Related
Sometimes I come across an app thats not on the Android market and you have to install it manually. Has anyone come across a virus/trojan on Android yet? Im curious how easy or hard it is to modify a legit applications and put a virus/trojan in it?
Lol have not seen one yet. Android isn't that big yet so doubt hackers would really spend time putting trojans to get stuff like your email password lol.
Take everything you know about microshaft windoze and forget it. The system architecture of android is almost completely invulnerable to viruses/worms/etc.
In a typical unix system, hacks can take one of very few possible approaches;
1) service bug targeting, i.e., if one were to discover a security vulnerability in the Apache HTTP server, one could theoretically compromise it. That particular service I mean.
2) user account targeting, i.e., one could convince a user to run something dangerous, which would infect that specific user's account, of course, this attack would limit itself to damaging that user's personal data and would not be able to take down the whole system unless it also targeted a kernel or X-server exploit.
Note specifically regarding #1, that in a well configured system, that targeting a particular service would be restricted to a specific user account just as in #2 since each service runs as its own username.
3) Targeting KERNEL defects; this is perhaps the most frightening possibility. It is also the least likely since it would also require #1 or #2. Any particular kernel attack, particularly in Linux is also very unlikely to work for long due to the open sourced nature of Linux. There are a LOT more people involved in monitoring the fundamental securities of the Linux kernel than any other OS because of its open nature. It is also a source of PRIDE for kernel HACKERS that they ALSO be responsible for openly providing the SOLUTION to any exploits that they discover. And they usually do this with their REAL NAME since it basically immortalizes them. The end result is that every time a kernel exploit is discovered, it tends to be patched within hours of its first application.
Now of course you want to know how this affects Android, since by all appearances, there is no user-level security. WRONG. The Android security level is actually on par with service level security on unix servers. EVERY SINGLE application installed is granted is own user account, which means that if any particular application is dangerous, its range of damage is restricted to that particular application's private data, as well as any permissions that the application is explicitly granted (i.e. when you install an application, it gives you the required security list). There is also the very slim possibility of a kernel exploit (though this is extremely unlikely), and it could damage the data on the sdcard (since it is an MS-crap filesystem with no security restrictions).
Of course you will note that older versions of the ADP1 system image came with an unregulated 'su' command (which you could also end up with using a "cat sh > su; chmod 4755 su" root approach) which basically can be used by any application to take over the whole system. Make sure that you don't have any such su command on your droid. Either use a password-protected su command (which will cause problems for trusted apps requesting root privileges), or the gui-supported su command. Subsequent ADP1 images came with an su command that was restricted to the debugging terminal user, which is fine.
In other words... you don't have much to worry about. Just don't do anything really stupid, like installing an untrusted application that wants a boat load of privileges that it shouldn't be asking for.
lbcoder said:
EVERY SINGLE application installed is granted is own user account, which means that if any particular application is dangerous, its range of damage is restricted to that particular application's private data, as well as any permissions that the application is explicitly granted (i.e. when you install an application, it gives you the required security list).
Click to expand...
Click to collapse
Might be worth pointing out that android apps are for the most part interpreted language apps, meaning the onus of security and stability (just from an apk standpoint) falls largely on the vm. All the lower level subsystems are pretty well protected by the Linux kernel, and these have been significantly tried in fire by decades of Linux server deployment.
lbcoder said:
The system architecture of android is almost completely invulnerable to viruses/worms/etc.
Click to expand...
Click to collapse
jashsu said:
Might be worth pointing out that android apps are for the most part interpreted language apps, meaning the onus of security and stability (just from an apk standpoint) falls largely on the vm. All the lower level subsystems are pretty well protected by the Linux kernel, and these have been significantly tried in fire by decades of Linux server deployment.
Click to expand...
Click to collapse
All the points about the protection offered from the Linux kernel and the VM are valid. Computer secuity is an ongoing battle between the software originators and the hackers trying to get in. I'm not saying it's remotely likely, particularly due to the market share, but rule one in my book is don't taunt the hackers.
lbcoder said:
Take everything you know about microshaft windoze and forget it. The system architecture of android is almost completely invulnerable to viruses/worms/etc.
Click to expand...
Click to collapse
Until the Android Dev team screw up again and lets any app run in the system process when requested (which was why cupcake was delayed in the US).
thanks for the post.
I was curious if someone could unpack a .apk file and modify a application easily, say have it send personal info to xyz server instead of the server the app was designed for or send it to both servers so the user doesnt think anything is wrong.
Are the files in the .apk editable, like an .exe is compiled for windows and the .exe cannot be edited (since its machine code).
androidmonkey said:
thanks for the post.
I was curious if someone could unpack a .apk file and modify a application easily, say have it send personal info to xyz server instead of the server the app was designed for or send it to both servers so the user doesnt think anything is wrong.
Are the files in the .apk editable, like an .exe is compiled for windows and the .exe cannot be edited (since its machine code).
Click to expand...
Click to collapse
Yes, apks are basically just zip files with cryptographic signatures. If you get your apks from Market then there is little to no risk of apks being tampered with. If you install your apks from any source other than Market, then you just have to trust the source that the apk hasn't been modified. Obviously if the apk itself doesn't ask for many permissions then it shouldn't be a problem. For example if you download a game apk from a developer's personal webpage and it asks for just permission to keep the screen alive, there's little risk to your data. However if you download an app that has read/write access to your contacts, or has root access, then you better be sure that the site you get it from is trustworthy.
jashsu said:
Yes, apks are basically just zip files with cryptographic signatures. If you get your apks from Market then there is little to no risk of apks being tampered with. If you install your apks from any source other than Market, then you just have to trust the source that the apk hasn't been modified. Obviously if the apk itself doesn't ask for many permissions then it shouldn't be a problem. For example if you download a game apk from a developer's personal webpage and it asks for just permission to keep the screen alive, there's little risk to your data. However if you download an app that has read/write access to your contacts, or has root access, then you better be sure that the site you get it from is trustworthy.
Click to expand...
Click to collapse
So the files in the .apk not executables, rather interpreted with the VM? Im curious if those files can be read and changed. For instance, can someone open the file in a Java SDK and change the code? Or are those files protected so they cant be modified? For instance, could you download soundboard app from the Market, "unzip" the .apk, and put your own sounds in it?
androidmonkey said:
So the files in the .apk not executables, rather interpreted with the VM? Im curious if those files can be read and changed. For instance, can someone open the file in a Java SDK and change the code? Or are those files protected so they cant be modified? For instance, could you download soundboard app from the Market, "unzip" the .apk, and put your own sounds in it?
Click to expand...
Click to collapse
Unless the classes are specifically performing security/sanity checks, there's nothing keeping you from replacing asset files (pngs, wavs, etc) and then resigning the apk with any key of your choosing. However, altering xmls and classes is more difficult as they are obfuscated/optimized by default.
For apps distributed officially through the Android market, the only way Google can provide assurance for the app producer against tampering is app-protected folder. Of course that assumes that root access is not provided, which is most likely a prerequsite for any phone to be branded "with Google" and have Market access. From the viewpoint of the consumer, apps are guaranteed by Google against tampering only if retrieved through Market. Once the app is on the device, it is protected via Android's use of Linux user access permission model (each app is its own user). The consumer may of course alter the file him/herself, unless it is a protected app, in which case root is required.
sounds buggy. i hope not. this reminds me of when Mozilla firefox became popular i slowly starte dto see code become available to make pop ups n my belloved browser
Virus found on Android phone...
Article 1:
NEWS
An employee at Spanish antivirus firm Panda Security received a new Android-based Vodafone HTC Magic with malware on it, according to researchers at Panda Labs.
"Today one of our colleagues received a brand new Vodafone HTC Magic with Google's Android OS," researcher Pedro Bustamante wrote on the Panda Research Blog on Monday.
"The interesting thing is that when she plugged the phone to her PC via USB, her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious," he wrote. "A quick look into the phone quickly revealed it was infected and spreading the infection to any and all PCs that the phone would be plugged into."
Article 2:
Mariposa virus back on Vodafone Android smartphones
HTC Magic According to a Spanish blogger, around 3,000 memory cards supplied by Vodafone Spain were infected with the Mariposa bot client. The mobile network operator has now reportedly confirmed that these included HTC Magic Android-based smartphone models, as well as other devices. A spokesperson for the company has told CNET that it is a "local incident". Vodafone says it has identified customers that could potentially be affected and it will be sending them new memory cards. It has also offered to supply them with tools to restore the integrity of their devices.
Reports of an HTC Magic smartphone carrying the virus were first published less than two weeks ago, however the malware is not able to harm the Android smartphone itself. The bot only attempts to contact a command & control server when connected to a Windows PC. The virus should be detected by most up-to-date anti-virus solutions.
Personal take:
Interesting to note that the virus being carried on an Android phone and was used to infect PC's NOT other Android phones. It came straight from manufacturing with the virus on, so as of yet I still haven't heard of a virus that can infect an android phone.
Further more, I have seen Anti-virus software on the market place AND being offered by Norton. What do they protect against if there are no known virus threats? Do they just draw a nice pretty anti-virus logo on the screen to make you feel comfy? hehehe.
Trojans in the hacked up ROMs people are distributing
androidmonkey said:
Sometimes I come across an app thats not on the Android market and you have to install it manually. Has anyone come across a virus/trojan on Android yet? Im curious how easy or hard it is to modify a legit applications and put a virus/trojan in it?
Click to expand...
Click to collapse
I've found a trojan in at least one of the ROMs being distributed on here. Even reported directly from the developer's own file sharing site.
"Stock" ROM http://forum.xda-developers.com/showthread.php?t=2066023
Attached is a photo of the file scanned from the linked file sharing site for the KERNEL he wants you to INSTALL!!
Click the link to JB_KERNEL_3.17.841.2_EVITA_Init.d_Support_Installer.zip - 8.54 MB in that thread and see for yourself.
Be careful what you install on your device. ANDR.Trojan.GingerBreak takes full administrative control of your device and downloads more trojans to siphon out your private personal data.
Hi,
I got a few spare androids' and i'm considering giving them to my kids (11 and 12) to play around with it and enjoy the android experience. however I don't want them being able to put 3rd party applications. how do i go about removing the option of "unknown sources" and maybe wifi from the settings.apk.
I'm not new to java and xml but sort of new to android development, I've tried several ways to remove it from the apk only (ark, ddx, baksmali, apksign) I did it in so many ways that i can't remember them all. I've also tried to decode the apk with apktool, ddx, baksmali, and creating a new project from existing source in eclipse, and I couldn't figure out what parts I have to modify to get it working (i kept on getting errors in eclipse so i wasn't even able to compile and test it in DDMS-eclipse).
Also i would like to know if maybe it is necessary to port the whole kernel source into eclipse?
I've searched all over the internet for a information for this specific thing and I couldn't find anything.
Btw, I'm using nix lucid.
Thanks In advance.
any help would be appreciated!
how about flash the supere rom without the google apps? that way they wont be able to access the market..
lagu805 said:
how about flash the supere rom without the google apps? that way they wont be able to access the market..
Click to expand...
Click to collapse
I know, the problem is not the market, i can pull it out from the phone with adb in a second w/o superE, but they can still install stuff on it with a sd card, and I would hate to not put in a file browser on the phone.
I think it would be a good idea to make a rom that's made for kids, for playing games and stuff without me worrying about it.
I'm sure that they will try to figure out a way to get around the "no market on the phone" and I should not underestimate a kid (even a 12 year old). I've seen him getting around lots of technological obstacle's.
I think that the world could use a kid's version of android, you know, get them hooked when they're young. The last thing i would like to hear from my kids is talking about iPhone or Windows. We're all linux in our house
Interesting. I too gave Magics to my 11 & 12 yr olds, one without a data plan and the other without a SIM at all. I think the right way might be multiuser like we already do on the desktops. Sudo would be a nice touch but I'd be happy to login as admin to install or whatnot.
Multiuser is something I'd like to see anyway with most or some settings on a per user basis. Or at least just for security, normal login can't do critical tasks that might cause issues. I think we'll hear about this again once we hear about some seriously dangerous apps/scams/viri on the phones.
In the meantime your best bet is education and rules about what can and can't be done. Then once per week or so you take the phone and check things out, update as needed, etc. So far my kids have little interest in breaking the rules and are happy browsing the market for fun things.
I think the only way to achieve this is to download the AOSP, edit the sources to remove the options and then compile your own ROM.
3rdcoast said:
Interesting. I too gave Magics to my 11 & 12 yr olds, one without a data plan and the other without a SIM at all. I think the right way might be multiuser like we already do on the desktops. Sudo would be a nice touch but I'd be happy to login as admin to install or whatnot.
Multiuser is something I'd like to see anyway with most or some settings on a per user basis. Or at least just for security, normal login can't do critical tasks that might cause issues. I think we'll hear about this again once we hear about some seriously dangerous apps/scams/viri on the phones.
In the meantime your best bet is education and rules about what can and can't be done. Then once per week or so you take the phone and check things out, update as needed, etc. So far my kids have little interest in breaking the rules and are happy browsing the market for fun things.
Click to expand...
Click to collapse
well, it is just a nix and SUDO should be possible, but setting this up is a quite a project and I don't think this is a one day project.
As for educating, I think they know right from wrong and I don't think that they will willingly break the rules, the market however is full of apps that are not meant for young kids..... what do you think they're going to do when they bump in to one of those apps? .
Actually what i wanted to do is to give them a phone with a line and no data plan so they can play games or watch movies, If the kids want to use the internet, there are more than enough boxes at home they can use. This phone is strictly for voice text and games.
What I want to accomplish in general, is having a child safe phone, and have the other parents here who want their kids to have to have an android, enjoy it. My way of giving back to the community.
But to have a phone that will be suitable for the purpose (not just for my kids) the data has to be completely disabled, and wifi is going to be the issue. putting on an encryption on wifi is a joke, ever heard of aircrack? I'm sure there are lots of determined horny 15 year olds that will get around that. (am i paranoid?)
Case_ said:
I think the only way to achieve this is to download the AOSP, edit the sources to remove the options and then compile your own ROM.
Click to expand...
Click to collapse
That's exactly what i want to do. The question is how do I do it?
Again, I'm not a complete noob, I just never played around with android as an OS. so if I can have the first push here here what I'm supposed to do to start this I would really appreciate it.
As I've said in my first post, I tried a few things and i couldn't get it right. what part of this don't i get??
Thanks a lot.
well your not even going in the right direction..
do you have an IDE with compiler and the android SDK all set up? then you can check on dferrera post on how to compile android from source... its listed in this forum.. please search
if your not a programmer or have no idea what classes - functions etc are then this might now be an option for you that is something you can be instructed on
you are going to need to learn to compile android from source and modify it, this is a very big task mate - be prepared, and no one can answer all the questions for u
alan090 said:
well your not even going in the right direction..
do you have an IDE with compiler and the android SDK all set up? then you can check on dferrera post on how to compile android from source... its listed in this forum.. please search
if your not a programmer or have no idea what classes - functions etc are then this might now be an option for you that is something you can be instructed on
you are going to need to learn to compile android from source and modify it, this is a very big task mate - be prepared, and no one can answer all the questions for u
Click to expand...
Click to collapse
Thanks for the reply, but i can't seem to get java5 working on 10.04 (the 10.04 repos have only java6 but i did add the old repos and ran in to some issues), I had it working on 9.04 though. anyone made it run on 10.04? or should I downgrade (or run it in VB) to 9.04/.10?
k50aker said:
Thanks for the reply, but i can't seem to get java5 working on 10.04 (the 10.04 repos have only java6 but i did add the old repos and ran in to some issues), I had it working on 9.04 though. anyone made it run on 10.04? or should I downgrade (or run it in VB) to 9.04/.10?
Click to expand...
Click to collapse
Add these 2 lines to the end of /etc/apt/sources.list file
Code:
deb http://pl.archive.ubuntu.com/ubuntu/ jaunty multiverse
deb http://pl.archive.ubuntu.com/ubuntu/ jaunty universe
then do:
Code:
sudo apt-get update
sudo apt-get install sun-java5-jdk
@k50aker
Hiding Wifi and other things should be quite easy task, but... how do you want to protect against system reinstallation? They could download any ROM from internet and install it in just 10 minutes. Backuping is easy too, so they could have 2 systems installed and switch between them when their dad comes home.
Android phones aren't desktops. You can't have root and don't give it to other users of a device.
Mod. edit: not dev related, moved to general
I wouldn't want to hide WiFI, the device is useless without connectivity, much cheaper toys out there for that if I wanted stand alone.
My two children each have a Magic and this is my experience, none of the worries that many parents seem to fear. They are well behaved and so far no problems and they are ready for 2.1 since 1.5 is just too confining even for them. Education goes a long way.
The best choice I made was to not put a SIM in one of the phones. WiFI is ideal since she is nearly always in a zone. This has gotten her used to IM instead of texting. Same effect but costs nothing. A SIP app works almost as well as SIM voice. Someday I'll do a data only SIM so she has total coverage, she'll understand that heavy data is to be done over WiFI and cell data is for VoIP and for times when it is really needed and can't wait.
However it would be nice if there was a limited setting requiring admin password for certain functions. But really, there hasn't been any problems but my kids might be grateful enough to not abuse the rights I give them. Best advice besides education if they are very young is to not SIM until after they get into the alternatives and not be addicted to texting. The older one has learned to watch her usage patterns and has to pay if she goes over budget.
Switch33 said:
Add these 2 lines to the end of /etc/apt/sources.list file
Code:
deb http://pl.archive.ubuntu.com/ubuntu/ jaunty multiverse
deb http://pl.archive.ubuntu.com/ubuntu/ jaunty universe
then do:
Code:
sudo apt-get update
sudo apt-get install sun-java5-jdk
Click to expand...
Click to collapse
those ropes are for jaunty not for lucid, and I have tried that before anyway and this is what i get:
Code:
desktop:~$ sudo apt-get install sun-java5-jdk
Reading package lists... Done
Building dependency tree
Reading state information... Done
sun-java5-jdk is already the newest version.
The following packages were automatically installed and are no longer required:
libwv2-4
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 11 not upgraded.
1 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up sun-java5-doc (1.5.0-19-0ubuntu0.9.04) ...
This package is an installer package, it does not actually contain the
J2SDK documentation. You will need to go download one of the
archives:
jdk-1_5_0-doc.zip jdk-1_5_0-doc-ja.zip
(choose the non-update version if this is the first installation).
Please visit
http://java.sun.com/j2se/1.5.0/download.html
now and download. The file should be owned by root.root and be copied
to /tmp.
[Press RETURN to try again, 'no' + RETURN to abort] no
Abort installation of J2SDK documentation
dpkg: error processing sun-java5-doc (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
sun-java5-doc
E: Sub-process /usr/bin/dpkg returned an error code (1)
Brut.all said:
@k50aker
Hiding Wifi and other things should be quite easy task, but... how do you want to protect against system reinstallation? They could download any ROM from internet and install it in just 10 minutes. Backuping is easy too, so they could have 2 systems installed and switch between them when their dad comes home.
Android phones aren't desktops. You can't have root and don't give it to other users of a device.
Click to expand...
Click to collapse
You are right, but one of the later steps I thought about would be a custom boot and custom or no recovery. But I will figure that out later in the project.
But i will probably change my direction on this (wifi etc.) based on what you guys say.
Anybody else upset that you cannot root the device and install common linux shell utilities on it such as ssh, curl, etc? I created a petition for google to create a set of shell utilities for all android owners, regardless as root. Even without root, there is no reason we can't use ssh. This is common on most linux hosts. Please have a look and consider signing the petition, or give me feedback.
https://www.change.org/p/google-inc...utm_source=share_petition&utm_medium=copylink
nothing stops you from making this yourself, or using one of the existing ways to run a ssh server
Terminal IDE provides lots of GNU utilities, but hasn't been updated for 5.0 compatibility https://play.google.com/store/apps/details?id=com.spartacusrex.spartacuside&hl=en
SSHDroid provides a SSH server https://play.google.com/store/apps/details?id=berserker.android.apps.sshdroid&hl=en
Hi #Sual, while you are correct, SSHDroid provides an SSHd server, However it does not provide a native ssh client, I could run through the connected device. I have tried many things suggested by users, but none of them offer a set of shell utilities I can run from the android host shell itself. Did you have a chance to read through the petition and fully understand what I'm requesting. Similar functionality would come from dan drowns android ports, or lil debi, or busybox, but all require root. Finally the fact things aren't updated for 5.0 compatibility, underscores that There is a reason that people desire this functionality on the device itself. Thanks for your feedback.
Saul Goodman said:
nothing stops you from making this yourself, or using one of the existing ways to run a ssh server
Terminal IDE provides lots of GNU utilities, but hasn't been updated for 5.0 compatibility https://play.google.com/store/apps/details?id=com.spartacusrex.spartacuside&hl=en
SSHDroid provides a SSH server https://play.google.com/store/apps/details?id=berserker.android.apps.sshdroid&hl=en
Click to expand...
Click to collapse
There are ways to run Busybox without root. Here's an app that makes it dead simple: https://play.google.com/store/apps/details?id=burrows.apps.busybox. I've used it on my XT1528 (Verizon Moto E) with great success.
There are also ways to run Debian without root, like KBOX: http://kevinboone.net/kbox3.html
I couldn't read your petition because the link is bad.
But I don't know why this is something you feel is owed to you by Google. I agree that it'd be useful, but it's totally not something I'd expect to be part of a mobile platform at all. It's clearly something you could make on your own. If existing solutions require root, it's in part because that makes it easier or because their creators assume that everyone has root.
ecaslak said:
There are ways to run Busybox without root. Here's an app that makes it dead simple: https://play.google.com/store/apps/details?id=burrows.apps.busybox. I've used it on my XT1528 (Verizon Moto E) with great success.
There are also ways to run Debian without root, like KBOX: http://kevinboone.net/kbox3.html
Click to expand...
Click to collapse
Hi @ecaslak ,
I will try your suggestions. Most recently I've tried GNURoot Debian, which uses proot. However I was unable to use the open ssh server I installed on it. However, I will still stand by my petition.
A significant portion of the Android community spends great effort trying to root their devices, many with only the desire for common functionality that we have from any core linux distribution. While having root itself on a device would be great, it should be expected that google provide all device owners with basic functionality found in most core linux distributions for the last 20+ years. Not including an option for basic user utilities ( ssh / wget or curl / most of what is included in busybox, a fairly powerful common shell such as bash or similar ) , that most non-root accounts have on practically all systems, limits the freedom of expression and ability to create that users have come to expect from a GNU Linux distribution.
While root can be enjoyed on many devices, this is often only available to a small segment of the population who either pays a significant amount more for a unlocked device with a free bootloader, or spends a significant amount of time trying to root their device. Android does seem to provide a small set of simple userland utilities such as ls, cat, but not much beyond that. This is a request to provide a set of utilities similar to what is found on most any common Linux distribution.
While their is some concern for manufacturers or communication companies to lock their users devices down, there should be no concern allowing basic utilities on all android devices. To be specific, what harm does allowing somebody to download a file through a terminal using wget or curl, or to ssh into a host , or the phone itself? Similar functionality to these kind of operations are provided to developers in the form of the Android SDK, and or libraries and programs that can be installed on all android platforms. However having simple system shell utilities is quite different that writing an application. Then there should be no harm in making them more accessible to the Android community, in said form. Finally the communications companies will benefit from increased usage, and therefore data billings from providing these features.
This petition requests that Google compile / create / maintain / distribute a set of common linux shell utilities to be included with the device, or provided through the play store for all Android versions moving forward. The people who are signing this petition believe that any owner should be able to use common *nixy functionality on any personally owned android device, regardless of device manufacturer or communication company.
Furthermore, we believe that by creating a standard distribution for these tools will reduce the effort of many people doing the same thing in their own time. That a standard will improve the tools themselves, and improve the Android experience to the community at large.
Google Android has stood on the back of giants, and taken the Linux kernel and wrapped a nice system and SDK around it, with the exception of removing some of the core functionality included in most any Linux system. Thus Android is significantly limiting the freedom of users. This is a proposal for the middle ground, which will allow a better system for everyone, even people who have no root or unlocked device.
Finally I Had a look at the kbox project, I think this sentence from their site underscores the challenge users face:
"Android is not Linux, as Google repeatedly tells us — and getting ordinary Linux desktop utilities to work in Android can be a chore, to say the least."
Hi @sual, I believe change.org is having some issues with their servers the past few days. Sorry for the dead link. I re-posted above and found it working. I also pasted the petition arguments above. It is my belief that if enough people desire a feature, then it is reasonable to ask Google to provide such a feature. I think it's reasonable to create a petition for something you believe in. Finally I appreciate your feedback, and have considered your point of view.
Saul Goodman said:
I couldn't read your petition because the link is bad.
But I don't know why this is something you feel is owed to you by Google. I agree that it'd be useful, but it's totally not something I'd expect to be part of a mobile platform at all. It's clearly something you could make on your own. If existing solutions require root, it's in part because that makes it easier or because their creators assume that everyone has root.
Click to expand...
Click to collapse
Finally, another link in case the copy link from the change.org platform is broken.
https://www.change.org/p/google-inc...-linux-shell-comands-for-the-android-platform
Incredibly few Android users root. And Android is not a traditional Linux distribution; it's a mobile OS that happens to use the Linux kernel. GNU/Linux distributions contain all these common tools because large essential portions of them are written in scripting languages and because they are needed for operation of the system. These things are simply superfluous in Android.
Google hasn't removed any functionality from a Linux distribution in the building of Android. They build a totally different system using Linux as the kernel. and have no need to include other separate components that comprise a standard Unixlike environment Just like all kinds of other embedded devices do. In this sense, Linux is a commodity OS kernel that competes with other open-source and proprietary ones. Furthermore, Android in particular depends on non-POSIX mechanisms like wakelocks and SELinux and uses an unPOSIXlike approach to isolate different apps (different uid per app).
I suggest you start writing code or organize a project and recruit developers to build this.
@sual Developers have already built plenty of Android binaries. I can build em. Look here: http://dan.drown.org/android/ . There are busybox sets all over the play store. The problem remains that they are usually crippled if installed without root. Crippled beyond the point of what you can do with a user account in most Linux environments. I thought the desire for this would be greater, but maybe I'm just an odd fish. I should save up and look for a platform that meets my wants and needs.
If tools running as a non-root user on Android seem more crippled than a non-root user on a typical Linux distribution, it's because Android uses a different UID per app for isolation purposes. Which is a good thing. Hence the existence of the "system" user on Android, accessible via adb, which has many more permissions than available to any particular app. Making even this set of permissions more widely available to apps would be a security nightmare, there's a reason you have to deliberately turn on developer mode then again enable ADB, and a reason why you (afaik) have to have root if you want to enable ADB over wifi on the device itself.
With that said, you should be able to package your own tools and run them via the adb user on any Android device, no?
I just got a Shield TV, and I love it. I'm probably going to root it tonight to tinker further.
One issue I have with it is how annoying it is to configure, side-load apps, upload files to, etc. I'd love to have a web console for it, and I'm willing to do most/all of the heavy lifting for the front-end and server-side web development perspective. I'm going to need help on other fronts, however.
I'm a full-stack web developer. Most of what I've done professionally is PHP, but I'm not married to that. I'm also pretty good at configuring apache/nginx/ha-proxy/etc. Though once upon a time, I wrote front-end applications in Java and C++, that's ancient history, and I don't really have time to re-learn those skills and the Android SDK. Also, I'm not much of a designer, so unless I'm just using a pretty stock framework like Bootstrap, I'll need someone else to provide the art.
What I'm envisioning is an app that we can have in the play store that has a very simple UI to:
- install an SSH server
- install bash
- install web server/app server
- install DDNS client
- launch server on boot
- check server for new versions of the software it installed
Stuff I want the web interface to do:
- install/uninstall apps (file submission, URLs, etc.)
- 1-click installs of common things people want (Kodi, Amazon Prime Video, etc.)
- start/stop sshd
- manage mounting/unmounting NFS/AFS/CIFS/etc. shares (is this even possible on Android?)
- restart the device
- configure most settings on the device, including some hidden stuff
- file management
So, what I can do:
- script the download/install/upgrade of stuff on already rooted box in bash
- write back-end web code in PHP, Python, or Go
- write HTML/CSS/JS for front-end
What I need help with:
- writing the Android TV app to trigger the install script
- some help understanding/bootstrapping the process (what's installed by default on Android? What's the minimum we can get away with? Do we need Python?)
- someone to design the app (honestly, this can wait until we've got a baseline functionality if we like)
Anyone interested in joining me?
I'm leaning towards Go for the web app, because the binary can (in theory) be deployed standalone, and can be its own web server, obviating the need for apache or nginx or whatever. Also, performance and memory utilization -- PHP and Python are fairly expensive to run, and this is a really minor background thing.
This would be open source on Github.
While I unfortunately don't have a machine to helpwith code, nor the time for the code, I thought I'd give you a dev/modders look on the possibility/dificulty of things. Please don't think that I am discredditing this idea, in fact, I like it. Just want to passibly help you consider dev order and dificulty oy each item as listed, and hopefully add my own as others may have interest.
- install/uninstall apps (file submission, URLs, etc.) <-- Would be pretty easy. Users should provide apks, or you'll need a site that stores a lot of them.
- 1-click installs of common things people want (Kodi, Amazon Prime Video, etc.) <-- Similar to last point. You'll have to have a mirror of updated apks, weather you or another host provides it. You'll probably need a web scraper if going to an external host.
- start/stop sshd <-- I suggest dropbear, even if it's not my cup of tea. It can be easily found in other apps and should find code in open source ones to get you started.
- manage mounting/unmounting NFS/AFS/CIFS/etc. shares (is this even possible on Android?) <-- can be done. Check Kodi or other open source apps for code, though there are usually caviats to each approach. Luckly Android has fuse in most kernels these days.
- restart the device <-- Very easy
- configure most settings on the device, including some hidden stuff <-- Gonna be a long process, but you can probably reverse engeneer the apks and parse the XML files for a shortcut.
- file management <-- Super easy. Use the ssh server, or adb connection.
Over all, I think a lot of this is possible. Luckly these machines have the beef for a web server, and several are ported last I checked, though they may be out of date. Even still, check their codebase for a massive head start as they are mostly required to keep open source by licence (Apache excluded, though some still are). I would also suggest these features as they would be somewhat easy to imprement once the base file management is started, and would broaden the scope to bring in more users, support and interest, and hopefully devs.
-Rom Manager for emulators.
Mass File Renamer based on Filebot (Both are java, so should not be TOO hard to port) as many buy this box for Kodi.
I'll think of more.
I'm not an app dev, though I do rom modding and sometimes porting, and I can offer insite to things, so if you have questions on specifics, please pm me. If I get some free time, and a dev machine, I'll let you know antd get things going in the right direction. May also want to, once this idea is flushed out, post something in a more general android TV/ App Development thread for cleanness and to get devs on board (don't post in dev till there is code to show on github though please.
Something like remix os would be nice, this x1 has a lots of power
Sent from my trltetmo using Tapatalk
This is a great idea. This device is in serious need of developer attention. Im not a dev at all but Ive gotten pretty familiar with this device and Android OS in general, especially after spending so much time digging around trying to make android things happen that apparently were not indended for Android TV. I will be more than happy to be a tester and keep up so as to offer any ideas and some of the ways Ive found to do stuff.
@kdb424 - Thanks for the info. I'm working on a prototype right now. First build is going to list a bunch of stuff from the setting status, and allow you to reboot the device. I'll post the Github repo when I have that.
Great ideas!
There is a tool sorta in development already that does a lot of this (I've mentioned it on the Shield Zone a couple of times)
https://sites.google.com/site/nvidiashieldtvutilityapp/home/
My main needs (personally) is a means to move files to and from and my current solution is a free FTP server that works even when the Shield TV is sleeping.
https://play.google.com/store/apps/details?id=com.theolivetree.ftpserver
... works very well despite having to side load, has a terrible interface, etc. Set and forget. What's great is, I can use my file-manager-on-steroids Directory Opus to manage files since it is a standard FTP connection.
@darkuni - Yeah, I saw that, but I've got no Windows PC's in the house -- 2 Macs, a Chromebook, a Linux server, phones and tablets. I'm an old-school UNIX guy, and Windows doesn't strike my fancy. Plus, it seems like the sort of thing a web app is best for. No need for a fat client.
darkuni said:
Great ideas!
My main needs (personally) is a means to move files to and from and my current solution is a free FTP server that works even when the Shield TV is sleeping.
https://play.google.com/store/apps/details?id=com.theolivetree.ftpserver
... works very well despite having to side load, has a terrible interface, etc. Set and forget. What's great is, I can use my file-manager-on-steroids Directory Opus to manage files since it is a standard FTP connection.
Click to expand...
Click to collapse
Thanks for that I'll give it a go. I use ES file manager currently but it closes the server when you exit the app. Will also try this on a couple of FireTV Sticks I have dotted around the house as Kodi boxes :good:
SADLY I AM LEAVING THIS PROJECT FOR A SHORT WHILE
THIS VERSION DEPRICATED, V2 CAN BE FOUND AT http://empyreal96.github.io WITH FULL GUIDE
##THIS IS NOT A PIRATED VERSION I WILL NEVER SUPPORT PIRACY OF ANY KIND.. ACTIVATION WILL BE NEEDED IF NOT USED WITH WOA DEPLOYER (link to WoAProject page at bottom)I AM NOT AFFILIATED WITH WOA PROJECT##
This is a guide for using my optimized version on Windows 10 Home ARM64 for our Lumia 950/XL's, reason behind me making this is inspiration from gilius over on woaproject.net with his WoALite, but I found some things that slow down my Windows Experiences when using it on my Lumia 950 XL, so I used Windows built-in DISM tool to modify and change things in a retail iso (17760.1.180911-1415.RS5_RELEASE_CLIENTCORE_OEMRET_A64FRE_EN-US) which can be obtained following WoA Projects method (Links will be at bottom), I will get around to Screens from the device at a later stage, for now I have listed everything changed so far and will update as I progress, if this gains traction I will move to the DevDB section.
I am currently testing it as you read this but I will say this is classed as unstable, I am having few issues sudden reboots, shutdown not shutting down.. but as the WOA Project is unstable and the Drivers they provide are still in-development. I will not be responsible for anything gone wrong, make sure to make a full image backup of your device (With Win32DiskImager) in Mass Storage Mode if you are unsure. If you are new to installing Windows ARM on Lumia, follow WoA Project's guides as they have links and guides to help you step by step. Status on what works and what doesn't hardware wise is stated on Woa Website
INSTRUCTIONS(Download links at the bottom):
You will need the 'install.wim' from an unedited 17760 (1809) ISO because WoA Deployer doesn't agree with my version, if unsure follow WoA's guide to obtain the required files.
[*]Make sure you have the 'stock' install.wim from ISO and the Version1.wim downloaded and in the SAME folder.
[*]Open WoA Deployer and Connect your device. Browse for the Wim files from Step 1, select and open the 'Stock' install.wim
[*]When WoA detects the 'Stock' .wim and says "Windows 10 home 17760', go to the Explorer folder with the WIM files and rename install.wim (E.g installbak.wim)
[*]Rename Version1.wim to install.wim
[*]Go back to WoA and Start deployment, hopefully all should go well
Note: You may encounter, after finishing deploy and drivers have been injected, an error saying invalid .WIM file.. this is expected because of my edited install.wim, I am looking into fixing that, but the deployment will still be successful.
ISSUES:
1. If you encounter a boot loop/Never reach the Windows boot screen (Circling dots) then replace the 'bootaa64.efi' found in the phone's drive named SYSTEM: .\EFI\Boot\ with the bootaa64.efi in the link at the bottom. you will need an Elevated Command Prompt session to do this bit or you could use Explorer++ as Admin to replace the file
2. Expect some UWP apps to be broken in some ways, it cannot be helped with how windows integrates with all its services and packages, i.e any MS Store apps that require Cloud syncing with OneDrive
3. Windows Error Reporting seems to still be working because it has collected 1.5 GB over a couple days of use, I am working on fixing that
PLEASE if you are willing to test this, tell me any issues you find with edits I made or anything you want me to remove! and share your experience with it! I will keep on improving and most likely change to a more recent build (19h1) in the future
DOWNLOAD:Version1.wim, changelog and alternate bootaa64.efi:
https://drive.google.com/drive/folders/194O_fnSx36i9pE2ZoD2HyCdHAGeZdQJp?usp=sharing
Feel free to join my Facebook Group on Windows ARM for help, tips and discussions! (Not affiliated with WoA Project)
https://facebook.com/groups/172181590537251
Credits:
WoA Project for doing the hard work on porting Drivers and UEFI to our Lumias, as well as their software and guides:
(https://woa-project.github.io/LumiaWOA/)(https://github.com/WOA-Project)
I did not and do not have and affiliation with WoA Project, Microsoft or any other company, the edits I made to the install.wim can be learnt from the Microsoft Website or other developer sites. Again I do not take responsibility for any damage, you willingly try this out knowing the process of deploying windows using software stated, or the intent to learn and follow proper guides before mine, This will void warranty completely. enjoy!:laugh:
Changelog V1:
Appx Packages Removed:
Bing Weather
MS Get Help
MS Get Started
MS 3d Viewer
Office Hub
MS Solitaire
Sticky Notes
MS Office OneNote
MS Print 3D (Removed but still appeared in Start Menu)
SkypeApp
MS Windows Feedback Hub
Windows Maps
Xbox TCUI
MS XboxApp
MS XboxGameOverlay
MS XboxGamingOverlay
MS XboxIdentityProvider
MS XboxTextToSpeech
Taskbar Settings:
Cortana Hidden by default.
Task View Hidden by default.
People hidden by Default.
Windows Theme Settings:
Show Colour on Start, Task bar, Windows frames etc by default.
Disable Transparency by default.
Security Setting changes:
Change UAC Behaviour to Never notify (This will put you at risk if you download and run software from questionable sources that may have viruses, this is a personal preferance to me because the fade with the UAC window annoys me, will change later if people don't like it)
Disable SmartScreen Filter
Disable Windows Defender (If you NEED antivirus then try find an alternative, I may show how to re-enable it later on if needed)
Start Menu and Windows Experience Settings:
Disabled suggestions on Start Menu
Disabled ads from Windows Store
Disabled 'Get Suggestions using Windows'
Disabled automatic installation of recommended apps
Disabled Game Recorder
Disabled OneDrive (Will break MS Store apps requiring OneDrive for Cloud sync)
Disabled Cortana
Explorer Settings:
Open File Explorer to This PC by default.
Show Extensions for all files by default.
Show all hiddden files by default.
Show Complete Path in Explorer by default.
Disabled Audio and Video file previews
Disable showing Frequently and Recently used in Quick Access by default.
Desktop:
Show My Computer, Control Panel and User Folder on Desktop.
Context Menu:
Disable Scan with Windows Defender.
Disable Paint 3D option.
Windows Update:
Never check for updates
Don't include Drivers in updates
Services Disabled:
Remote Registry
Diagnostic Service
Windows Search (May cause some Windows Store apps to fail)
Customer Experience Improvement
Windows Features:
Disabled/Removed:
Internet Explorer 11
Windows Media Player
Print and Document Services
Print to PDF
XPS Document Writer
Windows Search
Work Folders Client
Enabled:
Legacy Components/DirectPlay
Windows Subsystem for Linux
.NET Framework 3.5
Optional Featues:
Disabled:
Internet Explorer 11
Windows Hello Face
Windows Media Player
MS Exchange and Mail Sync engine (Affect UWP Apps)
Misc:
Disabled Automatic Restart on BSOD
Disabled Hibernate and Hiberboot
Disabled 'Component Based Servicing', 'Delta Package Expander', System and 'Acount Login' Logging
Disabled Component Based Servicing Backup
OneDrive setup Disabled on First Boot/New User
Planned for next update: Removing remaining apps I consider not needed, starting disabling of Diagnostic services and Win Error Reporting, Disabling unneeded services (will actually remove some services in future releases), slim down install.wim file size and post install size.. this will be released to my FB Group first to test, but no ETA for the Group or here.
I tested this on my 950 XL and it runs good there are a few issues with Windows Update still running but it's a lil bit more responsive.. when is next update??
MrFloaty said:
I tested this on my 950 XL and it runs good there are a few issues with Windows Update still running but it's a lil bit more responsive.. when is next update??
Click to expand...
Click to collapse
Glad to hear you're testing it! ?
I did also discover that the update service is still starting up, I think it's tied into how MS Store launches on first install to update the metro UI apps but I am working on it more!
No idea when next release is yet, I'm testing my offline version 2 and broke the store from installing apps.
I have migrated the project over to http://empyreal96.github.io as it's easier to maintain
Version 2 has been uploaded, with FULL guide, screens, links.
Now based of an 18xxxx insider preview build
Lumia 950
Hello
I was planing this for a long time, since first news were coming about Windows ARM on Lumias, and for the first install I tried with your version V2 on Lumia 950 (not XL).
Hands down for you work here. In general it works, quite smoothly also.
But I did have an issue during Windows account creation (after deployment was already done).
I received error "oobelocalhello". I had an option to try to create account again (but that didn't fix it) or to continue. The next step was Services, which didn't finish after more than half an hour, it was just running without end. Even a few reboots didn't solve the issue, although I noticed, user accounts were actually created, because I couldn't use the same usernames again.
To overcome this I opened cmd (Shift + F10), manually created account with below commands and restarted.
net user administrator /active:yes
net user /add owner mypassword
net localgroup administrators owner /add
cd %windir%\system32\oobe
msoobe.exe
(taken from https://www.tenforums.com/windows-i...s-cant-get-past-oobe-stage-3.html#post1783967)
Wifi works, usb charging and mouse (over continuum) works. Your scripts didn't cause BSOD, so that's good .
Should phone calls also work? In https://woa-project.github.io/LumiaWOA/status/ is stated phone calls are supported up to build 18363, and your build is 18965, so I assume it's not a problem at my end.
Would be nice to have a remote desktop server installed to work and test the phone somewhat easier (I'm just trying with tightvnc, but is rather slow).
Thanks again for your effort.
In case you plan to continue with your work here, let me know.
spaceKomet said:
Hello
I was planing this for a long time, since first news were coming about Windows ARM on Lumias, and for the first install I tried with your version V2 on Lumia 950 (not XL).
Hands down for you work here. In general it works, quite smoothly also.
But I did have an issue during Windows account creation (after deployment was already done).
I received error "oobelocalhello". I had an option to try to create account again (but that didn't fix it) or to continue. The next step was Services, which didn't finish after more than half an hour, it was just running without end. Even a few reboots didn't solve the issue, although I noticed, user accounts were actually created, because I couldn't use the same usernames again.
To overcome this I opened cmd (Shift + F10), manually created account with below commands and restarted.
net user administrator /active:yes
net user /add owner mypassword
net localgroup administrators owner /add
cd %windir%\system32\oobe
msoobe.exe
(taken from https://www.tenforums.com/windows-i...s-cant-get-past-oobe-stage-3.html#post1783967)
Wifi works, usb charging and mouse (over continuum) works. Your scripts didn't cause BSOD, so that's good .
Should phone calls also work? In https://woa-project.github.io/LumiaWOA/status/ is stated phone calls are supported up to build 18363, and your build is 18965, so I assume it's not a problem at my end.
Would be nice to have a remote desktop server installed to work and test the phone somewhat easier (I'm just trying with tightvnc, but is rather slow).
Thanks again for your effort.
In case you plan to continue with your work here, let me know.
Click to expand...
Click to collapse
Glad to hear your experience and that someone has tried it!
I think the issue there is I removed some services to do with the initial setup, and the services I did notice a few mistakes I did (I think) and should be fixed in version 3(fingers crossed)
Yeah I didn't keep keep cellular in mind I feel I should have, I don't know about Version 3 and cellular because I'm gunna test the most 'stable' build beforehand
And with the scripts I tested on all of my laptops etc because I was worried I would mess stuff up if not, I have uploaded all the scripts used in V2 to my github aswell so it's easier to see the contents and what they do
I will be coming back an tweaking this at some point and will properly update the OP, gotten a bit sidetracked with Linux on 950 and other devices but I do want to add remote desktop back because I agree it would be handy!
will testing soon
hooooossamq said:
will testing soon
Click to expand...
Click to collapse
Sadly this has been abandoned for a long time, so I don't know if you will see benefits over using a more recent W10 image
Empyreal96 said:
Sadly this has been abandoned for a long time, so I don't know if you will see benefits over using a more recent W10 image
Click to expand...
Click to collapse
Hmm..is there any win10 arm64 image you recommend?