Feeds

back to article Windows RT jailbreak smash: Run ANY app on Surface slabs

The security mechanism preventing unauthorised software running on ARM-powered Windows RT tablets - such as Microsoft's Surface slabtops - can be easily defeated. The Redmond giant wanted only cryptographically signed executables, ideally those obtained from the official Windows application store, to run on its hardware. But, we …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge
Facepalm

Genius

You can't run unsigned code, unless you run it through the debugger, in which case you can.

2
1
Anonymous Coward

Re: Genius

So if there are restrictions on what you can run then that's bad, but also if the restrictions aren't hard to skip then that is also bad is it?

If you look at Android you'll find its protections are also very weak. Google tried to improve them but the change had a bug so they backed it off.

Or would you like to see the tablet locked down massively so that you would need a mod chip to run "homebrew"?

3
0
Silver badge

Re: Genius

I'd like to see a Windows RT with both desktop and touch mode which can run ARM executables and emulate x86 executables.

The fact that MS have changed a flag to disable your own ARM executables indicates that this is an artificially nobbled operating system, and yes, the fact that you can run a short assembler program to change it back is just shoddy. I'm also pretty sure that deep in the bowels of Redmond they've got a x86 emulator ready for Windows 9 which runs most old x86 executables should Windows 8 prove to be an abysmal failure.

6
6
Silver badge
Flame

Re: Genius

You want to saddle an ARM chip with x86 emulation?

Why? Is your lap cold for periods of less than two hours and then fine for periods of 5 hours while the device recharges?

Hell, two hours is optimistic for ARM running x86 emulation.

Icon- your lap.

3
5
Silver badge
Linux

Re: Genius

What's the matter? All of the ARM fanboys like to claim how powerful new models of ARM CPUs are.

If ARM is really all that then it certainly can handle a little emulation.

It may not be good enough for T2F or WoW but it should be fine for those legacy office apps.

Sometimes people need to do some work and excuses aren't going to get the job done.

2
6
Silver badge
Boffin

Re: Genius

I see I'm going to have to spell it out. I'm not expecting Half Life 2 but something like Rosetta implemented on the Mac up to Snow Leopard, i.e. usable emulation for most legacy apps, those which sit in an event loop and do nothing apart from waiting for input events with possibly something strenuous for a short while when you hit the 'Go' button.

2
0
Bronze badge

Re: Genius

Power is a relatively term though.

ARM CPUs are very powerful and effective running code compiled to run on them, not so much when emulating.

It kind of works the other way to though, running ARM emulation on an x86/x64 CPU can also be rather sluggish.

We're talking about translating two different instruction sets from one to the other here, which creates a surprising amount of overhead. If you want to see an example, try running Windows XP on a PowerPC G5 Mac under Qemu. Sure a 2.6GHz dual core CPU is more than enough to run Windows XP, but the time it takes for the instruction set translation reduces performance massively.

As I like using analogies for everything, it's like saying a University lecturer is crap at teaching because he only speaks English, all his students only speak French and he needs a translator for everything so the students take twice as long to learn everything as English speaking ones would.

4
1
Anonymous Coward

Re: Genius

It's the worst of all worlds: a system which inconveniences the legitimate user of the device by preventing him/her from using it in the way they would like, but not actually giving any protection against malware.

4
0
Bronze badge
Coat

Re: Genius -- @ Dan 55

I'm also pretty sure that deep in the bowels of Redmond they've got a x86 emulator ready for Windows 9 which runs most old x86 executables should Windows 8 prove to be an abysmal failure.

"Should Windows 8 prove to be an abysmal failure." Don't you mean "When"?

1
0
Anonymous Coward

Re: Genius

@Phil W,

Don't forget that you are emulating on Windows too, so there is a huge hit right there.

0
0
Silver badge

Re: Genius

rather like a text file is data until you pass it to a perl interpreter.

Bad things happen when you allow self-modifying code!

0
0
Silver badge
Joke

Re: Genius

> It's the worst of all worlds: a system which inconveniences the legitimate user of the device by preventing him/her from using it in the way they would like, but not actually giving any protection against malware.

The question is where is this effective from. If jailbroken devices could be made to run android, MS can't subsidise RT machines to gain market share because people will just pick them up as cheap android machines.

Also, if sig's aren't checked, can you run RT on a different bit of ARM hardware?

0
0
Bronze badge

Re: Genius

Ha ok, well a slightly different scenario.

Install Debian PPC on the mac, install Qemu and emulate Debian ARM.

0
0

Re: Genius

"people will just pick them up as cheap android machines"

Don't you mean expensive android machines?

0
0

It's also possible to side-load your own apps on RT anyway - you just install the sideloading product key.

http://technet.microsoft.com/en-us/library/hh852635.aspx

2
0
Silver badge
Boffin

That's actually a part of the process. This technique involves sideloading desktop applications, not Store apps.

In theory, pretty much any WPF+.NET4.x+ based application should run since RT is equipped with full ports of the framework and first-time compile would - naturally - compile to ARM-ILDASM.

1
2
Silver badge

Re: sideloading

> you just install the sideloading product key.

You may be right if 'just' includes running a Windows Enterprise or 2012 server and being part of Volume Licensing.

2
0
Anonymous Coward

This assumes you want to use Win8 which most sane people don't. :-)

16
8
Anonymous Coward

On desktop then no, not good.

On a tablet it is a bit more useful.

1
0
Silver badge

tablet win8 is pretty good. Using win8 on a laptop with a trackpad is hell on earth.

4
1
Anonymous Coward

Children please.....

Didn't your Mummy teach to you try something new before saying you don't like it.

All kidding aside. I've tried Win8 on a new laptop I bought for my brother as well as a AIO touch screen at the local shops. Win8 does have a learning curve, but if my brother and his wife (not computer savvy) can adapt to the new GUI, then it's just a matter of not whining and throwing ones hands up so quickly.

It's part of human nature to resist change, regardless of the effort needed to adapt. I fully realize/expect most people to whine about the new GUI. My solution is for them to stop bitching/whining about it and just stick with what they like. It's not the end of the world and there are other options. Even MS gives new computer buyers the option of downgrading from Win8 to Win7 if desired.

My suggestion is "Don't worry, Be Happy"

Best wishes for the new year,

5
6
Anonymous Coward

"there are other options"

Indeed there are other options. Several of them are Linux. Can anyone remind me why "lack of familiarity" was frequently used as an argument against Linux but is not allowed as an argument against Windows 8 (or Office 2010 or ...)?

7
0

Re: "there are other options"

"Lack of familiarity". Ha, more like when you Google for help on something you get a page full of Unix commands to execute. User friendly Linux isn't.

1
5
Anonymous Coward

Re: "there are other options"

Linux is very user friendly.

It's just very picky about who its friends are.

9
1
Bronze badge
Mushroom

The US DoD just spent over $600 million on Windows 8!

0
4
Bronze badge
Stop

Re: Children please.....

"If my Auntie Em can figure it out...."

"People want to resist change...."

Yadda yadda yadda.

Look, all these old chestnuts may well be true, and well may be your own experience as well. I'm happy for you...I really am. However, most of those here on this forum are not causal web surfers and malware downloaders. We are, as the byline suggests, IT and/or software professionals, and I for one have many, many more important things to do than trying to figure where some wet-behind-the-ears Microsoft marketdroid thought it would be oh-so-k3wl to hide this feature here or that feature there this week. And that, much more than resisting change, is where the hue and cry about first the Ribbon, then Metro, is coming from. Microsoft has got to realize that, because they monopolized...er.. won such a large market share, that people actually use this stuff, and aren't much about oooh'ing and ahhh'ing about the shiny, shiny new interface-du-jour.

6
1
Silver badge
Thumb Up

Re: Children please.....

I and the other half dozen I have rolled it out to havent struggled either.

Quite easy once you stop moaning and following the herd rage.

In fact I'm getting asked to supply other Windows 8 machines to those that see the ones I have put out there. They don't have a problem either.

I think most of the issue was in the minds of all the tech journalists. I guess just using a iPad to do your work on for the past three years shrinks and weakens the brain?

0
3
Silver badge
Unhappy

Re: Children please.....

Well you can make excuses all you like but when you sit down and clear your mind of herd rage a lot of the changes are pretty minor in most cases. Really not worth all the spleen venting.

It's like all my fave tech forums have been taken over by 14 year olds that have had their Steam accounts suspended or similar.

If only all this anger and outrage could be used against something that really warrants it, like child poverty.

1
2
Bronze badge
Linux

And this will be patched in no time

Who cares.

0
8
Silver badge

Re: And this will be patched in no time

It doesn't actually look patchable. Everything you need to perform this hack, you also need to develop software for the device. Patching that ability away would be massively self-harming.

Anyway, this only effects the switch's in-memory value. Every time you reboot, the switch is reset to 8 (from my fallible memory, someone will correct me if I'm wrong) which is the Microsoft level of signage as opposed to 0, which is unsigned. So you're limited to rerunning the hack every time you boot the machine.

It's an interesting curiosity but nothing more.

0
1
Silver badge

Re: And this will be patched in no time

I imagine the apps used to inject the code will be patched is how I read it.

0
1
Silver badge

Re: And this will be patched in no time

The Windows Debugger?

I want "mind boggled" icon, please.

1
1
Silver badge

Re: And this will be dongled if Surface ever sells enough

@dogged: "you're limited to rerunning the hack every time you boot the machine."

Hackers have managed to break much harder protection on some console hardware with purely external dongles. In the unlikely event Surface sells enough units to justify building it, expect a tiny USB powered device able to do just that on sale in your favourite console hacking outlet.

And like my hacked Wii, the Surface hack de jour will stay firmly ahead of Microsoft attempts to patch it ;)

0
0
Anonymous Coward

Windows RT apps

As clearly it won't run "any" code, and there is a distinct lack of worthwhile WindowsRT apps (almost as bad as Windows Phone 8).

2
1
Anonymous Coward

Feels like a clandestine MS press release from their Skunkworks department?

2
0
Anonymous Coward

Err...

There is already a KB article on their web site detailing how to install your own apps, so I doubt it...

1
0

If you're a sufficiently serious dev

Won't you legitimately need a debugger and the ability to run not-yet-signed code?

3
0
Bronze badge

Re: If you're a sufficiently serious dev

You already can. Without jailbreaking the device.

2
0
Bronze badge
Pint

"...unlikely to be something most non-techie users could pull off..."

"The hack is unlikely to be something most non-techie users could pull off as it requires knowledge of WinDbg."

FAIL. Once the inevitable tool is released, then the average non-techie user follows the instructions and goes "click-click". It's ignoring history (e.g. cracking smart cards, ripping DVDs) to think otherwise.

2
2
Anonymous Coward

Re: "...unlikely to be something most non-techie users could pull off..."

And how would they run the unsigned tool, without running the process detailed to allow them to run the unsigned tool, thus making it redundant. I believe the fail is yours.

Also, MS already details how to sideload on their web site, so I'm not entirely sure I can see the point.

2
0
Silver badge
FAIL

Re: "...unlikely to be something most non-techie users could pull off..."

FAIL FAIL. You're caught in a Catch-22. To paraphrase Spike Milligan, you're trying to unlock the program with the key you will find inside.

0
0
Thumb Down

Re: "...unlikely to be something most non-techie users could pull off..."

You do not have to run your own code on a machine in order to modify memory, typically plugging in a device to the machine is enough.

e.g. http://md.hudora.de/presentations/#firewire-pacsec

I note that there are still DMA access to kernel memory over firewire issues in existence today on every operating system. If this is ever patched, there's a whole slew of badly written USB and Bluetooth device drivers left to target, reprogramming a USB/Bluetooth/Firewire client via an automated tool is well within the reach of most people on the street.

Having said that if you can modify kernel memory then all bets are off regards any sort of signed executable protection anyway, so the news that modifying a single byte can turn it off isn't much to shout about.

0
0
Silver badge

If you want a rootable Windows tablet

Buy one with Windows 8 on it. Asus already sell a Vivobook (low end ultrabook) for less than a Surface and it comes with 500GB storage, i3 processor, 4GB ram and touch screen too.

Why hobble yourself with RT regardless of it being (temporarily) rootable or not? It's doubtful RT will be around for long if the apathy about it is anything to go by.

2
1
Anonymous Coward

Re: If you want a rootable Windows tablet

What about the size, weight and battery life?

It's pretty obvious that an ARM device can sit on your lap and not burn you, the same can't be said of an x86 tablet or laptop. They stopped calling them laptops for that reason, "notebook" being the replacement name.

4
1
Silver badge
Thumb Up

RE: "Buy one with Windows 8 on it." I agree - I am about as likely to buy an RT tablet............

...................as I am to buy an iPad. For precisely the same reasons.

0
0
Silver badge

Re: If you want a rootable Windows tablet

If size, weight and battery life are an issue, why bother with Windows RT at all? There are plenty of other tablets, which have their own office suites which import / export MS Office files.

I just believe Windows RT is gimped, consumers know it, and it has little long term prospect without another overhaul. Also, as Intel goes to 32nm and 22nm this year that most of the concerns over power consumption will be largely redundant and you can have a tablet lasting 6-8 hours that runs genuine x86 code if that's what you want. Or buy some kind of ultrabook with a touchscreen. Either way you get a full Windows experience without resorting to some exploit or hoping RandomApp is ported to ARM and can be exploited.

2
0

Re: If you want a rootable Windows tablet

I remember an Intel guy bragging about how the point of the original ATOM processor was to make sure netbooks were sufficiently poor that they didn't have too much impact on volumes of expensive CPUs. However, with the new Atom Z2760 Clovertrail (when they are available in any quantities) you get ARM-type battery life and decent desktop performance- albeit not for games. That really does make Win RT seem a bit pointless as it runs Win 8 Pro nicely.

0
0
Silver badge

Re: laptops for that reason, "notebook" being...

Laptops are bigger than notebooks, or at least were when reporters adopted the sexier marketing lingo. I remember that idiot who use to write opposite Dvorak at PC Magazine going on and on and on about how superior notebooks were to laptops and would therefore replace both laptops and desktops.

0
0
Anonymous Coward

Wrong way round

Being able to run the ARM version of MS Office on an iPad would be a much more attractive thing to do.

1
0
Anonymous Coward

Re: Wrong way round

Why would you prefer to run Office on an iPad? An iPad is a lot more limited in terms of capabilities and a lot less secure.

1
1

Page:

This topic is closed for new posts.