We are going to quote parts of the iPhone dev team here. GOLDEN RULE: Do not update until you hear from @nookDevs that it is OK TO UPDATE!
We don't know what kinda muscle B&N could pack in the update, it could lockout all rooted devices from using root. Just to be safe DO NOT UPDATE IF A SOFTWARE UPDATE GOES OUT UNLESS WE TELL YOU.
There is one small catch.... B&N can force a update on you with a 5 minute countdown clock. If this happens, delay the clock and shut off the device ASAP. This should (although unconfirmed) give you enough time to remove the update from the system or go into airplane mode to block out any connection attempts home.
For the information on how to force an OTA (over the air) update or how to update the nook manually, please visit B&N nook support site.
Oficial firmwares (09/oct/2010)
- Source Code (alternative location) of the open source software used in nook, namely linux kernel, busybox and u-boot
|Version||Release date||Alt download||SHA1|
|1.0.0||2010 October 20||84287d73b70e98da6a6af9f362b31e96d4e6eea4|
|1.1.0||2009 December 21|
|1.1.1||2009 December 21||megaupload||af14c085d0debb342148b39a106a8ac416d08fb8|
|1.2.0||2010 February 5||megaupload||d69ac8af8a475d936e082a3d9f3e2858f2621f27|
|1.3.0||2010 April 23||megaupload||582a8708bbb725db716dcbde689126ba76451a62|
|1.4.0||2010 June 21||megaupload||c0a5da025472933eb41dcac36425426848d5384a|
|1.5.0||2010 November 22||174395788aac8ea851821de8343c806ced285466|
|1.6.0 (buggy)||2011 June||3b214e78984d09dc0894c02a023bafccda4f5027|
|1.7.0 Last release||2011 June 21||hotfile||98534a34cdf19cbbc3c164de534cfba83bf7ced2|
Firmware update format
The firmware update is a gzipped tar archive with an additional header.
Firmware update header
Bytes 0-6: Empty Byte 7: Offset from this byte to the start of the gzip header Bytes 8-14: Empty Bytes 15: Length of the following block, in bytes (128 in the current update) Bytes 16-143: Signature? Bytes 144-158: Empty Byte 159: Length of the following block, in bytes (5, in the current update) Bytes 160-164: Version string in ascii, including decimal points Bytes 165-168: Empty Bytes 169-172: Unknown Bytes 173-end: Gzipped tarball
Firmware update contents
The tar archive contains an update script that is interpreted by the flasher and an optional set of the following files, all under the Firmware_Update directory:
- kernel.bin: A replacement kernel.
- u-boot.bin: A replacement first-stage bootloader
- turboboot.img: A replacement second-stage bootloader
- root.tgz: A replacement root filesystem. wpa_supplicant.conf will be backed up from the existing root, which will then be formatted and the contents of root.tgz extracted to it. wpa_supplicant.conf will then be restored.
- delta_android_remove.list: A list of files to be deleted from the root filesystem
- delta_android_add.tgz: A tar archive containing a subset of the root filesystem. This will be extracted over the top of the existing root filesystem.
- delta_user_remove.list: A list of files to be deleted from the FAT filesystem that is used for user storage
- delta_user_add.tgz: A tar archive containing new files to be extracted to the user storage filesystem
There are also md5sums and sha1sums files containing the md5 and sha1 of each of the update files. The update files are processed if they exist, and then the Firmware_Update directory and its contents are deleted.
Possibility of using the Update for our purposes
Quite high, in fact. Travis has looked at the key in otacerts.zip (/system/etc/security), and has found it to be the same testkey as the one in the stock android project available from git source.
So, in short "we have the same key that the B&N devs sign with".
This has not been tested, but this should work fine.
Nook's Firmware update service don't use this certs to check sign validity, it's uses hardcoded public key instead (12..821 = 1024bit rsa modulus):
RSAPublicKey rsapublickey = createPublicKey("12..821", "65537");