Five years ago, I bought a Supernote A5. It was (and mostly still is) a great device for reading and writing on an eInk display, and it runs plain old linux.

The deciding reason I went for this device instead of the competition is that I was “under the impression” that they were about to enable full SSH access to the device! Awesome!

“Why were you under that impression?”, I hear the skeptics ask. Well, their spokesperson has stated that they would do so. Via mail, and on reddit, publicly, multiple times. I was still torn, so sent them a DM, asking if this was ineed factual. “Yes”, they said, “the next quarterly update will enable SSH access!”.

Great!

Well, it’s been 5 years. They did not follow through. A couple updates were published, none contained the promised functionality, the spokesperson stopped answering questions about SSH. The last software update I received is from 2.5yrs ago. Mentions of the original Supernote A5 have largely been scrubbed from their website.

Let me be clear, the device still functions perfectly. But it is in danger of becoming e-waste because it is so needlessly complicated to get stuff on the device. I’m currently in need of an ebook reader with (ideally) OPDS capability, and I am pretty confident I’d be able to get something like koreader running on this, or at least just run a script to sync files over SSH. Also, I frankly feel wounded in my pride having a Linux device in my possession which refuses to do my bidding (I’m joking of course, but also I am 100% serious).

Here’s all I know:

  • plugging it in via USB, the device reads as an MTP device, with access only to the documents/books/… stored on it
  • you can place an update.zip file (obtained from the SN website) into the root of that MTP directory, and upon reboot, the device will update. To me, this appears to be the most promising route of gaining access.
  • unfortunately, the zip file is encrypted. The decryption key clearly has to be known to the device, but since I have no access to it,…

I’m a software engineer, but I have zero knowledge of the “dark arts”, so to speak. If anyone could help me (or point me into the right direction!), I would really be grateful. I don’t want this (generally nice) product to turn into a paperweight instead of a paper replacement :(

  • 0v0@sopuli.xyz
    link
    fedilink
    arrow-up
    21
    ·
    9 days ago

    The inner zip files are just stored, uncompressed:

    Archive: update.zip
    Index Encryption Compression CRC32    Uncompressed  Packed size Name
    ----- ---------- ----------- -------- ------------ ------------ ----------------
        0 ZipCrypto  Store       d1bca061     65761967     65761979 system_lib.zip
        1 ZipCrypto  Deflate     64a3f383         2183          741 config.json
        2 ZipCrypto  Store       3731280f     89300292     89300304 app.zip
        3 ZipCrypto  Store       a2bd64f5    135518964    135518976 app_lib.zip
        4 ZipCrypto  Store       700eb186      5996410      5996422 system.zip
    

    So 12 bytes from the original content.