Trusted Mobile Device: How hard could it be?Current Working Directoryhttp://current.workingdirectory.net/posts/2016/trusted-mobile-device/Current Working Directoryikiwiki2016-09-25T16:16:26ZSnooperStopperhttp://current.workingdirectory.net/posts/2016/trusted-mobile-device/comment_1_2e020c239681fac6673199b64cda59be/Anonymous2016-09-01T11:46:12Z2016-09-01T05:31:38Z
Try SnooperStopper to change the encryption password. It works fine for me on CyanogenMod 13.
microghttp://current.workingdirectory.net/posts/2016/trusted-mobile-device/comment_1_917e36d8a00411401d7b325427a6bdc0/Anonymous2016-09-01T11:46:12Z2016-09-01T10:20:05Z
For what it's worth, I run microG on Cyanogenmod. ~~ baloo@ursamundi.org
microG on CyanogenModhttp://current.workingdirectory.net/posts/2016/trusted-mobile-device/comment_1_e196c9687b97c098af829675dcc8377f/Anonymous2016-09-09T13:46:35Z2016-09-02T11:24:47Z
<p>Personally, I use CyanogenMod 13 (not on a Nexus device, though) with full-disk encryption (although not hardware-backed), using a somewhat long password (not PIN) which is also used for screen locking.
Regarding microG, I enabled signature spoofing by patching and rebuilding CyanogenMod, it seems cleaner than messing with Xposed and such…</p>
comment 4http://current.workingdirectory.net/posts/2016/trusted-mobile-device/comment_1_74554ec399ba4a402f06c5943a47f804/Anonymous2016-09-15T00:56:10Z2016-09-14T19:04:41Z
<p>The <code>vdc</code> command is wrong, it should be sth like <code>vdc cryptfs changepw password <password></code>. Not sure what actually happened with your command, but you can guess that the password arg is required as else the system can't know if a password should be presented with numpad or password (or swipe-code) entry. For more surprise, the exact command changed in Android 6.0, it was <code>vdc cryptfs changepw password <password in hex></code> before. Took me quite some time after I upgraded, but atleast I was still able to use the phone.</p>
<p>Regarding root/SuperSU: omnirom is focussing on openness, privacy and security. Most root solutions for Android are known to be vulnerable to some attacks, the only exception being SuperSU, which is not open-source (afaik). Thus none of the existing root solutions was usable for omnirom and as such it is not included. I did not install SuperSU or any other root solution on my phone and it worked out rather good. There are only very few commands I sometimes use that require root permissions (password changing for example) and I can happily use them over the ADB tool from my pc. You need to call <code>adb root</code> to gain root privileges on omnirom devices, this is to restart adbd (the corresponding on-device daemon) with higher permissions. You should reboot afterwards to put it into low-permission mode again for security reasons.</p>
my own experimentshttp://current.workingdirectory.net/posts/2016/trusted-mobile-device/comment_1_eaa0c4576797b658fbd776033fbff082/Anonymous2016-09-25T16:16:26Z2016-09-24T22:01:24Z
<p>hi jamie!</p>
<p>you may be interested in my own experiments with those very issues. i have documented my work on a specific phone (the HTC One S "ville") in my <a href="https://anarc.at/hardware/phone/htc-one-s/">own wiki</a>. it's kind of too bad this information is spread all over the place like this, but I felt I just wanted to jot down notes as I went along, because I consistently had to start from scratch over and over again, and always forgot how. the notes are really a bit of a mess, but I hope they can be useful for you...</p>
<p>I am currently using this phone without any google proprietary apps, at least as much as possible: CM itself ships a <a href="https://github.com/CyanogenMod/android_device_htc_ville/blob/cm-11.0/device-proprietary-files.txt">few proprietary drivers</a> for sensors and the camera, but that's all I have on there (apart from the proprietary baseband of course).</p>
<p>I have tried running LibreSignal (the non-websocket rebuild available on an f-droid repository) and it seems to work, although I need to test everything again.</p>
<p>It's really an amazing pain in the ass, to be honest. It's surprising how bad the state of affairs is, and how allies (like Moxie) seem to be working against the free software movement by forcing stuff like Google Play down people's throat. A really bad situation that reminds me of the early days of the free software wars on the desktop more than anything...</p>
<p>-- anarcat</p>