Archive for the ·

Mobile Phones

· Category...

Android Hacking

Comments Off

In a recent post on his blog, Thanassis Tsiodras has an impressive tale of his Android hacking adventures. Wanting to run Debian from chroot, he ends up customizing the boot image; attaching a serial logger to the headphone jack; and intercepting the over-the-air update image to control the boot process.

At last, it seems he achieved what wanted, but of course at an extremely high price. Most mobile devices are now very hostile towards any other use than was is dictated by the manufacturer and OS vendor. Thanassis ends his article on a sober note, saying that once even this hack is secured against “Android might as well be called iOS”.

Comments Off

Importing contacts to the Ubuntu Touch phone

Comments Off

I recently bought the bq Aquaris E4.5 Ubuntu Edition. As the name suggests, it comes with the new Ubuntu Touch OS. It’s a refreshing take on a phone OS, and with it’s GNU/Linux base system, apt-get repository backed installation, it is in fact the phone I’ve always wanted. However, at this stage it is still in beta, so if you expect a polished UI and applications, you’ll have to wait. At €169, it is not a bad deal, and I see it as part of my contribution to free open source software this year.

There are a number of features still lacking or half-backed. For example, there is Bluetooth, and I could connect my Android phone, but not transfer a VCARD contact information. Also, there seems to be no way to import a VCARD file. However, as the contacts database is based on the GNOME Evolution application, I could edit its SQLite database. Below is the procedure I used to successfully transfer my phone and contacts list from an Android (Android 4.3, Cyanogenmod 10.2) phone to the Ubuntu Touch (Ubuntu 14.10 (r21)).


On the Android phone, open the “People” app, select its settings pop-up, and click “Import / Export”. In the selection window, choose “Export to storage” and acknowledge. A text file with your contacts information will be saved somewhere on your device. Find it, and transfer it over to your computer by e-mail, SFTP, etc.


Maybe there is a better way to import the file, but I did a raw edit of the SQL DB. It means I had to convert the VCARD file to SQL INSERT commands. The following awk script takes care of that.

cat 00001.vcf | awk -F":" 'BEGIN { FS = ":"; i=0 }; {
if ($0 ~ /BEGIN/) {
  print "INSERT INTO folder_id(uid, vcard) VALUES(\"" i  "\", \"BEGIN:VCARD";
} else if ($0 ~ /END/) {
  print "END:VCARD\");"
} else if ($0 ~ /FN/) {
  print "X-EVOLUTION-FILE-AS:" $2 "\nFN:" $2
} else {
  print $0
} }'


Besides adding the SQL statement, this adds the special field X-EVOLUTION-FILE-AS, and a unique ID counter. All fields in the DB will not be populated, however, it will still work. And, the first time you edit one of the contacts from the phone UI, it will update and populate the rest.

Save the result of the command to update.sql (or any other file name you like).

Finally, transfer the result of the awk command as a file to the Ubuntu phone, and modify the contacts DB. (Please note, I take no responsibility for loss of data or other failures this might cause).

The contacts SQLite3 file is located at

sqlite3 -init /tmp/update.sql contacts.db

This will execute the specified sql file, and then open sqlite3 in interactive mode. You can list the contacts table to verify:

SELECT * FROM folder_id;

Finally, you want to stop any processes using the address book. After exiting the SQL shell (CTRL+D), use something like:

kill `ps aux |grep -i address.*book | grep -v grep | tr -s ' ' | cut -d ' ' -f 2`

Now open the Contacts app on the phone, and confirm that all information is there.

Comments Off

Microsoft-Nokia’s new phone: It’s an Android

Comments Off

In a surprise move, the result of the Nokia buyout by Microsoft is a new Android based phone, the X2. (Yes, I double checked that it was not a 1st April story). BBC reports that the mid-range smart-phone will be Android based, but that the UI will look like Microsoft’s Windows Phone.

At an estimated price of 100 Euros, the specs are not overwhelming, with 1 GB RAM, 5 MP camera. However, interestingly it’s a dual SIM phone. That suggests it’s targeting the Asian market, where people are shopping around for the best SMS and calling rates, and dual SIM phones are very popular.

As expected, the phone will not feature the common Google service apps, like Gmail, Calendar, Hangouts, Maps, and Youtube, but instead replace them with Microsoft equivalents like Outlook, Skype, and Bing. However, it also means that the Google Play store will not be available either, so Microsoft and Nokia will somehow have to back-fill their own market. Or perhaps developers will have to submit their Android apps to yet another market. Many open source apps are already dual-hosted on Google Play and the free software based app market F-Droid.

Comments Off

Android SDK tools on Debian Wheezy

Comments Off

After downloading the Android SDK bundle, I could not start adb and fastboot, getting somewhat bizarre error messages like:

bash: ./adb: No such file or directory

bash: ./fastboot: No such file or directory

./adb: error while loading shared libraries: cannot open shared object file: No such file or directory

All of those were due to missing dependencies for i386 libraries. Doda’s article on the topic solved the issue. They can be installed by:

dpkg --add-architecture i386
aptitude update
aptitude install libstdc++6:i386 libgcc1:i386 zlib1g:i386 libncurses5:i386

Comments Off

Replicant on Galaxy Nexus

Comments Off

After nearly two years on a custom built Android OS, it was time to upgrade. I now have the latest (4.0.4) Replication build for Galaxy Nexus running.

Before installing, I went through a few extra flashes, just to make sure everything would go smoothly. I started out with putting back the original factory images, provided by Google. Download, unpack, and run the included script That was up and running within a minute or two.

Next, I tried CyanogenMod’s build for Galaxy Nexus, including the ClockworkMod Recovery boot image. I used the touch image found here, and simply flashed with:
fastboot flash recovery recovery-clockwork-touch-

I used the from here, and followed the installation procedure using the recovery image seen here. The only difference was that I had to boot the phone fully to have access through adb. Pushing the zip file while in recovery mode did not seem to work. Besides that, everything went smooth. It’s probably worth noting that the camera still works with the CM 10.1.2 build.

So far, so good. Now for the Replicant images. I downloaded the 4.0 0004 build. The instructions suggests the Heimdall recovery image for installation, but I tried to flash through fastboot instead. Thus the install went something like this, while the phone was on the bootloader screen (not in recovery mode).

sudo fastboot erase boot
sudo fastboot erase userdata
sudo fastboot flash boot boot.img
sudo fastboot flash recovery recovery.img
sudo fastboot flash system system.img
sudo fastboot flash userdata userdata.img
sudo fastboot reboot

That worked fine. Replicant booted, and it all looks good. Note that the recovery image which came with the Replicant build was an older version of the ClockworkMod, without touch. So, following the CM install steps above, I could have skipped that. But it doesn’t make a big difference.

The only problem with the Replicant image is that it does not contain a free version of the firmware drivers for things like WiFi and camera, and thus they don’t ship the proprietary binary blobs either. Now, that might be what you want, however, I choice to include the wifi binaries. I copied the ones from the CyanogenMod build. It went something like this:

First remount /system writeable
adb shell
mount -o rw,remount -t ext4 /dev/block/platform/omap/omap_hsmmc.0/by-name/system /system

Back on the terminal on the host computer, I extracted the firmware files, and copied them over. And then a reboot.
unzip -x system/vendor/firmware/*
adb push system/vendor/firmware /system/vendor/firmware

The last bit was to reinstall the various packages and configurations. For .apk files, they can easily be installed with adb. Then the configuration can be copied over. Just make sure the copied files get the same owner and group as its application. For some applications, like httpmon, this was easy. However, for K-9 it got a bit messy since the chown and chgrp commands are somewhat lacking. The later can operate recursively, but you still need to use both.

adb install Gibberbot-37.apk
adb install httpmon-27.apk
adb push org.jtb.httpmon /data/data/org.jtb.httpmon

The Replicant distribution comes with the FOSS app market F-Droid pre-installed, so that’s convenient. That market includes applications like Firefox K-9 Mail, Gibberbot, APV PDF Viewer, httpmon, Orbot, Orweb. (It turned out that Firefox for ARM6 had to be downloaded from here).

Comments Off

Mobile lockdown?

Comments Off

In his insightful piece on Andy Rubin’s departure from the helm of the Google Android division, Charles Arthur looks into the future to see what’s next for the Android platform. He makes a case for a merge between Android and Chrome OS, however that has been speculated for four years already; even from the horse’s mouth.

What’s perhaps more interesting, is Arthur’s observation that Rubin was in fact a proponent of open source, and Android as a free platform, even though that was difficult to see at times. Arthur contrasts Rubin’s stance against Google’s and possibly Sundar Pichai’s (Rubin’s succeeder) desire to control the Android ecosystem. That path could conflict with handset manufacturer’s wish to brand and distinguish their products from their competitors. Arthur points out that about half of the 145m Android phones shipped in Q4 2012 were in fact not Google enabled (with a Google account, Gmail, etc). He speculates that the logical move for Pichai is to tighten control of the platform; making it less open.

That brings us to another headline: The general fight for control of devices, not just mobile phones, and the right to do whatever we want with the hardware we’ve bought, paid for and own. Kyle Wiens makes the case that we should be allowed to unlock any device, with tractors and cars as prime examples. These farmer and household items have become so complex to repair and maintain, that independent mechanics can no longer do the work. And even if they could, they are barred from access to embedded computers, sometimes based on proprietary tools and software, but also based on copyright, of all things. The access codes (passwords) are copyrighted, as are the service manuals, and only licensed technicians are granted access.

So are we headed towards the locked down nightmare Stallman warned us about sixteen years ago in his 1997 easy “The Right to Read”? If we keep letting mega-corporations have their way, that is a danger. However, as Wiens points out, Massachusetts passed Right to Repair legislation to make it possible to repair automobiles; other states are following. The White House petition to make it legal to unlock mobile phones did get a response, however, it is unclear if it is enough to avoid the criminal law which now applies to phone unlocking. Maybe there is still hope.

Comments Off

Bodhi Linux on Nexus 7


Bodhi Linux is a Debian based distribution using the Enlightenment Window Manager. They have taken the effort to make a Nexus 7 image (ARM HF), and have gone for the very simple approach seen by the Ubuntu folks: Simply flash the boot and userdata partitions, and you’re ready to go.

The images can be found here. (Notice, there are actually two different kinds; boot and root, with different versions of the later). After unpacking, it boils down to:
sudo fastboot erase boot
sudo fastboot erase userdata
sudo fastboot flash boot boot.img
sudo fastboot flash userdata rootfs.img
sudo fastboot reboot

With the Enlightenment WM, they have actually managed to come further towards a UI which suits a small touch screen (compared to the Ubuntu and KDE Plasma Active UIs). The top panel features large buttons, and overall the interaction feels snappy. Now, they have of course not managed to cover all the upstream applications, which is now the next frontier for all of these distributions.

As it is Debian based, is uses the the Debian repositories, and just like the Ubuntu ones, a lot of applications have already been cross-compiled to ARM HF (Hard Floating point). As a crude test, Eclipse-JDT installed and started up fine, While Libreoffice-Writer was missing a package. glxgears installs, but does not start; possibly a driver issue. USB OTG with a hub, keyboard and mouse works out of the box.

So far, this is the best alternative GNU/Linux based distribution for Nexus 7 I’ve tested. However, as mentioned before, these are still early days, and there will be a lot of work for both upstream application maintainers and distributions to create a great UI experience suited for a touch screen.

KDE Plasma Active for Nexus 7

Comments Off

On the heels of running Ubuntu on the Nexus 7, I thought I’d try KDE’s Mer based (partly derived from MeeGo) Plasma Active as well. As their documentation states: “Even though very much already works reasonably well, there are still some glitches. So, please don’t expect a 100% working system.” And it is indeed a bit more than small glitches which have to be fixed before it is a usable system.

Using Ruediger Gad instructions, I downloaded the boot and userdata images, and proceeded with the installation steps. Although not one-click like Ubuntu, it is reasonable straight forward, however, once it is time to boot the new OS, there are some problems: I only see a “dead” Android on its back with a red exclamation mark. (This is of course Google’s fault, who have hidden any useful information one might get a further clue from, and gone for a “IT for Dummies” mode). It seems Gad had anticipated some problems though, since he has provided a helpful fastboot command to load the boot image dynamically. This works, with the caveat that the MOSLO (MeeGo OS Loader) will go into a USB slave mode if a USB cable is detected. Therefore, I had to issue the fastboot command and then quickly jerk out the cable, and the OS would boot. (Skipping the MOSLO altogether failed to boot at all (Stuck on “Waiting for root device /dev/mmcblk0pX”)).

Once finally in the UI, I don’t seem to have the same luck as Gad. On the first try, even the most basic clicks and moves left the whole screen hanging for up to 30 seconds, and it failed to render the application icons seen on his blog. Trying to boot a second time, I got so far as to open the browser and terminal. Typing with the on-screen keyboard in the URL did not work, since it loses focus once another part of the screen is touched. Looking at dmesg in the terminal, I could see that my USB-OTG adapter, USB Hub, keyboard and mouse were detected correctly, however there seems to be drivers missing, since nothing happened when moving the mouse or typing. So yeah, some glitches, which hopefully will be ironed out in a new release.

What’s a bit more worrying, is the impression of the overall UI, and usefulness on a small touch screen. Just like the Ubuntu UI, Plasma Active is still stuck with a desktop centric view: Small icons and buttons, difficult to interact with. Setting up the Wifi dumped the user right in to an old desktop dialogue, complete with small text fields, and OK / Cancel buttons in the far bottom corner. This was probably the most disappointing bit, since I had expected the Plasma Active interface to be designed specifically for small touch screens. Clearly I was wrong.

Overall then, KDE Plasma Active is an interesting initiative, and one to watch in the future. However, just like Ubuntu, these are still very early days for new alternative OSes on tablets and phones. Given some more time, things will look a lot more promising, for sure.

Comments Off

Ubuntu on the Nexus7

1 comment

I recently got my hands on an Asus Nexus 7 tablet. In it self, maybe not a groundbreaking device, if it wasn’t for the fact that Canonical will use it as their reference device for running Ubuntu on tablets and dual (or more) core mobile phones. Just to be clear, this is no dual boot, emulator, nor “chroot”-trick. The OS boots natively, and brings up the standard Ubuntu Unity desktop. The kernel is copied from (or based on) Google’s Android 4.1 kernel for the Nexus 7, which includes several non-committed changes, as well as binary drivers and firmware. See here fore more information.

A decent proof-of-concept build of Ubuntu 13.04 is already available, and it runs fine on the Nexus 7. If you’re running Ubuntu on your desktop, a pre-packaged installer is available from the a repository. Alternatively, download the boot and userdata images, and install using fastboot yourself. (All commands below need sudo).

fastboot devices
fastboot erase boot
fastboot erase userdata
fastboot flash boot raring-preinstalled-desktop-armhf+nexus7.bootimg
fastboot flash userdata raring-preinstalled-desktop-armhf+nexus7.img
fastboot reboot

Now, I said proof-of-concept, and what you get with this image is not really that handy on a tablet. So far, it just starts up a desktop Window Manager, which is not too comfortable with a touch screen. However, with a USB On-the-Go (OTG) adapter, you can plug in a USB hub, keyboard and mouse. Now it becomes usable like any other desktop. I got one of these compact ones from Deal Extreme, However, due to the rounded shape of the Asus Nexus 7, I had to chisel off a few millimetres to make it fit. The version with a wire would probably had worked better. Maybe also interesting to try would be a HDMI adapter (I’m not sure if that particular one works). Finally, the missing bit to have a fully functional docking setup would be charging while the OTG cable is connected. The Ubuntu FAQ mentions that this will be enabled, but you’ll probably need yet another special adapter cable to piece it all together.

What’s impressive about the current offering is that most, if not all, packages have already been compiled for the ARM architecture and are available in the Ubuntu repositories. This is very welcome, as it frees the tablet from the Android markets, and brings in an enormous selection of free and open source software. Not all of it is immediately suited for a small touch screen on a slow CPU, but that will change over time.

On a whim, I tried apt-get install emacs and eclipse. Both downloaded and worked fine, however, even with a four core CPU, ARM is not up to Eclipse quite yet. It should also be noted that the desktop UI has some unnecessary features which notably slows down the experience. For example, eye-candy like fading transitions when ALT-TABing between windows is enabled.

In conclusion, this is a very interesting first move from Canonical, and more GNU/Linux distributions will surely follow. With more alternatives and variety in this space, it will hopefully open people’s eyes up to the fact that the mobile phones and tablets they carry around are full-fledged computers in themselves, with no reason to remain restricted to a single OS from a single vendor. Maybe it will eventually turn stupid laws which makes it illegal to hack and experiment on these devices.

Mobile OSes

Comments Off

There has been quite a bit of news on the mobile OS space lately. We’re starting to see a trend of diversifying solutions, as opposed to the “me-too; Android” phones over the last couple of years. On the hardware side, Nokia is continuing its decline, but as this Guardian article shows, still delivers about a quarter of the handsets (smart and feature phones) to the Western European market. It is far surpassed by Samsung at almost 40%, while Apple, who only make smart phones, sold some 10% of the devices.

On the software side, Google released Android 4.1, including source code, while Facebook has announced their own customized OS, however it is likely to be Android based. Meanwhile, old Nokia employees still believe in their adopted child, MeeGo, and has forked off a company to continue development.

New on the block is Mozilla, with their Boot to Gecko, Mobile Firefox OS. They showed off screenshots this week. Mozilla has taken a bold step by basing all “native” applications and UI on HTML5. It should make applications easy to develop, however, there still has to be a OS specific API beyond HTML5 to handle features like cross-application intents (e.g. use this number to call), copy/paste, etc. and possibly hardware functions like camera, motion sensors, compass and so on.

To round off, a recent H-Online article by Andrew Back discusses how all the “open” alternatives still rely on proprietary hardware drivers for radio, and other auxiliary chips. As long as the fireware for these are closed there is a problem for security and freedom, he asserts. He mentions the OsmocomBB project as a free GSM implementation, but also that fully free and open software radios are unlikely to see the light, as it will not get certification by telecom regulators, and thus will be illegal to operate.

Comments Off

Andor’s Trail

Comments Off

Andor’s Trail is a free and open (FOSS) single player RPG for Android. Although still under heavy development, the game is already fully playable, and the world map, quests and story is very impressive, with more to come.

Recently, an updated beta version was released, with even more maps and quests. The game is available from the FOSS market, and Google’s Play Market.

Comments Off

Tizen is out

Comments Off

The mobile operating system with the unfortunate name was released in version 1.0 about a week ago, and Samsung is now giving away phones which run the OS (to attendees of the Tizen Developer Conference). The 1.0 version comes with the somewhat ridiculous code name: “Larkspur”. I suggest they just call it T1, and stick to the Chrome and Firefox release model. By the end of the year, they’ll have reached T800, and it will sound cool. Anyway.

The Tizen OS is a merger between the LiMo OS (from the LiMo Foundation) and Intel’s (and previously Nokia’s) MeeGo, the later itself a merge between Maemo and Moblin. Their release announcement is sparse on details, but the front page for the source code section has more interesting details.

Here’s a few highlights from the list:

  • Peer to Peer connection with Wi-Fi Direct device.
  • Window system based on the X11 open source project
  • Composite window manager based on EFL open source project
  • Multimedia framework based on the GStreamer open source project
  • Audio decoder: AAC, MP3, WMA 7/8, WAV, Vorbis, AMR-NB / AMR-WB
  • Audio encoder: Vorbis, AMR-NB
  • Video decoder: MPEG-1, MPEG-4, H.263, H.264, On2 VP3, Theora
  • W3C/HTML5 specifications support

By including established FOSS projects and technologies like X11, GStreamer, OGG Vorbis, Theora, it is from the get-go a much stronger open source offering than Android ever was. Furthermore, in basing much of their core components on standard GNU/Linux projects, one would hope they follow the design of its predecessors and stricture around package repositories. Meego had a RPM repository, and it would be great to have the same upgrade mechanism on a phone, rather than the limited functionality of an “app market”.

The source code is on Git, and they have a bit of developer documentation. Guess it’s time to download and try.

Comments Off

CyanogenMod 7 on Nexus S

Comments Off

Building the Android OS from source has caused me a bit of pain, so it was therefore a pleasant surprise to see just how easy the CyanogenMod team has made their install and update process. For the Nexus S, it boiled down to: Follow the instructions, any everything just works. Therefore these are just some background notes; for full details, see the CyanogenMod install page.

What is a bit confusing in the Android world, are all the obscure and redundant code names from everything from hardware, models, OS, firmware, versions, regions. The Google Nexus binary pages gives some hints, as does the Android build instructions. For the Nexus S, it is crucial to know that the alternative codename is “crespo”. Furthermore, it is useful know that it has a “HDPI” display, and comes in three variations: “GT-I9020 (Super AMOLED) and GT-I9023 (Super Clear LCD), each aimed at different markets. The SPH-D720 is the newer 4G version of the phone available in the US.” (Wikipedia). Also, the radio binaries have different codes, e.g. “XXKB3″. This then forms the “baseband version” code on the form “I9023xxkd1″, which can be found under Settings -> About phone.

CyanogenMod is just a layer on top of the Android OS, thus it’s tracking the Android versions. Here we are talking about “Gingerbread” for the 2.3.x series, and “Ice Cream Sandwich” (aka. ICS) for the 4.x versions. (Who comes up with all these useless names??) Although Google pushed Android 4 to certain Nexus S devices in December 2011, and CM 9 (which based on Android 4) have nightly builds for the “crespo”, their stable CM 7 is still at Android 2.3.7. In addition to the basic OS, you might also want the Google Apps, although, some of them might have to be downloaded from the Market (now renamed to “Play”) anyway.

So, with that out of the way, and assuming the basic tools adb and fastboot in place (possibly from a previous build session), the upgrade can be summarized as this (with specific versions and URLs bound to change):


Flash the recovery image:
adb reboot-bootloader
sudo fastboot flash recovery recovery-clockwork-
sudo fastboot reboot

Copy the CM files to the “sdcard” of the phone:
adb push /sdcard/
adb push /sdcard/
adb reboot-bootloader

Follow the install instructions from CM for the rest. I was surprissed to learn that the data on the SD card was not wiped as well (I thought “Wipe data/factory reset” would take care of this). However, maybe I missed a step.

Comments Off

More Android Apps

Comments Off

Following the list from yesterday, here’s more useful Android apps, this time both from the F-Droid and Android Market (aka. Play). First from F-Droid (APK file):

And from the Android / Google Play Market

Finally, there’s a few which can, or have to, be downloaded from the creator’s web site:

Comments Off

Cell phone privacy guide for Android

1 comment

The Pirate Party of Canada has a nice list of applications and add-ons for Android phones which enhance security and privacy. It boils down to