Linked by Thom Holwerda on Thu 10th Jan 2013 23:20 UTC
Windows "Recently, a method was found for Windows RT that allowed running unsigned code through a rather clever exploit. This method has now been turned into a full fledged tool by XDA Developers member Netham45. All the details are over in this XDA post, including the download." Super-simple, even a child can do it. A big <3 to XDA.
Order by: Score:
CyanogenMOD
by andydread on Fri 11th Jan 2013 00:29 UTC
andydread
Member since:
2009-02-02

Would one be able to wipe Windows and install Cyanogen with this hack?

Reply Score: 2

RE: CyanogenMOD
by saso on Fri 11th Jan 2013 23:46 UTC in reply to "CyanogenMOD"
saso Member since:
2007-04-18

Would one be able to wipe Windows and install Cyanogen with this hack?

Nope, this is a kernel hack, not a UEFI firmeware hack. In other words, you still can't boot unsigned code, you can only run it once the OS is in place. But it's a stepping stone to start attacking the firmware.

Reply Score: 2

RE[2]: CyanogenMOD
by Alfman on Sat 12th Jan 2013 09:17 UTC in reply to "RE: CyanogenMOD"
Alfman Member since:
2011-01-28

saso,

"Nope, this is a kernel hack, not a UEFI firmeware hack. In other words, you still can't boot unsigned code, you can only run it once the OS is in place. But it's a stepping stone to start attacking the firmware."

It will likely be necessary to flash an unrestricted EFI firmware over top of the restricted one that comes with the device. So it may take a while to reverse engineer but assuming we can find a way to re-flash the firmware from within windows then it will happen.

Reply Score: 2

Comment by aligatro
by aligatro on Fri 11th Jan 2013 02:32 UTC
aligatro
Member since:
2010-01-28

If I understand correctly, it changes some value in the memory that allows to run unsigned applications. It doesn't hack the bootloader to be able to boot any operating system.

Reply Score: 2

Wrong system?
by UltraZelda64 on Sat 12th Jan 2013 16:44 UTC
UltraZelda64
Member since:
2006-12-05

Microsoft's own response was that--even though they see the hack as no security threat--they will be patching against it in the future (go figure). It seems like the best thing to do if your requirements are to run Windows and Windows software compiled for x86 is to just get an x86 Windows machine with Win8 instead of an ARM machine with WinRT. Or if your Windows software needs are not as heavy, use Wine.

This is just going to lead to yet another Corporation vs. Customers conflict where Microsoft continually patches their OS purely to control their users, the users will just continually use new methods to gain access to their own systems... and yet another feud between will dominate tech news for months. Apple and Sony style.

Reply Score: 2

Tool needs a version 2
by rklrkl on Sun 13th Jan 2013 12:32 UTC
rklrkl
Member since:
2005-07-06

You'd have thought that a special jailbreak tool would either be put in your Startup folder or run as a service and then "forgotten about" (i.e. it would run non-interactively each time you boot, so you've effectively got a jailbroken machine every time you start it).

Not this jailbreak tool, though. Here's what the XDA post says you have to do:

* Extract a batch file and run it to install part of the hack.
* Reooot your RT machine and wait a minute at the desktop (this is like a recipe for instant noodles!).
* Run the extracted batch file again.
* Wait for 20 seconds (let the noodles cool).
* Press the Volume Down key (WTF?).
* Wait some more time for the batch file to finish, *including* some possible interactive prompts.

Those final 4 steps have to be done *every* time you boot! A new tool needs to come out where it's completely non-interactive (and when the jailbreak is done, it displays a success or failure notification somewhere ideally). Until then, this isn't fit for anyone's consumption, IMHO.

Reply Score: 2