The Netgear NeoTV Prime (GTV100) and Asus Qube – info on the next Google TV boxes

Posted: December 2nd, 2012 | Author: | Filed under: GTVHacker | Tags: , , , , | Comments Off
Netgear GTV100 Label
The GTVHacker team had heard rumors of a Netgear Google TV device for a while, but the rumors were confirmed recently when GTVHacker team member cj_000 found FCC documentation for the new device. We waited to see if any of the big news sites would find the documentation and pictures, but since the community has yet to find them – here you go:  A look at the Netgear NeoTV Prime (GTV100)!

Netgear GTV100 Remote

This is a generation 2 Google TV box, it will probably look fairly close to the Vizio Co-Star (hardware wise) but with a different case. There is also more than likely going to be a custom UI to help separate the NeoTV Prime from Google TV competitors but we have yet to have that information confirmed. For more on the NeoTV Prime, check out the remote, and WiFi module: NeoTV Prime Remote via the FCC  /   NeoTV Prime Wifi Module via the FCC.

Asus Qube Remote Dongle

That brings us to the Asus Qube, which is a Google TV box that had its remote module hit the FCC yesterday. In regards to hardware and software, the Qube should be a similar device. We’re not expecting any major surprises here, every generation 2 Google TV device (excluding the LG G2) has used the same Marvell 88DE3100 series chipset. It is worth mentioning that some are reporting this to be a USB stick. The sheer size of cooling needed for the Marvell 88DE3100 series (Armada 1500) chip makes this theory unlikely.

For instance, take a look at our Sony NSZ-GS7 teardown or the internals of the Vizio Co-Star. Both need quite a bit of cooling due to the Marvell CPU which would be near impossible with a USB powered “dongle”.

Below are direct links to the FCC information on the Asus Qube as well as the app mentioned in the Engadget article that originally broke the story on the Qube.

Engadget Source /Asus Qube via the FCC / Asus Oplay via Google Play


GTVHacker at DEF CON 20: Oh the Exploits!

Posted: August 4th, 2012 | Author: | Filed under: Uncategorized | Comments Off

As previously mentioned, we were invited to speak at the DEFCON 20 security conference, covering what else – Hacking the Google TV. We all had an awesome time at DEFCON and it was great to meet the rest of the team, both current and past members.

If you haven’t seen our slides from our DEFCON 20 presentation you can find them online here

If you notice in the DEFCON slides, we released multiple exploits, including:

WARNING: The links above contain the until now unreleased Revue root. As bliss described it, “it is like punching the device in the face while telling it that it’s not getting hit”. It is incredibly unstable and we are providing it unpackaged to prevent it from being used by someone who may end up damaging their box. If you are looking to get root to help achieve some form of optimal Android experience from the box, then please wait for a better packaged version with persistence. If you are technically savy and are willing to risk damaging your box, gambling on how skilled you are, then feel free to give it a shot. We will note that you are likely to brick your device much like we have bricked ours (but we have fancy-pants hardware recovery mechanisms).

The Revue root is an interesting one, at the moment it is not persistent; upon each reboot the Revue will need to be rooted again. We are working constantly to get past this road block. Unfortunately, every last item on the box has a signature that is verified at boot, so it makes keeping root across boots difficult. However, rest assured – we will do our best to get some form of persistence out soon. In the meantime, if you are worried, just unplug your Revue from the Internet.

Finally – we kept track of what we did while at the conference, and roughly how much time everything took:

 


We’ll be at DefCon!

Posted: July 23rd, 2012 | Author: | Filed under: Uncategorized | 2 Comments »

A few members of the GTVHacker team will be presenting at the Defcon security conference in Las Vegas this week regarding our newest exploits for the gen-1 GoogleTV line. If you are nearby come check out our talk schedule for Sunday July 29th 3:00pm.  A brief description of the talk and info on the presenters can be found on the Defcon Speakers page:

“The GoogleTV platform is designed to bring an integrated web experience, utilizing the Chrome web browser and Android applications, to your television. GoogleTV is based on the Android operating system, which is mainly used in tablets and smart phones, but customized with security features not normally seen on most Android devices. The current version of the platform utilizes signatures to establish a “chain of trust” from bootloader to system applications.

This presentation will focus on the current GoogleTV devices, including X86 platform details, and the exhaustive security measures used by each device. The presentation will also include video demonstrations of previously found bugs and exploits for each GoogleTV device and includes specific details about how each bug works. Furthermore, we will include interesting experiences that the team has encountered along the way. Finally the talk will be capped off with the release of multiple unpublished GoogleTV exploits which will allow unsigned kernels across all x86 devices (Revue / Sony GoogleTV).”

We also have other surprises in store for the community. Make sure to check out our presentation if you are at or around Defcon, otherwise check our twitter (@GTVHacker) and blog after the conference for public releases.

 


New Wiki Updates – featuring Sony NSZ-GS7 Teardown

Posted: July 6th, 2012 | Author: | Filed under: Uncategorized | Comments Off

Sony NSZ-GS7 Recovery MenuIt’s been a bit since we’ve made a blog post, however exciting times are coming. To
start, we have cleaned up the wiki and reorganized some sections.  The NSZ-GS7 section of our wiki has been updated with lots
of new info, including a tear down and pictures of the new Sony recovery. You can check the teardown pics and the new recovery out here:
GTVHacker Wiki: Sony NSZ-GS7

We’ve also started a page for the new LG devices, the LG 47g2 and the 55g2. The LG section is lacking since none of the GTVHacker team members currently have the TV, so we are counting on the community to fill in the blanks. We are also looking for a few users to help us with some remote debugging of the TV. If you’d like to help out you can find a few things we are looking for on our forums in the new LG section at:

GTVHacker Forums: LG 47g2 and 55g2


Rumor: New update coming in Monday patching Sony GoogleTV exploit

Posted: February 26th, 2012 | Author: | Filed under: GTVHacker, Root, Sony, Updates | Comments Off

A source has told us that Sony has already started testing a fix for the recent exploit and plans to have it coming out as soon as Monday as an OTA update. If this is correct that means that after you receive this automatic over-the-air update you will no longer be able to run the “recovery downgrade” or perform the recovery exploit to root your Sony GoogleTV. We advise all users to perform the recovery downgrade as well as the software root as soon as possible. The current custom kernel included in the root works very well and there are more custom kernels coming soon! If anything, the main reason to perform the exploit is to preserve your box from receiving the next update (which from what we’ve heard is only a security update). Then you will still have the option to revert back to the normal OTA at anytime. You will also however have the option to run one of our new upcoming kernels which we guarantee will make you all very happy. Otherwise, if you haven’t already performed our root, and your box does take this automatic update you will be stuck with using only official Sony GoogleTV builds, no Hulu/content provider bypass and no root.

As we’ve stated in the previous post, the guide and information about the process can be found at our wiki. Also just a note, the guide below states that you need 4 thumb drives to accomplish the exploit but with a little more work you are able to accomplish the entire process with 1.

How to Root Guide:
GTVHacker.com: Running Unsigned Kernels On Sony GTV

For a more detailed look into how the exploit  and recovery downgrade works, check out the about:

GTVHacker.com: About The Sony Downgrade & Rebooter (Root)

And finally, for support or to comment checkout our forum post:

GTVHacker Forums: NSX-GT1 and NSZ-GT1 exploit to run unsigned kernels!

GTVHacker


Root for Sony Google TV with Unsigned Kernels!

Posted: February 20th, 2012 | Author: | Filed under: Uncategorized | 2 Comments »

Splash screen for sony gtvhacker bootup

We give to you our latest release, a root for all current Sony Google TV devices that we call “The GTVHacker Sony Recovery Downgrader & Rebooter”. This method will allow you root and run custom unsigned kernels on your Sony Google TV device.

The process in the guide above will walk you through downgrading the system to an exploitable version. Then using another exploit, we hijack the devices boot process and reload a new kernel. This completely bypasses the signatures normally used by the system, including those used in the bootloader, kernel, and init binary. The kernel reload process happens automatically each time the box is powered on, and the USB drives required for the install are not needed again. After loading our attached unsigned kernel you will notice a new splash screen (featuring the Sony and GTVHacker logo) as well as the following perks:

  • Modified flash plugin with random per box flash string for Content Provider Bypass.
  • Crippled update feature to prevent box from receiving automatic updates.
  • Completely RW system, cache, and rootfs partitions
  • Full ADB Root
  • Removed signature checks on kernel / init scripts / init binary
  • A few other surprises.
  • BETA: Enable NTFS Support for Sony Google TV devices (see wiki for instructions on how to add: GTVHacker.com: Sony NTFS)

Between the speediness of the 3.2 upgrade and the unsigned kernels we finally have the box that we’ve always wanted from the Google TV. We recommend this update to everyone as it only requires 4 USB sticks and is a 100% softmod (No soldering required!).

The guide and information about the process can be found at our wiki:

How to Root Guide:
GTVHacker.com: Running Unsigned Kernels On Sony GTV

For a more detailed look into how this all works, check out the about:

GTVHacker.com: About The Sony Downgrade & Rebooter (Root)

And finally, for support or to comment checkout our forum post:

GTVHacker Forums: NSX-GT1 and NSZ-GT1 exploit to run unsigned kernels!

GTVHacker


Bug Report for Official OTA 3.1

Posted: December 13th, 2011 | Author: | Filed under: Logitech Revue | Tags: , , , | Comments Off

We’ve just removed the wrapper off our present and already it seems bugs and issues are popping up.  One user reports

Bug #1
programs pre-installed in Android Market do not list as installed, but states “not compatible”

Bug #2
Tried to install a program not pre-installed, Big Picture Google TV, on the install page states “installing” forever, cannot open from this page, but then going to all applications page shows it was installed, but when opened, displays only first picture of a series, later pictures remain blank

Have you come across any bugs or issues with the recent release? We’d like  to know!


Logitech: Release an “open” boot-loader for the Logitech Revue

Posted: December 1st, 2011 | Author: | Filed under: Logitech Revue | Tags: , , | Comments Off

With the impending death of the Revue coming, we have issues the following call in hopes we can continue developing and improving the platform.

We love the community that has emerged since we started working with the Revue.  As Logitech has dropped the ball, we would like to pick it up and continue improving the Revue.  We have started a petition in hopes of getting this.

http://www.change.org/petitions/logitech-release-an-open-boot-loader-for-the-logitech-revue

Logitech recently announced that they would no longer be making the revue after the current holiday season. After this period the device will receive very little attention and will have a very angry base of original supporters. To help avoid this Logitech should provide a “developer boot-loader” for the Logitech Revue to allow developers to create there own kernels and updates for the device. At its current state the Logitech Revue is completely locked down making it very difficult for developers to add modifications or fix bugs on the device. There are also already a number of teams creating custom ROMs for android devices, unlocking the boot-loader would allow these groups to port current custom ROMs or generate new custom ROMs to the Logitech Revue. With the release of a development boot-loader that allowed such modifications the device would continue to grow and would help un-tarnish the reputation that this device has given Logitech.

Please sign our petition and join the movement! We want to take it from awesome tool, form factor to something really amazing.


The Real Story Behind the Revue

Posted: November 13th, 2011 | Author: | Filed under: Logitech Revue | Comments Off

Seems like the media has spun the world in a tizzy about what was said during a recent Logitech presentation.  It seems like the sites out there all parrot each other continuing to spread the same story without doing real investigations into the matters said, one of the guys over Gnarld decided to take a hard look… or better yet a hard listen into what was really said at the press conference.

He reallys digs down deep comparing what popular sites quote and what Logitech CEO Guerrino De Luca really says.  Check it out!

http://gnarld.com/the-truth-about-logitech-ditching-google-tv/


Plex Media Center Now Runs on Google TV

Posted: November 3rd, 2011 | Author: | Filed under: GTVHacker | Comments Off

Read the full details here: http://www.slashgear.com/plex-app-hits-google-tv-03192677/

 

Ill write a post hopefully later.