Andy Goetz

Echo Project

#echo #amazon #reverse-engineering

Useful information for reverse engineering Echo Dot. This is a constantly edited page that will get more information as it is added.

Focusing on V2, since it is new enough to be pretty powerful, but old enough to have exploits, and it is old enough not to use a custom SOC, but the same SOC as the Kindle Fire HD 8.

Hardware info

Important Components:

Part Number Description
ADC 3101 TI 681 AE4X Microphone ADC
R3019 3236 Microcontroller on mic board
DAC 32031 TI 68k CQ61 output DAC
MEDIATEK MT6625LN 1628-AJC8L BAP0M972 ATG14T11 4 in 1 Wireless chip
MEDIATEK MT6323LGA 1629-AGAH CTG14U07 PMIC
MEDIATEK ARM MT8163V 1636-KBCAH CCMKYRHS SoC
MICRON 6PA98 JWB30 Combo 4Gb LPDDR3, and 4GB eMMC MLC memory

MediaTek Software info

Old info on how mediatek SoCs boot up:

Bootloader Exploits

Amazon Echo software info

Basic Android Info

It seems like the goal of most android tablet exploits is to “unlock” the bootloader, which means enabling the freeboot bootloader to flash overwrite partitions.

Its not enough to get write access though, you also need to bypass Android Verified Boot.

MediaTek Software stuff