Will Verduzco · Jul 28, 2013 at 11:00 am

Chromecast Secure Boot Exploit and Root

The Google Chromecast is shaping up to be quite a popular device. Largely due to its price point, adoption of Google’s latest media streamer has been so high as to exhaust Google’s free Netflix promotion. As exciting as the new device is, it’s hard to disagree that the included feature set could be a bit better. However, as with all limited devices, it was only a matter of time before someone rooted it, and that’s exactly what the folks over at GTV Hacker have done.

So how does it work? You first must get your device into USB boot mode, which is accomplished by holding down the single button as the device powers on. Then you use a powered mini USB OTG cable to provide the device with a signed image at a specific address on the USB drive. This firmware is passed along to the device’s cryptography hardware to be verified. However, due to problems with the device’s image signature verification, return code is simply not checked. Thus, you are able to run your own code at will. One thing to keep in mind, though, is that this security hole could be closed with any update at any time, so it’s likely not to be available for too long.

So what can you do with this? Right now, not a whole lot. In fact, if you’re not thinking of developing for the device, we’d recommend not doing this due to the inherent risks. However, the groundwork has been laid for future developments that will build upon this and add more functionality to the admittedly spartan device. I mean after all, who wouldn’t want Miracast support on the Chromecast? Seems like a match made in heaven.

To learn more head over to the GTV Hacker Wiki and also read their coverage of the exploit. And when you’re ready to get in on the Chromecast fun yourself, be sure to head over to the newly created Google Chromecast forum.


_________
Want something on the XDA Portal? Send us a tip!

Will Verduzco

willverduzco is an editor on XDA-Developers, the largest community for Android users. Will Verduzco is the Portal Administrator for the XDA-Developers Portal. He has been addicted to mobile technology since the HTC Wizard. But starting with the Nexus One, his gadget love affair shifted to Google's little green robot. He is also a Johns Hopkins University graduate in neuroscience and is now currently studying to become a physician.
Chris Gilliam · Mar 28, 2015 at 12:45 pm · 1 comment

Pinsy Brings Social Sketching To Your Watch & Phone

Did you watch Apple's VP draw on his wrist during the Apple Watch announcement and wonder "why can't my Wear watch do that?" In typical XDA fashion, one enterprising forum member has brought similar functionality to Android Wear with a twist; it works on phones and watches alike, with other platforms on the way! The app is called Pinsy, and its release debut is a strong proof of concept with plenty of room to grow. You may remember the developer behind this project, XDA...

XDA NEWS
Mario Tomás Serrafero · Mar 27, 2015 at 04:13 pm · 2 comments

Should You Get Wear? Wearer’s Practical Observations

Wear is said to not offer enough for mass adoption, even though its been in the market for over 9 months. I personally have a Gear Live which I purchased 8 months ago, and my experience with it has had its ups and downs throughout my time with it. For the longest time, I was not able to recommend the platform to anyone. Since then, a lot of updates have hit Wear watches, some improving battery life, others changing the...

XDA NEWS
GermainZ · Mar 27, 2015 at 01:15 pm · 2 comments

SlimRoms: Updates on the Horizon

SlimRoms' website has been experiencing technical difficulties for the last month or so, but it's good to know the team is working hard and is still on top of things. The SlimRoms GitHub repos are getting updated with some major changes showing up. Most notably, some projects are getting a new 5.1 branch: lp5.1! A new, revamped and open source website is also in the works, with a look inspired by material design. We also got a tip about an...

XDA NEWS
Share This