NookDevs.com 2.4.1 Softroot/ROM (B&N:1.4.0) has been released. Get it HERE!

From nookDevs

WARNING

We are going to quote parts of the iPhone dev team here. GOLDEN RULE: Do not update until you hear from @nookDevs that it is OK TO UPDATE!

We don't know what kinda muscle B&N could pack in the update, it could lockout all rooted devices from using root. Just to be safe DO NOT UPDATE IF A SOFTWARE UPDATE GOES OUT UNLESS WE TELL YOU.

There is one small catch.... B&N can force a update on you with a 5 minute countdown clock. If this happens, delay the clock and shut off the device ASAP. This should (although unconfirmed) give you enough time to remove the update from the system or go into airplane mode to block out any connection attempts home.

Updates

For the information on how to force an OTA (over the air) update or how to update the nook manually, please visit B&N nook support site.

So far B&N has released 1.1.0 update and 1.1.1 update for the nooks, both of them are safe to run on the already rooted nook, they do not break the root, neither do they prevent the rooting on the updated nook.

Please note that the 1.2 update which is being rolled out now will break rooting. Please see the Softroot page for more details.

Firmware update format

The firmware update is a gzipped tar archive with an additional header.

Firmware update header

Bytes 0-6: Empty
Byte 7: Offset from this byte to the start of the gzip header
Bytes 8-14: Empty
Bytes 15: Length of the following block, in bytes (128 in the current update)
Bytes 16-143: Signature?
Bytes 144-158: Empty
Byte 159: Length of the following block, in bytes (5, in the current update)
Bytes 160-164: Version string in ascii, including decimal points
Bytes 165-168: Empty
Bytes 169-172: Unknown
Bytes 173-end: Gzipped tarball

Firmware update contents

The tar archive contains an update script that is interpreted by the flasher and an optional set of the following files, all under the Firmware_Update directory:

• kernel.bin: A replacement kernel.
• u-boot.bin: A replacement first-stage bootloader
• turboboot.img: A replacement second-stage bootloader
• root.tgz: A replacement root filesystem. wpa_supplicant.conf will be backed up from the existing root, which will then be formatted and the contents of root.tgz extracted to it. wpa_supplicant.conf will then be restored.
• delta_android_remove.list: A list of files to be deleted from the root filesystem
• delta_android_add.tgz: A tar archive containing a subset of the root filesystem. This will be extracted over the top of the existing root filesystem.
• delta_user_remove.list: A list of files to be deleted from the FAT filesystem that is used for user storage
• delta_user_add.tgz: A tar archive containing new files to be extracted to the user storage filesystem

There are also md5sums and sha1sums files containing the md5 and sha1 of each of the update files. The update files are processed if they exist, and then the Firmware_Update directory and its contents are deleted.

Possibility of using the Update for our purposes

Quite high, in fact. Travis has looked at the key in otacerts.zip (/system/etc/security), and has found it to be the same testkey as the one in the stock android project available from git source.

So, in short "we have the same key that the B&N devs sign with".

This has not been tested, but this should work fine.