Difference between revisions of "Android"

From YobiWiki
Jump to navigation Jump to search
 
(265 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
* [https://secure.wikimedia.org/wikipedia/en/wiki/Google_android Wikipedia]
 
* [https://secure.wikimedia.org/wikipedia/en/wiki/Google_android Wikipedia]
 
===App stores===
 
===App stores===
* [https://market.android.com/ Android Market]
+
* [https://play.google.com/store Google Play]
 
Alternate views on the official market:
 
Alternate views on the official market:
 
* [http://www.androlib.com/ AndroLib]
 
* [http://www.androlib.com/ AndroLib]
Line 22: Line 22:
   
 
===User manuals===
 
===User manuals===
* [http://www.google.com/support/mobile/bin/answer.py?hl=en&answer=182077 Android 2.3 Manual]
+
* [https://support.google.com/nexus Android for Nexus devices]
* [http://www.htc.com/uk/userguide.aspx?p_id=316 HTC Wildfire Manual]
+
<!--* [http://www.htc.com/uk/userguide.aspx?p_id=316 HTC Wildfire Manual]
 
* [http://www.samsung.com/us/Nexus_S_Owners_Guide/ Nexus S Manual]
 
* [http://www.samsung.com/us/Nexus_S_Owners_Guide/ Nexus S Manual]
  +
Some internals info [http://wiki.freesmartphone.org/index.php/Hardware/Nexus_S/Interfaces here]-->
==Nexus S==
 
===Versions===
 
physical sticker behind battery:
 
* Model: GT-I9023
 
* FCC ID: A3LGTI9023
 
* SSN: -I9023GSMH
 
* IMEI: xxxxxxx
 
* S/N: xxxxxxx
 
under 'About phone' from the settings:
 
* Android 2.3.3
 
* Baseband I9023XXKB3
 
* Kernel 2.6.35.7-g1d030a7
 
* Build GRI54
 
under fastboot:
 
* Product name - HERRING
 
* HW Version - rev 52
 
* Bootloader version - I9020XXKA3
 
* Baseband version - I9020XXKB3
 
* Carrier info - EUR
 
* Serial number - xxxxxxx
 
   
  +
==Short notes==
===USB permissions on the host===
 
  +
===ADB===
On the host, example how to solve permissions:
 
  +
To reveal developer menu, tap 10x on "settings/about/build nr"
<br>Create /etc/udev/rules.d/99-android.rules for Nexus phones:
 
  +
<br>Then enable usb debug.
  +
<br>USB debugging is [http://nelenkov.blogspot.jp/2013/02/secure-usb-debugging-in-android-422.html pretty secured] since Jelly Bean but beware for older versions!
  +
  +
Since Android 5.0.1, it's required to use at least [https://skia.googlesource.com/skia/+archive/cd048d18e0b81338c1a04b9749a00444597df394/platform_tools/android/bin/linux.tar.gz adb v1.0.32].
  +
  +
apt-get install android-tools-adb
  +
  +
Note that from recovery, you can also use adb:
  +
* adb shell
  +
* adb sideload update.zip
  +
* adb push
  +
etc
  +
===Fastboot===
  +
apt-get install android-tools-fastboot
  +
  +
====USB permissions on the host====
  +
Create /etc/udev/rules.d/99-android.rules for Nexus phones:
 
<pre>
 
<pre>
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bb4", ATTRS{idProduct}=="0fff", MODE="0666", OWNER="<your_account>" # Nexus One Fastboot
+
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", MODE="0666", OWNER="<your_account>" # all Nexus
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e11", MODE="0666", OWNER="<your_account>" # Nexus One Normal
 
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e12", MODE="0666", OWNER="<your_account>" # Nexus One Debug/Recovery
 
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e20", MODE="0666", OWNER="<your_account>" # Nexus S Fastboot
 
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e21", MODE="0666", OWNER="<your_account>" # Nexus S Normal
 
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e22", MODE="0666", OWNER="<your_account>" # Nexus S Debug/Recovery
 
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e23", MODE="0666", OWNER="<your_account>" # ???
 
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e24", MODE="0666", OWNER="<your_account>" # Nexus S USB tethering
 
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bb4", ATTRS{idProduct}=="0c8b", MODE="0666", OWNER="<your_account>" # HTC Normal
 
 
</pre>
 
</pre>
 
Then execute /etc/init.d/udev reload
 
Then execute /etc/init.d/udev reload
   
===Restoring factory ROM===
+
====To enter Fastboot mode====
  +
* Power off phone
Warning, it will destroy everything, make your backups first!!
 
  +
* Depends on the phone, e.g.:
* Get firmware [http://www.samfirmware.com/WEBPROTECT-i9023.htm here] for a European Nexus S i9023, mine needs the I9023XXKB3 one.
 
  +
** Nexus S: keep volume-up pressed while pressing power on for 5 secs
* Rename tar.md5 as tar
 
  +
** Nexus 4: keep volume-down pressed while pressing power on for 5 secs
* Get Odin sw from [http://www.samfirmware.com/WEBPROTECT-programandroid.htm here], choose i9023
 
  +
** Nexus 5: keep volume-down pressed while pressing power on for 5 secs
** e.g. I9003_Odin3_v1.82.rar & SAMSUNG_USB.rar
 
  +
** You've entered fastboot
* Run Odin (works in a virtualbox if needed), load the 4 files:
 
  +
See https://source.android.com/source/running.html for other models
** bootloader: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/Bootloader_I9023XXKA3.tar
 
** PDA: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar
 
** Phone: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/MODEM_I9023XXKB3_REV_00_CL912571_SIGNED.tar
 
** CSC: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/DGS_I9023_EUR.tar
 
* Turn phone off
 
* Plug USB
 
* Just before battery icon showing, enter download mode by pressing middle of volume up / volume down button for long, you'll get a big yellow warning triangle
 
* If using virtualbox, bring USB device (Samsung serial) to virtualbox
 
* Now Odin should show a yellow rectangle with COM0
 
* Press "start" in Odin
 
Sources:
 
* http://forum.frandroid.com/topic/52144-tuto-flash-via-odin/ (fr)
 
* http://forum.frandroid.com/topic/51710-astuce-probleme-de-reconnaissance-par-odin-sous-mode-download/ (fr)
 
* http://www.samfirmware.com/I9023%20Flasghuide%20English.pdf
 
   
  +
Alternatively, fastboot can be triggererd from adb: adb reboot bootloader
===Restoring (most of) factory ROM with fastboot===
 
Ok previous section was about restoring *everything* as genuine but it requires Windows and most of the time all you screwed up was the boot image, the recovery image or the system image so here is how to restore them or part of them provided that you can still enter fastboot:
 
<pre>
 
fastboot oem unlock # if needed
 
fastboot flash recovery recovery.img # from Samsung PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar
 
fastboot flash system system.img # from Samsung PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar
 
fastboot flash boot boot.img # from Samsung PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar
 
</pre>
 
Warning: I got /sdcard content erased, maybe because I tried to enter the native recovery, but anyway, make backups first before trying anything you risk regretting!!!
 
   
  +
===OEM unlock===
E.g. to make a backup with clockwordmod:
 
  +
Necessary step before being able to flash partitions or boot on alternative recovery.
* Put phone into fastboot mode
 
  +
* Enter recovery
 
  +
'''''This will wipe ALL DATA!!!'''''
* Choose backup & restore / backup
 
  +
fastboot oem unlock
* Choose mount / mount USB storage
 
  +
===OEM unlock for rooted devices===
* From host: copy clockwordmod/backup/*
 
  +
Once the device has been unlocked and rooted, it can be locked/unlocked again without wiping all the data, at least on some phone models.
  +
<br>Install [https://play.google.com/store/apps/details?id=net.segv11.bootunlocker&hl=en BootUnlocker]
  +
  +
===Factory images for Nexus phones===
  +
* https://developers.google.com/android/nexus/images
  +
  +
Typical usage: (requires OEM unlock)
  +
tar xzf CODENAME-VERSION-factory-CHECKSUM.tgz
  +
cd CODENAME-VERSION
  +
./flash-all.sh
  +
  +
To avoid erasing user data:
  +
<br>Very important if you want to keep your data!!! Edit flash-all.sh and replace
  +
fastboot -w update image-....zip
  +
by
  +
fastboot update image-....zip
  +
  +
===Recovery===
  +
====TWRP====
  +
* https://twrp.me/Devices/
  +
====ClockworkMod====
  +
* http://www.clockworkmod.com/rommanager
  +
====Usage====
  +
Flashing an alternative recovery (requires OEM unlock):
  +
fastboot flash recovery recovery-clockwork-VERSION-CODENAME.img
  +
  +
Booting (without flashing) an alternative recovery (requires OEM unlock):
  +
fastboot boot recovery-clockwork-VERSION-CODENAME.img
  +
====Stock recovery====
  +
To show menu with Nexus stock recovery, it depends on the phone, e.g.:
  +
* Nexus 4: hold "power" and press "volume-up"
  +
* Nexus 5: press & release quickly volume-up & power a few times
   
===Entering fastboot mode===
 
* Power off phone
 
* Press Volume up and power button together for long
 
* You've entered fastboot
 
* Alternatively, fastboot can be triggererd from adb: adb reboot-bootloader
 
For getting fastboot on the host, see further below
 
 
===Rooting===
 
===Rooting===
  +
====SuperSU====
* copy su-2.3.6.1-ef-signed.zip (from http://forum.xda-developers.com/showthread.php?t=682828) on USB storage
 
  +
Requires OEM unlock, see above fastboot oem unlock (! erase all) and see below BootUnlocker (for already rooted)
* enter fastboot mode (see above)
 
  +
<br>Requires e.g. TWRP recovery
* host: fastboot oem unlock
 
  +
<br>Requires e.g. [http://download.chainfire.eu/supersu ChainFire SuperSU] (you can check [http://forum.xda-developers.com/apps/supersu forum] for beta releases)
* fastboot flash recovery 3025-i9023.img
 
  +
adb reboot bootloader
!! Don't touch boot image or try CW 3.0.0.0, one of them caused the phone to not start android anymore, I had to perform the full factory restore with Odin !!
 
* enter recovery mode from fastboot
+
fastboot boot recovery-xxx.img
  +
# In recovery, choose Advanced / Install zip / from sideload
** You can make a backup now
 
  +
adb sideload UPDATE-SuperSU-v2.xx.zip
** install zip from sdcard -> choose -> su-2.3.6.1-ef-signed.zip
 
  +
# Reboot (and decline erasing recovery updater install-recovery.sh)
** reboot
 
Sources:
 
* http://forum.xda-developers.com/showthread.php?t=988686
 
* http://nexusshacks.com/nexus-s-hacks/how-to-root-nexus-s/
 
   
==Android 2.3==
+
====Rooting Android M====
  +
Rooting method has changed quite a bit and is still uncertain as those lines are written, see e.g. http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344
===Getting fastboot & Android sources===
 
There are several binaries around but I wanted to build my own.
 
Maybe not the shortest way... I downloaded all android sources...
 
<br> cf http://source.android.com/source/downloading.html
 
<br> Some missing deps on my 64-but debian when I tried to compile everything: gperf, libc6-dev-i386, lib32ncurses5-dev ia32-libs g++-multilib lib32z1-dev lib32readline6-dev
 
<pre>
 
. build/envsetup.sh
 
lunch crespo-eng
 
make -j2
 
</pre>
 
Maybe we can just compile adb & fastboot:
 
<pre>
 
make adb
 
make fastboot
 
</pre>
 
cf http://www.cduce.org/~abate/build-android-adb-debian-sid-amd64
 
   
===Getting adb & Android SDK===
+
====Rooting securely====
  +
Rooting can be done securely if:
Get it from http://developer.android.com/sdk/index.html
 
  +
* bootloader is locked again
<br>Run tools/android -> get Android SDK Platform-tools, revision 3
 
  +
** problem is that unlocking would erase again the data
<br>It brings also adb but not fastboot
 
  +
** see below BootUnlocker which allows on rooted Nexus to toggle bootloader without deleting data
<br>If you want to update SDK: tools/android update sdk
 
  +
* keep stock recovery
  +
* SuperSU is locked with a PIN
  +
** this requires the Pro version
  +
* SuperSU always require the PIN to authorize an app
  +
** or be very careful which ones you authorize permanently
   
===adb===
+
====Rooting and OTA====
  +
By experience, it's always quite difficult to apply an OTA on a rooted phone, even after having attempted to unroot the phone.
You need to activate USB debugging:
 
  +
<br>So I prefer to apply a full factory image (being careful not to overwrite the data) and root it again.
* Settings > Applications > Development > USB debugging
 
  +
<br>If latest factory image isn't available yet, flash the latest available then apply the regular OTA before rooting.
   
  +
====Prevent OTA====
Some examples:
 
  +
Normally rooting is enough to prevent OTA but to be sure, one can touch build.prop (so its sha1sum won't match anymore)
* adb devices
 
* adb shell
+
adb shell
  +
su
* adb logcat
 
  +
mount -o remount,rw /system
===adb as root===
 
  +
echo "# Remove me to allow OTA update" >> /system/build.prop
Once the phone is rooted, you can, from a shell with e.g. adb shell invoke "su" & get root.
 
  +
mount -o remount,ro /system
<br>But to get immediately into root, the file /default.prop needs to contain ro.secure=0
 
  +
====Attempt OTA====
<br>But that file is restored from boot.img at each boot so you need to modify that one
 
  +
I don't recommend it as most attempts end in an infinite loop after the reboot.
<br>See http://android-dls.com/wiki/index.php?title=HOWTO:_Unpack%2C_Edit%2C_and_Re-Pack_Boot_Images#Alternative_Method
 
<br>but there is also abootimg in debian:
 
* Taking the boot.img from Samsung (see above in I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar). I tried also with a boot.img taken by CW backup but the modified version was apparently too big to be flashed back. Anyway CW backup version is orig boot.img extended to the physical partition size (8M)
 
<pre>
 
abootimg -x boot.img
 
mkdir ramdisk
 
cd ramdisk
 
gzip -dc ../initrd.img | cpio -i
 
sed -i default.prop 's/ro.secure=1/ro.secure=0/'
 
find . -print|cpio -o -Hnewc|gzip > ../initrd.img2
 
cd ..
 
abootimg -u boot.img -r initrd.img2
 
fastboot flash boot boot.img
 
</pre>
 
For the last command, the phone needs of course to be in fastboot mode
 
<br>Reboot phone
 
<br>I had to re-enable USB debugging but now adb shell brings me immediately a root shell :)
 
<br>Note that link mentioned above proposes an alternative way to flash the boot partition, directly from adb shell as root
 
   
  +
When ready to really do OTA update:
Without this setup, it's a bit cumbersome to automate root commands from host, it looks like
 
adb shell su -c "netcfg usb0 dhcp"
 
and the SuperUser app prompts you for confirmation on the phone for each new command
 
   
  +
1. '''Unlock bootloader with BootUnlocker''', super critical step!!!
===Screenshots===
 
  +
Run ddms (from SDK) -> Tools / Device / Screen capture
 
  +
2. Make a backup of the proposed OTA patch, just in case
===USB tethering===
 
  +
adb shell
Plug phone & PC via USB
 
  +
ls -l /cache
<br>Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering)
 
  +
adb pull /cache/update.zip
<br>It works OOB on Debian, nothing to do
 
  +
===Getting busybox===
 
  +
3. Restore build.prop:
Need rooted phone, see above
 
  +
adb shell
<br>Google's stripped busybox, called toolbox, is far from enough once you get a shell on the phone
 
  +
su
* Get [https://market.android.com/details?id=com.jrummy.busybox.installer Busybox Installer] from Market
 
  +
mount -o remount,rw /system
Examples to use busybox versions instead of toolbox versions when the command exists twice:
 
  +
sed -i '/Remove me/d' /system/build.prop
<pre>
 
  +
# or if you don't have sed/busybox:
# busybox mount -o remount,rw /system
 
  +
grep -v "Remove me" /system/build.prop > /sdcard/build.prop.tmp
# /system/xbin/mount -o remount,rw /system
 
  +
cat /sdcard/build.prop.tmp > /system/build.prop
</pre>
 
  +
rm /sdcard/build.prop.tmp
  +
mount -o remount,ro /system
  +
  +
4. Restore /system/bin/install-recovery.sh
  +
<br>SuperSU may have hijacked /system/bin/install-recovery.sh. If so, we need to restore it. Unfortunately using "full unroot" won't help, see [https://www.reddit.com/r/Nexus5/comments/2zdc8b/ here] (and you'll get stuck unrooted!) so we'll restore it manually.
  +
adb shell
  +
su
  +
ls -l /system/bin/install-recovery*
  +
# should be fixed or not?
  +
mount -o remount,rw /system
  +
mv /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh
  +
mount -o remount,ro /system
  +
  +
5. Install proposed OTA update from Android itself
  +
  +
5b. Check recovery logs
  +
<br>In case the automatic update failed, check the recovery logs:
  +
<br>At this point you should be already in stock recovery, if not, go to recovery
  +
<br>Keep power button pressed and press volume-up to get the menu
  +
<br>Go to "view recovery logs"
  +
  +
5c. Install proposed OTA update manually from a local copy on the PC
  +
adb reboot recovery
  +
Keep power button pressed and press volume-up to get the menu
  +
<br>Go to "apply update from ADB"
  +
adb sideload update.zip
  +
  +
6. Reboot and let the system updating its apps
  +
<br>If it seems to stand forever with the boot logo, you can have a look at the same time to the system logs:
  +
adb logcat
  +
Seeing looping logs with a repetition of
  +
>>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<<
  +
is a bad sign, time for a full ROM recovery!
  +
  +
7. Root again, see [[#SuperSU]]
  +
  +
8. Prevent OTA updates:
  +
adb shell
  +
su
  +
mount -o remount,rw /system
  +
echo "# Remove me to allow OTA update" >> /system/build.prop
  +
mount -o remount,ro /system
  +
  +
9. Lock bootloader with BootUnlocker
  +
  +
See also my [https://code.google.com/p/boot-unlocker-gnex/issues/detail?id=30 feature request] for BootUnlocker
  +
  +
====Upgrade with factory image====
  +
That's my preferred method.
  +
  +
1. '''Unlock bootloader with BootUnlocker''', super critical step!!!
  +
  +
2. Flash a factory image
  +
<br>Get latest image at https://developers.google.com/android/nexus/images
  +
tar xzf ...tgz
  +
cd ...
  +
Or in one go:
  +
wget -O - ... | tar xz
  +
cd ...
  +
Very important if you want to keep your data!!! Edit flash-all.sh and replace
  +
fastboot -w update image-....zip
  +
by
  +
fastboot update image-....zip
  +
<br>Then reboot the phone to bootloader and launch that script:
  +
adb reboot bootloader
  +
./flash-all.sh
  +
Reboot
  +
  +
2b. Apply OTA
  +
If you didn't flash the latest version, apply OTA update
  +
  +
3. Root again, see [[#SuperSU]]
  +
  +
4. Prevent OTA updates:
  +
adb shell
  +
su
  +
mount -o remount,rw /system
  +
echo "# Remove me to allow OTA update" >> /system/build.prop
  +
mount -o remount,ro /system
  +
  +
5. Lock bootloader with BootUnlocker
  +
  +
===On rooted devices===
  +
====adbd insecure====
  +
As USB debugging is now pretty secure, let's enable immediate root access:
  +
<br>Install [https://play.google.com/store/apps/details?id=eu.chainfire.adbd adbd insecure]
  +
<br>Open app -> enable & enable at boot time
  +
====Busybox====
  +
From Google Play: https://play.google.com/store/apps/details?id=stericson.busybox&hl=en
  +
<br>Local install:
  +
adb install stericson.busybox-1.apk
  +
=> Run busybox -> install -> smart install
  +
Consider buying Busybox Pro...
  +
  +
===Modifying stuffs in system partition using su===
  +
adb push some_file /sdcard/
  +
adb shell su -c "mount -o remount,rw /system"
  +
adb shell su -c "cat /sdcard/some_file > /etc/some_file"
  +
sleep 1
  +
adb shell su -c "mount -o remount,ro /system"
  +
===Modifying stuffs in system partition with insecure adbd (=being root by default)===
  +
adb shell mount -o remount,rw /system
  +
adb push some_file /etc/some_file
  +
sleep 1
  +
adb shell mount -o remount,ro /system
  +
  +
===Encrypt device===
  +
See [https://support.google.com/android/answer/1663755?hl=en official help]
  +
<br>Some reports say they had to repeat the process several times on Nexus 4 before encryption started. I didn't have that problem.
  +
  +
One major caveat is that this is the same password for disk encryption and screen unlock, cf [https://code.google.com/p/android/issues/detail?id=29468 this longstanding bugreport].
  +
<br>On a rooted device this can be achieved thanks to [https://play.google.com/store/apps/details?id=org.nick.cryptfs.passwdmanager Cryptfs password] or simply by doing:
  +
vdc cryptfs changepw <new_password>
  +
Note that it will have to be done every time the screen PIN or pwd is changed.
  +
<br>See also http://nelenkov.blogspot.jp/2012/08/changing-androids-disk-encryption.html
  +
==Phone-specific notes==
  +
See [[Android phones]]
  +
  +
==Applications==
  +
See [[Android Apps]]
  +
  +
==Applications development==
  +
See [[Android SDK]]
  +
==Using the embedded SE==
  +
See [[Android SE]]
  +
==Using TrustZone==
  +
See [[Android TrustZone]]
  +
  +
==using Software Card Emulation==
  +
See [[Android Software Card Emulation]]
   
  +
==Misc==
  +
===Security===
  +
http://wiki.secmobi.com/
 
===Wi-Fi & client certs===
 
===Wi-Fi & client certs===
 
To be able to authenticate to a Wi-Fi network using client certificates via TLS:
 
To be able to authenticate to a Wi-Fi network using client certificates via TLS:
Line 206: Line 303:
 
<br>Wi-Fi params: 802.1x EAP / TLS / phase2: None / CA cert: cf previous import / user cert: idem / Identity: DOMAIN\user... / Anonymous id: empty / password:...
 
<br>Wi-Fi params: 802.1x EAP / TLS / phase2: None / CA cert: cf previous import / user cert: idem / Identity: DOMAIN\user... / Anonymous id: empty / password:...
   
  +
Note that after each reboot, you'll have to select manually one of the protected networks to unlock the secure storage of personal certificates or open manually the certificates storage:
===Importing CA certs===
 
  +
<br>Settings > Location & Security > Use secure credentials
I could only manage it via a webserver & crafted headers:
 
  +
<br>See also [https://market.android.com/details?id=ru.chunky.AutoKeystore Keystore Unlocker]
<pre>
 
<?php
 
header("Content-Type: application/x-x509-ca-cert");
 
?>
 
-----BEGIN CERTIFICATE-----
 
...
 
-----END CERTIFICATE-----
 
</pre>
 
   
  +
===Importing certs===
You may try this free service: http://www.realmb.com/droidCert/ which seems to do the same.
 
  +
Since Android 3.0, no need for rooting anymore
<br>But even if imported they seem not to be used e.g. for IMAP TLS.
 
  +
<br>If troubles, use PEM format, with file extension .crt
<br>There is a heavier procedure to include CA certs in the phone root list, see [https://wiki.cacert.org/ImportRootCert#Android_Phones CACert wiki], not tried yet.
 
  +
* drop certs on /sdcard/
  +
* go to settings / personal: security / credential storage: install from storage & select both certs
  +
===Test menu===
  +
Dial *#*#4636#*#* (== *#*#INFO#*#*)
  +
===SMSC configuration===
  +
To configure the SMSC (SMS gateway) on Android is not straight forward.
  +
<br>Access a hidden settings menu by dialing *#*#4636#*#* (*#*#INFO#*#*) -> phone settings -> SMSC -> Refresh (to get current value)
  +
<br>To update that field, if it does not work in plain or between quotes, try [http://www.twit88.com/home/utility/sms-pdu-encode-decode encode it in PDU]
  +
* First byte is length of SMSC info, so if it's e.g. +32475161616, it's 11 digits to code on 6 bytes, + 1 byte to code type of SMSC address => 7 bytes
  +
* Second byte is the type of SMSC address, 91 for international format
  +
* Next bytes are the SMSC digits, padded with "f" if odd, then nibble-swapped so in our example: 32475161616F => 2374151616F6
  +
* Full PDU-encoded SMSC is then: 07912374151616F6 -> Update
   
==Applications==
+
===Screenshots===
  +
Run ddms (from [[Android SDK]]) -> Tools / Device / Screen capture
Here is a list of potentially useful applications
 
===Only for root===
+
===Screencast===
  +
[http://droid-at-screen.ribomation.com/ Droid@Screen]:
Those apps require to run on a rooted phone
 
  +
<br>You'll need [[Android SDK]] too.
* [https://market.android.com/details?id=com.jrummy.busybox.installer Busybox Installer] for some decent shell tools
 
  +
<br>Make sure you're using the adb from SDK and not from e.g. Debian packages:
* [https://market.android.com/details?id=com.noshufou.android.su Superuser] is the application which got installed when you rooted your phone but you may want to benefit from Market updates
 
  +
<source lang=bash>
* https://market.android.com/details?id=com.noshufou.android.su.fixer Superuser Update Fixer] if you've problems updating your Superuser package. Trying it doesn't hurt and make sure your local Superuser signatures are ok.
 
  +
adb kill-server
* [https://market.android.com/details?id=com.aac.cachemate.demo Cachemate] for cleaning apps caches
 
  +
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
* [https://market.android.com/details?id=com.webkey Webkey] for a remote access from any browser
 
  +
java -jar droidAtScreen-1.0.2.jar
* [https://market.android.com/details?id=com.speedsoftware.rootexplorer Root Explorer], nice file explorer with file editor etc
 
  +
</source>
  +
  +
androidscreencast:
  +
<br>Get jnlp file from [https://code.google.com/p/androidscreencast/ project page]
  +
<source lang=bash>
  +
adb kill-server
  +
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
  +
$ANDROID_HOME/platform-tools/adb start-server
  +
javaws androidscreencast.jnlp
  +
</source>
  +
===USB tethering===
  +
Plug phone & PC via USB
  +
<br>Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering)
  +
<br>It works OOB on Debian, nothing to do
  +
===Mounting USB as MTP or PTP===
  +
New Nexus devices don't use USB mass storage anymore but MTP or PTP, mainly to be able to access data both from Android & PC at the same time.
  +
<br>There are two methods using fuse so make sure your user is member of fuse group:
  +
sudo adduser <your_user> fuse
  +
and make sure your user can access the USB device (cf above: /etc/udev/rules.d/...)
  +
====Using mtpfs====
  +
See [http://www.omgubuntu.co.uk/2011/12/how-to-connect-your-android-ice-cream-sandwich-phone-to-ubuntu-for-file-access/ this article]
  +
sudo apt-get install mtpfs mtp-tools
  +
mkdir ~/MyAndroid
  +
  +
mtpfs ~/MyAndroid
  +
...
  +
fusermount -u ~/MyAndroid
  +
Problem is that it's very slow to mount
  +
  +
====Using go-mtpfs====
  +
See [http://blog.itsbilal.com/2012/12/connect-an-android-4-0-phonetablet-to-ubuntu-the-reliable-way/ this article]
  +
sudo apt-get install golang fuse git-core libmtp-dev libfuse-dev
  +
mkdir /tmp/go
  +
GOPATH=/tmp/go go get github.com/hanwen/go-mtpfs
  +
sudo mv /tmp/go/bin/go-mtpfs /usr/local/bin/
  +
mkdir ~/MyAndroid
  +
  +
go-mtpfs ~/MyAndroid &
  +
...
  +
fusermount -u ~/MyAndroid
  +
====Using gphotofs====
  +
This method requires the phone to share files over USB as Camera (PTP), *not* MTP.
  +
  +
sudo apt-get install gphotofs
  +
mkdir ~/MyAndroid
   
  +
gphotofs ~/MyAndroid
===With root support===
 
  +
...
Those apps benefit from running on a rooted phone
 
  +
fusermount -u ~/MyAndroid
* [https://market.android.com/details?id=com.ghostsq.commander Ghost Commander]
 
  +
Problem is that it only shows DCIM & Pictures
** Nostalgic of Norton Commander? Using Midnight Commander? It's for you!
 
  +
<br>Not sure if it's a limitation of Android or Gphoto...
** Root support: access system files, remount system as RW, etc
 
** There is also an addon for SMB support
 
===Network===
 
* [https://market.android.com/details?id=com.curvefish.widgets.network2g3gonoff 2G-3G OnOff] : widget to add a shortcut to the settings to enable/disable data
 
* [https://market.android.com/details?id=com.fongal.quickteth Quickteth] : for an easy shortcut to USB tethering (add widget to desktop)
 
   
===To be sorted===
+
===Backuping via BackupPC===
  +
I'm a big fan of [[BackupPc]] and [http://www.tolaris.com/2011/06/13/backing-up-your-android-device-with-backuppc/ this guy] managed to link android & backuppc so let's give it a try.
* Apps Organizer : To group apps
 
  +
<br>Check the mentioned link but his setup is a bit different, running CyanogenMod while I'm using a stock fw.
* Android Agenda Widget : See your agenda on your home screen
 
  +
<br>Instructions here suppose your phone is rooted.
* Bluetooth Switch : Activates BT when the phone is docked in the car
 
  +
====IP====
* Bubble : Water level using the phone sensors
 
  +
Backuppc server needs to reach the phone so your phone needs a static (or DHCP statically attributed) IP or whatever dyndns system.
* Buienalarm : (NL) rain alarm, tells you if precipitations are expected at your current location
 
  +
====SSH====
* Chrome to Phone : easy to send URL's or text from Google Chrome to the phone
 
  +
I'm using [http://wiki.yobi.be/wiki/Android_Apps#With_root_support SshDroidPro]
* Touch Calendar : calendar with easy scroll & zoom in/out
 
  +
<br>Make sure backuppc key is properly installed in /data/data/berserker.android.apps.sshdroidpro/home/.ssh/authorized_keys
* Notes (developer: Yuli) : simple application for notes
 
  +
<br>Then test it as user backuppc, trying to access the phone and accept the server key fingerprint.
* ColorNote Notepad (Notes)
 
  +
====rsync====
* Droid48 (shagrath; HP48 emulator)
 
  +
To get rsync binary, I found [https://market.android.com/details?id=eu.kowalczuk.rsync4android rsync backup for Android] which downloads a rsync binary during install (a weird way to deal with a GPL program IMHO).
* My Tracks (My Tracks Team at Google; GPS tracking system)
 
  +
<br>The actual binary it downloads is available [https://sites.google.com/a/kowalczuk.eu/android/rsync here].
* Skype (Skype)
 
  +
<br>But Android wget doesn't support https so you've to transfer it to your phone by another mean.
* SMS Backup & Restore (Ritesh Sahu)
 
  +
<br>One way is to install the application I mentioned and let it download that binary.
* RealCalc Scientific Calculator (Brain Overspill)
 
  +
<br>Then, to install it at a more rooted-Android standard place:
* Android Terminal Emulator (Jack Palevitch; Linux access through a terminal)
 
  +
<source lang=bash>
* Hears (bytesequencing.com)
 
  +
cd /system/xbin
* Text-To-Speech Extension (Eyes-Free Project)
 
  +
busybox mount -o remount,rw /system
* SilentMode OnOff (CurveFish)
 
  +
cp /data/data/eu.kowalczuk.rsync4android/files/rsync /system/xbin/
* DailyStrip (FuseTree LLC)
 
  +
chmod 755 /system/xbin/rsync
* Test de vitesse Speedtest (Ookla)
 
  +
chown root.shell /system/xbin/rsync
* ASTRO Gestionnaire de fichiers (Metago)
 
  +
busybox mount -o remount,ro /system
* Wifi Connecter Library (farproc)
 
  +
</source>
* Advanced Task Killer (ReChild)
 
* APN Backup & Restore (Ritesh Sahu)
 
===Google===
 
* Google Goggles (Google)
 
* Google Earth (Google)
 
* Google Maps (Google)
 
* Google Search (Google)
 
* Google Sky Map (Google)
 
* Google Traduction (Google)
 
* Gmail (Google)
 
===Alternatives to default apps===
 
* Dialer One : Alternative dialer
 
===Dictionaries===
 
* Dictionnaire Littré (Alexis Robert)
 
* Van Dale French-Dutch (Paragon Software)
 
* Van Dale English-Dutch (Paragon Software)
 
* Van Dale Dutch Pocket (Paragon Software)
 
* Van Dale German-Dutch (Paragon Software)
 
* QuickDic German Dictionary (Thad Hughes)
 
===Games===
 
* Reversi (Bluesky Studio)
 
* Angry Birds : game, now full version for free
 
* Move it! Free (AI Factory Limited; logical game of moving blocks)
 
* National Flags Quiz (FractalGate; game)
 
===Sensing===
 
* Boussole (Catch.com ; compass)
 
* Shazam : Can identify music by listening to it for about 10s
 
* Barcode Scanner (ZXing Team)
 
* Wifi Analyzer (farproc)
 
* GPS Status (EclipSim)
 
===[https://secure.wikimedia.org/wikipedia/en/wiki/List_of_Open_Source_Android_Applications Open Source applications]===
 
   
  +
====Wi-Fi====
==GPS with offline maps==
 
  +
Make sure Wi-Fi will stay on!
===Commercial===
 
  +
<br>Menu > Settings > Wireless & networks > Wi-Fi settings > Menu > Advanced > Wi-Fi sleep policy > Never (or never when powered)
* Copilot Live (59€ for Europe)
 
* Tomtom planned for next HTC phones, with free map of the country of purchase
 
   
===Free===
+
====BackupPC config====
  +
My config: create new host in backuppc web interface with:
From [http://www.taranfx.com/android-offline-google-maps this post]:
 
  +
XferMethod = rsync
<br>Create your own maps with [http://mobac.dnsalias.org/ Mobile Atlas Creator] (Java-based) & use them e.g. with RMaps, AndNav, Maverick, TrekBuddy,... (bitmaps so ok only for small areas such as cities)
 
  +
RsyncShareName = [/data/, /efs/ (useful??), /system/, /mnt/asec/, /mnt/sdcard/]
* Get e.g. RMaps from Android Market
 
  +
RsyncClientPath = /system/xbin/rsync
* Get [http://sourceforge.net/projects/trekbuddyatlasc/files/ latest release] of Mobile Atlas Creator & unzip it
 
  +
BackupFilesExclude = /mnt/sdcard/ => [/oruxmaps/mapfiles, /clockworkmod/backup, /radio_dump_*, /videos]
* Get latest [http://www.zentus.com/sqlitejdbc/ SqliteJDBC] library and copy it inside th eMobile Atlas Creator directory
 
  +
Note that in the mentioned link he's using RsyncShareName = / and playing with BackupFilesOnly but for me it looks like BackupFilesOnly was not respected, so I preferred to have separate RsyncShareName
* Run it (start.sh)
 
  +
<br>Some info on APP2SD [http://android.modaco.com/topic/331205-guide-how-to-get-more-free-space-for-your-apps/ here] and [http://ydal.de/android-2-2-froyo-apps-to-sd/ here]
* Choose your source, e.g. OpenStreetMaps, Google Maps,...
 
  +
<br>I had errors "Ping too slow" so I increased
* Select area: Right click to Drag, Scroll to zoom In/Out, Left click to select downloadable area
 
  +
PingMaxMsec = 400
* Select one or more zoom levels, e.g. from 12 to 18 for all levels of details of a city
 
  +
as anyway it's on local network
* Do “add selection” with a name of your choice
 
  +
====Non-rooted device====
* Select “BigPlanet SQLite” from “Atlas Settings” (for RMaps, otherwise Maverick Atlas Format for Maverick etc)
 
  +
For non-rooted devices the setup is a bit different:
* "Create Atlas"
 
  +
* SSH server will run on a non-privilegied port, e.g. port 2222
* Download the .sqlitedb map into the phone SDcard/rmaps/maps
 
  +
* login will be done with sshdroid permissions, not root, so it cannot access rsync binary neither /data content
* Disconnect the phone
 
  +
* rsync needs to be available so we'll transfer it again, as sshdroid user:
* Open RMaps and Menu > More > Settings > User defined maps > BigPlanet_maps.sqlitedb > Enabled Maps
 
  +
scp -P2222 rsync galaxy:/data/data/berserker.android.apps.sshdroid/home/bin/
* Return to main maps screen and then Menu > Maps > BigPlanet_maps.sqlitedb.
 
  +
then make it executable
===Free Navit - OSM===
 
  +
* BackupPC config is e.g.:
*Install Navit from [http://wiki.navit-project.org/index.php/Navit_on_Android here]
 
  +
XferMethod = rsync
*Install preprocessed OSM map from [http://wiki.navit-project.org/index.php/OpenStreetMap here] and put it as /sdcard/navitmap.bin
 
  +
RsyncShareName = [/mnt/sdcard/]
  +
RsyncClientPath = /data/data/berserker.android.apps.sshdroid/home/bin/rsync
  +
BackupFilesExclude = /mnt/sdcard/ => [/Movies]
  +
RsyncClientCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+"
  +
RsyncClientRestoreCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+"
  +
Because we cannot directly backup /data content, what can be done is to use e.g. MyBackupPro to backup most of the data to the SD card, in a scheduled way.

Latest revision as of 15:00, 26 April 2016

Links

App stores

Alternate views on the official market:

Alternate markets:

User manuals

Short notes

ADB

To reveal developer menu, tap 10x on "settings/about/build nr"
Then enable usb debug.
USB debugging is pretty secured since Jelly Bean but beware for older versions!

Since Android 5.0.1, it's required to use at least adb v1.0.32.

apt-get install android-tools-adb

Note that from recovery, you can also use adb:

  • adb shell
  • adb sideload update.zip
  • adb push

etc

Fastboot

apt-get install android-tools-fastboot

USB permissions on the host

Create /etc/udev/rules.d/99-android.rules for Nexus phones:

SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", MODE="0666", OWNER="<your_account>" # all Nexus

Then execute /etc/init.d/udev reload

To enter Fastboot mode

  • Power off phone
  • Depends on the phone, e.g.:
    • Nexus S: keep volume-up pressed while pressing power on for 5 secs
    • Nexus 4: keep volume-down pressed while pressing power on for 5 secs
    • Nexus 5: keep volume-down pressed while pressing power on for 5 secs
    • You've entered fastboot

See https://source.android.com/source/running.html for other models

Alternatively, fastboot can be triggererd from adb: adb reboot bootloader

OEM unlock

Necessary step before being able to flash partitions or boot on alternative recovery.

This will wipe ALL DATA!!!

fastboot oem unlock

OEM unlock for rooted devices

Once the device has been unlocked and rooted, it can be locked/unlocked again without wiping all the data, at least on some phone models.
Install BootUnlocker

Factory images for Nexus phones

Typical usage: (requires OEM unlock)

tar xzf CODENAME-VERSION-factory-CHECKSUM.tgz
cd CODENAME-VERSION
./flash-all.sh

To avoid erasing user data:
Very important if you want to keep your data!!! Edit flash-all.sh and replace

fastboot -w update image-....zip

by

fastboot update image-....zip

Recovery

TWRP

ClockworkMod

Usage

Flashing an alternative recovery (requires OEM unlock):

fastboot flash recovery recovery-clockwork-VERSION-CODENAME.img

Booting (without flashing) an alternative recovery (requires OEM unlock):

fastboot boot recovery-clockwork-VERSION-CODENAME.img

Stock recovery

To show menu with Nexus stock recovery, it depends on the phone, e.g.:

  • Nexus 4: hold "power" and press "volume-up"
  • Nexus 5: press & release quickly volume-up & power a few times

Rooting

SuperSU

Requires OEM unlock, see above fastboot oem unlock (! erase all) and see below BootUnlocker (for already rooted)
Requires e.g. TWRP recovery
Requires e.g. ChainFire SuperSU (you can check forum for beta releases)

adb reboot bootloader
fastboot boot recovery-xxx.img
# In recovery, choose Advanced / Install zip / from sideload
adb sideload UPDATE-SuperSU-v2.xx.zip
# Reboot (and decline erasing recovery updater install-recovery.sh)

Rooting Android M

Rooting method has changed quite a bit and is still uncertain as those lines are written, see e.g. http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344

Rooting securely

Rooting can be done securely if:

  • bootloader is locked again
    • problem is that unlocking would erase again the data
    • see below BootUnlocker which allows on rooted Nexus to toggle bootloader without deleting data
  • keep stock recovery
  • SuperSU is locked with a PIN
    • this requires the Pro version
  • SuperSU always require the PIN to authorize an app
    • or be very careful which ones you authorize permanently

Rooting and OTA

By experience, it's always quite difficult to apply an OTA on a rooted phone, even after having attempted to unroot the phone.
So I prefer to apply a full factory image (being careful not to overwrite the data) and root it again.
If latest factory image isn't available yet, flash the latest available then apply the regular OTA before rooting.

Prevent OTA

Normally rooting is enough to prevent OTA but to be sure, one can touch build.prop (so its sha1sum won't match anymore)

adb shell
su
mount -o remount,rw /system
echo "# Remove me to allow OTA update" >> /system/build.prop 
mount -o remount,ro /system

Attempt OTA

I don't recommend it as most attempts end in an infinite loop after the reboot.

When ready to really do OTA update:

1. Unlock bootloader with BootUnlocker, super critical step!!!

2. Make a backup of the proposed OTA patch, just in case

adb shell
ls -l /cache
adb pull /cache/update.zip

3. Restore build.prop:

adb shell
su
mount -o remount,rw /system
sed -i '/Remove me/d' /system/build.prop
  # or if you don't have sed/busybox:
  grep -v "Remove me" /system/build.prop > /sdcard/build.prop.tmp
  cat /sdcard/build.prop.tmp > /system/build.prop
  rm /sdcard/build.prop.tmp
mount -o remount,ro /system

4. Restore /system/bin/install-recovery.sh
SuperSU may have hijacked /system/bin/install-recovery.sh. If so, we need to restore it. Unfortunately using "full unroot" won't help, see here (and you'll get stuck unrooted!) so we'll restore it manually.

adb shell
su
ls -l /system/bin/install-recovery*
# should be fixed or not?
mount -o remount,rw /system
mv /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh
mount -o remount,ro /system

5. Install proposed OTA update from Android itself

5b. Check recovery logs
In case the automatic update failed, check the recovery logs:
At this point you should be already in stock recovery, if not, go to recovery
Keep power button pressed and press volume-up to get the menu
Go to "view recovery logs"

5c. Install proposed OTA update manually from a local copy on the PC

adb reboot recovery

Keep power button pressed and press volume-up to get the menu
Go to "apply update from ADB"

adb sideload update.zip

6. Reboot and let the system updating its apps
If it seems to stand forever with the boot logo, you can have a look at the same time to the system logs:

adb logcat

Seeing looping logs with a repetition of

>>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<<

is a bad sign, time for a full ROM recovery!

7. Root again, see #SuperSU

8. Prevent OTA updates:

adb shell
su
mount -o remount,rw /system
echo "# Remove me to allow OTA update" >> /system/build.prop 
mount -o remount,ro /system

9. Lock bootloader with BootUnlocker

See also my feature request for BootUnlocker

Upgrade with factory image

That's my preferred method.

1. Unlock bootloader with BootUnlocker, super critical step!!!

2. Flash a factory image
Get latest image at https://developers.google.com/android/nexus/images

tar xzf ...tgz
cd ...

Or in one go:

wget -O - ... | tar xz
cd ...

Very important if you want to keep your data!!! Edit flash-all.sh and replace

fastboot -w update image-....zip

by

fastboot update image-....zip


Then reboot the phone to bootloader and launch that script:

adb reboot bootloader
./flash-all.sh

Reboot

2b. Apply OTA If you didn't flash the latest version, apply OTA update

3. Root again, see #SuperSU

4. Prevent OTA updates:

adb shell
su
mount -o remount,rw /system
echo "# Remove me to allow OTA update" >> /system/build.prop 
mount -o remount,ro /system

5. Lock bootloader with BootUnlocker

On rooted devices

adbd insecure

As USB debugging is now pretty secure, let's enable immediate root access:
Install adbd insecure
Open app -> enable & enable at boot time

Busybox

From Google Play: https://play.google.com/store/apps/details?id=stericson.busybox&hl=en
Local install:

adb install stericson.busybox-1.apk
=> Run busybox -> install -> smart install

Consider buying Busybox Pro...

Modifying stuffs in system partition using su

adb push some_file /sdcard/
adb shell su -c "mount -o remount,rw /system"
adb shell su -c "cat /sdcard/some_file > /etc/some_file"
sleep 1
adb shell su -c "mount -o remount,ro /system"

Modifying stuffs in system partition with insecure adbd (=being root by default)

adb shell mount -o remount,rw /system
adb push some_file /etc/some_file
sleep 1
adb shell mount -o remount,ro /system

Encrypt device

See official help
Some reports say they had to repeat the process several times on Nexus 4 before encryption started. I didn't have that problem.

One major caveat is that this is the same password for disk encryption and screen unlock, cf this longstanding bugreport.
On a rooted device this can be achieved thanks to Cryptfs password or simply by doing:

vdc cryptfs changepw <new_password>

Note that it will have to be done every time the screen PIN or pwd is changed.
See also http://nelenkov.blogspot.jp/2012/08/changing-androids-disk-encryption.html

Phone-specific notes

See Android phones

Applications

See Android Apps

Applications development

See Android SDK

Using the embedded SE

See Android SE

Using TrustZone

See Android TrustZone

using Software Card Emulation

See Android Software Card Emulation

Misc

Security

http://wiki.secmobi.com/

Wi-Fi & client certs

To be able to authenticate to a Wi-Fi network using client certificates via TLS:
If needed, export certificate from IE in Pkcs#12 PFX, *with* private key, *with* all certs, *without* strong enc, *without* deletion of private key.
Rename .pfx file as .p12
(source: http://www.google.com/support/mobile/bin/answer.py?answer=168466&topic=27214#1086573)
Copy pkcs#12 certificate to root of USB storage.
File must end with .p12, not .pfx!
One single file with key+cert+cacerts is ok
Wi-Fi params: 802.1x EAP / TLS / phase2: None / CA cert: cf previous import / user cert: idem / Identity: DOMAIN\user... / Anonymous id: empty / password:...

Note that after each reboot, you'll have to select manually one of the protected networks to unlock the secure storage of personal certificates or open manually the certificates storage:
Settings > Location & Security > Use secure credentials
See also Keystore Unlocker

Importing certs

Since Android 3.0, no need for rooting anymore
If troubles, use PEM format, with file extension .crt

  • drop certs on /sdcard/
  • go to settings / personal: security / credential storage: install from storage & select both certs

Test menu

Dial *#*#4636#*#* (== *#*#INFO#*#*)

SMSC configuration

To configure the SMSC (SMS gateway) on Android is not straight forward.
Access a hidden settings menu by dialing *#*#4636#*#* (*#*#INFO#*#*) -> phone settings -> SMSC -> Refresh (to get current value)
To update that field, if it does not work in plain or between quotes, try encode it in PDU

  • First byte is length of SMSC info, so if it's e.g. +32475161616, it's 11 digits to code on 6 bytes, + 1 byte to code type of SMSC address => 7 bytes
  • Second byte is the type of SMSC address, 91 for international format
  • Next bytes are the SMSC digits, padded with "f" if odd, then nibble-swapped so in our example: 32475161616F => 2374151616F6
  • Full PDU-encoded SMSC is then: 07912374151616F6 -> Update

Screenshots

Run ddms (from Android SDK) -> Tools / Device / Screen capture

Screencast

Droid@Screen:
You'll need Android SDK too.
Make sure you're using the adb from SDK and not from e.g. Debian packages:

adb kill-server
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
java -jar droidAtScreen-1.0.2.jar

androidscreencast:
Get jnlp file from project page

adb kill-server
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
$ANDROID_HOME/platform-tools/adb start-server
javaws androidscreencast.jnlp

USB tethering

Plug phone & PC via USB
Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering)
It works OOB on Debian, nothing to do

Mounting USB as MTP or PTP

New Nexus devices don't use USB mass storage anymore but MTP or PTP, mainly to be able to access data both from Android & PC at the same time.
There are two methods using fuse so make sure your user is member of fuse group:

sudo adduser <your_user> fuse

and make sure your user can access the USB device (cf above: /etc/udev/rules.d/...)

Using mtpfs

See this article

sudo apt-get install mtpfs mtp-tools
mkdir ~/MyAndroid
mtpfs ~/MyAndroid
...
fusermount -u ~/MyAndroid

Problem is that it's very slow to mount

Using go-mtpfs

See this article

sudo apt-get install golang fuse git-core libmtp-dev libfuse-dev
mkdir /tmp/go 
GOPATH=/tmp/go go get github.com/hanwen/go-mtpfs
sudo mv /tmp/go/bin/go-mtpfs /usr/local/bin/
mkdir ~/MyAndroid
go-mtpfs ~/MyAndroid &
...
fusermount -u ~/MyAndroid

Using gphotofs

This method requires the phone to share files over USB as Camera (PTP), *not* MTP.

sudo apt-get install gphotofs
mkdir ~/MyAndroid
gphotofs ~/MyAndroid
...
fusermount -u ~/MyAndroid

Problem is that it only shows DCIM & Pictures
Not sure if it's a limitation of Android or Gphoto...

Backuping via BackupPC

I'm a big fan of BackupPc and this guy managed to link android & backuppc so let's give it a try.
Check the mentioned link but his setup is a bit different, running CyanogenMod while I'm using a stock fw.
Instructions here suppose your phone is rooted.

IP

Backuppc server needs to reach the phone so your phone needs a static (or DHCP statically attributed) IP or whatever dyndns system.

SSH

I'm using SshDroidPro
Make sure backuppc key is properly installed in /data/data/berserker.android.apps.sshdroidpro/home/.ssh/authorized_keys
Then test it as user backuppc, trying to access the phone and accept the server key fingerprint.

rsync

To get rsync binary, I found rsync backup for Android which downloads a rsync binary during install (a weird way to deal with a GPL program IMHO).
The actual binary it downloads is available here.
But Android wget doesn't support https so you've to transfer it to your phone by another mean.
One way is to install the application I mentioned and let it download that binary.
Then, to install it at a more rooted-Android standard place:

cd /system/xbin
busybox mount -o remount,rw /system
cp /data/data/eu.kowalczuk.rsync4android/files/rsync /system/xbin/
chmod 755 /system/xbin/rsync
chown root.shell /system/xbin/rsync
busybox mount -o remount,ro /system

Wi-Fi

Make sure Wi-Fi will stay on!
Menu > Settings > Wireless & networks > Wi-Fi settings > Menu > Advanced > Wi-Fi sleep policy > Never (or never when powered)

BackupPC config

My config: create new host in backuppc web interface with:

   XferMethod = rsync
   RsyncShareName = [/data/, /efs/ (useful??), /system/, /mnt/asec/, /mnt/sdcard/]
   RsyncClientPath = /system/xbin/rsync
   BackupFilesExclude = /mnt/sdcard/ => [/oruxmaps/mapfiles, /clockworkmod/backup, /radio_dump_*, /videos]

Note that in the mentioned link he's using RsyncShareName = / and playing with BackupFilesOnly but for me it looks like BackupFilesOnly was not respected, so I preferred to have separate RsyncShareName
Some info on APP2SD here and here
I had errors "Ping too slow" so I increased

   PingMaxMsec = 400

as anyway it's on local network

Non-rooted device

For non-rooted devices the setup is a bit different:

  • SSH server will run on a non-privilegied port, e.g. port 2222
  • login will be done with sshdroid permissions, not root, so it cannot access rsync binary neither /data content
  • rsync needs to be available so we'll transfer it again, as sshdroid user:
scp -P2222 rsync galaxy:/data/data/berserker.android.apps.sshdroid/home/bin/

then make it executable

  • BackupPC config is e.g.:
   XferMethod = rsync
   RsyncShareName = [/mnt/sdcard/]
   RsyncClientPath = /data/data/berserker.android.apps.sshdroid/home/bin/rsync
   BackupFilesExclude = /mnt/sdcard/ => [/Movies]
   RsyncClientCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+"
   RsyncClientRestoreCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+"

Because we cannot directly backup /data content, what can be done is to use e.g. MyBackupPro to backup most of the data to the SD card, in a scheduled way.