Slashdot Log In
Debian Running On the T-Mobile G1
Posted by
timothy
on Thursday November 13, @05:52PM
from the teaching-the-android-to-fetch-and-sit dept.
from the teaching-the-android-to-fetch-and-sit dept.
chrb writes "Following hot on the heels of the G1 root exploit, Jay Freeman now has Debian ARM running on the G1. The RC30 update has fixed the root hole, but with utilities and images already available to replace the flash image with your own signed code, it looks like the manufacturer-hacker arms race is on."
Related Stories
[+]
Debian On the Openmoko Neo FreeRunner Phone 167 comments
BrianWCarver writes "It was inevitable. One can now run the entire Debian distribution (ARM port) on the Openmoko Neo Freerunner. We previously discussed the July 4th launch of this GNU/Linux-based smartphone, which is open down to its core, with the company providing CAD files and schematics for the phone. Openmoko released an update to their software stack earlier this month, called Om2008.8, which is still a work in progress. But now one can use these instructions on the Debian wiki to open up the possibility of using apt-get to access Debian's more than 20,000 applications on your phone, which, due to integration with freesmartphone.org efforts, can also actually be used as a phone. There were previous efforts to run Debian on the predecessor product to the Neo FreeRunner, the Neo 1973, but with the wider adoption of the Neo FreeRunner and the hard work of many Debian developers at the ongoing DebConf 8, carrying Debian in your pocket has just gotten a lot easier."
[+]
Mobile: Bug In Android Passes Keystrokes To Root Shell 205 comments
pasokon writes "ZDNet reports on an Android bug in T-Mobile G1s with early versions of the firmware: 'When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges. ... open the keyboard tray on your G1, ignore anything you see on the screen, and type these 8 keystrokes: (enter)-r-e-b-o-o-t-(enter). Poof, your phone will reboot.'"
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Isn't that the whole idea of an open platform? (Score:5, Insightful)
i.e., to enable hackers to experiment and thereby improve the platform further.
Reply to This
Re: (Score:3, Insightful)
Well sure, within the context of running applications in a Java sandbox and doing things in emulators.
Once you bring in carriers into the mix, "open" goes out the window because it gives people the ability to step around your nickel and diming.
Re: (Score:3, Insightful)
Re: (Score:3, Funny)
I understand your point, but my fingers still have sympathy blisters and my wrists ache thinking about actually sending a gigabyte's worth of SMS texting....
Re: (Score:3, Interesting)
Not anymore, at least not with such a simple root exploit. I guess we'll have to wait for another exploit to come along... wouldn't it be nice to be given root access to hardware that you own? And if a java sandbox were really all we needed, then why are so many people trying to get (and keep) root access on the G1?
Re:Isn't that the whole idea of an open platform? (Score:5, Informative)
"Same thing as the iPhone. You're either in the sandbox or you jailbreak."
No, not same as the iPhone at all. On the iPhone you have to jailbreak if you want to run non-approved apps, even in the sandbox.
OTOH, it is a bit crap, but at least with android we have the source. I have it running on my freerunner now
Reply to This
Parent
Re:Isn't that the whole idea of an open platform? (Score:5, Informative)
Once you bring in carriers into the mix, "open" goes out the window because it gives people the ability to step around your nickel and diming.
Yes, but T-Mobile is better than most other US Carriers in this regard. They use GSM phones so just about any phone that takes GSM should work on their network. They don't play games like Verizon does with bluetooth connectivity and ringtones and they gave me the unlock code for my phone three (3) months into the contract. My only real complaints are that their coverage is not as good as Verizon and the prices on their data services are a bit higher, but with all of the restrictions that other US Carriers place on their "unlimited" data plans you have to wonder whether there really is a difference in price relative to what you get.
Reply to This
Parent
I'm confused... (Score:5, Interesting)
I thought the whole point of the G1 was that it was an open platform. Why on earth is there a "manufacturer-hacker arms race"?
Reply to This
Re:I'm confused... (Score:5, Insightful)
Why on earth is there a "manufacturer-hacker arms race"?
There isn't, it's BS, and none of the blogs seem to get is. So far as we can tell, google only fixed the root exploit because it was a serious security concern, because of how it worked. I don't think they are going to make a real effort to stop people from hacking their device aside from fixing security flaws. Even if they do, this is so far not an indication of that, contrary to what most sites say.
-Taylor
Reply to This
Parent
That's Android, not G1... (Score:4, Informative)
There isn't, it's BS, and none of the blogs seem to get is. So far as we can tell, google only fixed the root exploit
The root exploit is unrelated to the ability to flash the ROM. The question then is, will there be attempts made to stop user flashing of updates to the device...
I do not think there will be, it's just that Android fixes should not be confused with openness of the device itself.
Reply to This
Parent
Re:That's Android, not G1... (Score:5, Informative)
From what I've heard, you need root access or the T-Mobile private key to flash the ROM.
Err, yes, the head of the Android team at Google has actually confirmed that only the manufacturer or the cell network provider have the cryptographic keys required to flash the G1 (via OTA updates or otherwise).
When root access to the G1 is denied by default, and exploits that allow root access are quickly patched, how would you interpret this? The fact is that you do not get root access to the G1 by default, and as of this moment, there is no known way to get root access, or to flash your own kernel, on a RC30 G1.
Reply to This
Parent
Re: (Score:3, Interesting)
One needs to be aware of where the money is made. The actual phone manufacturer makes money by selling a locked version to a telecom, the telecom makes money by selling the phone and the phone service to retail clients.
If you get a free phone with a low monthly service charge and then you hack it, you could make expensive calls over IP and pay the telecom, nothing more than the monthly rent.
Thus the telecom needs the phone to be locked to make (more) money and the manufacturer has to lock the phone in order
Re: (Score:3, Insightful)
"you could make expensive calls over IP and pay the telecom, nothing more than the monthly rent."
Bullshit. At least in the UK the monthly line rental usually includes more than enough minutes/texts for most people. The vast majority of their income must come from the base line rental (which isn't cheap!).
They're just used to being able to control everything and don't want to give that up. Hopefully it will change eventually.
Re: (Score:3, Interesting)
Re:I'm confused... (Score:4, Interesting)
One needs to be aware of where the money is made. The actual phone manufacturer makes money by selling a locked version to a telecom, the telecom makes money by selling the phone and the phone service to retail clients.
If you get a free phone with a low monthly service charge and then you hack it, you could make expensive calls over IP and pay the telecom, nothing more than the monthly rent.
Thus the telecom needs the phone to be locked to make (more) money and the manufacturer has to lock the phone in order to please the telecom, who is, after all, its client.
Yes, there will be an arms race because its about controlling the money making process.
The CEO of T-Mobile straight up said they will allow VOIP apps, and will do nothing to stop them. That's the entire point of android being open, but everyone keeps assuming it will be more and more locked down.
In that same interview the CEO also said they won't stop unlockers. Why would they anyway? You agreed to a contract and they can charge you an ETF if you leave, so if you want to unlock it and use it on business, there is no reason not to let you.
The _ENTIRE_ point of android is that it is open, and i wholeheartedly believe that google will stick to that.
-Taylor
Reply to This
Parent
Re: (Score:3, Insightful)
And that's the problem.
You pay for the "device".
Google OWNS the operating system.
Duetch Telecom OWNS the device.
You only pay for it to rent it while you use it, and then pay a monthly fee for network access on top of that.
And this is open, how?
--Toll_Free
Re:I'm confused... (Score:5, Informative)
And that's the problem.
You pay for the "device".
Google OWNS the operating system.
Duetch Telecom OWNS the device.
You only pay for it to rent it while you use it, and then pay a monthly fee for network access on top of that.
And this is open, how?
--Toll_Free
Umm... it's open because the entire OS is released under the Apache or GLPv3 (depending on which part of the OS) licenses. I'm not well versed in which licenses are or are not "really" open, but i am under the impression that both of those are supposed to be. Android is based on version 2.6 of the linux kernel, and the framework on top of that was written by google, and the source code was released under Apache and heavily documented.
That's way more open than any other successful phone out there.
And I don't know if you're exaggerating or if it's different in your country, but in the U.S. you OWN your cell phone. And i fail to see how paying a monthly fee to access a network has anything to do with whether or not the phone is open - no one is going to let you use their multi-billion dollar network for free, and i'm fine with that.
Why is everyone so bent on hating android, even with no facts to back up what they say? Google fixes a security bug and everyone flips out, but the countless times google and the t-mobile CEO have said they will keep the device open? No one seems to remember or care.
-Taylor
Reply to This
Parent
Re: (Score:3, Insightful)
I guess it's like politicians: don't judge them by what they promise, but by their actions. One thing is not like the other.
Re:I'm confused... (Score:5, Insightful)
No, it was written by Linus Torvalds and thousands of other contributors, and released under the GPL. It's our OS. Google just borrowed it for a while.
Reply to This
Parent
Re: (Score:3, Informative)
Really?
Every major phone company and vendor would argue with you.
The only way it's your device is if you pay FULL retail for it, and get the unlock code, or if you purchase it fully unlocked (legally) at the time of purchase.
Otherwise, you own the plastic. The actual bits of code (I HATE that MS buzzword) is owned by Google, and the network you operate it on is owned by the telco.
Shame, as I would LOVE to agree with you, but the fact of the matter is, I doubt very much most of us actually paid RETAIL cost
Re:I'm confused... (Score:5, Interesting)
It depends on your definition of "platform," I believe.
Android is open software platform in that you can do whatever you want within Android. But that doesn't make the G1 an open hardware platform, where you could install a different operating system.
OpenMoko is an open hardware platform.
Now, personally, I see no reason why T-Mobile would care whether you're running Android or Debian. Google might care because they want you running those nice Android apps which interface with Google because that's how they're paying for Android development. But I'm not sure that they have any kind of agreement which would require the makers of the G1 to make sure that the phones are tamper-proof.
Reply to This
Parent
Re:I'm confused... (Score:5, Insightful)
Now, personally, I see no reason why T-Mobile would care whether you're running Android or Debian. Google might care because they want you running those nice Android apps which interface with Google because that's how they're paying for Android development. But I'm not sure that they have any kind of agreement which would require the makers of the G1 to make sure that the phones are tamper-proof.
I doubt even Google will care. How many people will actually install Debian on a G1? How many people will actually install it and keep it on there? I doubt even 0.1% of users will do either. But these are also the people who will praise Google for an open platform and for not locking it up like the iPhone. They're also the people who'll probably create apps for Android that bypass Google. Will Google notice the drop in revenue? Probably not, and certainly not enough to offset the bad PR.
Reply to This
Parent
Re: (Score:3, Insightful)
They probably don't. What they do care about is support calls and returns because someone bricked their G1 whilst trying to flash some fancy new OS image. They may even think that installing a new OS allows users to use other networks, or VOIP applications, more easily. Basically, if you can imagine a revenue stream that might be possible on the G1, and imagine a way in which a completely open platform might re
Re:So? (Score:5, Informative)
Reply to This
Parent
Re: (Score:3, Interesting)
You shouldn't judge the world-wide telecom market by the US "standard". T-Mobile is a german company, and part of the old government-owned telecommunications monopoly, so no need for bribery there. However, the german telecom market is very different from the US one, and there are no local monopolies. T-Com is still the largest player, but they other telcos don't have monopolies and most likely didn't make bribes.