-
makingaliasesisa
close it fully and open the browser up again. i think that is how i did it.
-
name
anyone else having trouble verifying Platform Tools 30.05 in Linux? running echo '5be24ed897c7e061ba800bfa7b9ebb4b0f8958cc062f4b2202701e02f2725891 platform-tools_r30.0.4-linux.zip' | sha256sum -c
-
name
but getting: No such file or directory
-
name
Assuming this is because the command is for Platform Tools 30.04...
-
makingaliasesisa
lol
-
name
Sorry new here is this not the right place to ask? should I just curl 30.04?
-
makingaliasesisa
what distro you running?
-
trevqr[m]
Hey all, I just got a Pixel 4a, trying to install from PopOS. Getting an error: ./flash-all.sh: 22: [: Illegal number: 1:81
-
trevqr[m]
-
trevqr[m]
I did install the latest version, so I'm unsure what may be causing the issue.
-
name
arch
-
name
(also very new to linux)
-
makingaliasesisa
fastboot --version trevqr
-
makingaliasesisa
and you should be able to install it from arch fine
-
trevqr[m]
<makingaliasesisa "fastboot --version trevqr "> fastboot version 1:8.1.0+r23-8
-
makingaliasesisa
Arch Linux: android-tools provides fastboot and other useful tools not required for installation such as adb. android-udev provides udev rules allowing fastboot and adb to work in local sessions without root.
-
-
-
-
-
makingaliasesisa
it may be this as well export PATH="$PWD/platform-tools:$PATH"
-
name
I ran into the same issue as trevqr[m], was attempting to update fastboot
-
makingaliasesisa
because i think it is way too out of date 29.0.6 is atleast what you want
-
dontdisturbme[m]
Can any P4XL owners verify this?
-
dontdisturbme[m]
When toggle Airplane Mode, apps can still access internet. Whatsapp still able to send messages, Vanadium still can browse the web.
-
dontdisturbme[m]
When phone is rebooted with Airplane mode On, mobile data is off and cannot be enabled (can enabled but no internet). Internet cannot be used. Have to reboot with Airplane Mode Off again in order to switch back on Mobile data.
-
makingaliasesisa
name: for arch you can just install android-tools
-
makingaliasesisa
and android-udev just in case
-
makingaliasesisa
if you want to allow fastboot and adb to work in local sessions without root.
-
-
louipcm
looks like a problem in the shell script
-
louipcm
are you using bash?
-
name
...had the same problem, even after reinstalling android-tools
-
trevqr[m]
I would assume so? Using the default terminal for PopOS, but I'm relatively new to Linux
-
makingaliasesisa
yeah popos uses bash by default
-
trevqr[m]
When I originally ran the adb/flashboot commands, it was unable to find them, so I just installed them manually. (sudo apt install flashboot). Dunno if that could be messing things up
-
trevqr[m]
And it's trying to use the flashboot I had installed
-
trevqr[m]
Which may be out of date
-
louipcm
22: [: Illegal number: 1:81 is a script error
-
makingaliasesisa
i don't think the apt ones are ever up to date
-
name
tbh I got it to boot by deleting line 22 in the shell script, but wanted to try to get it booted without messing with the script
-
makingaliasesisa
as well tho
-
louipcm
something about your shell is incompatible with the script
-
louipcm
as far as i can tell
-
trevqr[m]
<name "tbh I got it to boot by deleting"> Were you also getting an out-of-date error as well? Did deleting the line mess anything up, or did it run okay?
-
trevqr[m]
Should I try to uninstall fastboot and just try to get it to run okay from the platform-tools? Unsure what to try
-
makingaliasesisa
line 22 is this one aye?
-
makingaliasesisa
> if ! [ $($(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/\.//g' ) -ge 2802 ]; then
-
makingaliasesisa
* line 22 is this one?
-
makingaliasesisa
> if ! [ $($(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/.//g' ) -ge 2802 ]; then
-
name
no it runs perfectly
-
name
in my script line 22 is: if ! [ $($(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/\.//g' ) -ge 2802 ]; then echo "fastboot too old; please download the latest version at
developer.android.com/studio/releases/platform-tools.html"
-
name
which is the exact error I was getting, even though fastboot was up to date
-
trevqr[m]
Yeah, it's that for me as well. Haven't tried deleting it yet though because I don't want to mess anything up
-
trevqr[m]
It seems like it is just preventing it from running if fastboot is out of date though? So, if I verified it in a previous step, maybe it's okay to delete and run anyway?
-
louipc
do this command in shell $(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/\.//g'
-
makingaliasesisa
can you unistall the sudo apt'ed one
-
louipc
should give you a number
-
trevqr[m]
<louipc "do this command in shell $(which"> grep "version" | cut -c18-23 | sed 's/\.//g'
-
makingaliasesisa
yeah mine gives 3004 for me
-
name
I just get a syntax error
-
trevqr[m]
<makingaliasesisa "can you unistall the sudo apt'ed"> Lemme try
-
louipc
yea if you get an error then you have some shell problem
-
louipc
maybe cut, or sed
-
louipc
greps probly ok
-
makingaliasesisa
@name echo $SHELL
-
name
I get /bin/bash
-
trevqr[m]
Uninstalled fastboot, now get "fastboot not found; please download the latest version at
developer.android.com/studio/releases/platform-tools.html and add it to the shell PATH"
-
trevqr[m]
when trying to run flash-all
-
louipc
break that command down into its parts to find out where its messing up
-
louipc
try that $(which fastboot) --version | grep "version"
-
name
syntax error near unexpected token `--version'
-
makingaliasesisa
fastboot version 30.0.4 for me
-
louipc
whattt
-
makingaliasesisa
name: that is wierd
-
makingaliasesisa
* name: that is weird
-
louipc
`which fastboot` --version | grep "version"
-
name
bash: which: command not foundbash: --version: command not found
-
louipc
i dont think you are actually running bash
-
trevqr[m]
Gonna take a break for dinner, but will come back to try to trouble shoot 🙃
-
makingaliasesisa
bash --version
-
louipc
not having the which program is kindof a problem too
-
name
License GPLv3+: GNU GPL version 3 or later <
gnu.org/licenses/gpl.html>
-
louipc
bash would understand $(command) syntax
-
name
hmm
-
louipc
can you install a program called 'which' at least?
-
makingaliasesisa
when i do the comand in sh i get
-
makingaliasesisa
> sh-5.0$ 'which fastboot' --version | grep "version"
-
makingaliasesisa
> sh: which fastboot: command not found
-
louipc
program or package
-
louipc
via your package manager... really it shoulda been installed by default
-
makingaliasesisa
for arch install base and base-devel as well
-
name
@louipc yeah was able to install 'which'
-
makingaliasesisa
huh
-
name
does not help though
-
louipc
thats good lol. now to figure out whats wrong with your shell
-
louipc
you still might run into problems becaue of your weird distro
-
makingaliasesisa
arch linux is not weird :P
-
louipc
names is weird
-
name
lol
-
makingaliasesisa
lol
-
name
thanks for the help troubleshooting, this seems more managable now
-
louipc
i really cant think of any reason it wouldnt work. unless you are using some bash fork
-
louipc
that removes $(command) substitution
-
louipc
in that case install normal bash and get rid of the fork
-
makingaliasesisa
also could you give me your output of "cat /etc/bash.bashrc"
-
louipc
also file a bug report with popos that their shell environment is screwed up
-
name
## If not running interactively, don't do anything[[ $- != *i* ]] && return[[ $DISPLAY ]] && shopt -s checkwinsizePS1='[\u@\h \W]\$ 'case ${TERM} in xterm*|rxvt*|Eterm|aterm|kterm|gnome*) PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' ;; screen*)
-
name
PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033_%s@%s:%s\033\\" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' ;;esac[ -r /usr/share/bash-completion/bash_completion ] && . /usr/share/bash-completion/bash_completion
-
name
yeah definitely will
-
makingaliasesisa
mine looks similar
-
name
hmm
-
-
louipc
-
makingaliasesisa
oops markdown is a thing
-
louipcm
anyway.. better ask popos for help. because their own scripts have the problematic syntax too
-
louipcm
somethine else is wrong
-
makingaliasesisa
yeah they do have a different shell from the norm as well
-
trevqr[m]
Okay, I have returned. Is the conclusion that something is wrong with popos? name , did you have success with simply deleting line 22 without any issue?
-
trevqr[m]
I have my bootloader unlocked. Dunno if there would be helpful commands to run in my platform-tools folder to get it to recognize that fastboot is there/up to date
-
louipc
deleting that line will get things going but you better make sure youre up to date. but the other concern is that if popos shell environment is messed up then you run into further problems down the road
-
louipc
if you both had the same problem then definitely a problem with popos
-
louipc
they should have `which` installed by default at very least
-
makingaliasesisa
@name i just installed a VM and popos doesn't error out when i did the $(which fastboot) --version
-
trevqr[m]
Hmm, yeah, I have PopOS on both my PC and laptop. My partner has a Mac which I could give a go. Would the safest way to disconnect from the install simply be to relock the bootloader and restart the phone? Then try it on the Mac?
-
makingaliasesisa
i get the fastboot version 1:8.1.0+r23-8 output
-
trevqr[m]
I installed GrapheneOS previously on Pixel 2 with Windows, but have since made the switch to Liunux
-
name
Yeah, my main concern is with my arch distro now - I've had no issues with graphene since installing last night.
-
makingaliasesisa
on popos VM
-
trevqr[m]
<makingaliasesisa "i get the fastboot version 1:8.1"> This is what I was getting when I installed it via sudo apt
-
trevqr[m]
Would you all recommend deleting line 22, or to try it on a Mac instead?
-
makingaliasesisa
yeah i was trying a command which disdn't work with names
-
louipc
i recommend installing from a supported OS
-
makingaliasesisa
name should be. i believe he is on arch Linux.
-
louipc
you dont need to relock bootloader until finished installing
-
trevqr[m]
Okay. So, simply restart to exit fastboot mode and then try again on the Mac?
-
louipc
sure
-
name
Yeah I'm on arch linux not popos
-
makingaliasesisa
which makes it even weirder
-
louipc
oh what. you were on arch this whole time?
-
makingaliasesisa
trev was Pop OS i beieve
-
makingaliasesisa
* trev was Pop OS i believe
-
name
yes
-
name
sorry lol
-
makingaliasesisa
what terminal are you running name aswelk
-
makingaliasesisa
I'm running Konsole
-
makingaliasesisa
atm]
-
-
louipcm
ffs matrix
-
louipc
`which fastboot`
-
makingaliasesisa
ah ok
-
louipc
terminal wont matter
-
makingaliasesisa
ST terminal is a thing :P
-
louipc
what
-
name
fwiw I've been using arch on a macbook for 2.5 days, I didn't even know there were different terminals lol
-
-
louipc
lol i'd just reinstall the whole thing then. rather than try to figure out whats wrong
-
louipcm
oh.. yea i guess
-
louipc
except that points to bash in archlinux
-
louipc
hmm maybe arch is messed up.. which is part of base-devel rather than base
-
makingaliasesisa
ah ok true
-
makingaliasesisa
try install base-devel @name
-
makingaliasesisa
also have a look at this next install (if you didn't)
wiki.archlinux.org/index.php/Mac#Post-installation
-
makingaliasesisa
* also have a look at this next install (if you didn't)
wiki.archlinux.org/index.php/Mac
-
makingaliasesisa
for pacstrap i also do this command:
-
makingaliasesisa
> pacstrap /mnt base base-devel linux linux-headers linux-firmware vim nano networkmanager man-db man-pages git openssh
-
louipc
pacman is part of base-devel... what
-
louipc
not base
-
louipc
i give up
-
makingaliasesisa
* for pacstrap i also do this command (not for mac though it may be a little bit different):
-
makingaliasesisa
> pacstrap /mnt base base-devel linux linux-headers linux-firmware vim nano networkmanager man-db man-pages git openssh
-
makingaliasesisa
it is a requirement from another package
-
louipc
oh base is a metapackage now that includes pacman.. its all weird
-
makingaliasesisa
yeah it is made "simple"
-
makingaliasesisa
lol
-
louipc
i guess all distros are messedup. ohwell
-
name
lol
-
name
yeah for mac it was > pacstrap /mnt base linux-mbp linux-mbp-headers linux-firmware...
-
trevqr[m]
Hmm, I'm trying to do some more troubleshooting because it seems really odd to not be working. I'm trying on my laptop with PopOS now. If I follow the three step commands to install platform-tools + export PATH="$PWD/platform-tools:$PATH", it seems to recognize fastboot just fine. If I continue to extract the release image and try to flash, this time I get "<waiting for any device>"
-
makingaliasesisa
aye thats a good start
-
trevqr[m]
If I don't do it all consecutively in terminal, that's when I run into the "fastboot not found" error
-
trevqr[m]
ie, if I open up a new terminal window, it can't seem to find fastboot anymore unless it's all consecutive from the download and extract of platform-tools
-
makingaliasesisa
yeah for the export thing it is only for that terminal session
-
trevqr[m]
Maybe that was my issue all along then? Is there a reason the "waiting for any device" error might appear? I am in fastboot mode with the bootloader unlocked
-
makingaliasesisa
it says this on the wbsite:
-
makingaliasesisa
> This is a temporary change to PATH for the current shell and will need to be done again if you open a new terminal. Make sure that the fastboot command works in the current shell before trying to run the flashing script.
-
makingaliasesisa
* it says this on the website:
-
makingaliasesisa
> This is a temporary change to PATH for the current shell and will need to be done again if you open a new terminal. Make sure that the fastboot command works in the current shell before trying to run the flashing script.
-
makingaliasesisa
so it is say unlocked as well
-
makingaliasesisa
* so it is saying unlocked as well
-
makingaliasesisa
i am not not sure about this error i just got it to work luckily for me
-
trevqr[m]
on pop?
-
louipcm
trevqr: check the phone. you need to confirm
-
makingaliasesisa
nah arch
-
trevqr[m]
Yeah, it has Device state: unlocked
-
louipcm
waiting for device is not an error
-
louipcm
though if you dont get a prompt on your phone then something is wrong
-
louipcm
either drivers, or cable
-
makingaliasesisa
try fastboot devices on the terminal
-
trevqr[m]
Lemme run through it from the top one more time and see what happens. I'll try adding sudo as well for the flash
-
trevqr[m]
If I run it as sudo, I get flashboot not found. If I run it without sudo, I get waiting for any device
-
trevqr[m]
Nothing happens on the phone
-
louipc
phone is in bootloader?
-
trevqr[m]
fastboot devices gives me "no permissions"
-
trevqr[m]
Phone is in bootloader
-
trevqr[m]
It seems my comp somehow loses fastboot when I "cd" into the factory image folder to run the flash
-
trevqr[m]
Up until then, it recognizes fastboot with the correct version number
-
trevqr[m]
I am close to surrendering and just borrowing a friends windows computer tho lol
-
trevqr[m]
Still got a Pixel 2 with graphene for the time being, was just trying to upgrade for timely updates
-
louipcm
could be the cable too
-
trevqr[m]
Yeah, it was the original cable I used to install it, but something could've happened to it in the meantime
-
trevqr[m]
I'll probably just shoot to borrow a friend's Windows computer. Seems more trouble than it's worth to figure out
-
name
ok so super embarassing but I either forgot to install linux-firmware or base-dev because I installed both and rebooted and all is working fine now lol
-
louipc
weird
-
louipc
name: u mean base-devel rite
-
trevqr[m]
Any commands to run to check that on my end?
-
name
yeah base-devel
-
louipc
trevqr[m]: no idea for popos
-
louipc
trevqr[m]: possible you need android-udev rules
-
yehnahyeh[m]
<dazinism "yehnahyeh: I think possibly you "> Can you think of a reason this would happen after a year of flawless function? And, can you please advise how/where I would go for help on troubleshooting a hardware issue like this? I'm at a bit of a loss. Thanks!
-
trevqr[m]
I think I'll call it for now and give it another go on Windows. Thanks for all the help yall, it was much appreciated!
-
Guest18945
Hi, does tinder or bumble work on grapheneos phone?
-
Guest18945
Would it work in phone browers?
-
name
Any way to audit without second android device? (e.g. from ios, or linux?)
-
kkkkkkkkkkkkkkkk
<name "Any way to audit without second "> Wdym
-
kkkkkkkkkkkkkkkk
<name "Any way to audit without second "> Emulator?
-
louipc
but thats an android device then :D
-
kkkkkkkkkkkkkkkk
<louipc "but thats an android device then"> Read the code
-
kkkkkkkkkkkkkkkk
Isn't auditing like reading the code? But it is still different when you test it with a functional.android phone
-
strangefinder[m]
hi all, is there any way to modify the "always on display" larger, color, whats on screen ?
-
cecemimi[m]
I can't get bromite to finish an install on fdroid, while downloading it always stops and install button appears again like nothing happened. Is this a common error?
-
chani
anyone in here formerly known as DannyWorkOrderPr?
-
dazinism
cecemimi: I found fdroid can be a bit buggy like that. Also Aurora Droid can fail to offer the update after downloading (if you have it set to download to its own private storage - which is safest). Started using foxy droid (from fdroid ) and it works fine.
-
dazinism
strangefinder: there are apps that offer customisable AOD functionality, but they have security implications (have ability to draw over other apps), also, I think, likely to be less battery efficient.
-
dazinism
yehnahyeh: things just break sometimes. The cameras on pixels do mess up occasionally, maybe search in the reddit for your phone and see if theres folks with the same issue as you have?
-
dazinism
In the EU, if bought new, all electrical goods get 2 years guarantee. Could send it back to where you got it and have it replaced (or maybe back to Google?). Guess if you do that would be best to flash stock OS again first.
-
cenapatop689[m]
Where can I Download the satelite app. In aurora isnt it
-
cenapatop689[m]
I have tried racoon but the install fails
-
dazinism
cenapatop689: for testing theres GPSTest (An app for testing GPS and GNSS capabilities of a device) -
f-droid.org/packages/com.android.gpstest.osmdroid
-
cenapatop689[m]
No I mean this app
satellite.me
-
dazinism
cenapatop689: apkmirror is pretty safe. Maybe they have it?
-
dazinism
cenapatop689: its a VoIP service so guess you could alternatively use a generic voip app.
-
cenapatop689[m]
dazinism: Do you know one?
-
Ravenous
Hi there, I have a couple of questions about freeboot and fedora 32 in regard to installing grapheneOS. Would someone be willing to help?
-
dxrwzy9y[m]
Hey why is there a short interruption when NewPipe goes into background play? Is this a NewPipe or system issue?
-
thematten[m]
dxrwzy9y:
-
thematten[m]
* dxrwzy9y: May be switching between different players?
-
dxrwzy9y[m]
It's just NewPipe running
-
Ravenous
Has anyone had any problems installing GrapheneOS with Fedora 32?
-
thematten[m]
I mean, NewPipe may have different implementations of video players, where one is meant for background playback - it would then have to stop video in one and start in the other at same position, thus creating that interruption
-
dxrwzy9y[m]
I'm not the only one experiencing this, right?
-
thematten[m]
Yeah, I see the same behaviour
-
thematten[m]
From technical standpoint, if you wanted to remove the interruption, you would probably have to split player into video and sound part, which would be needless complication and potential source of different bugs (like sound getting out of sync)
-
Ravenous
Given that Pop_OS! is a fork of Ubuntu, would it be considered officially supported?
-
makingaliasesisa
Ravenous: you should be able to install in most OS' popOS works fine if you do it in one hit.
-
vinterneti[m]
Why there is no threads of GrapheneOS on xda-developers?
-
vinterneti[m]
* Why there is no official topics of GrapheneOS on xda-developers?
-
engulf[m]
vinterneti Because XDA is a mess
-
vinterneti[m]
<engulf[m] "vinterneti Because XDA is a mess"> But there is official group on reddit. So it is distancing from developers.
-
vinterneti[m]
Because reddit is even more messy.
-
lolly
How secure is grapheneOS from being hacked if the phone is taken by a third party
-
lolly
and is there a remote wipe functionality to the phones
-
lolly
even if i need to setup a private server to use a remote wipe
-
engulf[m]
<lolly "How secure is grapheneOS from be"> It is as secure as your password is. Although with time they will be able to get into it, of course depending on the amount of effort the third party is willing to put into opening your phone. Also as the phone is in hands of third party it will likely not be updated and so it might become vulnerable to exploits that are found.
-
lolly
My company is currently looking into the recent poll discrepancy and need a phone that cannot have any data on it recovered by goverment or police officials not illegal communications just keeping sources private and names off the record
-
lolly
like if a phone is taken is there a way to get information off the memory inside the phone easily or even read it at all
-
lolly
we currently use a custom version of signal for communications
-
CryptRelay[m]
<lolly "and is there a remote wipe funct"> afaik, wipe functionalities are not needed, see:
github.com/Peter-Easton/GrapheneOS-…en-incorrect-guesses-at-the-pincode
-
lolly
But could government and police parties have backdoors into the titan M chip?
-
lolly
where they can bypass all that security by asking google themselves
-
engulf[m]
vinterneti: That is exactly why the subreddit of GrapheneOS is used for announcements. (of course there are occasional post by randoms).
-
engulf[m]
-
lolly
CryptRelay[m] thanks for that link ive been reading down it and looks like grapheneOS plus the pixel phones are perfect for our job, needed to make sure when a device is wiped its actually wiped because we used to have 'secure' iphones and a in house tech showed us that he can recover the data after wipe
-
projectmoon
'secure' phones where someone forgot to turn on encryption?
-
lolly
we had all the phones access token on hand
-
lolly
he just showed me the fact that even when i press that "erase data" button the encrypted info can be recovered
-
leggychun[m]
lolly rest assured once you press wipe data recovery is not possible
-
anupritaisno1[m]
leggychun yes
-
anupritaisno1[m]
lolly when you press wipe the decryption key is wiped from the titan M
-
anupritaisno1[m]
Recovery is not possible even with the password
-
kkkkkkkkkkkkkkkk
<lolly "CryptRelay thanks for that link "> Maybe it's an old iPhone?
-
toxicfrog[m]
Pixel 3a - I'm not getting email notifications from Fastmail app or Protonmail app. Also not getting any red dot notifications including on Signal app. I have all notifications on in settings including 'Allow notification dot'. When I open Protonmail it says "Push Notifications do not work without updated Google Play services"
-
toxicfrog[m]
Signal is now working fine. Email apps still not. Didnt realise it isnt a red dot, its blue/grey. Not used Android before.
-
projectmoon
protonmail only has GCM push notifications
-
projectmoon
graphene os does not have play services or microg
-
fuu[m]1
normal for protonmail
-
toxicfrog[m]
if i install microg will i get notifications?
-
fuu[m]1
tutanota seem to care more about open source than proton
-
projectmoon
microG does not work properly if it's installed as a user app
-
fuu[m]1
perhaps you can try using protonmail via vanadium, and enabling notifications
-
fuu[m]1
idk if that would work
-
toxicfrog[m]
<fuu[m]1 "perhaps you can try using proton"> I doubt it. You mean access via the browser?
-
ludicrous_speed[
fuu: proton has opensourced their code.
-
louipc
you can run your own proton service?
-
ludicrous_speed[
They did that early this year.
-
louipc
hmm #graphene-offtopic anyways
-
louipc
hmm #grapheneos-offtopic anyways
-
ludicrous_speed[
Tutanota is based in Germany, big red flag there.
-
anupritaisno1[m]
-
anupritaisno1[m]
<projectmoon "microG does not work properly if"> It does
-
projectmoon
can it register and deliver push notifications?
-
anupritaisno1[m]
Yes
-
ludicrous_speed[
anupritaisno1: I'm not attacking anybody through an argument. Try again with your logic noobness.
-
anupritaisno1[m]
If you whitelist it from battery optimization
-
anupritaisno1[m]
The only thing that won't work is the geocoder projectmoon
-
anupritaisno1[m]
Which is why ROMs must implement the geocoder themselves
-
anupritaisno1[m]
And not let the microg geocoder really work
-
anupritaisno1[m]
projectmoon look at YouTube vanced
-
anupritaisno1[m]
They do push notifications without installing microg into system
-
anupritaisno1[m]
Btw I need some help
-
anupritaisno1[m]
-
anupritaisno1[m]
Copperhead is claiming ownership of code I have written
-
anupritaisno1[m]
And things I have implemented
-
anupritaisno1[m]
Example
-
anupritaisno1[m]
```
-
anupritaisno1[m]
CopperheadOS Android 11 now uses Scudo for legacy code (32-bit) executions and continues to use the CopperheadOS hardened allocator for 64-bit memory functions thereby covering all native code execution functions.
-
anupritaisno1[m]
I wrote the implementation for this. 2 months ago
-
anupritaisno1[m]
They are now openly stealing code written by developers and claiming it as their own
-
projectmoon
all the other things they do aside, wouldn't it mostly be about what licenses are distributed with their software, from a legal perspective?
-
louipc
part of the license is attribution
-
louipc
if they are not doing that, then that is a clear violation
-
projectmoon
yes
-
projectmoon
is it MIT license?
-
anupritaisno1[m]
Apache2
-
anupritaisno1[m]
We have a channel for countering James' attacks
-
anupritaisno1[m]
But very few are helping
-
projectmoon
not sure how the apache license governs attribution. but there can be a difference between keeping the attribution in the license distributed with the software and how it's marketed... certain BSD licenses explicitly prohibit marketing stuff without attribution to the original authors
-
projectmoon
if it was someting like the MIT license, pretty sure you can do basically whatever you want as long as you keep the notice in the license files
-
projectmoon
also i'm not a lawyer so all of this is probably wrong 🙃
-
projectmoon
it's at the very least unethical if not a license violation
-
anupritaisno1[m]
Anyway please pm me or madaidan. if you want to help against copperhead
-
anupritaisno1[m]
Here's proof the scudo on legacy implementation was done by me
GrapheneOS/platform_bionic 7cdda01
-
louipc
anupritaisno1[m]: oh what chan is that
-
strcat[m]
anupritaisno1: the decryption key isn't on the Titan M, it's not stored anywhere
-
strcat[m]
engulf: with a strong passphrase there is no amount of resources that would get an attacker through the encryption
-
strcat[m]
without one, you depend on the hardware-based security features, such as if you have a 6 digit PIN, you're depending on the Titan M throttling
-
strcat[m]
projectmoon: they do not provide the necessary attribution in the OS
-
strcat[m]
anupritaisno1: hardened_malloc was written by me in July / August 2018
-
strcat[m]
Copperhead had fully split from the project by June 2018
-
anupritaisno1[m]
<strcat[m] "anupritaisno1: hardened_malloc w"> Yes
-
anupritaisno1[m]
I am not claiming that
-
anupritaisno1[m]
Smh
-
strcat[m]
they are just thieves (literally, not a figure of speech, they stole > 100k of donations) and fraudsters
-
anupritaisno1[m]
Copperhead is claiming my implementation of scudo on 32-bit and hmalloc on 64-bit as their own
-
strcat[m]
people paying them are buying insecure phones from con artists
-
anupritaisno1[m]
<anupritaisno1[m] "Copperhead is claiming my implem"> strcat
-
strcat[m]
and are funding their attacks on developers
-
anupritaisno1[m]
That makes me so pissed aaaa
-
num8[m]
of course
-
anupritaisno1[m]
That shit was like
-
louipc
anupritaisno1[m]: i guess u could sue them for attribution
-
anupritaisno1[m]
2 weeks with little sleep just getting hardened malloc on R
-
anupritaisno1[m]
So it really pisses me off
-
anupritaisno1[m]
A LOT of effort went into getting it to work on R
-
anupritaisno1[m]
And it was not just me
-
anupritaisno1[m]
strcat was handling the frameworks/base part while I was getting it to actually work on R
-
strcat[m]
they fraudulently take credit for years of my work
-
strcat[m]
and misrepresent their former relationship with the project
-
r0tt0r[m]
counter sue them
-
strcat[m]
we are
-
projectmoon
<strcat[m] "projectmoon: they do not provide"> Then it's definitely a license violation
-
strcat[m]
r0tt0r: you may not be aware that we have legal fees of up to ~5k / month
-
strcat[m]
and donations are not covering it all
-
strcat[m]
I don't really get paid for any of my work with that taken into consideration
-
r0tt0r[m]
<strcat[m] "r0tt0r: you may not be aware tha"> ouch
-
anupritaisno1[m]
<r0tt0r[m] "ouch"> Btw add 300-500 to that even more
-
anupritaisno1[m]
I quit my job to do grapheneos dev
-
num8[m]
yep, even if you can prove you're right in court, they are probably trying to let you run out of money during the run.
-
num8[m]
or something like that.
-
num8[m]
which doesn't suprise me at all, sadly
-
num8[m]
I really hope you guys win this thing, tho
-
anupritaisno1[m]
num8 you can help us
-
anupritaisno1[m]
Help counter their misinformation
-
num8[m]
<anupritaisno1[m] "Help counter their misinformatio"> sure, I'm glad to.
-
strcat[m]
some tech people were duped by him, primarily in the Bitcoin community
-
strcat[m]
and it's a serious problem
-
strcat[m]
they're the ones helping him continue to get funding to throw towards causing harm to us
-
num8[m]
uhm, I see :/
-
num8[m]
didn't know that, I'm not that much in that space
-
num8[m]
I was talking about the privacy/activism community
-
num8[m]
that's pretty sad tho
-
oaktilebarnland[
Anyone have suggestions on how to change app names/icons?
-
r0tt0r[m]
<oaktilebarnland[ "Anyone have suggestions on how t"> some launcher fe. omega allows to rename and change icons
-
oaktilebarnland[
I've used nova in the past. But thanks. Are there security concerns with launchers?
-
dazinism
oaktilebarnland: yeah can use a different launcher, although many appear to have permissions that have security implications
-
dazinism
Theres an app on fdroid called activity launcher that allows you to make custom app launchers. Can change the name and icons
-
dazinism
Although only select from the different icons of apps that are on your device (which includes some system apps, who's icons you dont normally see)
-
radec
hi all newb question. i just got a pixel3. it's on android 10....looks like it was last updated in august. do I need to update to stock android 11 before installing graphenos?
-
jpds
radec: No, though it is recommended for the latest firmware
-
anupritaisno1[m]
Not a requirement
-
radec
ok, thanks. so not required but not a bad idea
-
strcat[m]
-
strcat[m]
and explains why
-
anupritaisno1[m]
Tl;dr pixel 2 had to be updated beyond a certain version due to a bug in the bootloader
-
anupritaisno1[m]
It's usually to avoid such bugs
-
anupritaisno1[m]
Just one thing
-
strcat[m]
> It's best practice to update the stock OS on the device to make sure it's running the latest firmware before proceeding with these instructions. This avoids running into bugs, missing features or other differences in older firmware versions. You can either update the device via over-the-air updates or sideload a full update, which for Pixel phones can be obtained from the full update package page.
-
strcat[m]
it's a simple paragraph
-
anupritaisno1[m]
Updating doesn't mean you update and then never boot the slot
-
anupritaisno1[m]
Most people create more issues by updating and then jumping straight to the bootloader
-
strcat[m]
don't make it more complicated than it has to be
-
strcat[m]
the install guide has a good explanation
-
anupritaisno1[m]
strcat I've seen people who've done that
-
anupritaisno1[m]
Basically bootloader sees that the upgrade isn't completed yet
-
anupritaisno1[m]
And then refuses to flash grapheneos and throws errors
-
strcat[m]
okay just don't make things more complicated than they need to be
-
strcat[m]
the guide explains things, in the right order
-
strcat[m]
follow the guide
-
strcat[m]
don't skip steps
-
strcat[m]
don't improvise
-
strcat[m]
follow the install guide
-
strcat[m]
it says it's best practice to update BEFORE starting, and has you go into the OS to enable OEM unlocking after starting
-
radec
@strcat ok thanks. I was reading that. I guess I am just used to things on xda that get written and never updated
-
strcat[m]
so what you're saying is people didn't follow the guide and experienced problems
-
strcat[m]
and yeah, that's why you follow the guide
-
strcat[m]
radec: we don't write blog posts, we publish well maintained docs
-
anupritaisno1[m]
radec btw if you need help pm me
-
strcat[m]
the guide was last updated October 20th, it's fully up-to-date
-
anupritaisno1[m]
My help = I basically install it for you btw
-
radec
@strcat that's great thanks
-
radec
@anupritaisno1 thanks I think I got it. I was just making sure I wasn't going to screw something up by updating, but I guess that's not a concern lol
-
anupritaisno1[m]
<radec "@anupritaisno1 thanks I think I "> Basically update and fully boot the update
-
radec
great
-
anupritaisno1[m]
Then enable OEM unlocking on the latest update
-
anupritaisno1[m]
BTW what device?
-
radec
pixel 3. unlocked bootloader
-
anupritaisno1[m]
You should be able to continue without upgrading tbh
-
anupritaisno1[m]
radec so anyway you have the files for installation?
-
radec
yep
-
anupritaisno1[m]
radec extracted the platform tools?
-
radec
i'm on linux. I've just been using the adb/fastboot I have installed.
-
anupritaisno1[m]
You should be able to directly run ./flash-all.sh
-
certi[m]
Getting a new phone, no price limit. Should I get a Pixel 5 and assume Graphene will work on it eventually?
-
radec
ok cool
-
anupritaisno1[m]
certi nothing can be said yet
-
anupritaisno1[m]
Pixel 5 moves several drivers into techpack and has several more submodules
-
certi[m]
Should I get a Pixel 4 then? I kind of wanted 5G but could live without until it scales up more
-
anupritaisno1[m]
certi it's better if you ask after a while
-
anupritaisno1[m]
Remember pixel 5 doesn't even have vendor support yet
-
strcat[m]
Pixel 4, Pixel 4 XL and Pixel 4a are the recommended devices (see the FAQ)
-
strcat[m]
there isn't support for the Pixel 5 or Pixel 4a 5G
-
strcat[m]
there is no maintenance team for either the Pixel 5 or 4a 5G
-
strcat[m]
so you will be waiting an indefinite amount of time where there is currently no progress being made to support them
-
strcat[m]
unless you plan to work on developing support for them I wouldn't buy either of those devices with the intent of using GrapheneOS
-
radec
hey just out of curiosity ,in fastboot any thoughts on what "Secure Boot: DEVELOPMENT" vs "Secure Boot: PRODUCTION" means? the first pixel3 i bought said DEVELOPMENT. I am returning it because the IMEI is also real strange. I had never seen that before.
-
anupritaisno1[m]
Uhhhhhh
-
anupritaisno1[m]
How the hell did you get that
-
radec
ebay
-
anupritaisno1[m]
A development device can load stuff like custom bootloaders and radio
-
anupritaisno1[m]
It's not really something secure for use on graphene
-
strcat[m]
radec: goes to show the sketchy stuff that goes on with ebay
-
strcat[m]
probably a development device stolen from a developer
-
strcat[m]
that belongs to Google and is stolen property
-
strcat[m]
* that belongs to Google (given to one of their developers) and is stolen property
-
radec
yeah interesting. it is true, you never know what you are going to get from ebay
-
certi[m]
Thanks strcat . I know I would be gambling with getting a P5. I am a noob when it comes to coding and programming, wouldn't mind helping tho
-
radec[m]
@anupritaisno @strcat got grapheneos installed no problem that is for your help and time.
-
radec[m]
*thanks for your help and time
-
dazinism
Donations and help always appreciated
-
dazinism
-
dazinism
-
engulf[m]
<strcat[m] "engulf: with a strong passphrase"> Unless there is a vulnerability in the encryption algorithm itself
-
strcat[m]
and you should not be claiming there is one without evidence
-
strcat[m]
also a 'break' in a cryptographic algorithm just means it doesn't provide the expected security level, it rarely means that it doesn't work at all
-
engulf[m]
I'm not claiming that there is one, I'm claiming that if one was found that would be a way to break the encryption
-
strcat[m]
is AES256 was broken to only provide 120 bits of security instead of 256 bits (which would be a massive break)
-
strcat[m]
it would not change anything about the actual real world security
-
strcat[m]
engulf: you said that an attacker just needed time / resources to break the encryption which is inaccurate
-
engulf[m]
* I'm not claiming that there is one, I'm claiming that if one was found that would be a way to get into the device
-
TheJollyRoger
Heh, well, if there's a problem with AES, then bigger people than us would likely be in a lot more trouble - people like the United States Government are relying on it to secure their top secret level diplomatic communications.
-
strcat[m]
engulf: if someone uses a strong passphrase, that holds up against any attacker with any amount of resources due to how things are designed
-
strcat[m]
if someone uses a 6 digit PIN, then they depend on the security of the Titan M
-
TheJollyRoger
Remember, even though AES was designed in 1997, the NIST was very clear that the cipher might actually need to last until the end of time.
-
strcat[m]
for a profile that is logged out OS security isn't the weak point due to hardware enforcement of the delays
-
strcat[m]
if a profile is logged in and you're talking about data not protected by the keystore, and an attacker that's going to be trying to exploit the OS, it's not about encryption
-
louipcm
oops i was just screwing around with communities
-
TheJollyRoger
So it's no wonder why they gave the entries into the standard competition to academics to scrutinize and go over with a fine-toothed comb.
-
engulf[m]
strcat: I said that depending on the length of the password a motivated attacker (with years of time and a lot of resources) would possibly be able to get into the device.
-
engulf[m]
I'm sorry if you misunderstood, I didn't mean to claim otherwise
-
strcat[m]
what you said was going to mislead people in the channel
-
strcat[m]
the issue is not that I misunderstood anything
-
engulf[m]
I do agree that it could have been phrased in a better way
-
engulf[m]
* I do agree that it could have been phrased better
-
fomijafi[m]
What is considered a strong passphrase for these phones?
-
TheJollyRoger
Four randomly selected dictionary words.
-
engulf[m]
* I'm sorry if the post seemed to mislead people, wasn't the intention.
-
rwhalen[m]
Do you typically use that kind of password for just unlocking your phone? I imagine at some point there's a usability hit and you would need to compensate by making the phone take longer before letting it lock again, right? Presumable that could decrease the security if it's not auto-locking as frequently.
-
rwhalen[m]
Not to say that you're wrong... this is just something I've been debating myself recently.
-
TheJollyRoger
Well, I actually find it somewhat easier to type four words in than hunt with shift with numbers and such.
-
TheJollyRoger
So it's a bit easier for me to type and easier for me to memorize.
-
r0tt0r[m]
use full spectrum of symbols chars numbers. when tested against my own wifi that made it not so easy to crack anymore. though a multi quantum crack server farm with thousands of gpus and stuff its quiet a matter of time
-
r0tt0r[m]
everytime i forget one of my passwords for an account i double it with special char in between
-
r0tt0r[m]
some are meanwhile aroumd 30char/numbers/symbols long and i can still memorize
-
r0tt0r[m]
* some are meanwhile around 30char/numbers/symbols long and i can still memorize
-
projectmoon
Does changing the lock screen password also change the existing encryption!
-
projectmoon
?*
-
r0tt0r[m]
there was this xkcd comic with supersecure long passwords and the hammer solution. hit him with hammer till he gives you his password, or was it a wrench...
-
TheJollyRoger
There should be an addendum to that:
-
TheJollyRoger
Crypto nerd's imagination: "Oh no they'll hit me with a $5 wrench!" What happens in real life: "Here just use this canned exploit that takes advantage of one of the 30 unpateched vulnerabilities in the kernel."
-
r0tt0r[m]
ye indeed, sad truth
-
r0tt0r[m]
there should be an emergency pin code option when entered it wipes or triggered through xploit tries
-
r0tt0r[m]
that face to see finspy tech in action :)
-
r0tt0r[m]
aaaaaaaand its wiped
-
strcat[m]
projectmoon: profile's are protected with encryption derived from the lock method
-
strcat[m]
* projectmoon: profiles are protected with encryption derived from the lock method
-
strcat[m]
projectmoon: this has been stated here a lot along with detailed information on it
-
strcat[m]
I recommend going back and reading explanations of it
-
louipc
TheJollyRoger: i use a $2 wrench
-
golli[m]1
> use full spectrum of symbols chars numbers. when tested against my own wifi that made it not so easy to crack anymore. though a multi quantum crack server farm with thousands of gpus and stuff its quiet a matter of time
-
golli[m]1
If you want something even better, use ALT codes.
-
golli[m]1
It's essentially like having a pin code for every character.
-
louipcm
wow how many quantum crack farms are there
-
r0tt0r[m]
<louipcm "wow how many quantum crack farms"> theres already cloud cracking options, i guess quantum crack farms are only military options