1 <?xml version=
"1.0" encoding=
"ISO-8859-1"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries from July
2016</title>
5 <description>Entries from July
2016</description>
6 <link>http://www.hungry.com/~pere/blog/
</link>
10 <title>Unlocking HTC Desire HD on Linux using unruu and fastboot
</title>
11 <link>http://www.hungry.com/~pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html
</link>
12 <guid isPermaLink=
"true">http://www.hungry.com/~pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html
</guid>
13 <pubDate>Thu,
7 Jul
2016 11:
30:
00 +
0200</pubDate>
14 <description><p
>Yesterday, I tried to unlock a HTC Desire HD phone, and it proved
15 to be a slight challenge. Here is the recipe if I ever need to do it
16 again. It all started by me wanting to try the recipe to set up
17 <a href=
"https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
">an
18 hardened Android installation
</a
> from the Tor project blog on a
19 device I had access to. It is a old mobile phone with a broken
20 microphone The initial idea had been to just
21 <a href=
"http://wiki.cyanogenmod.org/w/Install_CM_for_ace
">install
22 CyanogenMod on it
</a
>, but did not quite find time to start on it
23 until a few days ago.
</p
>
25 <p
>The unlock process is supposed to be simple: (
1) Boot into the boot
26 loader (press volume down and power at the same time), (
2) select
27 'fastboot
' before (
3) connecting the device via USB to a Linux
28 machine, (
4) request the device identifier token by running
'fastboot
29 oem get_identifier_token
', (
5) request the device unlocking key using
30 the
<a href=
"http://www.htcdev.com/bootloader/
">HTC developer web
31 site
</a
> and unlock the phone using the key file emailed to you.
</p
>
33 <p
>Unfortunately, this only work fi you have hboot version
2.00.0029
34 or newer, and the device I was working on had
2.00.0027. This
35 apparently can be easily fixed by downloading a Windows program and
36 running it on your Windows machine, if you accept the terms Microsoft
37 require you to accept to use Windows - which I do not. So I had to
38 come up with a different approach. I got a lot of help from AndyCap
39 on #nuug, and would not have been able to get this working without
42 <p
>First I needed to extract the hboot firmware from
43 <a href=
"http://www.htcdev.com/ruu/PD9810000_Ace_Sense30_S_hboot_2.00
.0029.exe
">the
44 windows binary for HTC Desire HD
</a
> downloaded as
'the RUU
' from HTC.
45 For this there is is
<a href=
"https://github.com/kmdm/unruu/
">a github
46 project named unruu
</a
> using libunshield. The unshield tool did not
47 recognise the file format, but unruu worked and extracted rom.zip,
48 containing the new hboot firmware and a text file describing which
49 devices it would work for.
</p
>
51 <p
>Next, I needed to get the new firmware into the device. For this I
52 followed some instructions
53 <a href=
"http://www.htc1guru.com/
2013/
09/new-ruu-zips-posted/
">available
54 from HTC1Guru.com
</a
>, and ran these commands as root on a Linux
55 machine with Debian testing:
</p
>
59 fastboot oem rebootRUU
60 fastboot flash zip rom.zip
61 fastboot flash zip rom.zip
63 </pre
></p
>
65 <p
>The flash command apparently need to be done twice to take effect,
66 as the first is just preparations and the second one do the flashing.
67 The adb command is just to get to the boot loader menu, so turning the
68 device on while holding volume down and the power button should work
71 <p
>With the new hboot version in place I could start following the
72 instructions on the HTC developer web site. I got the device token
76 fastboot oem get_identifier_token
2>&1 | sed
's/(bootloader) //
'
79 <p
>And once I got the unlock code via email, I could use it like
83 fastboot flash unlocktoken Unlock_code.bin
84 </pre
></p
>
86 <p
>And with that final step in place, the phone was unlocked and I
87 could start stuffing the software of my own choosing into the device.
88 So far I only inserted a replacement recovery image to wipe the phone
89 before I start. We will see what happen next. Perhaps I should
90 install
<a href=
"https://www.debian.org/
">Debian
</a
> on it. :)
</p
>
95 <title>How to use the Signal app if you only have a land line (ie no mobile phone)
</title>
96 <link>http://www.hungry.com/~pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
</link>
97 <guid isPermaLink=
"true">http://www.hungry.com/~pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
</guid>
98 <pubDate>Sun,
3 Jul
2016 14:
20:
00 +
0200</pubDate>
99 <description><p
>For a while now, I have wanted to test
100 <a href=
"https://whispersystems.org/
">the Signal app
</a
>, as it is
101 said to provide end to end encrypted communication and several of my
102 friends and family are already using it. As I by choice do not own a
103 mobile phone, this proved to be harder than expected. And I wanted to
104 have the source of the client and know that it was the code used on my
105 machine. But yesterday I managed to get it working. I used the
106 Github source, compared it to the source in
107 <a href=
"https://chrome.google.com/webstore/detail/signal-private-messenger/bikioccmkafdpakkkcpdbppfkghcmihk?hl=en-US
">the
108 Signal Chrome app
</a
> available from the Chrome web store, applied
109 patches to use the production Signal servers, started the app and
110 asked for the hidden
"register without a smart phone
" form. Here is
111 the recipe how I did it.
</p
>
113 <p
>First, I fetched the Signal desktop source from Github, using
116 git clone https://github.com/WhisperSystems/Signal-Desktop.git
119 <p
>Next, I patched the source to use the production servers, to be
120 able to talk to other Signal users:
</p
>
123 cat
&lt;
&lt;EOF | patch -p0
124 diff -ur ./js/background.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/background.js
125 --- ./js/background.js
2016-
06-
29 13:
43:
15.630344628 +
0200
126 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/background.js
2016-
06-
29 14:
06:
29.530300934 +
0200
131 - var SERVER_URL =
'https://textsecure-service-staging.whispersystems.org
';
132 - var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com
';
133 + var SERVER_URL =
'https://textsecure-service-ca.whispersystems.org:
4433';
134 + var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments.s3.amazonaws.com
';
136 window.getSocketStatus = function() {
137 if (messageReceiver) {
138 diff -ur ./js/expire.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/expire.js
139 --- ./js/expire.js
2016-
06-
29 13:
43:
15.630344628 +
0200
140 +++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/
0.15.0_0/js/expire.js2016-
06-
29 14:
06:
29.530300934 +
0200
143 'use strict
';
144 - var BUILD_EXPIRATION =
0;
145 + var BUILD_EXPIRATION =
1474492690000;
147 window.extension = window.extension || {};
152 <p
>The first part is changing the servers, and the second is updating
153 an expiration timestamp. This timestamp need to be updated regularly.
154 It is set
90 days in the future by the build process (Gruntfile.js).
155 The value is seconds since
1970 times
1000, as far as I can tell.
</p
>
157 <p
>Based on a tip and good help from the #nuug IRC channel, I wrote a
158 script to launch Signal in Chromium.
</p
>
165 --proxy-server=
"socks://localhost:
9050" \
166 --user-data-dir=`pwd`/userdata --load-and-launch-app=`pwd`
169 <p
> The script start the app and configure Chromium to use the Tor
170 SOCKS5 proxy to make sure those controlling the Signal servers (today
171 Amazon and Whisper Systems) as well as those listening on the lines
172 will have a harder time location my laptop based on the Signal
173 connections if they use source IP address.
</p
>
175 <p
>When the script starts, one need to follow the instructions under
176 "Standalone Registration
" in the CONTRIBUTING.md file in the git
177 repository. I right clicked on the Signal window to get up the
178 Chromium debugging tool, visited the
'Console
' tab and wrote
179 'extension.install(
"standalone
")
' on the console prompt to get the
180 registration form. Then I entered by land line phone number and
181 pressed
'Call
'.
5 seconds later the phone rang and a robot voice
182 repeated the verification code three times. After entering the number
183 into the verification code field in the form, I could start using
184 Signal from my laptop.
186 <p
>As far as I can tell, The Signal app will leak who is talking to
187 whom and thus who know who to those controlling the central server,
188 but such leakage is hard to avoid with a centrally controlled server
189 setup. It is something to keep in mind when using Signal - the
190 content of your chats are harder to intercept, but the meta data
191 exposing your contact network is available to people you do not know.
192 So better than many options, but not great. And sadly the usage is
193 connected to my land line, thus allowing those controlling the server
194 to associate it to my home and person. I would prefer it if only
195 those I knew could tell who I was on Signal. There are options
196 avoiding such information leakage, but most of my friends are not
197 using them, so I am stuck with Signal for now.
</p
>
199 <p
><strong
>Update
2017-
01-
10</strong
>: There is an updated blog post
201 <a href=
"http://www.hungry.com/~pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
">Experience
202 and updated recipe for using the Signal app without a mobile
203 phone
</a
>.
</p
>
projects / homepage.git / blob