summaryrefslogtreecommitdiff
path: root/2016
diff options
context:
space:
mode:
Diffstat (limited to '2016')
-rw-r--r--2016/33c3/33c3-modems.adoc27
1 files changed, 7 insertions, 20 deletions
diff --git a/2016/33c3/33c3-modems.adoc b/2016/33c3/33c3-modems.adoc
index bb3948f..bf37f4d 100644
--- a/2016/33c3/33c3-modems.adoc
+++ b/2016/33c3/33c3-modems.adoc
@@ -266,23 +266,18 @@ image:images/redbend.png[height=76,role="gimmick_right"]
== RedBend (delta update) software
-* Used in OMA DeviceManagement? (e.g. https://www.blackhat.com/docs/us-14/materials/us-14-Solnik-Cellular-Exploitation-On-A-Global-Scale-The-Rise-And-Fall-Of-The-Control-Protocol.pdf[Solnik])
+* Used in OMA DeviceManagement? (e.g. https://www.blackhat.com/docs/us-14/materials/us-14-Solnik-Cellular-Exploitation-On-A-Global-Scale-The-Rise-And-Fall-Of-The-Control-Protocol.pdf[Mathew Solnik])
* Lots of starring at hexdumps, lots of help from Dieter Spaar
-* Binary file format to diff, inserts, remove, link files
-* Can update images/mtd partitions too
-* Variable sized LZMAed Table Of Contents
-** Filenames separated with 0x00
-** Permissions separated with 0xAF
-** Sections for diff, inserts with crc32, filesize, permission
-* Heavy in pointers/offsets, not robust
+* Created tools to partially extract and create .diff files
+* Heavy in pointers/offsets, not robust, crashes
* Not cryptographically signed!
-* Created tools to partially extract and create .diff file
-image:images/delta_header.png[width=600]
+image:images/delta_header.png[width="80%"]
== Firmware upgrade overview
+image:images/upgrade_process.png[width="55%",role="gimmick_right"]
//[source]
----
$ strings atfwd_daemon | egrep "wget|QCMAP|fota|update.z"
@@ -300,19 +295,11 @@ Start download fota for update.zip
* Add status and reboot to recovery
* Apply update.zip and reboot
-== Firmware upgrade process
-
-image:images/upgrade_process.png[]
-
-* Applies what ever was downloaded...
-* Assumes no MITM is possible
-
-
== Recommedation
-* Continue to allow owners of devices to reflash
+* Please keep it open, good for learning
+* Allow owners to modify the software of their device
* Secure the FOTA upgrading with owner specified keys
-* Make it more easy to rebuild code
== Questions
personal git repositories of Harald Welte. Your mileage may vary