Hey everyone i am messaging you to ask for help. I and other developers created project FreeXR (and BreakXR) where our ultimate goal is to enable running replicant or linux-libre on standalone Extended Reality Headsets e.g. META Quest which are very economical and available to the general public. We were able to discover root exploit that still affects all firmware versions, but due to QFPROM being used as tivoization we can't run it as it's using QFPROM which is a memory inside of the SoC that stores public key which is used to verify the secure boot and the manufacturers are refusing to provide these for us so that we can boot our software stack. We are already in talks with a law firm about approaching this legally, but we are going against huge corporations so it will take some time to do. So i am here asking you for help.. We are trying to break the secure boot so that we can load our own software on the devices and enable further development.. Our members already ported some of the parts close to mainline ([1]https://gitlab.postmarketos.org/postmarketOS/pmaports/-/merge_reque sts/6748) and are cooperating with StardustXR ([2]https://stardustxr.org) to implement the User Interface (which is already ready to use) as there currently isn't any other alternative beyond wlx-overlay-s which is not standalone and with mercury hand-tracking ([3]https://monado.freedesktop.org/handtracking) to enable user input using computer vision. Additionally to software we are also working on hardware, these headsets have resin lenses that are very easy to scratch and so i am developing a very user-friendly and economical method to fix those. We are also going to do 3D scans to enable custom chasis designs and want to eventually expand on OSHW headset. If you want to help us then all the firmware versions of META Quest are currently vulnerable, you can get these devices for around 150-250 EUR/USD and with [4]https://xdaforums.com/t/app-5-0-private-quest-vr-headset-management- tool.4695491 you can bypass the "first time nux" application that forces update (WARNING: IT IS NOT POSSIBLE TO DOWNGRADE! So try to stay on as low version as possible) and requires you to have meta account to use the device or just contact me and i will run experiments for you. There is also a matrix bridge if you prefer direct messages: [5]https://matrix.to/#/#quest-rooting:matrix.org Thanks for anything relevant, - Kreyren
References 1. https://gitlab.postmarketos.org/postmarketOS/pmaports/-/merge_requests/6748 2. https://stardustxr.org/ 3. https://monado.freedesktop.org/handtracking 4. https://xdaforums.com/t/app-5-0-private-quest-vr-headset-management-tool.4695491 5. https://matrix.to/#/#quest-rooting:matrix.org
_______________________________________________ libreplanet-discuss mailing list libreplanet-discuss@libreplanet.org https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss
