From 60af50b63cf84549c974297d57263d16ac74f426 Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Tue, 27 Dec 2016 15:32:40 +0100 Subject: Simplify the FOTA section as no one can follow it anyway --- 2016/33c3/33c3-modems.adoc | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-) (limited to '2016/33c3') diff --git a/2016/33c3/33c3-modems.adoc b/2016/33c3/33c3-modems.adoc index bb3948f..bf37f4d 100644 --- a/2016/33c3/33c3-modems.adoc +++ b/2016/33c3/33c3-modems.adoc @@ -266,23 +266,18 @@ image:images/redbend.png[height=76,role="gimmick_right"] == RedBend (delta update) software -* Used in OMA DeviceManagement? (e.g. https://www.blackhat.com/docs/us-14/materials/us-14-Solnik-Cellular-Exploitation-On-A-Global-Scale-The-Rise-And-Fall-Of-The-Control-Protocol.pdf[Solnik]) +* Used in OMA DeviceManagement? (e.g. https://www.blackhat.com/docs/us-14/materials/us-14-Solnik-Cellular-Exploitation-On-A-Global-Scale-The-Rise-And-Fall-Of-The-Control-Protocol.pdf[Mathew Solnik]) * Lots of starring at hexdumps, lots of help from Dieter Spaar -* Binary file format to diff, inserts, remove, link files -* Can update images/mtd partitions too -* Variable sized LZMAed Table Of Contents -** Filenames separated with 0x00 -** Permissions separated with 0xAF -** Sections for diff, inserts with crc32, filesize, permission -* Heavy in pointers/offsets, not robust +* Created tools to partially extract and create .diff files +* Heavy in pointers/offsets, not robust, crashes * Not cryptographically signed! -* Created tools to partially extract and create .diff file -image:images/delta_header.png[width=600] +image:images/delta_header.png[width="80%"] == Firmware upgrade overview +image:images/upgrade_process.png[width="55%",role="gimmick_right"] //[source] ---- $ strings atfwd_daemon | egrep "wget|QCMAP|fota|update.z" @@ -300,19 +295,11 @@ Start download fota for update.zip * Add status and reboot to recovery * Apply update.zip and reboot -== Firmware upgrade process - -image:images/upgrade_process.png[] - -* Applies what ever was downloaded... -* Assumes no MITM is possible - - == Recommedation -* Continue to allow owners of devices to reflash +* Please keep it open, good for learning +* Allow owners to modify the software of their device * Secure the FOTA upgrading with owner specified keys -* Make it more easy to rebuild code == Questions -- cgit v1.2.3