Why You Can Trust CNET

Our expert, award-winning staff selects the products we cover and rigorously researches and tests our top picks. If you buy through our links, we may get a commission. Reviews ethics statement

A reverse engineer finds Kindle's hidden features

A little hacking reveals that Amazon's Kindle has faux-GPS abilities and related location-based services, a photo viewer, and a minesweeper game.

Stephen Shankland Former Principal Writer

Stephen Shankland worked at CNET from 1998 to 2024 and wrote about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.

Expertise Processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science. Credentials

Shankland covered the tech industry for more than 25 years and was a science writer for five years before that. He has deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and more.

See full bio

Stephen Shankland

Jan. 2, 2008 4:10 p.m. PT

2 min read

Amazon's Kindle e-book reader. Amazon.com

A significant amount of skill with a soldering iron and some custom firmware has revealed a number of interesting features Amazon.com hid within its Kindle e-book reader.

Among the ones that hardware hacker Igor Skochinsky uncovered and described on his blog are a basic photo viewer, a minesweeper game, and most interesting, location technology that uses the Kindle's CDMA networking to pinpoint its position. There also are some basic location-based services that call up a Google Maps view to show where you are and nearby gas stations and restaurants.

I confess I was as interested in the reverse-engineering process, documented in three blog postings (first, second, and third).

Skochinsky started by scrutinizing the Kindle source code Amazon publishes. (Some open-source licenses, including the General Public License (GPL) that governs Linux that the Kindle also uses, require source code to be published when a product ships that uses it.) From the source he inferred the Kindle employed console software, which displays text output.

Through methodically testing electrical pins on an external port he eventually found the text output from the Kindle boot process. That showed the machine was using das U-Boot software to handle booting, during which stored software is loaded into memory. U-Boot offers an interactive shell with a command-line interface, and Skochinsky used that to laboriously piece together the Kindle operating system kernel used during its firmware update recovery process. From that he deduced the file format of firmware updates.

Getting a real Linux command line took more work. By looking at the file system, Skochinsky found a root password of "Fiona"--but also found that password had been changed before shipping. Using the firmware update process, he was able to swap in a new shadow file, which stores a garbled byproduct of passwords called a hash, that enabled him to use the hash from the original root password.

On reboot, he was able to control the system and see what processes it runs, what file systems it mounts, and what files are stored in its directories.

He also found that the interface is written in Java. Using the Jad decompiler software, he uncovered the hidden features and a number of keyboard shortcuts.

Computing Guides

Laptops

Desktops & Monitors

Computer Accessories

Photography

Tablets & E-Readers

3D Printers

Computing Coupons