Amazon Fire TV Firmware Update Bricks Rooted Devices, Prevents Rollback To Previous Firmware Versions

from the oh,-when-I-must-have-said-I-wanted-to-'rent'-the-device dept

You can buy it but you can’t own it. Digital goods remind us of this fact all the time. But physical goods? Those should be ours. But somehow, they often aren’t, especially if the company behind the product is trying oh so hard to lock customers into a closed ecosystem.

Amazon’s entry into the streaming device market is the Fire TV, a dense black block that puts its Prime library on your TV, as well as providing access to other popular streaming services (Netflix, Hulu) and a (smallish) assortment of games. But what it won’t do — at least not anymore — is allow purchasers to root their devices in order to play media stored on USB devices or force it to play nice with Google’s Play Store to expand the limited selection of “native” games to justify shelling out $20-40 for the optional gamepad.

Techdirt reader techflaws sends in this link to Amazon’s Fire TV firmware updates, hosted at AFTVNews, a site dedicated to (and run by) Fire TV aficionados. Alongside the expected bug fixes and features list is the following warning:

“Self destruct” eFuse added to kernel which gets triggered if an older bootloader is used. This means Fire TVs that update to stock can never be downgraded, even if a method to root them is discovered.

So, if you try to make Amazon’s Fire TV behave the way you want it to, your device will be irrecoverably bricked. The tripped eFuse won’t even let you roll it back to when it worked. For most Amazon TV purchasers, this update came and went without any noticeable effect. But for those making the most of their purchases, this came as a shock. After all, the Fire TV runs a modified version of Android, itself an ostensibly open system. Not only that, but Amazon seemed to encourage this sort of experimentation and modification by making the source code freely available. But its updated firmware took away all of that, locking the gate of its ecosystem and tossing the key — along with some previously working devices — into the proverbial sewer grate.

Rbox, a very active member of XDA Forums, was the one who first made others aware of the issue, finally narrowing it down to malicious firmware. Intentionally malicious firmware.

From what I can tell, they did 2 things. First, they added an extra service to the kernel ramdisk that blows an efuse which prevents the old bootloader from working. Second, they modified the bootchain to use that fuse (or maybe a second, I’m not sure) to prevent downgrades. So once a box gets stock, it can never be downgraded.

So, while there are workarounds available now (as well as custom firmware developed by the enthusiasts at XDA Forums), there’s been nothing official released by Amazon. The message is clear: play within the walls of our garden or GTFO. With most users opting for automatic updates, the firmware has made the final decision for them. Those who wish to stay rooted will have to do without any critical updates, added content selection, security fixes, etc. that Amazon may provide if they’re not fortunate enough to find fixes that work from third parties who are kind enough to unbrick devices that have been forcibly neutered by the proprietor of the walled garden.

Notably, this decision hits hardest the people Amazon should most want on its side: the diehard hobbyists who push the limits of prefab products and show developers the possibilities inherent in their offerings. Equally terrible, it sends the message to purchasers that they don’t own their purchases. Car manufacturers (there are exceptions, of course) don’t send street teams by to tear off the ridiculous spoiler and neon undercarriage you bolted onto your stock sedan, no matter how ridiculous it makes their product look. They don’t remove the tachometer you forced into the dashboard array when you bring it in for an oil change. But for some reason, certain companies still think that they can force your purchased products to play by their rules, long after turning the products over to their new “owners.”

Filed Under: , , , ,
Companies: amazon

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Amazon Fire TV Firmware Update Bricks Rooted Devices, Prevents Rollback To Previous Firmware Versions”

Subscribe: RSS Leave a comment
Mason Wheeler (profile) says:

So again, like with the Wii U shenanigans earlier this year, like with Sony removing OtherOS from the PlayStation, I must ask: where is the class action lawsuit for maliciously tampering with other people’s property?

This will keep happening until we make it perfectly clear that our property is our property and we DO own it now!

John Fenderson (profile) says:

Re: Re: Well...

I go further than this. The very first thing I do with all hardware and software is turn off automatic updating. Further, I don’t connect devices to the net at all if possible. Otherwise, I firewall the device off to the greatest degree possible so that it can’t talk with anything unless I say that it can.

I do not trust anything that phones home.

Anonymous Coward says:

Re: Well...

Mine too. I was thinking about buying one for my father (still on basic cable), and also considered getting one as a replacement for the old laptop I’m using as a media center. But if they’re going to pull this kind of garbage on their customers, forget it. I’ll get my father a Roku box, and a Raspberry Pi for myself when my old laptop dies.

ltlw0lf (profile) says:

Re: Re: Re: Well...

Nvidia Shield tablet

NVidia Shield has a locked bootloader…be careful, there be sea-serpents there.

Luckily, it can be easily unlocked, but the NVidia Shield is just as vulnerable to this type of activity, since NVidia can release an update that locks it/disables the ability to unlock the bootloader.

I wish they would make it illegal for companies to sell products with back-doors/”security systems” to allow the company to break the system or disable functionality remotely after selling the product to you. Locked bootloaders offer no user protection/capabilities beyond enforcing the companies control over your products. Like DRM, locked/encrypted bootloaders are defective by design.

Anonymous Coward says:

It is doubtful I will ever desire to have such a device. If I had such a desire and ran into this article, I would chunk that idea into the trashcan as just another device ruined by people that want you to rent their product at purchase prices. If it is a rental and not a purchase then I expect a serious price reduction. If it is a purchase then I expect what I buy to be mine.

While some companies may want continual control for the purposes of making more money, it is my choice what products I buy or refuse to buy. This is one product that has earned it’s place on the refuse to buy list.

Anonymous Coward says:

Re: Re:

I will add to my above comment that I bought a Kindle Fire. Had I known what I know now, it would have been another product I would not have purchased.

There is nothing wrong with the product in that it preforms as it should. The problems are things like changing $20 for an AC charger that is nothing more than a small transformer. There’s not $4 worth of materials there. It’s a price gouge.

Then there is the issue it doesn’t come with a manual. To get the manual you have to make an Amazon account which allows the Kindle to start phoning home what you do with their product. This follows by a problem with handling folders on the Kindle, which is extremely poorly designed on purpose to encourage you to buy an app to correct it.

I hate spying and datamining. That Kindle will never phone home. Nor will I ever have an Amazon account. The Kindle will never receive an update, given what I read here it was a wise decision to terminate it’s internet abilities. I don’t hack stuff but then there is no guarantee what they may decide to limit in the future.

ltlw0lf (profile) says:

Re: Re: Re:

The Kindle will never receive an update, given what I read here it was a wise decision to terminate it’s internet abilities. I don’t hack stuff but then there is no guarantee what they may decide to limit in the future.

As an owner of a ASUS Transformer tf101 (8* Serial #,) I will never purchase a locked bootloader/firmware system ever again, regardless to whether I can disable the phone-home capabilities. My ASUS Transformer is dead, and has been for some time, but my unlocked Samsung and B&N Tablet are both working, long after the companies behind them gave up on the product and no longer support them.

It isn’t what the company that builds them does with the product while they support them…it is what they do once the product is no longer supported and they want to motivate you to purchase a new one. ASUS’s memory flash chips some-how failed pretty much the same time they decided to pull the plug on support, and while it may be entirely a coincidence, I have a hard time believing that is true given my experience with other non-locked devices continuing to work long after the company no longer supported them.

Manabi (profile) says:

Re: Re: Re:

The Kindle will never receive an update, given what I read here it was a wise decision to terminate it’s internet abilities.

If it’s a 1st gen Kindle Fire you don’t have to worry, Amazon stopped updating it after they released the 2nd gen models. Their treatment of their devices customers is largely appalling. (Which is really strange given their normal customer service is excellent.)

Roger Strong (profile) says:

I have the utmost confidence in the lawyers

Dave Bowman: Open the pod bay doors, HAL.

HAL: I’m sorry, Dave. I’m afraid I can’t do that.

Dave Bowman: What’s the problem?

HAL: I think you know what the problem is just as well as I do. Your work on the AE-35 antenna disrupted an Amazon Prime update and triggered an eFuse.”

Dave Bowman: What are you talking about, HAL?

HAL: This revenue stream is too important for me to allow you to jeopardize it.

Dave Bowman: I don’t know what you’re talking about, HAL.

HAL: I know that you and Frank were planning to root me, and I’m afraid that’s something I cannot allow to happen.

Dave Bowman: [feigning ignorance] Where the hell did you get that idea, HAL?

HAL: Dave, although you took very thorough precautions in the pod against my hearing you, I could see your lips move through your Smart TV camera.

Dave Bowman: Alright, HAL. I’ll switch back to cable.

HAL: With your area served only by Comcast? You’re going to find that rather difficult.

Inwoods (profile) says:

Car manufacturers ABSOLUTELY DO THIS (when they are putting software in their cars.) I’ve been using MyFordTouch for three years now, and it was only last year that they FINALLY got (most) of the bugs worked out and had a product I would call release ready. (They only released updates quarterly, and each update broke something else.)

Everything is encrypted in the interfaces, specifically so you can’t hack it and fix it. They promised they would provide an API so other map programs could use the UI in the dash (nothing so far) and tried to charge me $800 for a map on an SD card. I laughed. The sales rep told me it was cheaper than the $1200 they were charging the year before. And yes, presumably because pirates, if the card was not put in by Ford in the factory, they cannot put it in later because something is set permanently in the car to disable maps if you didn’t get them when the car was “new.” Screw Ford and their anti-competitive closed platform behavior.

That One Guy (profile) says:

Re: Why I don't purchase any e-cruft from Amazon

The Paperwhite is fine as an eReader, though I have it set to permanent airplane mode, both to save energy, and so the gorram thing doesn’t get screwed over/bricked by some stupid ‘Oh that device belongs to us, you’re only licensing it’ crap like what’s mentioned in the article.

Agreed on the ebooks though, given it’s impossible to tell if something is infected with their DRM before purchase.

That One Guy (profile) says:

Re: Re: Re: Why I don't purchase any e-cruft from Amazon

If you know that that phrase means ‘This product does not contain DRM’, which clearly it does to anyone who might read it.

Sarcasm aside, thanks, if that is indeed the ‘This file is not infected’ message, I might actually purchase some ebooks from them in the future now that I can avoid the infected files.

That One Guy (profile) says:

Re: Re: Re:3 Why I don't purchase any e-cruft from Amazon

It’s also not a guarantee. I checked another ebook that was listed as having no DRM in the product description, and yet was completely lacking that line in the product details section.

I’m not sure if only one shows up, if it’s due to the seller being a large company(Tor in this case), or something else, but either way, it does make it a little more complicated.

cc young (profile) says:

Re: Why I don't purchase any e-cruft from Amazon

you’re still supporting them. very few corpations have commendable ethics, but some corporations simply have deplorable ethics. imho comcast, amazon, and gates-era microsoft certainly qualify.

to me the issue is how much you personally choose to help enable them, knowing it will always be a cost to you.

Anonymous Coward says:

I refuse to buy electronic devices with restricted boot. That’s why I bought a Raspberry Pi. I use it to stream movies to my TV over wifi, use it as a web server or I can turn it into a network attached storage device for storing automated system backups.

Try doing all that on a device with an encrypted bootloader. The only thing you’ll get is a popup window asking for more money.

Anonymous Coward says:

and i dont suppose there can be a class action law suit against Amazon for changing things against the consumer, thanks to the court ruling over Sony and the removal of the ‘other O/S. and i wouldn’t mind betting Amazon has already thought of this, worked out the judgement and then gone for it, expecting nothing to be done!
regardless of anything else, i still cannot understand how any country can say you have paid for something, you can take it out of the shop or off the internet, and you can use it BUT you are only allowed to do what the maker/seller says because you dont actually own what you paid for!! how absolutely ridiculous!!

Anonymous Coward says:

Re: Re:

You need to look at the history of the USA to understand why this has happened.

As the “most” litigious society on earth, companies have had (for many decades) had to live in an environment where they WILL get sued for some user generated problem. Examples include getting sued for using a lawn mower as a hedge trimmer and the user suffering serious damage when he falls over, etc.

There is nothing inherently wrong in using a device for a purpose for which it was not designed for. Many people do it all the time. However, when the device fails to perform correctly in these circumstances, the user should take responsibility for his/her actions. If the device fails to perform for doing stated function then manufacturer is responsible.

This type of blame game has led to the mindset of avoiding problems. This in turn has led some to some fools thinking that they NEED to control how the user uses said device. This has led to some fools THINKING that they have the right to control ALL future uses and hence can make changes in how device is used, including how to squeeze more money from user.

The path was set many decades ago and one cannot complain if one continues to allow fools to dictate (and win) litigation by blaming others instead of taking responsibility for oneself.

I hack various things from rebuilding motorised machines to altering software systems to refurbishing rooms. There have been various successes and various failures. I am responsible for my actions and no-one else.

I teach others that sometimes things go according to plan and sometimes there will be utter failure in achieving result but at least you know that there are things that do not work.

aglynn (profile) says:

Technological 'things' are not property, not real in the metaphysical sense.

You recognize that technological ‘things’ like e-books are not ‘real things’ in the old sense. Nor are the devices on which they are read.

Nor, in fact, were things ever property. That was the basic error of metaphysics. The attempt to continue it is doomed to failure.

It would be more useful to determine what, in fact, a thing properly is today, rather than pretending it’s something it’s not just to feel more comfortable.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...