Amazon's Kindle Paperwhite Already Jailbroken

Last week Amazon began shipping the Kindle Paperwhite, the company's latest e-reader with a patented built-in front light and hand-tuned fonts. Other features include 25-percent better contrast, 62-percent more pixels, built-in Wi-Fi, an 8-week battery life, and new services like X-Ray, Time to Read and more.

Hack a Day now reports that the device has already been jailbroken. This hack is based on a jailbreak of the Kindle Touch which was performed by removing the case, connecting to the serial port and downloading the firmware. The bootloader wasn't locked, and the JavaScript (used for the UI) wasn't obfuscated.

"Gaining access to the device is as easy as injecting some HTML code into the UI," Hack A Day said regarding the Kindle Touch hack. "It is then run by the device as root (no kidding!). [Yifan] grabbed an MP3 file, changed its tag information to the HTML attack code, then played the file on the device to exploit the flaw. How long before malicious data from illegally downloaded MP3 files ends up blanking the root file system on one of these?"

The new hack for Amazon's Kindle Paperwhite requires the user to upload the data.stgz file to the root directory of the device, and then restart. The next time the device boots, it will be jailbroken, allowing hackers to use a Linux device (like the Raspberry Pi) connected to the Paperwhite's e-ink screen.

"USB downloader mode isn’t yet enabled," Hack A Day warns. "If you brick your device, you’ll need to connect your Kindle to a serial port."

Naturally hacking into Amazon's new e-reader will void the warranty, and could possibly render the device useless. Consumers attempting to jailbreak the device are doing so at their own risk.

Contact Us for News Tips, Corrections and Feedback