Zune and Rockbox - Page 2

kcarden · 03-12-2008, 06:49 AM

so the irmware on the HD is the only one with a signature?
then why not mod the ones on the flash? what whould happen then?

LedZepp · 03-12-2008, 03:15 PM

All of the firmware has signature on it, the firmware in the flash is the same eboot.bin and recovery.bin as on the hd.

Andre3000 · 03-16-2008, 05:05 PM

Its impossible as of now to do that.

sumare · 05-06-2008, 04:04 PM

Forgive me if this is a stupid suggestion, but since the firmware itself is proving so difficult to hack, would it be feasible to create an alternate framework that runs off of XNA? As in, it would be a "game" of sorts, but once launched, it would basically be an alternate firmware for your Zune?

I'm pretty sure XNA games can access the files on the Zune's hard drive, right? So can't we technically write an XNA program that stores its own database of the Zune's music and videos and stuff, and interact with the Zune through the program?

I don't know if this is at all possible, but it seems like a reasonably feasible alternative if the firmware's proving too hard to crack. Any opinions?

ZunePet · 05-11-2008, 09:44 PM

> would it be feasible to create an alternate framework that runs off of XNA?
Yes, it is already there. It is called XNA ;->

XNA programs provide common features needed by games. They run in a restricted and highly controlled 'sandbox'. Programs can't maliciously change the regular Zune data, or the regular boot process (ie. no Rockbox or Linux or WinCE hacks)
The Zune music database is off limits. Apparently you can play (non-DRM) music as part of your game.
This is similar to XNA game feature under the XBox360. Very restricted. Great for simple games that don't need optimized ARM native code. Not good for high performance games or system hacking.

ie. you can't add more features that extend beyond the XNA restrictions. If you find one it is likely a bug (and a chance for an exploit!!) but will be short lived until they fix the bug.
------
Bottom line (for system-level hackers): nothing has changed. The system is closed off and intentionally designed *not* to run arbitrary code. Programmers are not to be trusted. Users must be protected from malicious code at any cost - so they get a choice any number of intentionally crippled programs.

For hackers still interested in RockBox or Linux or system modifications (like getting around the game exit feature, or running true ARM code, or web browsing...) the only option is finding a bug/exploit in the secure system and 'cracking' the system. It will be short lived.
With Zune 2.5 firmware, the list of possible exploits goes up. You may be able to find a bug/exploit in the XNA runtime, or the XNA "CLR" byte-code runtime (a general exploit may work for Zune or XBox360), but it will be short lived.

Or invest your time in an open platform...

sumare · 05-12-2008, 04:45 PM

* Sighs *
I guess I'll resort to the final option, then...
"Down with Microsoft's anti-open-source mentality!!!"
-_-"

xkngofqnz · 05-12-2008, 05:15 PM

are there even people trying to port rockbox or linux onto the zune?

sumare · 05-12-2008, 05:21 PM

Affirmative.
Are they succeeding? Not yet.

xkngofqnz · 05-12-2008, 05:21 PM

lol so were still a longg way from it?

sumare · 05-12-2008, 05:22 PM

well, i have no idea, you'd have to ask those people

Bursh · 05-15-2008, 05:59 AM

I'm probably going to seem incredibly naive with this comment .. but .. could we not attempt to match the signature on the firmware so the Zune would accept it?

ZunePet · 05-15-2008, 08:25 AM

> could we not attempt to match the signature on the firmware so the Zune would accept it?
Easy to attempt, but hard to find (ie. many years of calculations) unless you are very lucky. Check other threads, this has been discussed before.

BTW: The core firmware uses the "SHA-1" hash. I suspect they are using the same for the XNA game library DLLs.
http://en.wikipedia.org/wiki/Sha-1#SHA-1_algorithm

umisguy · 05-15-2008, 10:16 AM

the only way to possibly even find the SHA-1 encryptor for the zune's firmware would be to use about 50 medium to high end computers in a distributed computing network and that would still take years. It would take around the vicinity of 590,295,810,358,705,651,712 computational instructions OR MORE in order to find the SHA-1 key / encryptor they are using in order to permit for open source alternative firmwares in a zune. Even at 1 TeraFLOPS of computing power, it would take over 6,832 days of nonstop computing at it to get to the tootsie-roll center of that tootsie pop.

Bursh · 05-16-2008, 07:28 AM

Quote:

Originally Posted by umisguy

the only way to possibly even find the SHA-1 encryptor for the zune's firmware would be to use about 50 medium to high end computers in a distributed computing network and that would still take years. It would take around the vicinity of 590,295,810,358,705,651,712 computational instructions OR MORE in order to find the SHA-1 key / encryptor they are using in order to permit for open source alternative firmwares in a zune. Even at 1 TeraFLOPS of computing power, it would take over 6,832 days of nonstop computing at it to get to the tootsie-roll center of that tootsie pop.

Hmm. I see now.

xkngofqnz · 05-16-2008, 02:14 PM

Bribe Someone In Microsoft! :ddd

Xx Demon xX · 05-16-2008, 04:13 PM

People can hack alot of things...

What makes you think the zune is so tough? lol

blackboxxlying · 05-18-2008, 01:17 PM

jeez
what's up microsoft's ass

Ak-Thrasher · 06-10-2008, 11:33 AM

it sucks how on an ipod it's so simple but on a zune it's basically impossible. But mabey future versions of zunes will have less limitations

laos101 · 06-12-2008, 02:38 AM

Well, the firmware updates via a PC. Maybe you can find a way to take the Microsoft Sign from it, and use it to reflash the Mobo.

Also, if that doesnt work. try embedding the code into a program in the game that can run

Quote:

Originally Posted by Xx Demon xX

People can hack alot of things...

What makes you think the zune is so tough? lol

Microsoft paid Computer hackers and DIY Nuts to hack-proof the Zune as long as they can make a profit from it

Masterchief3k · 06-12-2008, 12:21 PM

Quote:

Originally Posted by umisguy

the only way to possibly even find the SHA-1 encryptor for the zune's firmware would be to use about 50 medium to high end computers in a distributed computing network and that would still take years. It would take around the vicinity of 590,295,810,358,705,651,712 computational instructions OR MORE in order to find the SHA-1 key / encryptor they are using in order to permit for open source alternative firmwares in a zune. Even at 1 TeraFLOPS of computing power, it would take over 6,832 days of nonstop computing at it to get to the tootsie-roll center of that tootsie pop.

Then let's network 300 playstation 3's together and get 80 teraflops! woot!

05-06-2008, 04:04 PM	#24 (permalink)
sumare Squirt Join Date: Mar 2008 Posts: 15 Reputation: 10 $zB: 16 Donate	Possibilities...? Forgive me if this is a stupid suggestion, but since the firmware itself is proving so difficult to hack, would it be feasible to create an alternate framework that runs off of XNA? As in, it would be a "game" of sorts, but once launched, it would basically be an alternate firmware for your Zune? I'm pretty sure XNA games can access the files on the Zune's hard drive, right? So can't we technically write an XNA program that stores its own database of the Zune's music and videos and stuff, and interact with the Zune through the program? I don't know if this is at all possible, but it seems like a reasonably feasible alternative if the firmware's proving too hard to crack. Any opinions?

05-12-2008, 04:45 PM	#26 (permalink)
sumare Squirt Join Date: Mar 2008 Posts: 15 Reputation: 10 $zB: 16 Donate	Ah. * Sighs * I guess I'll resort to the final option, then... "Down with Microsoft's anti-open-source mentality!!!" -_-" __________________ To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.

05-12-2008, 05:21 PM	#28 (permalink)
sumare Squirt Join Date: Mar 2008 Posts: 15 Reputation: 10 $zB: 16 Donate	Affirmative. Are they succeeding? Not yet. __________________ To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.

05-12-2008, 05:22 PM	#30 (permalink)
sumare Squirt Join Date: Mar 2008 Posts: 15 Reputation: 10 $zB: 16 Donate	well, i have no idea, you'd have to ask those people __________________ To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.

05-16-2008, 04:13 PM	#36 (permalink)
Xx Demon xX Zuner Join Date: May 2008 Location: Where ever you live. Posts: 77 Reputation: 10 $zB: 68 Donate	People can hack alot of things... What makes you think the zune is so tough? lol __________________ To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts. Thanks Stkr To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.

03-12-2008, 06:49 AM	#21 (permalink)
kcarden Squirt Join Date: Feb 2008 Posts: 26 Reputation: 10 $zB: 20 Donate	so the irmware on the HD is the only one with a signature? then why not mod the ones on the flash? what whould happen then?

Remove Advertisements Sponsored Links
Zune Boards Advertisement

03-12-2008, 03:15 PM	#22 (permalink)
LedZepp Jr. Staff Hacks and Mods Crew Zune Guardian Join Date: Mar 2007 Posts: 689 Reputation: 80 $zB: 370 Donate	All of the firmware has signature on it, the firmware in the flash is the same eboot.bin and recovery.bin as on the hd.

03-16-2008, 05:05 PM	#23 (permalink)
Andre3000 Experienced Zuner Join Date: Oct 2007 Posts: 151 Reputation: 15 $zB: 116 Donate	Its impossible as of now to do that.

05-11-2008, 09:44 PM	#25 (permalink)
ZunePet Zuner Join Date: Nov 2006 Posts: 68 Reputation: 9 $zB: 5 Donate	> would it be feasible to create an alternate framework that runs off of XNA? Yes, it is already there. It is called XNA ;-> XNA programs provide common features needed by games. They run in a restricted and highly controlled 'sandbox'. Programs can't maliciously change the regular Zune data, or the regular boot process (ie. no Rockbox or Linux or WinCE hacks) The Zune music database is off limits. Apparently you can play (non-DRM) music as part of your game. This is similar to XNA game feature under the XBox360. Very restricted. Great for simple games that don't need optimized ARM native code. Not good for high performance games or system hacking. ie. you can't add more features that extend beyond the XNA restrictions. If you find one it is likely a bug (and a chance for an exploit!!) but will be short lived until they fix the bug. ------ Bottom line (for system-level hackers): nothing has changed. The system is closed off and intentionally designed not to run arbitrary code. Programmers are not to be trusted. Users must be protected from malicious code at any cost - so they get a choice any number of intentionally crippled programs. For hackers still interested in RockBox or Linux or system modifications (like getting around the game exit feature, or running true ARM code, or web browsing...) the only option is finding a bug/exploit in the secure system and 'cracking' the system. It will be short lived. With Zune 2.5 firmware, the list of possible exploits goes up. You may be able to find a bug/exploit in the XNA runtime, or the XNA "CLR" byte-code runtime (a general exploit may work for Zune or XBox360), but it will be short lived. Or invest your time in an open platform...

05-12-2008, 05:15 PM	#27 (permalink)
xkngofqnz Zewbie Join Date: Apr 2008 Posts: 7 Reputation: 9 $zB: 3 Donate	are there even people trying to port rockbox or linux onto the zune?

05-12-2008, 05:21 PM	#29 (permalink)
xkngofqnz Zewbie Join Date: Apr 2008 Posts: 7 Reputation: 9 $zB: 3 Donate	lol so were still a longg way from it?

05-15-2008, 05:59 AM	#31 (permalink)
Bursh Squirt Join Date: May 2008 Posts: 20 Reputation: 10 $zB: 19 Donate	I'm probably going to seem incredibly naive with this comment .. but .. could we not attempt to match the signature on the firmware so the Zune would accept it?

05-15-2008, 08:25 AM	#32 (permalink)
ZunePet Zuner Join Date: Nov 2006 Posts: 68 Reputation: 9 $zB: 5 Donate	> could we not attempt to match the signature on the firmware so the Zune would accept it? Easy to attempt, but hard to find (ie. many years of calculations) unless you are very lucky. Check other threads, this has been discussed before. BTW: The core firmware uses the "SHA-1" hash. I suspect they are using the same for the XNA game library DLLs. http://en.wikipedia.org/wiki/Sha-1#SHA-1_algorithm

05-15-2008, 10:16 AM	#33 (permalink)
umisguy zB Programmer Jr. Member Join Date: Feb 2008 Posts: 442 Reputation: 34 $zB: 380 Donate Awards Showcase Total Awards: 1	the only way to possibly even find the SHA-1 encryptor for the zune's firmware would be to use about 50 medium to high end computers in a distributed computing network and that would still take years. It would take around the vicinity of 590,295,810,358,705,651,712 computational instructions OR MORE in order to find the SHA-1 key / encryptor they are using in order to permit for open source alternative firmwares in a zune. Even at 1 TeraFLOPS of computing power, it would take over 6,832 days of nonstop computing at it to get to the tootsie-roll center of that tootsie pop.

05-16-2008, 02:14 PM	#35 (permalink)
xkngofqnz Zewbie Join Date: Apr 2008 Posts: 7 Reputation: 9 $zB: 3 Donate	Bribe Someone In Microsoft! :ddd

05-18-2008, 01:17 PM	#37 (permalink)
blackboxxlying Squirt Join Date: Jun 2007 Posts: 10 Reputation: 12 $zB: 7 Donate	jeez what's up microsoft's ass

06-10-2008, 11:33 AM	#38 (permalink)
Ak-Thrasher Zewbie Join Date: Jun 2008 Posts: 2 Reputation: 10 $zB: 2 Donate	it sucks how on an ipod it's so simple but on a zune it's basically impossible. But mabey future versions of zunes will have less limitations

Sponsors