ticalc.org
Basics Archives Community Services Programming
Hardware Help About Search Your Account
   Home :: Archives :: News :: CE jailbreak allows ASM programs to work again!

CE jailbreak allows ASM programs to work again!
Posted by Xavier on 6 September 2020, 20:58 GMT

We're happy to relay a very interesting, yet unsurprising, piece of news: the ability for the TI-83 Premium CE, TI-84 Plus CE(-T) and Python editions thereof, to run ASM programs, officially removed by TI a few weeks/months ago depending on the model, as reported in the previous news item, has been unofficially added back thanks to a jailbreak, called "arTIfiCE". From what we can see in the install tutorial, arTIfiCE seems to exploit a bug in the "Cabri Jr" geometry app in order to launch a shell.

This move was so obvious and predictable that it was really a matter of when, not if. After all, the TI-eZ80 series was not designed with security in mind, and in fact no TI graphing calculator model released to date is (even though TI seems to have learned a few tricks in the newer, high-end TI-Nspire CX II series, its security roadblocks appear to have been defeated relatively early on)

What are the next steps? Logically, just like on the TI-Nspire series, TI would release new software versions fixing the vulnerabilities used in the current iteration of the jailbreak, then more vulnerabilities will be exploited to restore access to native code again. Rinse and repeat, for a while, it's the usual cat & mouse "game".
Thinking out loud, we might see a series of 0-days showcasing exam mode insecurity being released over the several few days/weeks before the major exams of the northern hemisphere - something the TI enthusiasts community always refrained from doing. Such a timeframe would make it possible for some users to use programs interfering with exam mode (and needless to say, face the significant consequences if they get caught! - just to be clear, we are not condoning cheating). And this, most importantly, before the fixes for the vulnerabilities get a chance to be made and widely distributed, as well as standardized testing regulation amended to forbid usage of the older, vulnerable versions and to mandate thorough checks of the current state of calculators right before the exam is taken.
If that situation were to happen, it would probably be better to give up on the current exam mode "security model" entirely and rather reflash the OS with an exam-tailored version right in the exam room - something that should have been done from the get go, notwithstanding the practical hurdles, if the fantasized exam security were actually taken seriously. Unfortunately, a path of lower resistance for the educational system would be to just forbid the usage of the affected calculator models, several days before the exams, creating more injustice and further reducing the real-world value of said exams!

Time will tell, but there's a chance that there will be a spectacular - and publicized - backfire for the very smart demands from standardized testing regulation authorities, who didn't get (or didn't understand) the memo that predictably, removing access to native code does not make exams safer - quite the contrary.
Top-level TI management should be somewhat aware of that, in fact some of us in the community, myself included, attempted to explain all that to them several years ago... but we know that regulators have the power to forbid pieces of equipment for whatever reason, and manufacturers need to bend to their demands, no matter how unfounded, ill-motivated and counterproductive...

Thankfully, I'm not in the shoes of the previously mentioned teacher whose video about a long-fixed issue in TI's OS allowing exam mode restrictions bypass on the TI-eZ80 series might well have contributed to the removal of official native code access on those calculators, then consequently the current jailbreak, and might therefore contribute to potential future attacks on the exam mode.
Triggering a worldwide restriction on users' rights to use the hardware they bought, and potentially forbidding hundreds of thousands of calculators and creating further stress for students taking exams, is not something I'd be proud of.

arTIfiCE's author doesn't seem to have uploaded it to our files archives yet(?), so for now, CE users stuck with a recent OS version can learn more on its official website. Go forth and use that great piece of work, which raises the usefulness of the Cabri app :)

Article written by Lionel Debroux.

  Reply to this article


The comments below are written by ticalc.org visitors. Their views are not necessarily those of ticalc.org, and ticalc.org takes no responsibility for their content.


Re: CE jailbreak allows ASM programs to work again!
Bio_Hazard1282 Account Info
(Web Page)

It's amazing how these things are found, of how much time people put into finding these.

Great work!

Reply to this comment    8 September 2020, 20:09 GMT

Re: CE jailbreak allows ASM programs to work again!
Dominic Warne  Account Info
(Web Page)

Cool! cant wait to download it!

Reply to this comment    17 September 2020, 21:54 GMT

Re: CE jailbreak allows ASM programs to work again!
A_VERY_Good_Sir Account Info

I'm just done with uninformed and unresearched teachers being paranoid over something that TI has fixed and the hacking community itself has solved: Let people have their damn homebrew and just reflash (a little extreme, but tests are important) the calculator or do an MD5 integrity check to prevent just about any hacking attempt when entering exam mode (That's what I told the development team, but they don't care, I guess). You could just have the school distribute clean calculators for tests and have students use their own for homework and small tests. EZ solutions.

Reply to this comment    19 September 2020, 22:48 GMT


Re: Re: CE jailbreak allows ASM programs to work again!
Zeroko  Account Info

Any revision M or newer CE does an SHA256 checksum of the OS that is then checked against a 2048-bit RSA signature (with the key stored in the boot code) every time it resets, so pressing reset before entering test mode would suffice.

Reply to this comment    22 October 2020, 21:31 GMT

Re: CE jailbreak allows ASM programs to work again!
lux788 Account Info
(Web Page)

It is amazinng how the technology progresses forwards.
I really appriciate how some develop jailbreaks for any devices. So much effort and time it takes.

Reply to this comment    20 November 2020, 10:14 GMT

  Copyright © 1996-2012, the ticalc.org project. All rights reserved. | Contact Us | Disclaimer