Amazon Fire TV Firmware Update Bricks Rooted Devices, Prevents Rollback To Previous Firmware Versions

from the oh,-when-I-must-have-said-I-wanted-to-'rent'-the-device dept

You can buy it but you can't own it. Digital goods remind us of this fact all the time. But physical goods? Those should be ours. But somehow, they often aren't, especially if the company behind the product is trying oh so hard to lock customers into a closed ecosystem.

Amazon's entry into the streaming device market is the Fire TV, a dense black block that puts its Prime library on your TV, as well as providing access to other popular streaming services (Netflix, Hulu) and a (smallish) assortment of games. But what it won't do -- at least not anymore -- is allow purchasers to root their devices in order to play media stored on USB devices or force it to play nice with Google's Play Store to expand the limited selection of "native" games to justify shelling out $20-40 for the optional gamepad.

Techdirt reader techflaws sends in this link to Amazon's Fire TV firmware updates, hosted at AFTVNews, a site dedicated to (and run by) Fire TV aficionados. Alongside the expected bug fixes and features list is the following warning:

“Self destruct” eFuse added to kernel which gets triggered if an older bootloader is used. This means Fire TVs that update to stock 51.1.4.1_user_514013920 can never be downgraded, even if a method to root them is discovered.
So, if you try to make Amazon's Fire TV behave the way you want it to, your device will be irrecoverably bricked. The tripped eFuse won't even let you roll it back to when it worked. For most Amazon TV purchasers, this update came and went without any noticeable effect. But for those making the most of their purchases, this came as a shock. After all, the Fire TV runs a modified version of Android, itself an ostensibly open system. Not only that, but Amazon seemed to encourage this sort of experimentation and modification by making the source code freely available. But its updated firmware took away all of that, locking the gate of its ecosystem and tossing the key -- along with some previously working devices -- into the proverbial sewer grate.

Rbox, a very active member of XDA Forums, was the one who first made others aware of the issue, finally narrowing it down to malicious firmware. Intentionally malicious firmware.
From what I can tell, they did 2 things. First, they added an extra service to the kernel ramdisk that blows an efuse which prevents the old bootloader from working. Second, they modified the bootchain to use that fuse (or maybe a second, I'm not sure) to prevent downgrades. So once a box gets 51.1.4.1 stock, it can never be downgraded.
So, while there are workarounds available now (as well as custom firmware developed by the enthusiasts at XDA Forums), there's been nothing official released by Amazon. The message is clear: play within the walls of our garden or GTFO. With most users opting for automatic updates, the firmware has made the final decision for them. Those who wish to stay rooted will have to do without any critical updates, added content selection, security fixes, etc. that Amazon may provide if they're not fortunate enough to find fixes that work from third parties who are kind enough to unbrick devices that have been forcibly neutered by the proprietor of the walled garden.

Notably, this decision hits hardest the people Amazon should most want on its side: the diehard hobbyists who push the limits of prefab products and show developers the possibilities inherent in their offerings. Equally terrible, it sends the message to purchasers that they don't own their purchases. Car manufacturers (there are exceptions, of course) don't send street teams by to tear off the ridiculous spoiler and neon undercarriage you bolted onto your stock sedan, no matter how ridiculous it makes their product look. They don't remove the tachometer you forced into the dashboard array when you bring it in for an oil change. But for some reason, certain companies still think that they can force your purchased products to play by their rules, long after turning the products over to their new "owners."


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Violynne (profile), 5 Dec 2014 @ 9:45am

    "If you do not upgrade to Amazon Prime within the next 30 seconds, all Amazon devices will self-destruct."

    It's coming. Bank on it.

    reply to this | link to this | view in chronology ]

  • icon
    Mason Wheeler (profile), 5 Dec 2014 @ 10:40am

    So again, like with the Wii U shenanigans earlier this year, like with Sony removing OtherOS from the PlayStation, I must ask: where is the class action lawsuit for maliciously tampering with other people's property?

    This will keep happening until we make it perfectly clear that our property is our property and we DO own it now!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Dec 2014 @ 10:46am

    Sounds like they're trying to turn their Fire TV into their Fire Phone: a huge failure.

    reply to this | link to this | view in chronology ]

  • identicon
    PRMan, 5 Dec 2014 @ 11:00am

    Well...

    There's another product off my list...

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Dec 2014 @ 11:09am

      Re: Well...

      thinking the same thing. This is why I tend to not turn on automatic updates by default on products I buy after I have been tampering with it.

      reply to this | link to this | view in chronology ]

      • icon
        John Fenderson (profile), 5 Dec 2014 @ 11:52am

        Re: Re: Well...

        I go further than this. The very first thing I do with all hardware and software is turn off automatic updating. Further, I don't connect devices to the net at all if possible. Otherwise, I firewall the device off to the greatest degree possible so that it can't talk with anything unless I say that it can.

        I do not trust anything that phones home.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 5 Dec 2014 @ 6:54pm

          Re: Re: Re: Well...

          I don't bother wasting my money on ANY of that crap. It's not worth the aggravation. I have a nice self-built desktop, with a 27" monitor, with Win Amp for MP3s and lots of video apps. I don't NEED any of this stuff.

          reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Dec 2014 @ 11:14am

      Re: Well...

      Mine too. I was thinking about buying one for my father (still on basic cable), and also considered getting one as a replacement for the old laptop I'm using as a media center. But if they're going to pull this kind of garbage on their customers, forget it. I'll get my father a Roku box, and a Raspberry Pi for myself when my old laptop dies.

      reply to this | link to this | view in chronology ]

      • icon
        Rikuo (profile), 5 Dec 2014 @ 12:08pm

        Re: Re: Well...

        Ditto. Well, I wasn't getting the Fire TV, but I was hovering between getting the Kindle Fire HDX or the Nvidia Shield tablet. Guess I'll be going with the Shield then.

        reply to this | link to this | view in chronology ]

        • icon
          ltlw0lf (profile), 5 Dec 2014 @ 12:18pm

          Re: Re: Re: Well...

          Nvidia Shield tablet

          NVidia Shield has a locked bootloader...be careful, there be sea-serpents there.

          Luckily, it can be easily unlocked, but the NVidia Shield is just as vulnerable to this type of activity, since NVidia can release an update that locks it/disables the ability to unlock the bootloader.

          I wish they would make it illegal for companies to sell products with back-doors/"security systems" to allow the company to break the system or disable functionality remotely after selling the product to you. Locked bootloaders offer no user protection/capabilities beyond enforcing the companies control over your products. Like DRM, locked/encrypted bootloaders are defective by design.

          reply to this | link to this | view in chronology ]

          • icon
            tracyanne (profile), 8 Dec 2014 @ 12:40am

            Re: Re: Re: Re: Well...

            This is what used to be called Trustworthy computing, the owner of the computing system (not you) can trust it to function as they want it to.

            reply to this | link to this | view in chronology ]

  • icon
    Jeff Green (profile), 5 Dec 2014 @ 11:09am

    Sounds to me like criminal damage and in any reasonable jurisdiction would result in jail time for Sony execs, too bad there isn't such a jurisdiction ...

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Dec 2014 @ 5:24pm

      Re:

      If they can drag Dotcom to court over nebulous laws being broken that just happen to not exist, I'm sure they can do the same for Sony. No, wait, that's right! Sony has Billion$ and reams of lawyers on payroll.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Dec 2014 @ 11:12am

    It is doubtful I will ever desire to have such a device. If I had such a desire and ran into this article, I would chunk that idea into the trashcan as just another device ruined by people that want you to rent their product at purchase prices. If it is a rental and not a purchase then I expect a serious price reduction. If it is a purchase then I expect what I buy to be mine.

    While some companies may want continual control for the purposes of making more money, it is my choice what products I buy or refuse to buy. This is one product that has earned it's place on the refuse to buy list.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Dec 2014 @ 11:18am

      Re:

      I will add to my above comment that I bought a Kindle Fire. Had I known what I know now, it would have been another product I would not have purchased.

      There is nothing wrong with the product in that it preforms as it should. The problems are things like changing $20 for an AC charger that is nothing more than a small transformer. There's not $4 worth of materials there. It's a price gouge.

      Then there is the issue it doesn't come with a manual. To get the manual you have to make an Amazon account which allows the Kindle to start phoning home what you do with their product. This follows by a problem with handling folders on the Kindle, which is extremely poorly designed on purpose to encourage you to buy an app to correct it.

      I hate spying and datamining. That Kindle will never phone home. Nor will I ever have an Amazon account. The Kindle will never receive an update, given what I read here it was a wise decision to terminate it's internet abilities. I don't hack stuff but then there is no guarantee what they may decide to limit in the future.

      reply to this | link to this | view in chronology ]

      • icon
        ltlw0lf (profile), 5 Dec 2014 @ 12:08pm

        Re: Re:

        The Kindle will never receive an update, given what I read here it was a wise decision to terminate it's internet abilities. I don't hack stuff but then there is no guarantee what they may decide to limit in the future.

        As an owner of a ASUS Transformer tf101 (8* Serial #,) I will never purchase a locked bootloader/firmware system ever again, regardless to whether I can disable the phone-home capabilities. My ASUS Transformer is dead, and has been for some time, but my unlocked Samsung and B&N Tablet are both working, long after the companies behind them gave up on the product and no longer support them.

        It isn't what the company that builds them does with the product while they support them...it is what they do once the product is no longer supported and they want to motivate you to purchase a new one. ASUS's memory flash chips some-how failed pretty much the same time they decided to pull the plug on support, and while it may be entirely a coincidence, I have a hard time believing that is true given my experience with other non-locked devices continuing to work long after the company no longer supported them.

        reply to this | link to this | view in chronology ]

      • icon
        Manabi (profile), 5 Dec 2014 @ 1:00pm

        Re: Re:

        The Kindle will never receive an update, given what I read here it was a wise decision to terminate it's internet abilities.
        If it's a 1st gen Kindle Fire you don't have to worry, Amazon stopped updating it after they released the 2nd gen models. Their treatment of their devices customers is largely appalling. (Which is really strange given their normal customer service is excellent.)

        reply to this | link to this | view in chronology ]

  • identicon
    enone, 5 Dec 2014 @ 11:16am

    Another Rreason

    Another reason to avoid any products physical or software that have DRM.

    reply to this | link to this | view in chronology ]

  • icon
    Roger Strong (profile), 5 Dec 2014 @ 11:26am

    I have the utmost confidence in the lawyers

    Dave Bowman: Open the pod bay doors, HAL.

    HAL: I'm sorry, Dave. I'm afraid I can't do that.

    Dave Bowman: What's the problem?

    HAL: I think you know what the problem is just as well as I do. Your work on the AE-35 antenna disrupted an Amazon Prime update and triggered an eFuse."

    Dave Bowman: What are you talking about, HAL?

    HAL: This revenue stream is too important for me to allow you to jeopardize it.

    Dave Bowman: I don't know what you're talking about, HAL.

    HAL: I know that you and Frank were planning to root me, and I'm afraid that's something I cannot allow to happen.

    Dave Bowman: [feigning ignorance] Where the hell did you get that idea, HAL?

    HAL: Dave, although you took very thorough precautions in the pod against my hearing you, I could see your lips move through your Smart TV camera.

    Dave Bowman: Alright, HAL. I'll switch back to cable.

    HAL: With your area served only by Comcast? You're going to find that rather difficult.

    reply to this | link to this | view in chronology ]

  • icon
    Inwoods (profile), 5 Dec 2014 @ 11:28am

    Car manufacturers ABSOLUTELY DO THIS (when they are putting software in their cars.) I've been using MyFordTouch for three years now, and it was only last year that they FINALLY got (most) of the bugs worked out and had a product I would call release ready. (They only released updates quarterly, and each update broke something else.)

    Everything is encrypted in the interfaces, specifically so you can't hack it and fix it. They promised they would provide an API so other map programs could use the UI in the dash (nothing so far) and tried to charge me $800 for a map on an SD card. I laughed. The sales rep told me it was cheaper than the $1200 they were charging the year before. And yes, presumably because pirates, if the card was not put in by Ford in the factory, they cannot put it in later because something is set permanently in the car to disable maps if you didn't get them when the car was "new." Screw Ford and their anti-competitive closed platform behavior.

    reply to this | link to this | view in chronology ]

  • icon
    Angel (profile), 5 Dec 2014 @ 11:54am

    Looks like I'm better off getting a M8 Amlogic box.

    reply to this | link to this | view in chronology ]

  • icon
    Spaceman Spiff (profile), 5 Dec 2014 @ 12:00pm

    Why I don't purchase any e-cruft from Amazon

    I will purchase hard-copy books from them, but nothing electronic (e-books, e-readers, etc).

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 5 Dec 2014 @ 12:54pm

      Re: Why I don't purchase any e-cruft from Amazon

      The Paperwhite is fine as an eReader, though I have it set to permanent airplane mode, both to save energy, and so the gorram thing doesn't get screwed over/bricked by some stupid 'Oh that device belongs to us, you're only licensing it' crap like what's mentioned in the article.

      Agreed on the ebooks though, given it's impossible to tell if something is infected with their DRM before purchase.

      reply to this | link to this | view in chronology ]

      • identicon
        Sharptak, 5 Dec 2014 @ 1:23pm

        Re: Re: Why I don't purchase any e-cruft from Amazon

        Except for the part on the product description page that clearly states "Simultaneous Device Usage: Unlimited" on non-DRM ebooks...

        Seriously, it takes 10 seconds max to scroll down the page and see the description.

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 5 Dec 2014 @ 2:06pm

          Re: Re: Re: Why I don't purchase any e-cruft from Amazon

          If you know that that phrase means 'This product does not contain DRM', which clearly it does to anyone who might read it.

          Sarcasm aside, thanks, if that is indeed the 'This file is not infected' message, I might actually purchase some ebooks from them in the future now that I can avoid the infected files.

          reply to this | link to this | view in chronology ]

          • icon
            John Fenderson (profile), 5 Dec 2014 @ 3:12pm

            Re: Re: Re: Re: Why I don't purchase any e-cruft from Amazon

            "If you know that that phrase means"

            Indeed. I didn't realize that phrase meant there was no DRM. I thought it meant that the DRM was set to be maximally permissive.

            reply to this | link to this | view in chronology ]

            • icon
              That One Guy (profile), 5 Dec 2014 @ 4:36pm

              Re: Re: Re: Re: Re: Why I don't purchase any e-cruft from Amazon

              It's also not a guarantee. I checked another ebook that was listed as having no DRM in the product description, and yet was completely lacking that line in the product details section.

              I'm not sure if only one shows up, if it's due to the seller being a large company(Tor in this case), or something else, but either way, it does make it a little more complicated.

              reply to this | link to this | view in chronology ]

    • identicon
      cc young, 6 Dec 2014 @ 12:16am

      Re: Why I don't purchase any e-cruft from Amazon

      you're still supporting them. very few corpations have commendable ethics, but some corporations simply have deplorable ethics. imho comcast, amazon, and gates-era microsoft certainly qualify.

      to me the issue is how much you personally choose to help enable them, knowing it will always be a cost to you.

      reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 5 Dec 2014 @ 12:03pm

    Now all we need is a clever hacker...

    ...to create a viral distribution package and a payload the fries the efuse.

    And a nation of Amazon Fire TVs goes dark.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Dec 2014 @ 12:22pm

    ...and just like that Amazon Fire is off my Christmas wish list. I'm fine with Roku

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Dec 2014 @ 12:47pm

    I refuse to buy electronic devices with restricted boot. That's why I bought a Raspberry Pi. I use it to stream movies to my TV over wifi, use it as a web server or I can turn it into a network attached storage device for storing automated system backups.

    Try doing all that on a device with an encrypted bootloader. The only thing you'll get is a popup window asking for more money.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Dec 2014 @ 12:50pm

    and i dont suppose there can be a class action law suit against Amazon for changing things against the consumer, thanks to the court ruling over Sony and the removal of the 'other O/S. and i wouldn't mind betting Amazon has already thought of this, worked out the judgement and then gone for it, expecting nothing to be done!
    regardless of anything else, i still cannot understand how any country can say you have paid for something, you can take it out of the shop or off the internet, and you can use it BUT you are only allowed to do what the maker/seller says because you dont actually own what you paid for!! how absolutely ridiculous!!

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Dec 2014 @ 4:01pm

      Re:

      You need to look at the history of the USA to understand why this has happened.

      As the "most" litigious society on earth, companies have had (for many decades) had to live in an environment where they WILL get sued for some user generated problem. Examples include getting sued for using a lawn mower as a hedge trimmer and the user suffering serious damage when he falls over, etc.

      There is nothing inherently wrong in using a device for a purpose for which it was not designed for. Many people do it all the time. However, when the device fails to perform correctly in these circumstances, the user should take responsibility for his/her actions. If the device fails to perform for doing stated function then manufacturer is responsible.

      This type of blame game has led to the mindset of avoiding problems. This in turn has led some to some fools thinking that they NEED to control how the user uses said device. This has led to some fools THINKING that they have the right to control ALL future uses and hence can make changes in how device is used, including how to squeeze more money from user.

      The path was set many decades ago and one cannot complain if one continues to allow fools to dictate (and win) litigation by blaming others instead of taking responsibility for oneself.

      I hack various things from rebuilding motorised machines to altering software systems to refurbishing rooms. There have been various successes and various failures. I am responsible for my actions and no-one else.

      I teach others that sometimes things go according to plan and sometimes there will be utter failure in achieving result but at least you know that there are things that do not work.

      reply to this | link to this | view in chronology ]

  • icon
    aglynn (profile), 5 Dec 2014 @ 4:13pm

    Technological 'things' are not property, not real in the metaphysical sense.

    You recognize that technological 'things' like e-books are not 'real things' in the old sense. Nor are the devices on which they are read.

    Nor, in fact, were things ever property. That was the basic error of metaphysics. The attempt to continue it is doomed to failure.

    It would be more useful to determine what, in fact, a thing properly is today, rather than pretending it's something it's not just to feel more comfortable.

    reply to this | link to this | view in chronology ]

  • identicon
    AFTVnews, 6 Dec 2014 @ 8:45am

    Incorrect interpritation

    The information from AFTVnews was interpreted incorrectly. Rooted Fire TV's are not at risk of bricking. Here is a detailed explanation of the eFuse and what it actually means for rooted and unrooted Fire TVs: http://www.aftvnews.com/amazon-fire-tvs-efuse-explained-rooted-devices-not-at-risk-of-bricking/

    reply to this | link to this | view in chronology ]

  • icon
    audiomagi (profile), 6 Dec 2014 @ 10:45am

    So much for that Amazon Echo I was considering...

    I was interested in the soon-to-be-released Amazon Echo http://www.amazon.com/oc/echo Bluetooth speaker/internet device. But after watching this situation unfold, I am revisiting my original thoughts on the desirability of owning hardware made (and controlled) by Amazon.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 Dec 2014 @ 9:07am

    Guess that's why Amazon's gone into the diaper business... someone's sh*tting bricks.

    reply to this | link to this | view in chronology ]

  • identicon
    Master, 29 Dec 2014 @ 8:44pm

    Back it goes to Amazon!

    I have unopened Fire TV, and guess what? It is my small and clear message to Amazon! You don't want me to play with your device? Fine, I don't want it either!

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories

Close

Email This

This feature is only available to registered users. Register or sign in to use it.