AngryDad

Well, after over 40 hours of reverse engineering, the OK button has been finally bypassed programmatically.

Demonstration and more details will follow in a couple of days.

I am now cleaning my little patch for navi.exe that removes the darn OK button.

What has been done so far:

1. A LOT of time wasted figuring out how navi.exe works
2. Navi debug API was reverse engineered
3. navi.exe .text section was expanded to accommodate my logger code
4. The logger was used to log states, event details, and dump data
5. navi event interface was reverse engineered
6. Events related to the nag screen were adjusted so the OnOKButton() event gets called automatically.

The patch will not remove the ~7 sec delay from the point where nag screen is displayed to the point where OK buttons appear. This is not a programmed timeout, navi actually does map initialization during that time.

Also, it does not seem to be possible to keep welcome image displayed to the point where OK button is clicked. This needs further investigation though, so there's some hope.


/AngryDad

FAST4DR

I bow down in awwwwww. Oh master programmer genius. *music rising to crescendo* This is the crack of all cracks!!!

MichaelBenz

iTrader: (2)

Wow....I would consider delving into this if it works....didnt really want to mess with this computer....but I may have to. Subscribed!

You da man!

datmrman

I, along with many others, are glad you are actively pursuing this.

Please keep us posted. Thanks!

The Dougler

iTrader: (1)

AngryDAd, you are the man, I bow in respect! I can't wait for the full details to follow. I think everyone here owes some serious respect. Thanks for putting in the effort for all of us to benefit.!

urbaita1

Angrydad is THE man. Thank you!

leedogg

muahhaha cant wait.

csmeance

i just hope that it can be worked with the 3.30G CD unlike the other patch.

BrandonClaps

Get your donations ready!!!

zax123

Wow, that's really impressive man. Thanks for spending all the time on it, that's awesome!

You've obviously got a great understanding of the whole system now. Would you say it would be possible to add custom apps to the INFO screen? You've already linked to the TripComputer EXE as you mentioned in another thread...

What about an app that we could write for WinCE that would play MP3s loaded on a PC Card in the slot back there?

I'm really just saying this for curiosity's sake as having an iPod hooked up to my car is working great.

In the end, you've accomplished a huge feat, congratulations!!

Do you actually have an SH4 emulator running on your PC? Would you be willing to share it?

kennyc

Awesome Angrydad! Looking forward to it!

waacow

Old school way rocks !! looking forward to the patches and hopefully it can work with different version of exe (*crossfinger*). If we needs to send you every version of the navi.exe, I'm sure we can do that.

sejong

I agree this is a BTFD moment for AngryDad. Very impressive.

For the most leverage of this work, it would be great if it could be adapted to other versions of the Navi software, particularly the white DVD's that seem to:

1. Load data from one set of BINs

2. Read the model identity from a source not on the DVD, perhaps the Windows CE Registry

3. Put some code from exe's into dll's, for example Navi.exe seens to have been superseded by NaviControl.dll that is called by some exe.

chfields

Will this work on other Honda/Acura navi's or only the TL's?

TerminaderTL

Wow - REALLY looking forward to being able to bypass the OK button manually.

Thanks for all of your time working on it!!!

aznbo187

iTrader: (1)

Thats great news!! Hopefully there arent too many more roadblocks until an "OK" free start up!

BrandonClaps

you do that already now :o

mustiy

Good stuff angry dad, really appreciating the time and effort you're putting into this. If the Dreamcast was hacked (uses the same processer and winCE!) hopefully the navi will too, cant wait what else you find out in the upcoming days.


Subscribed...

johnny--2k

I love you angry dad....





















j/k.....that is bad ass though!

WetWork999

subscribed...

Congrats and a huge thank you Angry Dad. Now I just need for Oct to get here so I can get my TL.

A

AngryDad

With low to medium efforts it can be adapted to any version of Alpine navi that honda uses.

/AngryDad

AngryDad

What car was it? Actually, never mind. Enen if it works as you described, it shares the same code base and it is hackable using the same technique.

/AndryDad

met152

I apologize in advance AngryDad, I'm impatient, I already know this...

but, do you know when you're going to release this patch?
Even though I'm subscribed to the thread, I find myself checking this page every 1o minutes to see if you've posted it yet.

Thanks,
Mike

BrandonClaps

Does this patch bring up the ok at all? or does it go right to the map screen?

AngryDad

By the way,

It seems to me that Honda's/Alpine's 185% profit margin from selling updated navi DVDs is just a little bit too high. ($185 for the DVD that costs around $1 to produce in bulk).

Has anyone tried to copy the navi DVD to a dual-layer disk and boot off that disk (e.g. Diag->Version->"Load Disk")? If navi DVD drive supports DL DVDs, it is technically feasible to make a "backup" copy from your friend's fresh navi DVD and use it in your car. Never mind that "Invalid disk" message, it can be bypassed by patching HMIManager.exe.

Oh, and if anyone asks, you didn't get this from me.

/AngryDad

zax123

$1 -> $185... not to mention their 18500% profit margin

I completely agree that it's too high!!

Many people have tried making backup copies of the disc and get the "Invalid Disc" message. I'll try making a copy and doing the load trick you're talking about. If we can do this, I'll gladly host ISO copies of the latest Navi disc for download. If you can patch the HMIManager.exe that is...

I guess we'd have to load a patched HMIManager.exe via CD and THEN put in the copied DVD-DL right?

AngryDad

No buttons. But it still displays nag text (which can be customized to suit your mood). When the text goes away (10 seconds, or so) the map appears.

I'll post the video later.

I may continue working on it to get rid of the text (extending welcome picture to the point where the map appears) or to completely remove the delay (which may or may not be possible).


/AndryDad

AngryDad

I stand corrected. Forgot 2 zeros.

/AngryDad

Warren803

Well I've already customized my nag text so its not so annoying. Its the pressing of the OK button that sucks. So most people would proably be happy with just a modified nag text and no button press. Either way, great job...

johnny--2k

^^ HAHAHA....thats great! Especially the last one!

DeadLock

Good thread......I am deff going to try to apply this patch when its available.

BrandonClaps

rofl!

mustiy

Give it a go, and gl - i'll be glad to host it aswell.

The Dougler

iTrader: (1)

AngryDad, your the man! With regards to copying the navi disc i heard someone hear did it on a MAC with ease and it worked flawlessly. Fortunatly my macbook is in the mail and should be here tomorrow from apple so i will give it a try as soon as i can. Keep up the great work everyone.

pohljm

AngryDad.........You are the best!

That first hack to run trip computer natively was beautiful and so easy to install. I cannot wait to eliminate the OK button through this upcoming hack.

I know that I speak for many when I say that your time and effort are greatly appreciated by more than you can imagine. We owe you beers for life.

rwbentley

Great work angrydad! I applaud your efforts along with the others here. And...more input for later down the road...is there a way to get the screen to return to where it was when the car was last turned off? i.e. audio screen instead of nav screen?

Thanks again for these efforts. I know this takes a lot of time and I appreciate your efforts 18500%

lithiumus

Hey Angrydad,

I’m looking to do something a little different, though removing the nag button is a good thing… The newer 4.x software versions have a much quicker delay. It’s probably only about 3 seconds rather than 10 seconds for the OK button to show up.

What I’m trying to do is figure out the boot sequence and the logic behind which applications / files are called / loaded per vehicle type. I’m trying to load different software i.e. XM traffic from RL and HFL from TSX / RL using Accord DVD Hardware.

I don’t mind spending the effort decoding it and helping you. I’m relatively tech savvy, I just haven’t programmed in some time. Point me in the right direction to set up an environment and I’ll poke around. LMK.

datmrman

Here is the thread on backing up the navi disk: Burn DVD Nav disc?

zax, I know you are trying to help out, but if you post the ISO, I will be forced to delete it and possibly report it. We would not like to see a lawsuit from Acura. Thank you.

AngryDad

Well... There would be no delay at all and the navi would be far better if there were more dedication at Alpine to actually writing software rather than reusing 5+ year old code of questionable quality and wasting resources on customizing 6-series beemers

/AngryDad

kennyc

yikes! that was nasty....

and not in a good way...