Will Verduzco · Aug 2, 2013 at 03:30 pm

Latest Google Chromecast OTA Blocks Root Method

Five days ago, we covered a rather useful discovery by the fine folks over at GTV Hacker, where due to a rather convenient oversight in the device’s cryptography pathway, a to-be-flashed firmware’s return code was never checked after passing through the device’s image verification software. In other words, this meant that you could run your own firmware at will, and all you needed was a USB key, the appropriate firmware, and a powered USB OTG cable.

At the time of the previous article, I noted the very real possibility that a future OTA would likely break this root method. Unfortunately, it appears as if that day has (rather expediently) come with OTA build 12840. Given that the original security hole is one so basic as to lead us to believe that it was left in place intentionally, we can only assume that other forces such as content providers or potential partners are at play. After all, root access could in their minds potentially open the door to pirated content. However, at this time, that is nothing more than speculation by one rather paranoid editor.

What can (or should) you do about it? At the moment, it appears as if there’s not much to do. OTA updates are applied to the device automatically, without any user intervention. XDA Forum Member tchebb has created an information thread detailing the issue, along with citing the changes made to /bootloader/bootloader.c in the Chromecast source code that are responsible for the root method closure.

In addition to sharing the bad news, tchebb’s thread also includes two methods that could theoretically prevent the OTA from being applied. One method involves attempting to remove the OTA signing keys on the device, whereas the other replaces the device’s update_engine with an empty executable script. As explained by tchebb himself:

THE FOLLOWING METHODS ARE UNTESTED AND ARE NOT GUARANTEED TO WORK OR LEAVE YOUR CHROMECAST IN A WORKING STATE. PERFORM THEM AT YOUR OWN RISK.

After telnetting into your rooted Chromecast or otherwise obtaining a root shell, you can try these two possible methods

  1. Rename otacerts.zip to otacerts.zip.bak in /system/etc/security/. This may remove the OTA signing keys and cause the Chromecast to reject any OTAs. However, I do not know whether this file is actually used or whether is simply a remnant from Chromecast’s Android base.
  2. Replace /chrome/update_engine with an empty, executable, shell script (make sure to make a backup copy first). I am very unsure of this method, since it is simply going off the name of the update_engine binary. If update_engine happens to perform some task core to the system, doing this will leave your device in an unusable state. If this happens, simply re-rooting using GTVHacker’s USB image should restore your system to how it was.

However, there is a large inherent risk with applying either, and bricked devices are highly likely. Because of that, we don’t recommend that anyone, except perhaps hardware hackers named Adam and others like him, attempt this.

[Many thanks to all who sent this one in!]
_________
Want something on the XDA Portal? Send us a tip!

Will Verduzco

willverduzco is an editor on XDA-Developers, the largest community for Android users. Will Verduzco is the Portal Administrator for the XDA-Developers Portal. He has been addicted to mobile technology since the HTC Wizard. But starting with the Nexus One, his gadget love affair shifted to Google's little green robot. He is also a Johns Hopkins University graduate in neuroscience and is now currently studying to become a physician. View willverduzco's posts and articles here.
Mathew Brack · Jul 3, 2015 at 12:00 pm · 2 comments

The Atlas of XDA

A few weeks ago, we asked you "How Does Your Location Affect Your Life As A Power User?". In the days that followed, members from all over the world shared their stories and experiences of life across the globe. Allow me to introduce the true story of what it means to be a power user on this pale blue dot.   Index Africa & Oceania: Australia, Indonesia, Libya, Madagascar, New Zealand, Nigeria, South Africa, Americas: Brazil, Chile, Columbia, Costa Rica, Guatemala, Martinique, United...

XDA NEWS
Mario Tomás Serrafero · Jul 3, 2015 at 11:10 am · 3 comments

New Snapdragons: Some Context & Contrast

It hasn’t been a good year for Qualcomm so far. Every device featuring the Snapdragon 810 has had a less-than-stellar fate, be it because of overheating complaints or actual decreased sales. HTC is in a particularly worrisome situation, and Sony’s Z4 is slipping down Japanese charts just over a week after its release. The G Flex 2, Mi Note Pro and Z3+ all saw complaints as well. Even MediaTek is seemingly getting an advantage over this.   But a particularly...

XDA NEWS
Aamir Siddiqui · Jul 3, 2015 at 10:12 am · 1 comment

Google To Launch Next Gen Android One On July 14

The first gen of Android One devices to be launched in India in September 2014 were decent starter smartphones, featuring budget specs and a promise of fast updates. However, the phones did not pick up as big a response as Google hoped. Now, as per a report by The Economic Times, it appears that Google is rethinking their strategy towards Android One in India. The first gen Android One devices focused on first time smartphone users, but were flawed in...

XDA NEWS
Share This