48.4 F
New York
Monday, October 3, 2022

Google Chromecast Is Android-Based, Already Rooted

GTVHacker has announced that they have successfully hacked Google’s new Chromecast dongle.

According to the exploit authors, “[…] Google was kind enough to GPL the bootloader source code for the device. So we can identify the exact flaw that allows us to boot the unsigned kernel. By holding down the single button, while powering the device, the Chromecast boots into USB boot mode. USB boot mode looks for a signed image at 0×1000 on the USB drive. When found, the image is passed to the internal crypto hardware to be verified, but after this process the return code is never checked! Therefore, we can execute any code at will.”

In other words, Google locks the door but leaves a key under the mat, making the exploit and execution of code relatively easy. While this is a great success for the hacking community, it could be bad news for the future of Chromecast. The device’s success relies on content providers accepting it for secure delivery of programming—something such an exploit could put in serious jeopardy. However, according to the authors of the exploit, Google could patch this at any time fairly easily.

As of yet there is no benefit to the user for hacking the Chromecast—it’s more of a hack for the sake of hacking.

Interestingly, the hackers have also revealed that Google may have misspoke about the device running a version of ChromeOS:

We had a lot of internal discussion on this, and have concluded that it’s more Android than ChromeOS. To be specific, it’s actually a modified Google TV release, but with all of the Bionic / Dalvik stripped out and replaced with a single binary for Chromecast. Since the Marvell DE3005 SOC running this is a single core variant of the 88DE3100, most of the Google TV code was reused. So, although it’s not going to let you install an APK or anything, its origins: the bootloader, kernel, init scripts, binaries, are all from the Google TV.

This is likely just a miscommunication by Google that should hopefully be cleared up soon.

What do you think about the Chromecast being hacked? Does it make it more appealing, less appealing, or does it matter to you? Let us know in the comments!


Brad Merrill
Brad Merrillhttp://venturebreak.com
Brad Merrill is a journalist, writer, entrepreneur, and the editor in chief of VentureBreak. His writing currently appears in various places across the web, including his blog. Brad is passionate about startups, technology, and their influence on life and culture. This passion—combined with his drive to expose the truth in every story—led him to found VentureBreak in 2010. He is known for his honest reporting and his sometimes-extreme opinions. Some of his work has been referenced by such notable publications as the Wall Street Journal.

Related Articles

Stay Connected

- Advertisement -spot_img

Latest Articles