Anyone Interested?
As our mobile devices are getting more and more locked-up and harder to maintain, it's is surprising that so little effort has been done in vulnerability research of the Qualcomm Hexagon DSP's. After all, these beasts have been roaming around freely in our phone cores for nearly 8 years already. (In all Snapdragons since 2006). But very few, to none of our security experts have had a good look at what's hiding inside.
So what I propose, is that we start an effort to build an Open Source Hexagon Disassembler for public security research of mobile baseband firmware.
The only effort I know of to this date is that made by Jan Willem Hengeveld (itsme), who wrote an IDA module (here) to the best of his abilities. I don't know what is the current status of that today, but the IDA Hexagon module is now hosted at Github HERE by Ralf-Philipp Weinmann (rpw), who reverse engineered parts of the baseband (shown in THIS video) and recently helped expose the insecurity of TOR hidden-services.
I'm not going to answer why this is important at this point, but I'd rather like to know more about what mobile developers in the security field think about this. Highly technical talk is welcome and preferred.
If you have any additional information on how to do this, or what would be required, please chime in!
E:V:A said:
Anyone Interested?
If you have any additional information on how to do this, or what would be required, please chime in!
Click to expand...
Click to collapse
PUSH! I recommend you to have a chit-chat with developer @c0rnholio, who developed the awesome HushSMS.
That is very interesting topic. I think it will be hard to disassemble the modem/baseband DSP, but it will be easier accessing the multimedia DSP which is open for user programming. There is even a linux project running on hexagon cores
E:V:A said:
Anyone Interested?
Click to expand...
Click to collapse
Hi E:V:A, I'm interested. I sent you a PM regarding a similar project, if you're still interested in this subject PM me.
QCOM proprietary & modem sources.
Type in google/bing:
Code:
AU_LINUX_ANDROID_JB_MR1_RB1.04.02.02.050.175_msm8974_JB_MR1_RB1_CL3847824_release_AU
remittor said:
QCOM proprietary & modem sources.
Type in google/bing: "AU_LINUX_ANDROID_JB_MR1_RB1.04.02.02.050.175_msm8974_JB_MR1_RB1_CL3847824_release_AU"
Click to expand...
Click to collapse
Who am I going to have to buy dinner for and make out with to get the last 42.4% of this file to come through? lol
EDIT: nevermind, got it. Very interesting stuff!
Related
Hi all,
Please let us know what you think.
http://www.youtube.com/watch?v=P-q5CEfiyQk&feature=youtu.be
Thanks!
SamsungJohn
Twitter:SamsungJohn
How about release some source or at the very least something that will help devs speed things up with ice cream? We paid for the phone, we want everything we can get.
+1
very interesting...
sign me up Scotty
Somewhat interesting, I have registered on the new Developer site, however it seems to be geared more towards app developers, with little of use to those doing platform work (AOSP bringups including Cyanogenmod porting, kernel development, etc.)
There are no IC datasheets, and no source code for test firmwares such as UCKL2 for the Infuse (SGH-I997).
Stickied for the time being
Thanks for the news. I will check it out to see if it is a good choice for beginning devs. It might also be interesting for me to learn more specifically regarding my Samsung phone.
does it mean,
some people develop ROM or app together?
make money?
you don't make ROM for money, if you do, you don't belong in XDA
AllGamer said:
you don't make ROM for money, if you do, you don't belong in XDA
Click to expand...
Click to collapse
Well said!
AllGamer said:
you don't make ROM for money, if you do, you don't belong in XDA
Click to expand...
Click to collapse
True. But it is a chance to get know and apreciated. And that could lead to money!!!
Entropy512 said:
Somewhat interesting, I have registered on the new Developer site, however it seems to be geared more towards app developers, with little of use to those doing platform work (AOSP bringups including Cyanogenmod porting, kernel development, etc.)
There are no IC datasheets, and no source code for test firmwares such as UCKL2 for the Infuse (SGH-I997).
Click to expand...
Click to collapse
AllGamer said:
you don't make ROM for money, if you do, you don't belong in XDA
Click to expand...
Click to collapse
Very well said! It seem like Samsung have just discovered all the free work force to produce code that is much better than their own. Now they wanna tap into this, without giving anything of value in return.
How about dropping some spec-sheets on the HW level and some source code to their drivers, instead!?
Damnit, i'll have to learn some programming now! To the Batmobile!
+1 for "spec-sheets on the HW level and some source code to their drivers"
..especially for devices like Galaxy 3 (i5800/i5801), which (apparently), you are not going to update now on.
Sounds Cool
sounds pretty interesting, ill check out the youtube video.
Thanks for the news.
Would be nice if the video talked specifically about developing ROMs, especially AOSP-based...
useful info
merge samsung and htc rom?
hi i somewhat enjoy my samsung charge except for the predictive txt sucks i want exactly how the htc has theirs can anyone give me some info on merging these things i want to build or tweak a rom for the charge also currently downloading all the sdk stuff about to run over to samsung dev site and see if i can get into that also.
Great
great stuff, keep up the good work!
Seems like a great initiative from Samsung
http://www.phoronix.com/scan.php?page=news_item&px=MTA0OTQ
Does this means anything to us? [the users]
yes I seen this as well. great news!
more news about Lima
http://www.phoronix.com/scan.php?page=news_item&px=MTA1NjI
::Open-Source ARM Mali Code Published::
I may be quite tech savvy but apparently this one is going right over my head. What exactly do people gain from this project?
Zadeis said:
I may be quite tech savvy but apparently this one is going right over my head. What exactly do people gain from this project?
Click to expand...
Click to collapse
They try to create a open source mali GPU driver.
So someone can build a better one, like chainfire 3d.
The more information is out there and open source, the more innovation we can expect.
So it is a positive.
They are reverse-engineering because the dear people at ARM are not giving the info voluntarily.
If something in the driver is patented, it could be illegal.
So far we just know they try to do it. Will they manage? It is an act of desperation because the driver is not open source.
legion1911 said:
They try to create a open source mali GPU driver.
So someone can build a better one, like chainfire 3d.
The more information is out there and open source, the more innovation we can expect.
So it is a positive.
They are reverse-engineering because the dear people at ARM are not giving the info voluntarily.
If something in the driver is patented, it could be illegal.
So far we just know they try to do it. Will they manage? It is an act of desperation because the driver is not open source.
Click to expand...
Click to collapse
very true.. it could help a lot when building custom rom.. working with closed source anything is a pain in the S. for example.. look at the wireless issues..
the next breaking news would be an open source driver for our wireless adapter.. but...... that probably won't happen.. who knows.. a man can dream
The vast majority of us seem to want CM11, myself included. So, If you're decently capable, let me know! I fully understand @Angel_666 's frustration, namely why he's waiting to see tw kitkat - being a lone dev probably sucks, and trying to make a 4.4 port based on 4.2.2 x86 things with incomplete sources is insanely difficult. Let's change that. Stop being a part of the "gimme gimme" crowd, come do something about it!
For to-be Developers:
You're expected to have at least a basic understanding of Linux (command line). If you don't possess such an understanding, you're in way over your head, as even the advanced experience a kryptonite effect with the intel clovertrail platform. Basic understanding doesn't necessarily mean you need to know every single piece of a kernel. Just know your basic commands (such as cd, mkdir, etc). There are people, including myself, willing to teach you how to compile from source as long as you have this foundation. NOTE; If you only meet the VERY basic criteria, you will be required to do a cm11 build before being added to this list. Meaning, have someone walk you through it, or follow this guide for D2LTE. (you can replace d2lte with a device you have) If you get a feel for it, welcome to the team.
the exception to this rule is if you have valuable experience which, though might not be android perse, is definitely wanted.
For Testers:
If you want to be a tester, you're expected to be at least what's known as a "power user". Meaning, don't just say "bla bla bla is broken". Logs logs logs! Help debug!
For ALL:
Know how to use Google. Actually try to find what you need before asking about it, otherwise we clog things up with unnecessary questions/answers.
Now that the guidelines are down, some words of encouragement!
If we can just get our foot in the door, we can blow it wide open and pave the road for other roms (such as omni, aokp, beanstalk) which will be SIGNIFICANTLY easier to port with a solid foundation.
Comment if you're interested.
Members so far:
DEVELOPERS:
@Restl3ss
@Nonta72
@moonbutt74
@CAG-man
@rodbacon
@Rubenyz
@shadowsiul
-free spot
-free spot
-free spot
*note there is no limit to how many developers can join. Free spot is placed there mainly as a place holder*
Testers:
P5200:
@christty31
@bithunter_99
-free spot
-free spot
P5210:
@mzheng086
-free spot
-free spot
-free spot
P5220:
@javee
-free spot
-free spot
-free spot
*tester places are limited*
I can be a tester for 5210!
for P5200 i can test!
I want to be (somehow) a dev :silly:
Is that possible ?
You're expected to have at least a basic understanding of Linux (command line)
Click to expand...
Click to collapse
About the commands, I've NO problem with them
Basic understanding doesn't necessarily mean you need to know every single piece of a kernel. Just know your basic commands (such as cd, mkdir, etc)
Click to expand...
Click to collapse
There are people, including myself, willing to teach you how to compile from source as long as you have this foundation.
Click to expand...
Click to collapse
That would be welcome since "We never ended learning"
Post the rom as it is
Restl3ss,
please post the rom as you have/as it is no matter how clunky it may be.
i will accept it as a cwm/twrp backup if that's how it needs to be.
upload it to a regular/decent/respectable hosting site. dev-host, androidfilehost
cloud servers for me at least are unacceptable.
i will need the original [angel's] boot image and your [yours] boot image.
i have no patience for the build process [rom]. i prefer to do things in my own way.
i am willing to help provided the above conditions are met.
thank you for reading.
m
I'm a ("to-be") developer, and I would also like to test it...
Sent from my GT-P5210 using Tapatalk
moonbutt74 said:
m
Click to expand...
Click to collapse
l
l
l
v
m
i want to help if you guys are willing to teach. i have a linux distro setup to build android but jsut goofing around on it. i know my way around on the terminal. i would love to help.
I've never done any android stuff, but have been modding and building custom Linux kernels for years. Getting suck of this tablet as-is, so happy to help.
I'm a bit in the same situation as Nonta72...
I know the basic programming things and Linux commands but no experience with Android Rom development so far. But willing to help
Willing to try
Id like to help the effort but the thing stoping me is I dont know where to start. I know the simple in and outs linux and simple terminal commands but I dont really know the actuall building process of the android os or where to even start. If you could just tell me breifly how and what to do I can put alot of time into this. I understand the basic concept of compiling from source. Id like to try to help you guys develop and id like to try and learn. I could be alot of help so if you interested id like to be a dev. Btw I have the p5210 wifi version
Hey @Restl3ss I am available to test and to learn development. I have 5210 model
Sent from my SPH-L720 using XDA Premium 4 mobile app
I can help with beta testing but my exams are near s I won't have too much spare time on my hands.
I have a P5200
Please don't put me on the list I have basic knowledge of stuff and am willing to help but have no free time
Good luck guys
Hey all! Apologies, I've been away for a couple days. Things resume tonight.
Put me down as a dev. I'm 5210.
If there is something I don't know. Google is my friend. Lol
Sent from my I337 ATT Galaxy S4. NB1 rooted with Galaxy S5 apps.
@shadowsiul
glad you're interested just pm me a little bit about your experience, hopefully we can add you to the list.
@stekkew
@mylifeandroid
Follow this build guide (you can replace d2lte with a device you own) and, if you get a successful build, we can add you to the dev list!
@Zachisimo
perfect, i'll put you down for tester for now. Follow the above build guide, and following a successful compile, we can put you in as a dev.
@CAG-man
@rodbacon
welcome to the team my friends
@mylifeandroid
Follow this build guide (you can replace d2lte with a device you own) and, if you get a successful build, we can add you to the dev list
Click to expand...
Click to collapse
Do I have to do it for the gt3 or any android device?
mylifeandroid said:
Do I have to do it for the gt3 or any android device?
Click to expand...
Click to collapse
any device. The point is to get comfortable with compiling from source before trying to tackle the tab 3
I actually don't want to test... Certain reasons...
I would actually like to be dev. I'm very known with Linux (I build my own, simple programs) and I've even approached to compile the CM 10.1 source code (which I stopped with).
Sent from my GT-P5210 using Tapatalk
I'd like to be a tester...
I've a P5200 with mobile sim card
First off I'm a new entrant to android, and I would like to build AOSP rom for our device. I have read quite a few posts on the internet about it. In one post Its said that the steps to AOSP building are 1) setting up environment
2) Syncing device tree 3) downloading the android source 4) downloading the drivers (kernal source code?)
4) building it. Is it actually that simple?
Forgive me if I'm wrong.
Lets discuss the possibility of AOSP rom for our devices.
Can some one post all the resources which we have, that will help building the rom?
Also, this thread can be a starting point for many developers out there.
kr1shna said:
First off I'm a new entrant to android, and I would like to build AOSP rom for our device. I have read quite a few posts on the internet about it. In one post Its said that the steps to AOSP building are 1) setting up environment
2) Syncing device tree 3) downloading the android source 4) downloading the drivers (kernal source code?)
4) building it. Is it actually that simple?
Forgive me if I'm wrong.
Lets discuss the possibility of AOSP rom for our devices.
Can some one post all the resources which we have, that will help building the rom?
Also, this thread can be a starting point for many developers out there.
Click to expand...
Click to collapse
Hi kr1shna.
I saw your post on another thread involving the same topic.
The fact of the matter is, with the Mate 7 and Huawei devices in general, that Huawei does not release certain sources needed for creating a custom kernel, meaning that the only ROMs that can be created for these devices have to based off the existing EMUI sources, meaning there really isn't much use in doing it at all. @gabry3795 has managed to get the GPU drivers running (reported on his thread, which can be found here), however that's as far as anyone has come. After that the only way to get the device to actually boot (as far as my very limited knowledge on these things go) is to implement Huawei's sources and files, meaning you will just eventually end up with EMUI again.
TL;DR: Huawei is a jackass when it comes to releasing sources, meaning creating custom, non EMUI-ROMs and kernels is pretty much impossible.
If you do figure it out though, rest assured you will have the praise of all of us here that's absolutely sick of EMUI. So best of luck to you, however don't get your hopes up too high.
Scruffykid said:
Hi kr1shna.
I saw your post on another thread involving the same topic.
The fact of the matter is, with the Mate 7 and Huawei devices in general, that Huawei does not release certain sources needed for creating a custom kernel, meaning that the only ROMs that can be created for these devices have to based off the existing EMUI sources, meaning there really isn't much use in doing it at all. @gabry3795 has managed to get the GPU drivers running (reported on his thread, which can be found here), however that's as far as anyone has come. After that the only way to get the device to actually boot (as far as my very limited knowledge on these things go) is to implement Huawei's sources and files, meaning you will just eventually end up with EMUI again.
TL;DR: Huawei is a jackass when it comes to releasing sources, meaning creating custom, non EMUI-ROMs and kernels is pretty much impossible.
If you do figure it out though, rest assured you will have the praise of all of us here that's absolutely sick of EMUI. So best of luck to you, however don't get your hopes up too high.
Click to expand...
Click to collapse
Thank you for the information, so buying a huawei was a bad decision. I should have got the htc m9 or a9 instead.
kr1shna said:
Thank you for the information, so buying a huawei was a bad decision. I should have got the htc m9 or a9 instead.
Click to expand...
Click to collapse
very bad decision! i have been trying to get help from huawei to release their sources for over a year but have had no luck. at this point im pretty much done and will probably just end up buying the next nexus device regardless of screen size. its sad that their are no good 6 inch phones with custom rom support.
i was going to try and pursue legal action but seeing as how the mate 7 was not legally released in the US, their is no legal recourse. im hoping someone in the EU could do some research regarding legal action against huawei in the hope of pressuring them to release source codes.
Has anyone thought of or been concerned about the security of flashing a custom rom?
What I'm asking is do you think a developer would include malicious code in a rom to possibly steal private information or spy on the owner of the device?
Not being an expert in coding or android developer I have no idea if it is possible. I'm sure it could be done in app development.
melp57 said:
Has anyone thought of or been concerned about the security of flashing a custom rom?
What I'm asking is do you think a developer would include malicious code in a rom to possibly steal private information or spy on the owner of the device?
Not being an expert in coding or android developer I have no idea if it is possible. I'm sure it could be done in app development.
Click to expand...
Click to collapse
It can be done pretty easily. Just a simple app baked into the rom will give out all your info.
To be safe just be sure what you flash on the phone.
melp57 said:
Has anyone thought of or been concerned about the security of flashing a custom rom?
What I'm asking is do you think a developer would include malicious code in a rom to possibly steal private information or spy on the owner of the device?
Not being an expert in coding or android developer I have no idea if it is possible. I'm sure it could be done in app development.
Click to expand...
Click to collapse
This could be done quite easily... and it would be almost undetectable to the average enthusiast.
That said, I have never heard of it being done before. For the most part the source code for these ROMs is easily accessible so it would likely be caught and most developers know that. This would be a good reason not to download and flash random ROMs from questionable sources though, stick with ones that have a known support structure here or elsewhere.
acejavelin said:
This could be done quite easily... and it would be almost undetectable to the average enthusiast.
That said, I have never heard of it being done before. For the most part the source code for these ROMs is easily accessible so it would likely be caught and most developers know that. This would be a good reason not to download and flash random ROMs from questionable sources though, stick with ones that have a known support structure here or elsewhere.
Click to expand...
Click to collapse
Good point. I trust the main developers we have around here and on G+. Probably more dangerous Downloading from the play store. I'm sure Google doesn't catch everything, or if it's even possible to.
Thanks for the reply.
On XDA I doubt it would happen.
I am more concerned about getting the continual security patches that google puts out. I know LineageOS just went to Feb 05, but don't know if the other ROMs try to keep up.