Huck's Journal of Sorts

EDIT: Replaced download link with a fixed version as the previous one had a seemingly-intact yet broken boot.img that works fine at first glance, but would cause an error message if you attempt to perform an OTA update. Alright, I'm sure some of you may remember the now-infamous guide on how to turn that LeapFrog Epic demo unit you bought off eBay into a fully-functional device last year. It did work well by all intents and purposes, even going so far as being able to connect to LeapFrog services and download apps off their store, but the problem here is it relied on a method involving a workaround using a modified demo ROM, and the hidden Write Memory feature in SP Flash Tool (The secure boot feature in some MediaTek devices actually has this loophole where most critical system images e.g. boot and recovery are checked if they're properly signed on bootup, but system isn't for whatever reason, likely due to FOTA updates or something). Not to mention that the modifie...

Pun intended, that is. Lately I've noticed that tablets from certain vendors such as RCA, Nextbook and LeapFrog have implemented a security feature by Singapore-based Digital Safety , also known as DiSA. According to the Digital Safety website, it "is designed to offer complete supply chain and in-store protection against shrink." Fig. 1: A DiSA-protected device being activated That is, it does away with physical anti-theft locks wrapped on the device's box prior to being sold to the end-user, and replaces it with an activation system that prompts for a code to be given by the sales person by way of a receipt. As mentioned earlier, this has been implemented by a number of manufacturers, though I don't think they've done so with Apple considering they already have a system that's already effective enough as it is. And I don't think that it has rolled out on all retail outlets either, especially with e-commerce and online stores displacin...

Right now I am currently looking for the following devices to aid in servicing LeapFrog Epics: I honestly don't know if this would actually help with the locked bootloader situation we're having with LeapFrog, but I do have at least some hope on circumventing the restriction they somehow implemented. I understand if they did lock down the device somewhat for security's sake, but this basically left hobbyists, especially those who have been working with LeapFrog devices, in the dark, just as when kernel sources are available upon request. I know this sounds a bit embarrasing for me to ask for something from you guys, but if anyone is willing to spare a dime or two, please let me know so I can continue on helping parents like you and fellow hackers alike.

EDIT: If you have any inquiries or are getting stuck with updating the ROM, kindly let me know either on the LeapFrog Epic Guy page on Facebook, or on my personal Facebook account .  ...or as what I call it, KermitMod. :P My previous post about the Epic was quite a mouthful, but here's a link to the edited ROM for ex-demo units to be converted to retail. I basically had to edit the demo firmware to work around the issue of the bootloader being locked, preventing ROM backups from other Epics to be flashed through normal means. https://mega.nz/#!cuhHFYTC!GC6wU1MxDybNX_tU50aMpHbFnb3TjAh5dVaWn_cNj8Y As what I wrote earlier, this ROM has to be flashed using a feature tucked away in SP Flash Tool, i.e. Write Memory. You can't flash this as you would with any MediaTek device, as it would give out an authentication error. A bonus feature I added for this is support for Google Play services, allowing owners of ex-demo units to download content off Google Play Store like YouTu...

EDIT: If you have any inquiries or are getting stuck with updating the ROM, kindly let me know either on the LeapFrog Epic Guy page on Facebook, or on my personal Facebook account . OK, so a bit of a rant, though for one I gotta give LeapFrog some credits to this. Sure, repairs are a service centre away, and the main market for this device are kids and their parents, but what about the more tech-savvy parents (e.g. geeks or tinkerer types) who'd certainly re-purpose or service their kids' Epics either because it broke down or gone on a boot loop for some reason? You see the main thing with this is the preloader, or other words the bootloader, is locked from tampering, making it next to impossible to use custom ROMs or kernels. You can somehow subvert this by editing just the system.img offline assuming you extracted it off your device, or in the case of backups, backing up the whole ROM image, boot/recovery and other images included, to a single ROM_0 file, and flas...