Tuesday, 23 May 2017

JOURNEY TO THE FREEDOM PART III.

Liberating cell/mobile phone

 

Have you heard abour Replicant OS? If not read the details here:

Wikipedia about Replicant
Replicant home page



The telephony and SMS technologies themselves are bad from security point of perspective, but many people are sacrificing their privacy and freedom also in other ways which nowadays smartphones provide as features.

Why to use Replicant over Android/iOS

Since all the reasons have been written/published already I'd like to highlight article from replicant's page :

Freedom/privacy issues 

In short: Mobile devices such as phones and tablets are taking and increasingly important part in our computing, hence they are particularly subject to freedom and security concerns. These devices are actually full computers with powerful hardware, running complete operating systems that allow for updates, software changes and installable applications: this makes it easy to run free software on them. Mobile devices are often used for communications and provide hardware features that are sensitive when it comes to privacy and security: GPS, camera, microphone, etc, in addition to storing the user's data. Hence, they are particularly subject to being used to spy on the user.

Other useful details 

Please check also following links to get an overview and supported devices by Replicant
FAQ
Supported devices

Replicant 6.0 was released on 13 May 2017 and is based on LineageOS 13.0 which is based on Android 6.0. Here is the changelog .

What device to choose ?

The situation is the same as with Libreboot - only few devices are supported and all of them are fairly outdated. So it's up to you, but be sure to pick up from list of supported devices. I've chosen Samsung Galaxy S3 i9300 - those are easy to get and are fairly cheap now (50-100E). Also it's probably the best one to choose among other supported devices due to release date and hardware it has. Also all the important features are working in order to use it as cell phone with Replicant.

Installation


You will need:
Replicant supported device + usb cable
PC running Linux OS (In my case it was elementaryOS 0.3.2)
Heimdall installed in Linux (in my case heimdall v1.4.0)
Internet connectivity

Installation steps.
There's good documentation on Replicant forums for each device. All the details for Galaxy S3 are grouped here
Installation details for Galaxy S3 i9300 are documented here. Following text is basically copied from replicant's installation guide with little corrections/additions and my screenshots included.

It is possible to install Replicant when using internal phone storage or using SD card. Also it's up to you whether you're going to use ADB or heimdall to flash. I'm going to use heimdall, internal storage and precompiled Replicant image. For convenience it's good to perform all steps as root.

Step 1. Download all necessary files & checksums

You can find the files here. So I had to download 5 files in total. I have used wget to download it to my PC.

Step 2. Make sure you have added the Replicant release key to your GPG keyring

- details here

Step 3.  Check the signature of the files and check the checksum of the files.  

Do not install anything if it doesn't match !




Step 4. Copying the files to the phone

1. Make sure the device is started up and has an Android system running
2. Connect the USB cable to both the computer and the device
3. Enable USB mass storage on the device
4. Mount the mass storage on the computer
5. Copy the replicant-6.0-i9300.zip file at the origin of the mass storage

Please note that the path names may differ on your system (you will have to find the correct one once you connect device to the PC)


6. Safely unmount the mass storage on the computer
7. Disable USB mass storage on the device

Step 5. Preparing the device

1. Make sure the device is completely turned off and the USB cable is disconnected from the device
2. Start the device by holding the following key combination: Volume down, Select, Power
3. Hold the key combination until the device shows a Warning message


4. Confirm that you want to download a custom OS (using volume up)
5. Make sure the device is in Downloading mode

6. Connect the USB cable to both the computer and the device

Step 6. Installing recovery images

1. Install the recovery image to the device:

 

2. Make sure that the device reboots to recovery after "Releasing device interface.." output  by IMMEDIATELY holding the following key combination: Volume up, Select, Power


You have to be quick with pressing those buttons as the phone is rebooted automatically after heimdall flashing is finished. Also if Recovery menu doesn't come up and Samsung logo keeps blinking, just release the buttons and it will proceed to recovery.

Step 7.  Factory reset

A factory reset is necessary if you switch from the factory image or a different Android distribution to Replicant. You also need to do a factory reset when upgrading to a new major release (e.g. from Replicant 4.2 to Replicant 6.0). Only when updating to a new minor release (e.g. from Replicant 6.0 0001 to Replicant 6.0 0002), a factory reset is usually not required.
1. Select Factory reset
2. Select Wipe data (keep media)
3. Confirm the data wipe by selecting Yes
4. Press the back key (if necessary) to get back to the general menu

Step 8. Installing replicant image

1. Select Apply update
2. Select Choose from emulated
3. Select the system zip: replicant-6.0-i9300.zip
Note: if your device was running Android 4.2 and later, it may be located in the 0 directory
4. Confirm the installation


 It takes some time to install but shouldn't take too long.

Step 9. Completing the installation

1. Press the back key (if necessary) to get back to the general menu
2. Select Reboot system now to reboot the device

It will take some time until it boots up to the UI for the first time so don't panic


Your device should now be running Replicant!

Screenshots right after it boots:


Things to note

- check again what is not working in current release here
- even though not all of the things are working it is stable/usable enough for daily use
- you may encounter minor hiccups/lags and/or app crashes from time to time
- there's no PlayStore nor any google apps/services (guess why :) ), there's "appstore" called F-Droid instead (learn more about F-Droid here)
- there's not convenient update of Replicant, you will have to follow nearly the same procedure when updating to newer release







Things I did after installation

- Encrypted the phone
- Installed the apps I need (I'm using xabber for XMPP, will have to search for mail client)
- checked the recommendations here



Isn't it nice to have up to date Android security patch level on device which was released back in 2012 ? How many of you can say the same about your older and/or recently release devices ?


Update 3.11.2017:  When updating to the most recent release of Replicant (Replicant 6.0 0002 ) it turned out that using the "emulated storage" when choosing which image to use for update is not working on encrypted device. ADB sideload method must be used instead.