Related
I know its still kinda soon and all but do you think that there will be something along the lines of this quick install for the pre for the evo soon?? I used to have it for my pre and I liked it a lot. I just think its an easier way to out themes and tweaks on your phone. Lets get some devs on this
AS far as I know, It does not exist, but it would be awesome.
I mean, I understand the ROM approach, and all is good, but is a little bit too much.... For instance, right now I have OMJ's rom that gives me anything I need, but, let's say, I want to add something.. like to edit the hosts file to avoid ads, I only have 2 options, either load another rom (and again wipe everything, restore from a backup, and manually tweak the data that was not backed up, like some edits inside contacts, quick dial, etc), or manually tweak the hosts file, but there is no software to help automate any tweaks like Quick Install.... (or patches or anything like that)
dchamero said:
AS far as I know, It does not exist, but it would be awesome.
I mean, I understand the ROM approach, and all is good, but is a little bit too much.... For instance, right now I have OMJ's rom that gives me anything I need, but, let's say, I want to add something.. like to edit the hosts file to avoid ads, I only have 2 options, either load another rom (and again wipe everything, restore from a backup, and manually tweak the data that was not backed up, like some edits inside contacts, quick dial, etc), or manually tweak the hosts file, but there is no software to help automate any tweaks like Quick Install.... (or patches or anything like that)
Click to expand...
Click to collapse
This is why we should make this a sticky and get people to make this happen. It would be so convenient and easy for the people that dont know what to do when it comes to the ROMs.
agreeeed! quickinstall and preware...aww man bring back the memories....
Can someone explain to me what this quick install thing is? Maybe I or one of my co devs can help make it happen
im quoting from the pre wiki:
Preware is a package management application for the Palm Pre and the Palm Pixi. Preware allows the user to install any package from any of the open standard package repositories on preware.org (or any other location that hosts an open standard package repository). Preware relies on a custom written service developed from community research which allows the mojo app to talk to the built-in ipkg tool.
This application was the result of extensive community-based design in IPKG Service and Preware Design.
For application management, Preware can access more applications, and has more features, than any other on-device package installer.
And since it is open source, and has a completely open development process supported by a team of world-class WebOS Internals developers, it will continue to get better much faster than any other package management application.
Preware is the open application installer that has been written specifically to support a homebrew ecosystem where any developer can upload any application to any submission site, and that application can then be installed by any user. Developers no longer need to upload their applications to multiple submission sites, and users are no longer excluded from accessing applications from any open standard package repository.
quickinstall is essentially the same thing but all actions done via your computer
the homebrew community for the pre was INCREDIBLE, im hoping with the growing number of users here that hopefully it will be just a good here!
Well first, the dev community here is much better. Trust me. It takes a little to get off our feet because WebOS and Android are completely different and HTC tries to block us at every move. The Evo community is moving faster than any other XDA Android community has. Don't doubt our devs
I knew what Preware was. I didn't realize quick install was the same thing. Ok so basically you want a repository consisting of what? Roms?
roms, patches,tweaks, themes, hell even some apps on the low low haha
haha i still have my pre and follow the updates on preware using wifi.
i think if devs use rom manager that would be great...and i am sure all devs will get on that soon enough
haha yea i have noticed work on the EVO moved alot faster than any of the other android phones...
thanks for your responses chuck, ill be getting more involved here and always let me know if there is anything i can do to help.
chuckhriczko said:
Well first, the dev community here is much better. Trust me. It takes a little to get off our feet because WebOS and Android are completely different and HTC tries to block us at every move. The Evo community is moving faster than any other XDA Android community has. Don't doubt our devs
I knew what Preware was. I didn't realize quick install was the same thing. Ok so basically you want a repository consisting of what? Roms?
Click to expand...
Click to collapse
why is that? i only ask because with the pre, palm was a really big supporter of the dev community...it just seems counter productive for htc to try and block users efforts to make the phones even more desirable and customizable...i know thats what drew so many people to the pre...also one of the reasons i loved it
Are you referring to something like metamorph maybe used it on my hero a lot
Sent from my PC36100 using Tapatalk
ahh yea i guess in a way rom manager and meta pretty much do what preware does
i guess maybe we were trying to see if it could all be consolidated to one place [make it evo specific] and have a few more features and options??
for example: there is not flash for the camcorder...perhaps a patch to change that? or like when the light senor detects a face the phone is in earpiece, when you move your face away it automatically goes to speakerphone [i use these two examples because they are somewhat recent developments on the pre] but now that I have an idea of what kinda tweaks are possible i think we could probably move really quickly
havent played with metamorph yet but i will def check it out tonight]
EDIT #1: upon future researching metamorph it seems even more like preware than i thought, BUT the OP was talking about quickinstall...i am cool with either haha thanks for the replies
EDIT #2: i just tried to install and i guess its not ready for us yet...ill be patiently waiting i guess hah
I'm very new to android dev, not new to dev in general, though.
I hear ROMs being talked about quite frequently, not sure if I'll get into it, can't seem to find an address of the specific issue:
- What is a ROM?
In the sense, is it the entire OS? Is it the OS + UI? Does it include local apps & contact storage? Like, obviously apps and contacts wouldn't be read-only, but typically ROM means PROM (or some variation (EPROM/EEPROM/FROM, whatever), so I take it with a grain of salt.
From what I gather it's the entire OS + UI, and that's all? But I'm not sure.
Also, is there ways to replace specific parts of the ROM? Ie. Say I want to make modifications to the thread scheduler but I don't want it to touch some of the reliant modules..is it possible to just drop in a new scheduler by overwriting part of the binary image? Or are these things whole-sale?
Reason simply being is I don't like the idea of some random ass ROM that somebody cooked up with god knows how much OS exp controlling everything, as it's a binary it's not like you can crack it open and diff it or anything...or there's no official forks or branches to look at, y'know? Do people just "trust" all these ROM modders/creators?
Sorry for the over-abundance of questions :-X
Oh my god it's already on page 7...bump...?
Take a look at cyanogen mod. It comes with the source which you can fork if you'd like.
Sent from my HTC Desire
ROM - its the entire visible OS that you tend to interact on your phone + the kernel (shipping just the ROM would be useless). Its pretty much every software that you need to get your work done on the phone. You may chose to install additional's but thats just accessorizing your phone. Its called ROM since once you install the OS image over the phone, the region of sd-card is generally marked read-only & you are not expected to make changes to it (concisely /system partition & also /data where the OS can do write operations but again, there are exceptions to this rule too in custom ROMs).
As for Custom ROMS, they are generally forked of the AOSP except for the little nuances the rom maker's add to them (mostly those changes are in form of theme, few apps here & there, icons, wallpapers). I think your question is more specific to custom kernel instead because thats the entity which help/harm your device.
For that, I would suggest you to pick a particular custom release (such as Netarchy, popular for Nexus S)
& read over their change-logs. The kernel devs generally do a great job of maintaining those logs precisely. The initial fork of their kernel too comes from AOSP to which they add specific features such
as ext4 fix a.k.a Turboboost, Voodoo color & sound enhancement, BLN & odd.
Hope I have allayed some of your fears regarding customs software.
Thanks.
Yeah, I just get nervous installing an OS/Kernel blindly.
Changing themes would be nice, and I'd like the ability to do so without dropping in a ROM that can potentially have changes made to the Kernel. I don't like the fact that the ROM encompasses EVERYTHING, therefore it's coupled to the fact that you need a different ROM regardless of what you change.
It should be modular enough that you can modify themes without flashing an entire OS onto it.
Also, what's the chances that if a ROM install fails, you can re-load it (ie. what are the chances of you bricking your phone)? I don't have time for that.
Next to none if you make a nandroid, which is a backup.
Sent from my myTouch 4G using XDA App
rockstarar said:
Next to none if you make a nandroid, which is a backup.
Sent from my myTouch 4G using XDA App
Click to expand...
Click to collapse
It says that only works for the G1.
I completely forgot to ask, apps should stay, right?
I mean they're all in user land, shouldn't have anything to do with the ROM nor actual OS....right? (probably wrong... )
Hi everyone,
can you recommend me some custom Android ROMs with focus on better security? Or isolate of dependence on Google?
Both of them together will be the best.
My phone is Samsung Galaxy S2.
Many thanks
dj.houba said:
Hi everyone,
can you recommend me some custom Android ROMs with focus on better security? Or isolate of dependence on Google?
Both of them together will be the best.
My phone is Samsung Galaxy S2.
Many thanks
Click to expand...
Click to collapse
Cyanogen or GingerBread are some good ROMS for good security, as I know.
D-J Mutant said:
Cyanogen or GingerBread are some good ROMS for good security, as I know.
Click to expand...
Click to collapse
Thanks, yes, I know about Cyanogen.
Oh you mean GingerBread from Google? This is exactly what I don't want. I want to separate from Google, coz we all know about NSA case. So I thought, there will be some developers, who will try to build some custom ROM and try to eliminate "Big brother" and focus mainly on security.
Omnirom is supposed to be security and privacy consious.
Sent from my Nexus 7 using XDA Premium 4 mobile app
Well I'd suggest the cyanogenmod, but without the google apps. They're optional.
In the nexus 4 section there is an aokp that is patched so built in Google analytics are gone. There is a patch that can be applied to other ROMs.
Custom roms, including Cyanogenmod, have a history of BAD security. Many rom developers end up introducing new vulnerabilities. In the past, some hardened Android builds existed, but I know of no current hardened roms.
I personally would stay away from custom roms, and stick to as close to AOSP as possible, signed with your own private keys. (and no Omnirom, AOKP, Cyanogenmod are NOT AOSP in any way shape or form.)
jcase said:
Custom roms, including Cyanogenmod, have a history of BAD security. Many rom developers end up introducing new vulnerabilities. In the past, some hardened Android builds existed, but I know of no current hardened roms.
I personally would stay away from custom roms, and stick to as close to AOSP as possible, signed with your own private keys. (and no Omnirom, AOKP, Cyanogenmod are NOT AOSP in any way shape or form.)
Click to expand...
Click to collapse
Is that so , see from what u saying ,,, the ASOP is better then the other build rite
Sent From GT i9300
jcase said:
Custom roms, including Cyanogenmod, have a history of BAD security. Many rom developers end up introducing new vulnerabilities. In the past, some hardened Android builds existed, but I know of no current hardened roms.
I personally would stay away from custom roms, and stick to as close to AOSP as possible, signed with your own private keys. (and no Omnirom, AOKP, Cyanogenmod are NOT AOSP in any way shape or form.)
Click to expand...
Click to collapse
How do you get your own private key and what does that do? Sorry, I have never heard of this, so I'm sure others are probably also wondering.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Thanks
Thanks, I was trying different ROMs, finally I chose PAC-MAN ROM without Google apps
Hello !
does it mean that any modded stock rom with GApps will be insecure ?
Thx
just youtube some galaxy s2 roms you'll find reviews on some good roms
JamieFL said:
How do you get your own private key and what does that do? Sorry, I have never heard of this, so I'm sure others are probably also wondering.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
http://www.kandroid.org/online-pdk/guide/release_keys.html
something like this
I think you can skip "make dist" part, just do a regular build as you would normally (CyanogenMod ==> brunch your_device
you can fine the need file under "out/target/product/hammerhead/obj/PACKAGING/target_files_intermediates/cm_hammerhead-target_files-")
for Cyanogenmod Nexus 5 for ex (hammerhead )
source build/envsetup.sh
brunch hammerhead
and you'll fine the target_files zip under
out/target/product/hammerhead/obj/PACKAGING/target_files_intermediates/
that the one you need to feed to build/tools/releasetools/sign_target_files_apks
There are some really exciting Android security projects out there... For instance, one awesome function a-la-Truecrypt involves full disk encryption with plausible deniability. You are able to give out a first-layer passphrase if you are coerced - yet a truly private volume remains secure and disguised within the apparent unused portion of the storage disk.
Yet it's unlikely that any of this is relevant to you, otherwise you wouldn't be asking this sort of thing. When it comes to security leaks, try to barricade off the paths of least resistance from the ground up. For instance, even all of that wouldn't do much good if you had forensic evidence of your phone config on your computer, a lockscreen that could be bypassed, a phone seized whilst still turned with encryptions keys remaining in RAM, etc. Also keep in mind all of the data you are sending out in the clear via your cloud storage, SMS/IM, WiFi, etc.
So in the end, just pick a ROM that runs smoothly and you enjoy. Whatever you end up deciding, make absolutely certain to:
- encrypt with strong passphrase (then use cryptfs app to create a shorter lock screen key)
- disable USB debugging
---------- Post added at 06:06 AM ---------- Previous post was at 05:32 AM ----------
JamieFL said:
How do you get your own private key and what does that do? Sorry, I have never heard of this, so I'm sure others are probably also wondering.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
This probably isn't exactly spot on, but here's a rough sysnopsis... When a ROM is built from source, the creator "signs" their creation (i.e. the ROM and the apps within). This way you can be sure that you're indeed getting an official ROM built by AOKP (or whomever) and not by some malicious 3rd party. Likewise, the Android OS uses signatures to ID which files are legitimate and given permission to run (i.e. official updates). However, there have been incidents with custom ROMs when this functionality has been exploited. This could allow an otherwise innocuous seeming app to deploy hidden malware and cloak itself as a legitimate app, gaining full rights to the phone.
A self-built ROM with your own private key is presumably safer against such an attack. I don't think most people would need to be concerned about this, but still something to keep in mind. Unfortunately jcase is spot on about custom ROMs almost always creating or exposing more vulnerabilities than stock. For instance, features like ADB or USB-OTG are often enabled by default. If that wasn't bad enough, in the event that your phone is ever lost/stolen/seized, having a custom recovery installed is pretty much handing over your identity with a bow wrapped on top. It makes it easy for anyone to bypass PIN/password/face/gesture-lock or dump off the entire disk image. Not to mention analysis can reveal your account passwords, WiFi keys, SMS, phone records, photos. Most of these vulnerabilities can be safeguarded against with careful consideration, but you certainly won't get there by default.
dj.houba said:
Thanks, yes, I know about Cyanogen.
Oh you mean GingerBread from Google? This is exactly what I don't want. I want to separate from Google, coz we all know about NSA case. So I thought, there will be some developers, who will try to build some custom ROM and try to eliminate "Big brother" and focus mainly on security.
Click to expand...
Click to collapse
The only way to eliminate the ability of a nation-state interfering in your data would be to not generate any. If they're watching you, then stopping them from watching you isn't going to be possible. So it's better to ensure that when they watch you appear innocent.
Granted, I'm not saying you shouldn't take any precautions. But to truly get away from their snooping you're probably better of without a phone.
fadedout said:
There are some really exciting Android security projects out there... For instance, one awesome function a-la-Truecrypt involves full disk encryption with plausible deniability. You are able to give out a first-layer passphrase if you are coerced - yet a truly private volume remains secure and disguised within the apparent unused portion of the storage disk.
Yet it's unlikely that any of this is relevant to you, otherwise you wouldn't be asking this sort of thing. When it comes to security leaks, try to barricade off the paths of least resistance from the ground up. For instance, even all of that wouldn't do much good if you had forensic evidence of your phone config on your computer, a lockscreen that could be bypassed, a phone seized whilst still turned with encryptions keys remaining in RAM, etc. Also keep in mind all of the data you are sending out in the clear via your cloud storage, SMS/IM, WiFi, etc.
So in the end, just pick a ROM that runs smoothly and you enjoy. Whatever you end up deciding, make absolutely certain to:
- encrypt with strong passphrase (then use cryptfs app to create a shorter lock screen key)
- disable USB debugging
---------- Post added at 06:06 AM ---------- Previous post was at 05:32 AM ----------
Click to expand...
Click to collapse
:good: Excellent advice.
I still wonder if AOSP or any of the bigger custom ROMs without Gapps is truly Google free. I have been browsing the forums for a while on that question but cant really find a good answer. Google free meaning: it doesn't communicate in any way on any moment with Google.
Anyone who can verify that? Has there ever been a XDA'er who researched this? For some it seems an assumption and some think since Android is developed by Google they surely try to analyze even AOSP roms or derivatives.
Liberr said:
I still wonder if AOSP or any of the bigger custom ROMs without Gapps is truly Google free. I have been browsing the forums for a while on that question but cant really find a good answer. Google free meaning: it doesn't communicate in any way on any moment with Google.
Anyone who can verify that? Has there ever been a XDA'er who researched this? For some it seems an assumption and some think since Android is developed by Google they surely try to analyze even AOSP roms or derivatives.
Click to expand...
Click to collapse
It only sends version statistics to Google, and there's a build.prop setting that allegedly disables it (ro.config.nocheckin=1) -- haven't tried it because I'd rather show my pride in Gingerbread
smartymcfly said:
There is a patch that can be applied to other ROMs.
Click to expand...
Click to collapse
What and where is this patch?
I would think you could block all of Google's ip address's in your host file on any rom also.
You could edit the host file before flashing it.
Update (5/18/2019)
Since the first tool was released, HappyZ has improved many features so I think I can just refer to
* HappyZ's rooting guide: https://github.com/HappyZ/dpt-tools/wiki/The-Ultimate-Rooting-Guide
- The only thing I want to add as Windows user is (because the guide is for Mac/Linux users) it gets much easier if you use Linux terminal like cygwin, and the port name should be something like COM# where # can be found in Device Manager by comparing before/after you attach the device.
* HappyZ's upgrade guide: https://github.com/HappyZ/dpt-tools/wiki/The-Upgrade-Guide (Recommend to read this before/after you update the new firmware.)
You may donate a cup of coffee to him there Thanks to all others who contributed a lot.
--
Update (12/02/2018) -- These are outdated.
Finally we manage to root the device! Many thanks to all of your efforts.
Just refer to HappyZ's well written guide: https://github.com/HappyZ/dpt-tools
For whom have never used python like me (and probably using Windows):
(1) Install Python 3 and add it to PATH.
(2) Install MINGW64 and run scripts here instead of Powershell due to xxd issue if you are on Windows.
(2) pip httpsig pyserial on bash.
(3) Download HappyZ's dpt-tools and unzip.
(4* this issue is fixed by HappZ)
(5) Follow HappyZ's guide. You should execute dpt-tools.py in the folder you unzipped to use get-su-bin because of how the script is written.
Some suggestions after rooting (let me know if you have better ideas):
Here is my setup: install "E-ink Launcher" and "Multi action home button" using adb install.
Use adb shell am start -a android.intent.action.MAIN to change the main launcher to your launcher.
Then change the setting of Multi Action Home button (say, the height should be large to be visible in the bottom) and assign its function to be Home for click and Back for double-click.
Whenever you want to use Sony's apps (these are good for pdf markup), just push the home button to open the pop-up menu.
Otherwise, touch the Multi Action Home Button to access to other Android apps. So far I've never experience any crash.
Yet more tips:
Some complain fonts are too small after installing generic apps.
adb shell wm density 320 changes your DPI by 2 times (160 is a default value.) EDIT: I found 200 is quite enough that does not distort Sony apps too much.
My application is using "Tasker" to execute the above code when specific apps are open and execute wm density reset when the apps are closed.
The reason why we cannot change the global DPI is sadly because it makes the default apps by Sony so awkward.
Alternatively, I could successfully install Xposed to try App Settings but this app crashed.
You can also install Gboard (but it has no hide button, so prepare with virtual back button) if you need another keyboard.
Enjoy your DPT devices
--
Sony recently released a new digital paper device DPT-RP1, apparently using their own linux firmware but underlying on Android 5.1.1. Few weeks ago, some Chinese successfully hacked it to jailbreak for third-party apps (without changing the original firmware), but they don't share any information to sell those hacked devices. I'm willing to pay for it, but it is too risky to send my device to China so I'm trying to root it by myself.
I don't know much about this world, but I found some information that might be helpful. It uses Marvell A140 IoT Processor a.k.a. PXA1908. There are two Android smartphones (as the same version 5.1.1) with this chip - Samsung Xcover 3 and Samsung Galaxy Grand Prime. Fortunately, they have been both rooted in the past here.
Is this information really helpful to root my device? If so, is there any way to apply the previous methods to easily jailbreak DPT-RP1? I think the problem here is that it does not look like Android at all, so has no setting menu or developer tools. And not sure how to enter to the recovery mode since it only has two buttons - power/menu.
I'd appreciate any help or advice. Thanks!
And here you can find source codes.
oss.sony.net/Products/Linux/dp/DPT-RP1.html
sartrism said:
Sony recently released a new digital paper device DPT-RP1, apparently using their own linux firmware but underlying on Android 5.1.1. Few weeks ago, some Chinese successfully hacked it to jailbreak for third-party apps (without changing the original firmware), but they don't share any information to sell those hacked devices. I'm willing to pay for it, but it is too risky to send my device to China so I'm trying to root it by myself.
I don't know much about this world, but I found some information that might be helpful. It uses Marvell A140 IoT Processor a.k.a. PXA1908. There are two Android smartphones (as the same version 5.1.1) with this chip - Samsung Xcover 3 and Samsung Galaxy Grand Prime. Fortunately, they have been both rooted in the past here.
Is this information really helpful to root my device? If so, is there any way to apply the previous methods to easily jailbreak DPT-RP1? I think the problem here is that it does not look like Android at all, so has no setting menu or developer tools. And not sure how to enter to the recovery mode since it only has two buttons - power/menu.
I'd appreciate any help or advice. Thanks!
Click to expand...
Click to collapse
You must be an iPhone user that isn't familiar with android. Jailbreak in is an Apple thing, not an android thing.
In android it's called "rooting" and it isn't quite the same thing as jailbreaking an Apple device.
This device does not at all seem to be worth the price, especially considering the limitations it has. What a waste of hardware.
I would assume that you could port something from one of those other devices to work on yours but it really depends on how your hardware is designed compared to those devices.
Does your device have a typical bootloader like other android devices?
Is the bootloader unlocked?
If it is locked, can it be unlocked?
Does the device use fastboot or does it have a flash mode that is used with a specific PC flashtool?
If it is unlocked or if you can unlock it and it has a flash mode that can actually be used, you might be able to port a custom recovery from one of the devices you named then use that recovery to somehow root the device. If the device can't install android apps then it would probably involve using adb to root the device.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Droidriven said:
You must be an iPhone user that isn't familiar with android. Jailbreak in is an Apple thing, not an android thing.
In android it's called "rooting" and it isn't quite the same thing as jailbreaking an Apple device.
This device does not at all seem to be worth the price, especially considering the limitations it has. What a waste of hardware.
I would assume that you could port something from one of those other devices to work on yours but it really depends on how your hardware is designed compared to those devices.
Does your device have a typical bootloader like other android devices?
Is the bootloader unlocked?
If it is locked, can it be unlocked?
Does the device use fastboot or does it have a flash mode that is used with a specific PC flashtool?
If it is unlocked or if you can unlock it and it has a flash mode that can actually be used, you might be able to port a custom recovery from one of the devices you named then use that recovery to somehow root the device. If the device can't install android apps then it would probably involve using adb to root the device.
Click to expand...
Click to collapse
Thanks for suggesting a general principle! I just use the word jailbreaking not because I'm an iPhone user. What I actually want to do as the first step is not rooting an android system, but revealing it from the current customized linux system. Rooting is the next step if necessary. If the word choice is still not accurate and bothers you, I apologize.
It has apparently no typical bootloader, and neither PC nor adb recognize it as an android device. In fact, direct USB file transfer is blocked so I need to use Sony's designated software. But an android system surely coexists according to the hacker who already rooted it.
sartrism said:
Thanks for suggesting a general principle! I just use the word jailbreaking not because I'm an iPhone user. What I actually want to do as the first step is not rooting an android system, but revealing it from the current customized linux system. Rooting is the next step if necessary. If the word choice is still not accurate and bothers you, I apologize.
It has apparently no typical bootloader, and neither PC nor adb recognize it as an android device. In fact, direct USB file transfer is blocked so I need to use Sony's designated software. But an android system surely coexists according to the hacker who already rooted it.
Click to expand...
Click to collapse
Without some kind of way to flash or interface with the device there isn't much you can do.
I have a kindle fire HD that didn't come with a typical android system but does have a typical bootloader. The Amazon OS was removed and now it's full blown android but it required a "second" bootloader. You don't have a bootloader so I'm not sure what your options are with that device.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Droidriven said:
You must be an iPhone user that isn't familiar with android. Jailbreak in is an Apple thing, not an android thing.
In android it's called "rooting" and it isn't quite the same thing as jailbreaking an Apple device.
This device does not at all seem to be worth the price, especially considering the limitations it has. What a waste of hardware.
I would assume that you could port something from one of those other devices to work on yours but it really depends on how your hardware is designed compared to those devices.
Does your device have a typical bootloader like other android devices?
Is the bootloader unlocked?
If it is locked, can it be unlocked?
Does the device use fastboot or does it have a flash mode that is used with a specific PC flashtool?
If it is unlocked or if you can unlock it and it has a flash mode that can actually be used, you might be able to port a custom recovery from one of the devices you named then use that recovery to somehow root the device. If the device can't install android apps then it would probably involve using adb to root the device.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Click to expand...
Click to collapse
Jailbreaking is the process of modifying any electronic device in order to remove restrictions imposed by a manufacturer (Apple) or operator (to allow the installation of unauthorized software).
Rooting is the act of gaining access to the root account of a device (such as a smartphone or computer).
There is a huge difference between the two. You can't just say that rooting is Android's version of jailbreaking. Not accurate in the least.
https://www.androidpit.com/jailbreak-android
Sent from my SM-G928T using Tapatalk
MarkBell said:
Jailbreaking is the process of modifying any electronic device in order to remove restrictions imposed by a manufacturer (Apple) or operator (to allow the installation of unauthorized software).
Rooting is the act of gaining access to the root account of a device (such as a smartphone or computer).
There is a huge difference between the two. You can't just say that rooting is Android's version of jailbreaking. Not accurate in the least.
https://www.androidpit.com/jailbreak-android
Sent from my SM-G928T using Tapatalk
Click to expand...
Click to collapse
You're reading too much into what I said.
Basically, what I said was that jailbreaking isn't an android thing, it's an Apple thing(didn't say it was exclusively an Apple thing, just NOT an android thing). It applies to more than just Apple devices but on this website dedicated to mobile platforms, I'm only referring to its application in the mobile device world. For the mobile world it's pretty much only an Apple thing(still not exclusively but mostly so).
Then I said that in the android world it's called rooting(not exclusively an android thing, just NOT an Apple thing). And that jailbreaking and rooting aren't the same thing(this does not say that rooting is android's version of jailbreaking, that would imply that they are the same thing, I'm saying they aren't the same thing)
Basically, explaining what they "aren't", you explained what they "are".
I understand the difference, but thank you.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Droidriven said:
You're reading too much into what I said.
Basically, what I said was that jailbreaking isn't an android thing, it's an Apple thing(didn't say it was exclusively an Apple thing, just NOT an android thing). It applies to more than just Apple devices but on this website dedicated to mobile platforms, I'm only referring to its application in the mobile device world. For the mobile world it's pretty much only an Apple thing(still not exclusively but mostly so).
Then I said that in the android world it's called rooting(not exclusively an android thing, just NOT an Apple thing). And that jailbreaking and rooting aren't the same thing(this does not say that rooting is android's version of jailbreaking, that would imply that they are the same thing, I'm saying they aren't the same thing)
Basically, explaining what they "aren't", you explained what they "are".
I understand the difference, but thank you.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Click to expand...
Click to collapse
I tend to read too deeply into everything. It's the way I am. Lol.
Sent from my SM-G928T using Tapatalk
Could you please post some information about usb device? Just like PID & VID.
Do it like:
Connect DPT-RP1 to Linux, and then type this command 'lsusb'
P.S. Under Windows or MacOS system, you can find the information from system settings...
happy to help with simple things
thisvip said:
Could you please post some information about usb device? Just like PID & VID.
Do it like:
Connect DPT-RP1 to Linux, and then type this command 'lsusb'
P.S. Under Windows or MacOS system, you can find the information from system settings...
Click to expand...
Click to collapse
Bus 001 Device 008: ID 054c:0be5 Sony Corp.
It is good to see some people have been interested in this thread.
So far, I realized that the hacker used a hardware hacking method. I actually obtained the hacked system apps from one of his customer. I guess he did sometihng like directly modifying eMMC to root and put "USBDeviceSwitcher.apk" to allow an usual USB connection. Since I don't want to take such risk, I decided to wait until the first firmware to see if there could be an indirect way to penetrate the system files. But if you want to analyze the hacked system, contact me.
sartrism said:
It is good to see some people have been interested in this thread.
So far, I realized that the hacker used a hardware hacking method. I actually obtained the hacked system apps from one of his customer. I guess he did sometihng like directly modifying eMMC to root and put "USBDeviceSwitcher.apk" to allow an usual USB connection. Since I don't want to take such risk, I decided to wait until the first firmware to see if there could be an indirect way to penetrate the system files. But if you want to analyze the hacked system, contact me.
Click to expand...
Click to collapse
Does it have a web browser? Maybe you can utilize for example the Stagefright Exploit + DirtyC0W to get root.
I have found out some interesting stuff about the device with the help of the Digital Paper App.
The app is built using electron and there is a file: /Applications/Digital\ Paper\ App.app/Contents/Resources/app.asar
This file contains the electron javascript files, which handle all the communication with the device.
It can be extracted with: sudo asar extract app.asar output
(github_com/electron/asar)
This also requires node to be installed: with e.g. brew install node (changelog_com/posts/install-node-js-with-homebrew-on-os-x)
The app communicates with the device via Restlet-Framework/2.3.7 on port 8443 with tcp (no matter if it is the bluetooth, wifi or usb connection).
This is the only port that is open.
In the file: /Applications/Digital\ Paper\ App.app/Contents/Resources/output/node_modules/mw-error/lib/codeparams.js you can find all the relative paths, which are getting called during e.g. file transfer, firmware update and stuff.
Running the app and placing breakpoints reveals that before you can transfer files and stuff:
'/auth'
'/auth/nonce/'
are called in order to authenticate, which looks e.g. like url digitalpaper.local:8443/auth/nonce/1e9ee24d-6613-433a-9770-76b04333ac95
the last part of the call is the "client_id": "1e9ee24d-6613-433a-9770-76b04333ac95", which is retrieved via the url digitalpaper.local:8443/auth call.
digitalpaper.local:8443/auth/
Important:
In /Applications/Digital\ Paper\ App.app/Contents/Resources/output/lib/config.js
change the line
config.DEVBUILD = false;
to
config.DEVBUILD = true;
After you finished your modifications you have pack the output folder again:
sudo asar pack output app.asar
I did not have time to continue, but the following relative urls look promising (especially recovery_mode):
'/testmode/auth/nonce',
'/testmode/auth',
'/testmode/launch',
'/testmode/recovery_mode',
'/testmode/assets/{}',
mcplectrum said:
I have found out some interesting stuff about the device with the help of the Digital Paper App.
The app is built using electron and there is a file: /Applications/Digital\ Paper\ App.app/Contents/Resources/app.asar
This file contains the electron javascript files, which handle all the communication with the device.
It can be extracted with: sudo asar extract app.asar output
(github_com/electron/asar)
This also requires node to be installed: with e.g. brew install node (changelog_com/posts/install-node-js-with-homebrew-on-os-x)
The app communicates with the device via Restlet-Framework/2.3.7 on port 8443 with tcp (no matter if it is the bluetooth, wifi or usb connection).
This is the only port that is open.
In the file: /Applications/Digital\ Paper\ App.app/Contents/Resources/output/node_modules/mw-error/lib/codeparams.js you can find all the relative paths, which are getting called during e.g. file transfer, firmware update and stuff.
Running the app and placing breakpoints reveals that before you can transfer files and stuff:
'/auth'
'/auth/nonce/'
are called in order to authenticate, which looks e.g. like url digitalpaper.local:8443/auth/nonce/1e9ee24d-6613-433a-9770-76b04333ac95
the last part of the call is the "client_id": "1e9ee24d-6613-433a-9770-76b04333ac95", which is retrieved via the url digitalpaper.local:8443/auth call.
digitalpaper.local:8443/auth/
Important:
In /Applications/Digital\ Paper\ App.app/Contents/Resources/output/lib/config.js
change the line
config.DEVBUILD = false;
to
config.DEVBUILD = true;
After you finished your modifications you have pack the output folder again:
sudo asar pack output app.asar
I did not have time to continue, but the following relative urls look promising (especially recovery_mode):
'/testmode/auth/nonce',
'/testmode/auth',
'/testmode/launch',
'/testmode/recovery_mode',
'/testmode/assets/{}',
Click to expand...
Click to collapse
Hope you get some result from wifi side. I also realized they use the port 8443 but couldn't get further as you.
For whom trying to hack it, here is the link for the already 'hacked' system apps (including the original files) - that of the famous hacked RP1 video. Inside the subfolder S1, there are also the hacked system apps for DPT-S1 just in case.
https://www.dropbox.com/sh/dvtvokdzrgwjc83/AACXOJA-E56nUpUfiWUOzrM3a?dl=0
George Malas said:
Does it have a web browser? Maybe you can utilize for example the Stagefright Exploit + DirtyC0W to get root.
Click to expand...
Click to collapse
The stock device has no web browser, no sd-card, no usb connection, and no typical system. I think SONY was haunted by some security issues maybe because they thought the major users are lawyers or very important people? lol
Any chance to create a buffer overflow PDF to attack RP1's pdf reader?
I am unable to help, but wanted to let you know I am definitely interested in and supportive of this. If this device can be unlocked as suggested in that one youtube video then I would buy it, despite the steep price.
jess91 said:
I am unable to help, but wanted to let you know I am definitely interested in and supportive of this. If this device can be unlocked as suggested in that one youtube video then I would buy it, despite the steep price.
Click to expand...
Click to collapse
If you're interested and supportive of this then go buy one anyway and apply yourself to going forward figuring out how to get it done. Other than that, you're not supportive, you're just hopeful that someone figures it out and then you'll probably go get one.
DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Hey guys,
I also recently got the RP1 and am also looking for ways to mod it. Big kudos and thanks to all of you for posting this! This alread is amazing. @sartrism: can you maybe give me a hint how to load the files on the rp1? Sorry if this might be a stupid question but I'm new to adroid and that stuff.
Paderico said:
Hey guys,
I also recently got the RP1 and am also looking for ways to mod it. Big kudos and thanks to all of you for posting this! This alread is amazing. @sartrism: can you maybe give me a hint how to load the files on the rp1? Sorry if this might be a stupid question but I'm new to adroid and that stuff.
Click to expand...
Click to collapse
Just a little update from my side. I'm currently tryng to recreate the steps @mcplectrum was using. It seems that my RP1 also uses other ports. I tried to wireshark the USB and WiFi connection. By that I saw that often GET /registration/information is called for Host: localhost:58052. Moreover the first call is GET /register/serial_number also on port 5808. This was via USB.
Trying to trigger the /auth/ call via Telnet returns nothing unfortunately. But also the 8080 port is open. Trying to call digitalpaper.local:8443/auth/ returns nothing on firefox.
@mcplectrum: how did you get the client_id and what would one need that for?
I also tried to change the config.DEVBUILD to true but that seemed to change nothing at all.
So to sum up what we know:
The device is using some kind of android structure, the source code seems to use the uboot bootloader, all communication is done by a rest restlet framework. So actually there should be some kind of way to use the restlet framework to PUT or POST the modified files.
The other option would be directly flash the eMMC right? I would take the risk and just load it on my device and see what happens. Any hints on how to do that?
hi everyone.
recently, I installed a custom twrp version that is ported to my device.
i used to be skeptical about this but now that i know what spywares can do with your privacy I started to really worry about "ported" recoveries.
i was just wondering if there was a way they could fit a virus into a ported twrp for example?
3CORSA3 said:
hi everyone.
recently, I installed a custom twrp version that is ported to my device.
i used to be skeptical about this but now that i know what spywares can do with your privacy I started to really worry about "ported" recoveries.
i was just wondering if there was a way they could fit a virus into a ported twrp for example?
Click to expand...
Click to collapse
Yes No Maybe.
It all depends on the source of the file and who made this PORT.
If the person is trustworthy, nothing to fear. Of course, it also depends on whether that person has the TWRP file base as trustworthy.
TeamWin folks generally don't do any nonsense. But any malicious person with knowledge can put a malicious script in the TWRP or any option desired by the user can lead to a bad action.
As you can see, the doubts will be great even if someone with a mind for crack does that. There is usually nothing to worry about if you have the stock ROM files.
In addition, most actions are done by the user himself and not by applications (malicious or not).
The best way to know is to test the functionality of TWRP and if you notice something different to what it was thought of or behaving strangely, then stay tuned. If you are knowledgeable and know how to use TWRP then you will know how to differentiate what is good or what is bad.
Another way is to place the ported TWRP file for a developer or person with experience to analyze if there is any different script that causes something bad.
3CORSA3 said:
hi everyone.
recently, I installed a custom twrp version that is ported to my device.
i used to be skeptical about this but now that i know what spywares can do with your privacy I started to really worry about "ported" recoveries.
i was just wondering if there was a way they could fit a virus into a ported twrp for example?
Click to expand...
Click to collapse
Yes one can fit a virus in anything. You can take a precaution of scanning any file you download with an antivirus. Though no antivirus can be truly accurate, there still are chances. Giving a link to an antivirus if you want
https://www.google.com/url?sa=t&source=web&rct=j&url=https://play.google.com/store/apps/details%3Fid%3Dcom.protectstar.antispy%26hl%3Den%26gl%3DUS%26referrer%3Dutm_source%253Dgoogle%2526utm_medium%253Dorganic%2526utm_term%253Dprotectstar%26pcampaignid%3DAPPU_1_wzKvYOuJA4HT-QaivL6gDQ&ved=2ahUKEwir98KClenwAhWBad4KHSKeD9QQ8oQBMA96BAgjEAE&usg=AOvVaw37khVQ1DKzplbVrZ44uuzg
My POV: As long as Android OS didn't get tampered ( e.g. bootloader unlocked, rooted, dm-verity disabled, etc.pp ) noone must fear his/her device can get infected with malware ( viruses included ).
BTW:
Malware like viruses are known to perform repeated tasks that can take up resources on your devices. Signs of malware may show up in these ways.
Phone is too slow.
Apps take longer to load.
The battery drains faster than expected.
There is an abundance of pop-up ads.
Phone has apps you don’t remember downloading.
Unexplained data usage occurs.
Higher phone bills arrive.