Related
Hey everyone!
It's 5:47am on this Tuesday, November 9th, and I have a firmware update notification in the status bar.
What should I do?
Devs?
: )
Are you running a custom Rom or stock? If stock, what is your current software and firmware version.
cswroe said:
Are you running a custom Rom or stock? If stock, what is your current software and firmware version.
Click to expand...
Click to collapse
I'm running a custom rom, SlideMeRoot, with the first Mytouch Slide update applied.
Or SlideMeRoot is a version of the stock rom?
Then:
Firmware: 2.1-update1
Software number: 1.27.531.1
Images attached.
They are trying to give you the OTA. Don't take it if you like your root.
RUbernerd said:
They are trying to give you the OTA. Don't take it if you like your root.
Click to expand...
Click to collapse
I know that's why I've posted here.
: )
There hasn't been a text message sent out about any other updates. This is them trying to ruin your root access.
RUbernerd said:
There hasn't been a text message sent out about any other updates. This is them trying to ruin your root access.
Click to expand...
Click to collapse
Seriously doubt it.
: )
I also haven't heard about any privilege revocation updates in that case.
The OTA broke root for so many people it isn't funny.
RUbernerd said:
The OTA broke root for so many people it isn't funny.
Click to expand...
Click to collapse
I have the modified radio update already installed if that's what you mean.
It's displayed in the last image in the images I attached above.
Stratis1978 said:
I have the modified radio update already installed if that's what you mean.
It's displayed in the last image in the images I attached above.
Click to expand...
Click to collapse
Slidemeroot uses is older than ota, they are sending you the rom that cr modded(1.3.x). Upgrade to cr for new radio and it will go away.
Edit: read rest of your post,it may be a small hotfix, probably not 2.2 .Maybe 2.1.1
Sent from my T-Mobile MTS/G1 using XDA App
Ace42 said:
Slidemeroot uses is older than ota, they are sending you the rom that cr modded(1.3.x). Upgrade to cr for new radio and it will go away.
Edit: read rest of your post,it may be a small hotfix, probably not 2.2 .Maybe 2.1.1
Sent from my T-Mobile MTS/G1 using XDA App
Click to expand...
Click to collapse
I don't know what it is but interesting none-the-less.
I'll consider it over a coffee.
So ummm who wants to take apart this BRAND new update and see what it is?
I've got alogcat installed and ready...
Stratis1978 said:
So ummm who wants to take apart this BRAND new update and see what it is?
I've got alogcat installed and ready...
Click to expand...
Click to collapse
Sounds like you've got the OTA many of us have had for quite some time. Take a look at my signature; if your build resembles my current ROM it's an older OTA. Post some screen shots as you did earlier so we can see the change since you've updated. Thanks.
NJAZ said:
Sounds like you've got the OTA many of us have had for quite some time. Take a look at my signature; if your build resembles my current ROM it's an older OTA. Post some screen shots as you did earlier so we can see the change since you've updated. Thanks.
Click to expand...
Click to collapse
I've also had that update for quite some time.
So before anyone else suggests that very update again in this thread, bear that in mind.
Well what are you waiting for? Go ahead and transfer it from the phone and post it
Annnd to quote myself:
Stratis1978 said:
So ummm who wants to take apart this BRAND new update and see what it is?
I've got alogcat installed and ready...
Click to expand...
Click to collapse
Stratis1978 said:
I've also had that update for quite some time.
So before anyone else suggests that very update again in this thread, bear that in mind.
Click to expand...
Click to collapse
Bear in mind the OTA update was more than just a radio upgrade ... which from your initial post appears to be the extent of the OTA you have had for quite some time. Interested to see the updated screen shots though ...
fermunky said:
Well what are you waiting for? Go ahead and transfer it from the phone and post it
Click to expand...
Click to collapse
Dude (and everyone else who reads this thread), please -- I'm asking for guidance here.
So if you want me to do something, articulate what that is.
I will transfer the update from my phone and post it here, just tell me HOW.
Anything else you need: also articulate what that is and how.
NJAZ said:
Bear in mind the OTA update was more than just a radio upgrade ... which from your initial post appears to be the extent of the OTA you have had for quite some time. Interested to see the updated screen shots though ...
Click to expand...
Click to collapse
It was more than a radio upgrade; it was also a fix for other slide conundrums.
So you want me to apply this OTA update and post screen shots?
Because that would be unwise for a rooted phone...
Amazon has published the source code for the Fire TV at http://www.amazon.com/gp/help/customer/display.html?nodeId=201452680
Please code responsibly.
35395596831
elmerohueso said:
Amazon has published the source code for the Fire TV at ...
Please code responsibly.
Click to expand...
Click to collapse
PSA: I've tracked the kernel part of the code drop back to the closest msm-3.4 tag, so we have a partial git history. Please use that as a starting point rather than importing the kernel src into a new git tree without history:
git://github.com/freedreno/kernel-msm firetv
robclark said:
PSA: I've tracked the kernel part of the code drop back to the closest msm-3.4 tag, so we have a partial git history. Please use that as a starting point rather than importing the kernel src into a new git tree without history:
git://github.com/freedreno/kernel-msm firetv
Click to expand...
Click to collapse
This does not appear to match the binary... wth Amazon
*EDIT*
Your source was for the first release they did, the initial OTA came with a new kernel, and numerous fixes, including fixing the get_user/put_user vuln (CVE-2013-6282) which was what caused the confusion. Binary not vuln, but your source was.
My bad for not pulling their latest source.
jcase said:
This does not appear to match the binary... wth Amazon
Click to expand...
Click to collapse
hmm, well no guarantees amazon actually posted the correct kernel dump.. that could be an extra headache. I'm a bit new to the android side of things so don't really know what Amazon's track record is like.
fwiw, the src drop I grabbed kernel from was firetv_src_51.1.0.1_user_510055620.tar.bz2 (md5sum: 0cba752bd8e6154667120718efe619b2)
---------- Post added at 12:15 AM ---------- Previous post was at 12:05 AM ----------
jcase said:
This does not appear to match the binary... wth Amazon
*EDIT*
Your source was for the first release they did, the initial OTA came with a new kernel, and numerous fixes, including fixing the get_user/put_user vuln (CVE-2013-6282) which was what caused the confusion. Binary not vuln, but your source was.
My bad for not pulling their latest source.
Click to expand...
Click to collapse
oh, whoops, should have read your later reply first
when I get my fire-tv tomorrow, should I take steps to avoid OTA update?
robclark said:
hmm, well no guarantees amazon actually posted the correct kernel dump.. that could be an extra headache. I'm a bit new to the android side of things so don't really know what Amazon's track record is like.
fwiw, the src drop I grabbed kernel from was firetv_src_51.1.0.1_user_510055620.tar.bz2 (md5sum: 0cba752bd8e6154667120718efe619b2)
---------- Post added at 12:15 AM ---------- Previous post was at 12:05 AM ----------
oh, whoops, should have read your later reply first
when I get my fire-tv tomorrow, should I take steps to avoid OTA update?
Click to expand...
Click to collapse
hmm you sure? firetv_src_51.1.0.1_user_510055620.tar.bz2 is not vulnerable, but the source you linked to is
Possible to mitm the update process. I do believe it is http. This is why i was asking for a pcap of it, but by the time I got mine I had already confirmed I could do what I needed and didn't bother actually get a pcap.
Blocking the server providing the OTA alone won't allow it to boot, intercepting it and telling the unit that no ota is available probably would.
so is the OTA gonna patch the vuln that allows root ?
jcase said:
hmm you sure? firetv_src_51.1.0.1_user_510055620.tar.bz2 is not vulnerable, but the source you linked to is
Possible to mitm the update process. I do believe it is http. This is why i was asking for a pcap of it, but by the time I got mine I had already confirmed I could do what I needed and didn't bother actually get a pcap.
Blocking the server providing the OTA alone won't allow it to boot, intercepting it and telling the unit that no ota is available probably would.
Click to expand...
Click to collapse
hmm, can you check md5sum on the file you got and see if it matches what I have. There were two files available to download when I grabbed the src drop..
fwiw, it is no problem to update the kernel to a newer src drop.. the only thing that will take any time is actually downloading the src drop
robclark said:
hmm, can you check md5sum on the file you got and see if it matches what I have. There were two files available to download when I grabbed the src drop..
fwiw, it is no problem to update the kernel to a newer src drop.. the only thing that will take any time is actually downloading the src drop
Click to expand...
Click to collapse
Sorry can't, i deleted it after extraction. Running out of space on the disk I keep android data on, so I'm bit tight about it
jcase said:
Sorry can't, i deleted it after extraction. Running out of space on the disk I keep android data on, so I'm bit tight about it
Click to expand...
Click to collapse
damn.. well, I'll go ahead and download the other tarball (will take a while, on slow network connection at the moment) and import it on another branch and see what the difference is..
btw, if anyone else has downloaded firetv_src_51.1.0.1_user_510055620.tar.bz2 more recently, could you check md5sum to see if file has changed since the day of the announcement?
bkdg100 said:
so is the OTA gonna patch the vuln that allows root ?
Click to expand...
Click to collapse
OTA patched at least two that would have allowed root. Doesn't patch the one I am working with right now.
robclark said:
damn.. well, I'll go ahead and download the other tarball (will take a while, on slow network connection at the moment) and import it on another branch and see what the difference is..
Click to expand...
Click to collapse
I can redownload it if it is a bother, no big deal.
jcase said:
I can redownload it if it is a bother, no big deal.
Click to expand...
Click to collapse
well, if you have a good network connection, you can probably get it faster than I can..
I'm keeping all the files I download (not out of disk space yet).. tomorrow when I have a good connection I'll grab firetv_src_51.1.0.1_user_510055620.tar.bz2 again to check (if no one has confirmed before then)
just got mine tonight , figured i would hold off on the updates until a secure root exploit id posted,. anyone script a network mitm to spoof the update for now?
bkdg100 said:
just got mine tonight , figured i would hold off on the updates until a secure root exploit id posted,. anyone script a network mitm to spoof the update for now?
Click to expand...
Click to collapse
I believe it force updates OTAs, so no holding off
jcase said:
Possible to mitm the update process. I do believe it is http. This is why i was asking for a pcap of it, but by the time I got mine I had already confirmed I could do what I needed and didn't bother actually get a pcap.
Click to expand...
Click to collapse
btw if anyone else did get a packet trace of it contacting the ota server, I'd be interested to see it. (Well, if no one replies before tomorrow when my box, then don't bother, I can get the trace myself. I'm just impatiently waiting now )
is your root exploit secure enough to outlive the updates ? any chance a virgin box can be spoofed later to limit the OTA from patching everything ?
robclark said:
btw if anyone else did get a packet trace of it contacting the ota server, I'd be interested to see it. (Well, if no one replies before tomorrow when my box, then don't bother, I can get the trace myself. I'm just impatiently waiting now )
Click to expand...
Click to collapse
Not to my knowledge, possibly if you can feed it a low version number then you can boot without taking the OTA, and then use public roots
bkdg100 said:
is your root exploit secure enough to outlive the updates ? any chance a virgin box can be spoofed later to limit the OTA from patching everything ?
Click to expand...
Click to collapse
Amazon updates reflash everything, they don't do delta updates. No ota survival
jcase said:
OTA patched at least two that would have allowed root. Doesn't patch the one I am working with right now.
Click to expand...
Click to collapse
just ran the bluebox app for the heck of it - it claims my firetv is safely patched for 8219321, 9695860, and 10148349 (those are the only 3 it tests for) - yes, I do have the ota update.
are there other recent ones android-using peoples of the world should be aware about? 9950697?
tarvoke said:
just ran the bluebox app for the heck of it - it claims my firetv is safely patched for 8219321, 9695860, and 10148349 (those are the only 3 it tests for) - yes, I do have the ota update.
are there other recent ones android-using peoples of the world should be aware about? 9950697?
Click to expand...
Click to collapse
I checked all of the zip parser bugs first, obvious choice considering it runs 4.2.2.
Sent from my HTC One_M8 using XDA Premium 4 mobile app
jcase said:
Sorry can't, i deleted it after extraction. Running out of space on the disk I keep android data on, so I'm bit tight about it
Click to expand...
Click to collapse
I've pushed firetv-0 branch which is from firetv_src_51.1.0_user_510047320.tar.bz2 ... definitely looks like some additional error checking, etc, between the two. Maybe what I thought was the original src drop was the update and visa versa. Not what I'd expect given the file names, but it would explain...
Hope some XDAers are able to get it rooted before it gets patched.
http://www.androidheadlines.com/201...te-available-for-android-root-access-bug.html
This has already been patched and pushed out, BB was actually impressively quick to patch the issue and push out a new update. A few carriers in the US might not yet have signed off on the update, but the vast majority of reports from users say they've gotten this update. I know I have.
But, can we just load an older build using an auto-loader ?
Artemis-kun said:
This has already been patched and pushed out, BB was actually impressively quick to patch the issue and push out a new update. A few carriers in the US might not yet have signed off on the update, but the vast majority of reports from users say they've gotten this update. I know I have.
Click to expand...
Click to collapse
I haven't.
santimaster2000 said:
But, can we just load an older build using an auto-loader ?
Click to expand...
Click to collapse
On blackberry 10, when an update fixed security issues, they put the older versions in a blacklist, so you couldn't downgrade with the autoloader
Tipika said:
On blackberry 10, when an update fixed security issues, they put the older versions in a blacklist, so you couldn't downgrade with the autoloader
Click to expand...
Click to collapse
This is not BB10, this is Android, and yes, I can downgrade, I've tested it.
can root using this exploit?
A small group of devs wrote a script to get root using this exploit for a few Sony phones. Ive looked through there git and if i understand it correctly then the script should be modifiable to work for the priv but you first need to figure out the physical addresses in the memory for the kernel in order to make it work. I don't know awhole lot about this stuff so correct me if I'm wrong.
Seeing all those one click root apps i was thinking it was going to be easier to root the priv once an exploit was found
Sent from my Nexus 5X using XDA-Developers mobile app
FrankenDroid said:
A small group of devs wrote a script to get root using this exploit for a few Sony phones. Ive looked through there git and if i understand it correctly then the script should be modifiable to work for the priv but you first need to figure out the physical addresses in the memory for the kernel in order to make it work. I don't know awhole lot about this stuff so correct me if I'm wrong.
Click to expand...
Click to collapse
Could you link me to that post please ?
Boom, right here: https://github.com/dosomder/iovyroot
So does this mean one can downgrade and then root using iovyroot?
Shani Ace said:
So does this mean one can downgrade and then root using iovyroot?
Click to expand...
Click to collapse
Theoretically, yes, you would need to add the absolute kernel addresses of the Priv to the source code, then compile it, but still, you would only get temp root, that's only good for using Titanium Backup and the like.
Ah okay, I understand.
So this root is only temp then? Still hoping something comes out but the community seems very small.
I look at my system updates, and I see this! I couldn't believe it! Nougat is finally here!
Just checked and received it as well!
Has somebody captured the OTA file?
Can we root the android nougat?
I had Verizon before. They are known for doing updates late and completely messed up. At least they aren't late this time. I'm just miffed that they dropped it before RETUS.
G4liant said:
Has somebody captured the OTA file?
Click to expand...
Click to collapse
I had every intention to but I was so excited that I forgot before I updated. If no one else does and I can find a stock file to go back to MM, I will try.
shawnsac2000 said:
Can we root the android nougat?
Click to expand...
Click to collapse
On Verizon no. And probably never will be able to.
That sucks
ironbesterer said:
I had every intention to but I was so excited that I forgot before I updated. If no one else does and I can find a stock file to go back to MM, I will try.
Click to expand...
Click to collapse
You do not need root to read most system files.
It used to be in /cache but deletes itself after the flash.
aviwdoowks said:
You do not need root to read most system files.
It used to be in /cache but deletes itself after the flash.
Click to expand...
Click to collapse
I know. Since I flashed it, I couldn't pull the ota through logcat.
My update is having issues. Tried a handful of times and would get "update could not be verified" or something similar after the download would complete update. When it doesn't fail verification, the install fails after rebooting. wtf, I have tried the VZW/Moto software update program but it returns that I have the latest software. Guess that channel might not be updated yet.
teerout said:
My update is having issues. Tried a handful of times and would get "update could not be verified" or something similar after the download would complete update. When it doesn't fail verification, the install fails after rebooting. wtf, I have tried the VZW/Moto software update program but it returns that I have the latest software. Guess that channel might not be updated yet.
Click to expand...
Click to collapse
Is it an official ADDISON_VZW or is it a RETUS device?
ironbesterer said:
On Verizon no. And probably never will be able to.
Click to expand...
Click to collapse
What is the issue with the Verizon variant for root? I am willing to commit a good tip for a verifyable process to anyone that can do it in a reasonable timeframe. Anyone else willing to donate to the cause?
The bootloader can't be unlocked.
BillyBob3 said:
What is the issue with the Verizon variant for root? I am willing to commit a good tip for a verifyable process to anyone that can do it in a reasonable timeframe. Anyone else willing to donate to the cause?
Click to expand...
Click to collapse
Read here
Know jcase?
https://forum.xda-developers.com/z-force/help/root-verizon-t3507253
ironbesterer said:
Is it an official ADDISON_VZW or is it a RETUS device?
Click to expand...
Click to collapse
The device is official VZW. I also have the " device has failed verification" warning on start-up. I'm sure that's not helping things either...
BillyBob3 said:
What is the issue with the Verizon variant for root? I am willing to commit a good tip for a verifyable process to anyone that can do it in a reasonable timeframe. Anyone else willing to donate to the cause?
Click to expand...
Click to collapse
Mostly QCSB and the nearly impossible to exploit bootloader.
aviwdoowks said:
Read here
Know jcase?
https://forum.xda-developers.com/z-force/help/root-verizon-t3507253
Click to expand...
Click to collapse
What's his post number? I can't seem to find it.
FYI, I was able to upgrade to Nougat this morning using the VZW software upgrade assistant.
teerout said:
FYI, I was able to upgrade to Nougat this morning using the VZW software upgrade assistant.
Click to expand...
Click to collapse
So the N firmware is used by that?
Can you extract it somehow? Mac or PC?
Anyone else getting a system update today? I've already got owacerts set as .bak and sys updates disabled, but for some reason I'm still getting the nag? Any thoughts on preventing this? Nothing to freeze in Titanium for FOTA, or System Update since it's a diff variant.
hmm i think it might be version 10p as i update a while ago
dudeawsome said:
hmm i think it might be version 10p as i update a while ago
Click to expand...
Click to collapse
Wouldn't that update mess with rom/root?
hkbladelawhk said:
Wouldn't that update mess with rom/root?
Click to expand...
Click to collapse
sadly yeah
dudeawsome said:
sadly yeah
Click to expand...
Click to collapse
Figured as much. Need to find a way to stop the nag.
hkbladelawhk said:
Anyone else getting a system update today? I've already got owacerts set as .bak and sys updates disabled, but for some reason I'm still getting the nag? Any thoughts on preventing this? Nothing to freeze in Titanium for FOTA, or System Update since it's a diff variant.
Click to expand...
Click to collapse
I have already released a flashable version of this update here:
https://forum.xda-developers.com/v20/development/rom-10p-stock-rom-flashable-zip-root-t3654049
If you are rooted you can install it. Read all the warnings first though.
texasaggie1 said:
I have already released a flashable version of this update here:
https://forum.xda-developers.com/v20/development/rom-10p-stock-rom-flashable-zip-root-t3654049
If you are rooted you can install it. Read all the warnings first though.
Click to expand...
Click to collapse
I'm already running the Overdrive rom. Which is why I'm curious as to why I'm even getting this?
hkbladelawhk said:
I'm already running the Overdrive rom. Which is why I'm curious as to why I'm even getting this?
Click to expand...
Click to collapse
I updated because I get tired of the update notifications
texasaggie1 said:
I updated because I get tired of the update notifications
Click to expand...
Click to collapse
Meh. Too much effort to re-do the entire phone.