gtvhacker
Latest
Nest Learning Thermostat has its security cracked open by GTVHacker
While we wait for Google I/O (which starts tomorrow) to find out what will become of the company's TV platform, a team that we've seen bust open the padlocks on Google TV, Chromecast and Roku has a new target. GTVHacker just revealed an exploit for the (now Google-owned, and owner of Dropcam) Nest Learning Thermostat. It could let owners do new and interesting things (like replace the Nest software entirely) but of course, someone with bad intentions could take it in another direction: monitor whether the owner is home via its motion detector, sniff network traffic, or just crank up the temperature a few degrees -- all without even opening the device. Interested in how the hack works? Like most jailbreaking techniques we've seen on mobile and home connected platforms it requires physical access to the device, so you don't have to worry bout someone wardriving down the block and wreaking havoc with your A/C. Check after the break for more details and a video, and if you're headed to DEFCON in August, the team has a demonstration planned that's oh-so-comfortingly titled "Hack All the Things." Update: Nest has responded, saying the team's software "doesn't compromise the security of our servers or the connections to them and to the best of our knowledge, no devices have been accessed and compromised remotely." [Image credit: gpshead/Flickr]
Roku player software cracked open temporarily, root now to run XBMC later
Roku's line of set-top boxes have been popular thanks to their simple controls, large set of available apps (recently expanded to include YouTube for the new Roku 3) and hardware ranging in price from inexpensive to downright cheap. Still, despite an active and encouraged developer community with custom channels and well-supported media player apps like Plex, the hardware has remained largely on lockdown -- until now. The GTVHacker team that previously unlocked Google TV and Chromecast has found a way to run its commands as root on any Roku 2 or Roku 3 using the most recent software version (unfortunately, that does not at this time include Sky TV's cheap Now TV player, which runs on older software). While the player overall is credited as "considerably more secure than others in the entertainment field" (Samsung comes to mind but it's from from the only one) a development password field provided a way in. Currently they've only achieved persistence on the Roku 2, which in this case means they can maintain control even after the box reboots by breaking the secure boot process and modifying the initial boot loader. Since Roku 2 runs on the same Broadcom chip used by the popular Raspberry Pi, team member CJ Heres expects to see ports for third-party home theater PC software like XBMC very quickly. The Roku 3 will be a bit trickier since it runs on different hardware, and right now it needs to have the command entered each time the box starts. Those well-versed in using the command line should find the process simple. A WGET command entered via the development password field pulls down a script -- available from the GTVHacker team -- that makes sure you have the right box and does all the dirty work before rebooting, leaving you with a rooted box, as seen above. Hardware level access on mobile platforms has lead to a number of custom software projects and we'll have to see if the same path is followed here, but if all this does is create a simple $40 XBMC box, it's probably still worth looking into -- and quickly, the team expects this security hole will be patched soon.
Google TV v4 close to release, hacked 'Android TV' ROM is running in the wild
News that the Google TV platform will get an update to Android Jelly Bean came at the I/O event back in May, but there's been little in the way of information since then. GTV Hacker team member CJ Heres points out a zip file containing the open sourced code for LG's Google TV devices, and even has a hacked ROM up and running on a Sony box. The code was updated in the last week or so and uses Linux 3.4.5, which is the same version that Jelly Bean is based on. Separately, he's posted an image (above) of proper Android 4.x on a Sony NSZ-GS7 Google TV box, complete with the operating system's NDK support that enables high-performance apps so it can run XBMC (barely -- it crashes on any attempt to play video). The software is pulled from a Chinese Android device and as he mentioned to us, hopefully the coming update will make this type of hack entirely unnecessary. Google confirmed the platform will get Chromecast-style features and "bring the latest experience of Android and Chrome to devices," but we don't know if that's due in this update. Reports months ago indicated the Google TV brand will fade into Android as the two projects grow back together, and GigaOm points out that Sony's new BRAVIA Smart Stick doesn't use the title, while developers have moved away from it (even the I/O presentation rocked the title "Android: As seen on TV!"). Google TV or Android TV, we should hear more shortly -- in the meantime check out an I/O demo of LG's TV running Android 4.2.2 after the break.
Chromecast bootloader exploit surfaces, opens up plenty of possibilities (video)
"Give it time." It's something many mums have uttered to their frustrated youth, and it's something that's also uttered amongst the hacker crowd each time a new device emerges. In the case of Google's $35 Chromecast, it took but a couple of days for the HDMI streaming stick to be exploited. Granted, Google's never been one to keep its biggest software projects under lock and key, but for those looking to tinker a bit with their new toy, GTVHacker has the goods. The exploit package has thus far been used to confirm that the software within is not Chrome OS -- it's described by the aforesaid site as "a modified Google TV release, but with all of the Bionic / Dalvik stripped out and replaced with a single binary for Chromecast." Those interested in giving it a go themselves can test their luck here, while the timid among us can hop on past the break for a video.
GTVHacker shows off custom recovery for Google TVs (video)
There's plenty of official news about Google TV this week at CES, but if you're more interested in cracking the platform wide open unofficially this video may be of interest. The GTVHacker team reveals that it has been developing an exploit that will let it run custom kernels on "most" second generation Google TV devices, along with a custom recovery designed specifically for Google TV. It's not ready for prime time just yet but in the video you can get a peek at it being loaded on a Sony NSZ-GS7 box, opening up wider access to the kinds of adjustments we're already used to seeing on mobile Android devices. There's no word on when this will see wide release, but you can hit the source link for more details plus a history of what the team has been up to since coming together over two years ago
GTVHacker teases Boxee for rooted Sony Google TVs
Since the Boxee Box and original Google TV v1 hardware share Intel Atom processors at their heart users have wondered about the opportunity for a port, and as seen above, that may have been achieved. GTVHacker tweeted out the picture tonight, promising "big things" in store for owners of rooted Sony Google TV devices while showing Boxee running on a Sony NSZ-GT1 Blu-ray player. There's no other details mentioned so far, but if you managed to open up the capabilities of your hardware before an update put the kibosh on rooting, you should have some extra capabilities coming your way shortly.
GTVHacker tool brings Sony Google TVs root access, full Flash streaming
Early Google TV adopters looking for root access can get it easily on their Sony units, thanks to the just released GTVHacker Sony Recovery Downgrader & Rebooter. Unlike brute force hacks we've seen so far for the Revue, this is an all-software method that requires (only) four 512MB or larger USB sticks to get the job done. Once completed the developers indicate their unsigned kernel includes a modified Flash plugin that will let users stream all the Hulu and other network TV content that has otherwise been denied the Google TV, plus other tweaks like optional support for NTFS formatted drives. It disables automatic updates, but users can still switch back to the stock software by resetting the unit in recovery mode. Once you've dug up your Atari Jaguar Sony Google TV remote, hit the links below for all the software and instructions necessary to get the job done although as always, YMMV.
Logitech Revue hack brings Android Market, requires brute force (update)
It's not exactly what we'd call a easy jailbreak, seeing as how it requires a soldering iron, a NAND format procedure, and a Logitech Revue that's never even been powered on, but it looks like it is possible to root a Google TV box after all. GTVHacker has a thirteen-step walkthrough to cracking the Logitech Revue -- and physically crack the case you must -- after which point custom firmware can let it download, install and run apps from Android Market and bypass pesky television network blockages. Risky? Definitely. Worth it? Depends on how patient you are. Update: Looks like the GTVHacker team won themselves $500 for their trouble, due to the hack's likely use -- it may give developers a head start building apps for Google TV's version of Android. Find the details at our more coverage link. [Thanks, Jason W.]
