  • Re:XSS (Score:5, Insightful)

    by hey! (33014) on Saturday December 10, 2011 @04:44PM (#38329776) Homepage Journal

    Pretty much. The hack was simply embedding javascript in an MP3 id3 tag.

    While I'm in favor of jail breaking devices, this does NOT make me want to rush out and buy a Kindle Touch (although I was considering it before), because it reveals a flaw in the the device's basic use. Short of restricting myself to Amazon content, I'd have to check every file I use on it for malware.

  • Re:Doubleplusgood! (Score:3, Insightful)

    by Anonymous Coward on Saturday December 10, 2011 @04:45PM (#38329804)
    On this you are wrong. Why is it all of a sudden "ok" when it is digital content? If they were selling physical books they could still have had no right to sell them, but they would not have had any means (nor would they have tried) to track down who had the illegal book and repossess it. Now, just because these books were digital, why is it OK? I posit that it is NOT OK. As more and more of "our" content goes digital - what makes it OK for folks to remotely decide we can't have it anymore?
  • Re:Doubleplusgood! (Score:5, Insightful)

    by Culture20 (968837) on Saturday December 10, 2011 @04:51PM (#38329850)

    True, but they had legally good grounds for doing so

    &@$^ their "legally good" grounds. If Star Trek Replicators ever become a reality, I don't want Amazon using a team of transporter technicians to dematerialize stuff from my house that was replicated with the wrong copyright license. They shouldn't have the *ability* to do this because it is likely to be abused (again).

  • by izomiac (815208) on Saturday December 10, 2011 @05:09PM (#38330008) Homepage
    It disturbs me that Amazon would include a javascript command to execute arbitrary native code as root, and doesn't sanitize input. An ID3 tag should not be rendered, especially not with javascript, and especially not in the privileged mode the GUI is given. Making any one of those mistakes is amateurish and indicates that whoever designed this system knows absolutely nothing about security. Beyond that, obviously that person/team was given the autonomy to do this without any kind of oversight, so the device is surely riddled with such defects!

    IMHO, most likely some web developer came up with that idea and is unused to even considering security issues. While you can write a GUI in DHTML and its ilk, it's not necessarily a good idea. When they ran into the easily predicted performance issues, this was their solution. Suddenly, they're no longer playing in the sandbox, but apparently they weren't quite cognizant of the implications.
  • Re:Doubleplusgood! (Score:5, Insightful)

    by causality (777677) on Saturday December 10, 2011 @05:21PM (#38330118)

    I hate to say things like this but you're a fuckwit.

    You hate to say such things because it's a sorry excuse for having your own point of view. I'd hate to be that way myself; that's why I'm not. I don't know if it's some kind of jealousy or what, but I see lots of posts like this written by people who clearly could not articulate their own position and why they believe it's better.

    It reminds me of a post I made some weeks back about Mohandas Gandhi. I misremembered how the man's name was spelled and I wrote it as "Ghandi". So what does some useless little AC come along and do? He points this out and calls me a liar, saying obviously I never read the man's autobiography as I had said. This appeals to the bitchy base nature of a lot of people so he even got modded up. Of course, he didn't dispute anything I said about Gandhi's life, beliefs, or impact on the world. That would have required substance, something he obviously lacked. It would have also required me being wrong about the important part of the post and he knew I wasn't. His entire contribution was "you made a spelling error, therefore you're wrong and I'm right!" I guess to him that represented some kind of conquest or victory.

    You're just like him.

    It's that desperate need of nothing-human-beings to look down their nose at something and judge it less worthy than themselves. No power to uplift and edify, only to try to degrade in order to relieve the pain of their wretched, stressful, purposeless existence. Little do they understand it makes it worse. Enjoy your perverse, imaginary sense of superiority, if you can. I can see how my love of reason makes me an unusually tempting target. Meanwhile, my works speak for themselves and are open to constructive discourse.

    Personally, I couldn't stand being like you. It would burden me with the kind of inner conflict I very much love being free from. That's why I bother to write this -- certainly not for you, as that would be pearls before swine. It's for people who see this going on everywhere and struggle with self-doubt, who might appreciate knowing they really are seeing it correctly.

  • by History's Coming To (1059484) on Saturday December 10, 2011 @05:56PM (#38330456) Journal
    It seems to be part of a trend towards relatively obvious and open DRM. Lock out your everyday users, but set the DRM at a level where you tend to get good amateur developers crawling all over it and doing some free R&D for you. Hell, even Microsoft are up to it with the Kinect.
  • by Pharmboy (216950) on Saturday December 10, 2011 @06:27PM (#38330714) Journal

    I can't believe Amazon is shipping this crap.

    So, a system that is designed to be 100% Amazon supported for everyone who wants it to be, but is designed intentionally to be easy to jailbreak for those that don't, is automatically crap? This is idiotic. The fact that it is easy to jailbreak isn't a bug, IT IS A FEATURE.

    I own a Kindle Fire, and it kicks ass. I don't expect to jailbreak it for now, as that wouldn't help me do anything that I can't already do, except maybe install an ssh client. But it is great that Amazon is keeping it easy to jailbreak, ON PURPOSE, so when I do, I can quickly and easily. I hope they sell millions of them.

  • by gnapster (1401889) on Saturday December 10, 2011 @07:10PM (#38331008)

    Why the deuce is this rated higher than its parent?

    I can't believe Amazon is shipping this crap.

    So, a system that is designed to be 100% Amazon supported for everyone who wants it to be, but is designed intentionally to be easy to jailbreak for those that don't, is automatically crap? This is idiotic. The fact that it is easy to jailbreak isn't a bug, IT IS A FEATURE.

    The reason the GP called it crap is that now I have to worry about MP3s running arbitrary code on my tablet. Not only can they execute code, but they can gain root access and then execute code! Until I know more about the security of this device, it is making me very nervous. I want jailbreaking to be easy, but I don't want it to be effected by the same kind of action that I use every day for non-jailbreaking activities.

  • by ceoyoyo (59147) on Saturday December 10, 2011 @08:58PM (#38331638)

    "Here, go to this website" is pretty simple. Simpler than "here, download this mp3 and play it."

    Both are bad. Neither visiting a website nor playing an mp3 should be able to root your device. I'm all for making jailbreaking easy, but it should absolutely require a wired connection to the device.

  • Re:Doubleplusgood! (Score:5, Insightful)

    by causality (777677) on Saturday December 10, 2011 @09:14PM (#38331702)

    Wow, for the guy who thinks that in response to being offended, that one should suck it up and move on [slashdot.org], you are not very good at it.

    I have to agree with the AC on this one: a pompous, self-righteous fuckwit. Try taking your own advice and grow a pair.

    I did take my own advice. I argued why I think there's something wrong with that.

    Those who cannot grow a pair? You know what they do? They look to the site admin, or a government agent, or some other authority figure to censor whatever it is they don't like. Is that what I did? No. I countered bad speech with more speech, not with censorship.

    You fail to comprehend the point. Not because it is beyond your comprehension; it isn't. You fail because that way and only that way do you get to bitch about something and feel "right" even if only for the interval between that time and my setting you straight.

    If by "pompous and self-righteous" you mean "I'll tell the truth and I won't make any apologies for it" then yes, that I am. What you want is for someone to kiss your ass and say things delicately to suit your tastes, to mince words and be diplomatic to avoid your ire. What you want is a people-pleaser who cares about your approval. Sorry, but fuck you, I won't play that game. Go ahead and hate me just as much as you like. Call me some more names if that fulfills your puerile needs. That's what is called having a pair. Not kow-towing to hyperemotional sensitives such as yourself who must make everything personal.

  • by subreality (157447) on Saturday December 10, 2011 @09:27PM (#38331784)

    Yes, I actually did RTFA.

    jailbreakme.com isn't "follow these instructions". If you go there on an iPhone it gives you a big friendly button labelled "Jailbreak Me". You click it. Done.

    Yes, I know the Kindle one is really easy too, but the bar for "World's Simplest" is one click. That's a tough act to beat. :)

Klein bottle for rent -- inquire within.

Working...