Ralph,
Well if you want it I'll happily supply you the source of the program I use to sign the images but what I won't supply you are the keys so I'm not sure exactly what you would gain from it. I've already read messages here that have identified the standard algorithms I'm using and there's open source for them all over the internet - it's no secret (but my keys are!)
Cliff
-----Original Message----- From: Ralph Corderoy [mailto:ralph@inputplus.co.uk] Sent: 06 October 2007 14:49 To: Discussion of the Amstrad E3 emailer hardware/software Subject: Re: [E3-hacking] PBL V5.1
Hi Cliff,
From: Alexander [mailto:hri-news@yandex.ru] As things stand now with PBL V5.1? Do I have a chance to use the device?
Err, no. (trust me on this ;-)
Oh, but aren't you forgetting our previous off-list conversation? I pointed out GPL ver. 2 says
The source code for a work means the preferred form of
the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
Leaving aside for the moment the fact that Amstrad never released matching sources to the binaries, even to those paying GBP25 for a CD, the bit in the GPL about scripts used to install means what you use to upload firmware over the EXT serial port in the lab and factory. And if that signs the firmware before uploading, it includes that too.
In reply, your offer was to do the upload for anyone that sends you their phone and firmware. Personally, I don't think that complies and I suspect the FSF and http://gpl-violations.org/faq/sourcecode-faq.html would agree.
Cheers,
Ralph.
e3-hacking mailing list e3-hacking@earth.li http://www.earth.li/cgi-bin/mailman/listinfo/e3-hacking
This e-mail and any attachments are confidential and intended exclusively for the addressee. If you are not the intended recipient please delete it from your system and notify the sender immediately. This message is attributed to the sender and may not necessarily reflect the views of Amstrad Plc or its subsidiaries.
For further information on Amstrad Plc please visit our website: www.amstrad.com
Amstrad Plc. Brentwood House 169 Kings Road Brentwood Essex CM14 4EF Registered in England : No. 955321
WEE PRODUCER No. WEE/AF0046SY
On Tuesday 09 October 2007 09:34, Cliff Lawson wrote:
Ralph,
Well if you want it I'll happily supply you the source of the program I use to sign the images but what I won't supply you are the keys so I'm not sure exactly what you would gain from it. I've already read messages here that have identified the standard algorithms I'm using and there's open source for them all over the internet - it's no secret (but my keys are!)
Doesn't this go against both the spirit and the letter of http://gpl-violations.org/faq/sourcecode-faq.html which says:
"Always keep in mind that it is the purpose of the GPL to enable the users to exercise his freedoms. Specifically, the freedom to make modified versions of the program, and to run such modified versions of the program."
and
"Please note that this is of special practical importance in the case of embedded devices, since the executable program(s) need to be somehow installed onto the device. If the user is not given a way to install his own (modified) versions of the program, he has no way of exercising his freedom to run modified versions of the program."
Antony
"Please note that this is of special practical importance in the case of embedded devices, since the executable program(s) need to be somehow installed onto the device. If the user is not given a way to install his own (modified) versions of the program, he has no way of exercising his freedom to run modified versions of the program."
Agreed. That is what I want is just to run on your device modified version of Linux.
On Wednesday 10 October 2007 07:25, Alexander wrote:
"Please note that this is of special practical importance in the case of embedded devices, since the executable program(s) need to be somehow installed onto the device. If the user is not given a way to install his own (modified) versions of the program, he has no way of exercising his freedom to run modified versions of the program."
Agreed. That is what I want is just to run on your device modified version of Linux.
It occurs to me that Amstrad don't want to release the keys they've used to sign/encrypt their new code, however the new 5.1 bootloader won't accept unsigned/unenecrypted code, and therefore we get a sort of stalemate.
How would both Amstrad and the open source community here feel about the following proposal?
Amstrad provides a signed/encrypted (whatever is needed to get it to load onto a 5.1 device) copy of the 4.9 bootloader, so that it becomes possible to 'downgrade' a device to a state where we _can_ load our own open source code.
That way Amstrad keeps its keys, but the devices which were released running Linux remain open for us to use as the GPL requires.
Comments, people?
Antony.
On Wed, Oct 10, 2007 at 10:35:21AM +0100, Antony Stone wrote:
It occurs to me that Amstrad don't want to release the keys they've used to sign/encrypt their new code, however the new 5.1 bootloader won't accept unsigned/unenecrypted code, and therefore we get a sort of stalemate.
How would both Amstrad and the open source community here feel about the following proposal?
Amstrad provides a signed/encrypted (whatever is needed to get it to load onto a 5.1 device) copy of the 4.9 bootloader, so that it becomes possible to 'downgrade' a device to a state where we _can_ load our own open source code.
That way Amstrad keeps its keys, but the devices which were released running Linux remain open for us to use as the GPL requires.
I suspect that Amstrad would not be happy with this, since I suspect the main purpose of the encryption was to prevent people using the device other than with their source.
Antony Stone wrote: [...]
It occurs to me that Amstrad don't want to release the keys they've used to sign/encrypt their new code, however the new 5.1 bootloader won't accept unsigned/unenecrypted code, and therefore we get a sort of stalemate.
AIUI, the reason why Amstrad are doing this in the first place is to prevent people from buying up large numbers of emailers (which are sold at a loss, remember), reflashing them, and then selling them on. This is apparently fairly likely in eastern Europe.
[...]
That way Amstrad keeps its keys, but the devices which were released running Linux remain open for us to use as the GPL requires.
Except the whole point of the exercise is to *close* the device...
(And the GPL, v2 at least, *doesn't* require the devices be open. The exact phrasing is:
“The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.”
PBL and the encryption keys are not covered by this. PBL because it's not GPLd, and the encryption keys because they're not an interface definition file or script.)
What they might be more likely to go with is a mechanism for obtaining the key to an individual emailer --- either by paying them the difference in price between what it cost to build and what it's sold at (so that they don't end up out of pocket), or by just asking nicely; they don't seem to have a problem with small numbers of hobbyists. However, it's probably not possible to unlock an individual device. I wouldn't have thought they'd have per-machine keys.
Sorry if this has been covered before, but can't the NOR flash be read or rewritten simply by bit banging the memory bus via JTAG? The JTAG port on the POMAP5910JGDY is IEEE 1149 compliant which I take to mean that all the I/O on the device can be manually overidden.
Is the JTAG port brought out to a handy set of pads somewhere? If not, are the appropriate balls brought out to vias underneath the CPU?
Neil
On Wed, 10 Oct 2007 11:12:27 +0100, "David Given" dg@cowlark.com said:
Antony Stone wrote: [...]
It occurs to me that Amstrad don't want to release the keys they've used to sign/encrypt their new code, however the new 5.1 bootloader won't accept unsigned/unenecrypted code, and therefore we get a sort of stalemate.
AIUI, the reason why Amstrad are doing this in the first place is to prevent people from buying up large numbers of emailers (which are sold at a loss, remember), reflashing them, and then selling them on. This is apparently fairly likely in eastern Europe.
[...]
That way Amstrad keeps its keys, but the devices which were released running Linux remain open for us to use as the GPL requires.
Except the whole point of the exercise is to *close* the device...
(And the GPL, v2 at least, *doesn't* require the devices be open. The exact phrasing is:
“The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.”
PBL and the encryption keys are not covered by this. PBL because it's not GPLd, and the encryption keys because they're not an interface definition file or script.)
What they might be more likely to go with is a mechanism for obtaining the key to an individual emailer --- either by paying them the difference in price between what it cost to build and what it's sold at (so that they don't end up out of pocket), or by just asking nicely; they don't seem to have a problem with small numbers of hobbyists. However, it's probably not possible to unlock an individual device. I wouldn't have thought they'd have per-machine keys.
-- David Given dg@cowlark.com
e3-hacking mailing list e3-hacking@earth.li http://www.earth.li/cgi-bin/mailman/listinfo/e3-hacking
Neil Stainton wrote:
Sorry if this has been covered before, but can't the NOR flash be read or rewritten simply by bit banging the memory bus via JTAG? The JTAG port on the POMAP5910JGDY is IEEE 1149 compliant which I take to mean that all the I/O on the device can be manually overidden.
Is the JTAG port brought out to a handy set of pads somewhere? If not, are the appropriate balls brought out to vias underneath the CPU?
Yup, this is perfectly possible, and I believe that there are some handy pads inside. (If you brick the device this is the only way of fixing it.)
However, in order to reflash it, you have to take the lid off, do some soldering, and apply some technical knowledge --- which means that it's not going to be suitable for mass production. Reflashing using PBL, though, only requires plugging a jack in the back of the machine.
On 10/10/2007, David Given dg@cowlark.com wrote:
Neil Stainton wrote:
Is the JTAG port brought out to a handy set of pads somewhere? If not, are the appropriate balls brought out to vias underneath the CPU?
Yup, this is perfectly possible, and I believe that there are some handy pads inside. (If you brick the device this is the only way of fixing it.)
Do you know where the pads are? I've tried previously to find them - and failed. AFAIK, this information is not on the web anywhere
Matt
Matt Callow wrote: [...]
Do you know where the pads are? I've tried previously to find them - and failed. AFAIK, this information is not on the web anywhere
I found this info via Ralph's website:
http://www.en4rab.dsl.pipex.com/
However, it does seem to be E2 and not E3. I could have sworn I saw someone report using JTAG on the E3, but I can't find it now either... the pads must be in there *somewhere*.
On Wed, 10 Oct 2007 13:10:31 +0100, "David Given" dg@cowlark.com said:
Matt Callow wrote: [...]
Do you know where the pads are? I've tried previously to find them - and failed. AFAIK, this information is not on the web anywhere
I found this info via Ralph's website:
http://www.en4rab.dsl.pipex.com/
However, it does seem to be E2 and not E3. I could have sworn I saw someone report using JTAG on the E3, but I can't find it now either... the pads must be in there *somewhere*.
Correlating the TI data sheet (GDY package, bottom of page 21) with Jon Masters' photos, it looks as though the JTAG balls are all bunched together around one corner and I guess that would correspond to cluster of vias between C52 and T158. Can't really tell from the photos where the traces lead off to. Also, it doesn't seem as though there are enough vias on the back of the processor for all of the signals, so there might be some buried vias there.
http://focus.ti.com/docs/prod/folders/print/omap5910.html http://photos.jonmasters.org/amstrad_emailer_e3_20050108/dscn4682?full=1 http://photos.jonmasters.org/amstrad_emailer_e3_20050108/dscn4672?full=1
Neil
On Wednesday 10 October 2007 12:14, David Given wrote:
Neil Stainton wrote:
Sorry if this has been covered before, but can't the NOR flash be read or rewritten simply by bit banging the memory bus via JTAG? The JTAG port on the POMAP5910JGDY is IEEE 1149 compliant which I take to mean that all the I/O on the device can be manually overidden.
Is the JTAG port brought out to a handy set of pads somewhere? If not, are the appropriate balls brought out to vias underneath the CPU?
Yup, this is perfectly possible, and I believe that there are some handy pads inside. (If you brick the device this is the only way of fixing it.)
However, in order to reflash it, you have to take the lid off, do some soldering, and apply some technical knowledge --- which means that it's not going to be suitable for mass production. Reflashing using PBL, though, only requires plugging a jack in the back of the machine.
Yes, but considering that (as far as I know) we've never seen a retail unit already containing PBL 5.1 (this only happens when the machine gets poisoned by plugging it into a UK phone line), it means that:
- anyone who wants to reprogram virgin devices en masse can do so using the jack socket on the back, talking to PBL 4.9
- anyone who wants to rejuvenate a used device which has been "upgraded" to 5.1 can do so with the once-off inconvenience of using the JTAG socket/pads
I'm assuming of course that it's possible to reflash 4.9 into a device using the JTAG interface, although I've never attempted to do this (I've made sure none of my E3s get near a phone socket).
Antony.
On Wed, 10 Oct 2007 12:14:28 +0100, "David Given" dg@cowlark.com said:
Is the JTAG port brought out to a handy set of pads somewhere? If not, are the appropriate balls brought out to vias underneath the CPU?
Yup, this is perfectly possible, and I believe that there are some handy pads inside. (If you brick the device this is the only way of fixing it.)
However, in order to reflash it, you have to take the lid off, do some soldering, and apply some technical knowledge --- which means that it's not going to be suitable for mass production. Reflashing using PBL, though, only requires plugging a jack in the back of the machine.
I see, but if Amstrad's concern is that thousands of units might end up abroad and be reprogrammed then would it not be beyond the wit of the outfit potentially doing the reprogramming to set up a little production line to manually remove and replace the cover in order to do it? I believe in a country such as Russia (mentioned elsewhere in this thread) semi-skilled labour would not be prohibitively expensive.
Just seems odd that Amstrad would go to the effort of adding the encryption when the extra effort involved in circumventing it is not that great, unless the purpose was to protect the binary from being copied.
Neil
Hi Antony,
How would both Amstrad and the open source community here feel about the following proposal?
Amstrad provides a signed/encrypted (whatever is needed to get it to load onto a 5.1 device) copy of the 4.9 bootloader, so that it becomes possible to 'downgrade' a device to a state where we _can_ load our own open source code.
That way Amstrad keeps its keys, but the devices which were released running Linux remain open for us to use as the GPL requires.
Comments, people?
Amstrad's aim is to lock down the device. The use of GPL software in a device sold at a subsidised price was an error on their part since the GPL allows me to alter the E3 and remove the part that earns Amstrad post-sales revenue whilst maintaining functionality. Given Amstrad's lack of compliance knowledge when I initially contacted them, and that they never included the license in the package, I think they were poorly advised by MontaVista and didn't do sufficient research themselves.
To summarise the concern expressed privately to me: it's that 1,000 units can be picked up by some commercial outfit, e.g. from Russia, taken back there, and used to some completely end that earns Amstrad no revenue.
Having put the key system in place, adding to their list of GPL violations, I doubt they'll release a downgrade that lets us circumvent it.
Cheers,
Ralph.
10 октября 2007 г. Ralph Corderoy написал:
To summarise the concern expressed privately to me: it's that 1,000 units can be picked up by some commercial outfit, e.g. from Russia, taken back there, and used to some completely end that earns Amstrad no revenue.
I live in Russia, and I know that the number of tons of devices is maintained very low - I found no mention of the Russians at their sites and forums.
However, I bought the device, which has already been used, indicating that Amstrad has already received its anticipated income. A new device, as I understand it, and so contain PBL v 4.9. Further, as rightly observed, the number intuziastov able to make a change in the device is very low-well illustrated on the proposals at E3 on eBay. And, of course, nothing can justify the violation of the license is the huge number of people invested their work in the original products. Moreover, the opening of source and loader may lead to facilitate the development of new versions of the programs Amstrad. It comes, in particular, Asus, Britain, Rapsody, and others.