Introduction

I recently bought an Amazon Kindle 4 NT (No-Touch), the most basic Kindle as of the end of 2012.

I wanted to use it for reading random articles from the internet, not ebooks, so I'm not interested in having my device talk to Amazon's services.

Note that I don't have anything in particular against Amazon, but for the way I intend to use the Kindle, I don't need their services.

Most of the information contained here are not original findings but were collected from various sites, mainly the MobileRead Wiki. I tried referencing the sources whenever they were available, please let me know if I missed anything.

This is a summary of what I did. Some of it will be specific to my particular device (Kindle 4 NT with firmware 4.1.0), but some may not. I have only tried this on that kind of device.

Thanks a lot to Amazon for making the device and software reasonably sane and straightforward to modify, that was my main reason to buy it.

Installing external keys

This is commonly known as "jailbreak", but what it does is mostly just adding another public key to the ring used to allow to install firmware updates.

Written by NiLuJe and yifanlu, I found it quite clean and nicely done, and it does not touch Kindle's software in any significant way. It comes with full sources and is very well documented.

You can get it from the mobileread jailbreak article:

name: kindle-jailbreak-k4-1.5.N.zip
size: 83279
sha1: 7fbf0e7aaac4838b2d3a6696f43f6cbc36825ed5

Unzip-it, then the README file contains very good documentation and instructions. You can also find the source in the different directories.

A summary of what I did, for reference purposes (please read the README file and not follow this blindly):

• Copy some files to the kindle:

  cp data.tar.gz /mnt/kindle/
  touch /mnt/kindle/ENABLE_DIAGS
  touch /mnt/kindle/diagnostic_logs
  umount /mnt/kindle
  

• Reboot (Menu -> Settings -> Menu -> Restart), it will enter a diagnostics mode.

• Select D) Exit, Reboot or Disable Diags.

• Select R) Reboot System.

• Wait until reboot has completed, then select D) Exit, Reboot or Disable Diags again.

• Select D) Disable Diagnostics.

• It will restart normally, and you should find a new book noting that it was successful, which you can remove.

USB networking

The next step is to install and enable USB networking. Some Kindles come with ssh already built in, and you can enable usb networking without any changes to the firmware. See the Kindle 4 NT Hacking article to find out. Mine was not, so I had to install something external.

There is a very nice package for that, which allows us to ssh into the device via an usb cable (among other things, but that's the only one I used).

Also published by user NiLuJe, it contains many useful utilities such as sshd, rsync, and mosh.

name: kindle-usbnetwork-0.45.N.zip
size: 14520517
sha1sum: a0fa0241f5072b690e6b050b2df676c9e4146b68

cp update_usbnetwork_0.45.N_k4_install.bin /mnt/kindle/
umount /mnt/kindle

;debugOn

~usbNetwork

sudo ip addr add dev usb0 192.168.2.1/24
sudo ip link set usb0 up

ssh root@192.168.2.2

Custom screensavers

To use your own screensavers and be able to easily change them, run the following from the Kindle:

mkdir /mnt/base-us/screen_savers
mntroot rw
mv /opt/amazon/screen_saver/600x800/ /mnt/base-us/screen_savers/
ln -s /mnt/base-us/screen_savers/600x800/ /opt/amazon/screen_savers/
mntroot ro

Then, once you mount the Kindle normally (to put ebooks, etc.) you will see a new screen_savers/ directory, and you can put your own files there. They should be 600x800 greyscale PNGs.

After you change the files, you need to reboot the device for it to notice them.

Prevent the Kindle from "phoning home" to Amazon

To prevent the Kindle from talking to Amazon, we do a variety of things, although probably not all of them are needed. Just in case, nothing here alters the original software, these are all configuration changes:

# We're going to be making changes to the root partition, so remount rw.
mntroot rw

# Override /usr/bin/process_update, to prevent firmware updates.
mv /usr/bin/process_update /usr/bin/ex-process_update
chmod -x /usr/bin/ex-process_update
cat <<EOF > /usr/bin/process_update
#!/bin/sh

exit 0;
EOF

# Remove the firmware update keys just in case. This leaves the development
# keys that the jailbreak installs untouched.
mv /etc/uks/pubprodkey01.pem /etc/uks/ex-pubprodkey01
mv /etc/uks/pubprodkey02.pem /etc/uks/ex-pubprodkey02

# Remove the ca certificates, that most standard libraries and utilities
# use. This is overkill, we could just remove the top 4 which are
# Amazon-specific, but this is safer.
mv /etc/ssl/certs/ca-certificates.crt \
                       /etc/ssl/certs/ex-ca-certificates

# And some java-specific certs, including client-side ones.
mv /usr/java/lib/security/cacerts \
                       /usr/java/lib/security/ex-cacerts
mv /var/local/java/prefs/certs/ \
                       /var/local/java/prefs/ex-certs/
mkdir /var/local/java/prefs/certs/

# Should not be needed but can't hurt: change the ebook app configs to use
# other servers.
for i in /opt/amazon/ebook/config/*; do
      echo $i; sed -i "s/amazon.co/does-not-exist-amazon.co/g" $i; done

# Forbid outgoing UDP to high ports; this is not needed by any normal
# application, but it is used by one of Kindle's, with an
# unidentified (but non-trivial) payload. We send them to QUEUE because DROP
# causes the send() to fail and the application gets annoyed and retries,
# while QUEUE silently drops them.
sed -i '/UDP Handling/ a\
-A OUTPUT -o ppp0 -p udp -m udp --dport 30000:65535 -j QUEUE' /etc/sysconfig/iptables
sed -i '/UDP Handling/ a\
-A OUTPUT -o wlan0 -p udp -m udp --dport 30000:65535 -j QUEUE' /etc/sysconfig/iptables

cat /etc/sysconfig/iptables | iptables-restore

# Do not allow incoming tcp connections to port 40317 over ppp0.
sed -i '/40317/d' /etc/sysconfig/iptables

# We are done, move back to ro.
mntroot ro

Afterwards, reboot your Kindle.