08-07-2024, 12:48 PM | #1 |
Junior Member
Posts: 2
Karma: 1000
Join Date: Aug 2024
Device: PW
|
Preventing OTA updates without JB and WiFi active
Hey. I just wanted to share a way to prevent updates without jb and wifi still active. I got it working on two PW devices. It should work on other devices too.
You just need to block those domains in your router and then restart your kindle so it doesn't update with cached dns. Of course your router needs to support blocking by fqdn. softwareupdates.amazon.com updates.amazon.com prod.ota-cloudfront.net I'm using the fritzbox router with activated parental control feature for the kindles. |
08-07-2024, 01:08 PM | #2 |
Junior Member
Posts: 2
Karma: 1000
Join Date: Aug 2024
Device: PW
|
And to save someone some trouble wiresharking the kindle pw2 yourself here is a full dump of every dns query the kindle pw2 initiated after a cold boot and some clicks in the settings + shop:
Code:
1349 74.885863 DNS 170 Standard query response 0x3dae A dogvgb9ujhybx.cloudfront.net A 13.32.118.56 A 13.32.118.157 A 13.32.118.79 A 13.32.118.172 1351 74.920795 DNS 156 Standard query response 0xe70c A dns.kindle.com A 205.251.199.84 A 205.251.196.103 A 205.251.193.252 A 205.251.194.155 1354 74.946818 DNS 281 Standard query response 0x7697 A spectrum.s3.amazonaws.com CNAME s3-1-w.amazonaws.com CNAME s3-w.us-east-1.amazonaws.com A 3.5.0.135 A 52.217.117.33 A 3.5.28.220 A 3.5.17.120 A 3.5.27.16 A 52.216.219.225 A 3.5.28.247 A 16.182.72.49 1381 75.674039 DNS 109 Standard query response 0x8925 A pins.amazon.com A 23.23.189.94 1404 76.020234 DNS 112 Standard query response 0xa900 A ntp-g7g.amazon.com A 52.45.237.36 1406 76.029271 DNS 264 Standard query response 0x4bf4 AAAA ntp-g7g.amazon.com AAAA 2600:1f18:b38:4f01:9188:5d00:f733:c308 AAAA 2600:1f18:b38:4f01:befb:d562:ed78:b3af AAAA 2600:1f18:b38:4f02:5de1:e03:4c3f:7c60 AAAA 2600:1f18:b38:4f01:bd34:1538:225c:8a17 AAAA 2600:1f18:b38:4f01:3918:b0dc:fb51:e92b AAAA 2600:1f18:b38:4f02:18d4:301:a5b7:b7ac 1408 76.039187 DNS 171 Standard query response 0xe0bd A d18os95hu8sz6h.cloudfront.net A 13.32.27.110 A 13.32.27.55 A 13.32.27.30 A 13.32.27.21 2050 84.865014 DNS 107 Standard query response 0xf682 A api.amazon.de A 3.253.180.250 2051 84.873597 DNS 178 Standard query response 0x8af9 AAAA api.amazon.de SOA ns-1551.awsdns-01.co.uk 2205 87.183156 DNS 142 Standard query response 0xc0a5 A softwareupdates.amazon.com CNAME updates.amazon.com A 44.215.138.245 2242 88.079874 DNS 183 Standard query response 0x4834 A d1s31zyz7dcc2d.cloudfront.prod.ota-cloudfront.net CNAME d2jmp5j6kma5v6.cloudfront.net A 18.66.96.96 2281 89.078442 DNS 110 Standard query response 0xb1c0 A hh2.amazon.co.uk A 3.253.178.39 2282 89.085961 DNS 178 Standard query response 0xe187 AAAA hh2.amazon.co.uk SOA ns-753.awsdns-30.net 2325 89.534639 DNS 113 Standard query response 0x4b41 A dcape-na.amazon.com A 44.215.132.72 2326 89.536469 DNS 171 Standard query response 0x3376 AAAA dcape-na.amazon.com SOA ns-806.awsdns-36.net 2395 91.444079 DNS 117 Standard query response 0xde86 A daols-opf-eu.amazon.com A 3.253.170.39 2560 93.816340 DNS 167 Standard query response 0xcbf4 AAAA api.amazon.com SOA ns-1389.awsdns-45.org 2561 93.818190 DNS 108 Standard query response 0x51be A api.amazon.com A 52.119.198.186 2583 94.292044 DNS 110 Standard query response 0x2399 A msh.amazon.co.uk A 52.95.126.126 2585 94.299076 DNS 175 Standard query response 0xe325 AAAA msh.amazon.co.uk SOA ns-110.awsdns-13.com 2734 98.217861 DNS 170 Standard query response 0xebc2 A dogvgb9ujhybx.cloudfront.net A 13.32.118.56 A 13.32.118.157 A 13.32.118.79 A 13.32.118.172 2862 102.730327 DNS 110 Standard query response 0x6120 A a4k.amazon.co.uk A 3.253.180.255 2863 102.738575 DNS 176 Standard query response 0x5f34 AAAA a4k.amazon.co.uk SOA ns-1690.awsdns-19.co.uk 2952 104.736598 DNS 232 Standard query response 0xce68 A s3-eu-west-1.amazonaws.com A 52.218.91.115 A 52.92.35.240 A 52.218.116.72 A 52.218.29.51 A 52.92.33.72 A 52.218.118.96 A 52.92.18.96 A 52.218.1.163 3245 107.851571 DNS 124 Standard query response 0x2786 A device-messaging-na.amazon.com A 52.46.133.103 3270 108.152620 DNS 113 Standard query response 0x4305 A kwis-opf.amazon.com A 44.215.132.82 3271 108.164144 DNS 172 Standard query response 0x24fe AAAA kwis-opf.amazon.com SOA ns-1423.awsdns-49.org 3363 109.086686 DNS 124 Standard query response 0x4947 A device-messaging-na.amazon.com A 52.46.133.103 3928 115.078479 DNS 154 Standard query response 0xc887 A device-metrics-us.amazon.com A 34.195.153.29 A 3.234.165.228 A 35.173.14.214 4120 118.648241 DNS 222 Standard query response 0xa24d A s3.amazonaws.com A 52.216.128.165 A 52.217.121.208 A 52.216.216.192 A 52.217.85.110 A 3.5.22.86 A 52.217.71.158 A 3.5.8.152 A 52.217.47.86 4154 118.901693 DNS 170 Standard query response 0x6cbe A dogvgb9ujhybx.cloudfront.net A 13.32.118.157 A 13.32.118.56 A 13.32.118.172 A 13.32.118.79 4240 119.727779 DNS 225 Standard query response 0xff95 A unagi-na.amazon.com A 44.215.132.93 A 44.199.180.130 A 44.215.117.206 A 44.215.118.141 A 44.215.132.248 A 44.215.143.203 A 44.215.133.78 A 44.215.116.52 4548 120.900843 DNS 154 Standard query response 0x34d6 A device-metrics-us.amazon.com A 34.195.153.29 A 3.234.165.228 A 35.173.14.214 5364 125.518525 DNS 185 Standard query response 0x3969 A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 5365 125.528271 DNS 393 Standard query response 0x768f AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 5482 126.193211 DNS 185 Standard query response 0x8e8b A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 5483 126.193779 DNS 393 Standard query response 0xaf87 AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 5659 127.277560 DNS 185 Standard query response 0x5712 A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 5660 127.278177 DNS 393 Standard query response 0x089d AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 5761 127.614268 DNS 190 Standard query response 0x6c87 A prod.eu-west-1.mystique.digital-books.amazon.dev A 143.204.215.18 A 143.204.215.13 A 143.204.215.122 A 143.204.215.69 5980 129.367004 DNS 185 Standard query response 0xa4f4 A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 5981 129.368527 DNS 393 Standard query response 0x4a4c AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 6131 129.934361 DNS 185 Standard query response 0xdeda A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 6132 129.935111 DNS 393 Standard query response 0x59a9 AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 6246 131.032342 DNS 185 Standard query response 0x449b A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 6247 131.033053 DNS 393 Standard query response 0x47ea AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 6281 131.586704 DNS 185 Standard query response 0x87e5 A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 6282 131.587708 DNS 393 Standard query response 0xd1e0 AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 6372 132.392617 DNS 124 Standard query response 0x8759 A device-messaging-na.amazon.com A 52.46.133.103 6385 132.436387 DNS 116 Standard query response 0x2786 A todo-ta-g7g.amazon.com A 44.215.132.234 6407 132.669190 DNS 185 Standard query response 0x4491 A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 6408 132.669619 DNS 393 Standard query response 0xc041 AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 6582 134.294563 DNS 116 Standard query response 0x8759 A todo-ta-g7g.amazon.com A 44.215.132.234 6585 134.300400 DNS 116 Standard query response 0xc4e9 A todo-ta-g7g.amazon.com A 44.215.132.234 6587 134.302635 DNS 116 Standard query response 0x95b4 A todo-ta-g7g.amazon.com A 44.215.132.234 6592 134.307786 DNS 116 Standard query response 0xafa9 A todo-ta-g7g.amazon.com A 44.215.132.234 6593 134.308430 DNS 116 Standard query response 0xc0a5 A todo-ta-g7g.amazon.com A 44.215.132.234 6634 134.810432 DNS 185 Standard query response 0xf4f1 A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 6635 134.811595 DNS 393 Standard query response 0x32a2 AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:7200:e:13a1:b914:2321 AAAA 2600:9000:223e:de00:e:13a1:b914:2321 AAAA 2600:9000:223e:5200:e:13a1:b914:2321 AAAA 2600:9000:223e:2c00:e:13a1:b914:2321 AAAA 2600:9000:223e:3200:e:13a1:b914:2321 AAAA 2600:9000:223e:8c00:e:13a1:b914:2321 AAAA 2600:9000:223e:7a00:e:13a1:b914:2321 AAAA 2600:9000:223e:6000:e:13a1:b914:2321 6746 135.233291 DNS 116 Standard query response 0x8061 A todo-ta-g7g.amazon.com A 44.215.132.234 6757 135.274644 DNS 163 Standard query response 0x7544 A det-ta-g7g.amazon.com A 18.234.8.50 A 174.129.165.207 A 52.54.36.84 A 34.195.16.139 7146 141.416145 DNS 185 Standard query response 0x009b A www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net A 52.222.239.71 7147 141.438394 DNS 393 Standard query response 0x5026 AAAA www.amazon.de CNAME tp.abe2c2f23-frontier.amazon.de CNAME djvbdz1obemzo.cloudfront.net AAAA 2600:9000:223e:a000:e:13a1:b914:2321 AAAA 2600:9000:223e:4c00:e:13a1:b914:2321 AAAA 2600:9000:223e:fc00:e:13a1:b914:2321 AAAA 2600:9000:223e:f600:e:13a1:b914:2321 AAAA 2600:9000:223e:9000:e:13a1:b914:2321 AAAA 2600:9000:223e:f400:e:13a1:b914:2321 AAAA 2600:9000:223e:c00:e:13a1:b914:2321 AAAA 2600:9000:223e:9a00:e:13a1:b914:2321 7801 144.838340 DNS 170 Standard query response 0x335c A dogvgb9ujhybx.cloudfront.net A 13.32.118.157 A 13.32.118.56 A 13.32.118.172 A 13.32.118.79 7825 145.195446 DNS 116 Standard query response 0xc92c A todo-ta-g7g.amazon.com A 44.215.132.234 |
08-10-2024, 03:30 PM | #3 |
Junior Member
Posts: 3
Karma: 10
Join Date: Aug 2024
Device: kindle pw4
|
Should we get a github gist going for pihole & adguard users?
|
11-04-2024, 04:53 AM | #4 |
Addict
Posts: 353
Karma: 3893015
Join Date: Aug 2016
Location: Czech Republic
Device: Voyage, Oasis, Scribe, Colorsoft, Libra Colour
|
Just wanted to give a heads-up that this did not work for me. I have those three domains blocked in Pi-hole and yet my Scribe updated from 5.16.9 to 5.16.21 when I toggled off airplane mode for around 20 minutes this morning.
I can confirm that some requests to softwareupdates.amazon.com were correctly blocked; no requests to the other two domains were made. There were several requests to random cloudfront.net subdomains, but not specifically to prod.ota-cloudfront.net. There were also a number of suspicious calls to amazon-owned domains around the time of the update, but it's hard to say which ones are directly related to the update. (Unfortunately I don't know exactly when the update was downloaded, and there's a lot of traffic on my network right now.)
Plus other similar ones on amazon.co.uk. Anyway, just wanted to highlight that unfortunately this method is not safe currently. |
11-04-2024, 09:00 PM | #5 |
Guru
Posts: 846
Karma: 2525050
Join Date: Jun 2010
Device: K3W, PW4
|
Sounds like the only way to be safe until this is solved is either stay off WiFi or fill storage to the point that an update cannot be downloaded.
Dave |
11-04-2024, 09:43 PM | #6 |
Wizard
Posts: 1,442
Karma: 16297052
Join Date: Sep 2022
Device: Kobo Libra 2
|
It's unlikely this method will ever work reliably. Amazon is adept at bypassing blocklists; ad blockers work well on YouTube, but they don't generally work on Twitch, which is owned by Amazon. Amazon has an unlimited supply of slightly different domains to try until it finds one you're not blocking.
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Preventing updates | Yonder | Kobo Developer's Corner | 2 | 10-13-2023 03:17 PM |
Preventing OTA updates | vkredxyz | Kindle Developer's Corner | 1 | 05-08-2022 04:37 PM |
Does using wifi in KOReader put me at risk of OTA updates ? | guywithakindle | Kindle Developer's Corner | 2 | 04-22-2021 03:34 PM |
PW4 Ask for effectively preventing OTA update 5.12.x | Uphantom89 | Kindle Developer's Corner | 11 | 05-13-2020 10:23 AM |
PW-3, FW-5.6.1.1, WiFi and OTA updates | knc1 | Kindle Developer's Corner | 16 | 10-31-2015 11:45 AM |