y.st./compiled/en/weblog/2015/12-December/25.xhtml

<?xml version="1.0" encoding="utf-8"?>
<!--
                                                                                     
 h       t     t                ::       /     /                     t             / 
 h       t     t                ::      //    //                     t            // 
 h     ttttt ttttt ppppp sssss         //    //  y   y       sssss ttttt         //  
 hhhh    t     t   p   p s            //    //   y   y       s       t          //   
 h  hh   t     t   ppppp sssss       //    //    yyyyy       sssss   t         //    
 h   h   t     t   p         s  ::   /     /         y  ..       s   t    ..   /     
 h   h   t     t   p     sssss  ::   /     /     yyyyy  ..   sssss   t    ..   /     
                                                                                     
	<https://y.st./>
	Copyright © 2015 Alex Yst <mailto:copyright@y.st>

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program. If not, see <https://www.gnu.org./licenses/>.
-->
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<base href="https://y.st./en/weblog/2015/12-December/25.xhtml" />
		<title>An attempt at rooting an unruly device &lt;https://y.st./en/weblog/2015/12-December/25.xhtml&gt;</title>
		<link rel="icon" type="image/png" href="/link/CC_BY-SA_4.0/y.st./icon.png" />
		<link rel="stylesheet" type="text/css" href="/link/basic.css" />
		<link rel="stylesheet" type="text/css" href="/link/site-specific.css" />
		<script type="text/javascript" src="/script/javascript.js" />
		<meta name="viewport" content="width=device-width" />
	</head>
	<body>
		<nav>
			<p>
				<a href="/en/">Home</a> |
				<a href="/en/a/about.xhtml">About</a> |
				<a href="/en/a/contact.xhtml">Contact</a> |
				<a href="/a/canary.txt">Canary</a> |
				<a href="/en/URI_research/"><abbr title="Uniform Resource Identifier">URI</abbr> research</a> |
				<a href="/en/opinion/">Opinions</a> |
				<a href="/en/coursework/">Coursework</a> |
				<a href="/en/law/">Law</a> |
				<a href="/en/a/links.xhtml">Links</a> |
				<a href="/en/weblog/2015/12-December/25.xhtml.asc">{this page}.asc</a>
			</p>
			<hr/>
			<p>
				Weblog index:
				<a href="/en/weblog/"><abbr title="American Standard Code for Information Interchange">ASCII</abbr> calendars</a> |
				<a href="/en/weblog/index_ol_ascending.xhtml">Ascending list</a> |
				<a href="/en/weblog/index_ol_descending.xhtml">Descending list</a>
			</p>
			<hr/>
			<p>
				Jump to entry:
				<a href="/en/weblog/2015/03-March/07.xhtml">&lt;&lt;First</a>
				<a rel="prev" href="/en/weblog/2015/12-December/24.xhtml">&lt;Previous</a>
				<a rel="next" href="/en/weblog/2015/12-December/26.xhtml">Next&gt;</a>
				<a href="/en/weblog/latest.xhtml">Latest&gt;&gt;</a>
			</p>
			<hr/>
		</nav>
		<header>
			<h1>An attempt at rooting an unruly device</h1>
			<p>Day 00293: Friday, 2015 December 25</p>
		</header>
<p>
	It occurred to me today that while the <a href="/en/">home page of my main website</a> lists hashes of the site&apos;s <abbr title="Transport Layer Security">TLS</abbr> certificate, these hashes are inaccurate.
	The hashes are for the certificate that I used on my own server, but for security reasons, I generated a new certificate when I uploaded the website to <a href="https://wowana.me/">wowaname</a>&apos;s server.
	No one has pointed out the bad hashes up through now, so I can only assume that no one is checking the hashes anyway.
	I have removed the bad hashes, though I have not added good hashes and might not unless hashes are requested.
</p>
<p>
	My mother still has not chosen what she wants done on the mobile front.
	I have told her repeatedly that before I can get the mobile that she wants me to carry, she needs to decide which mobile and which plan.
	It is clear that the mobile and plan that I chose myself is not good enough for her.
	However, she keeps getting on my case about it, still without making a decision.
	In an attempt to prevent such future arguments in the future, I purchased a cheap mobile on a cheap plan that has the stupid <abbr title="Short Message Service">SMS</abbr> service that she wants me to have.
	To be clear though, even when my Replicant was on a plan with <abbr title="Short Message Service">SMS</abbr> and calling features, it was not good enough for her.
	This secondary mobile will only alleviate her most recent gripes.
	If she wants me to use exactly the device she chooses, she is going to have to actually choose a device.
	Likewise, this device does not meet my needs, and will not in any way be a replacement for my Replicant.
</p>
<p>
	I chose the cheapest device I could find, a TracFone LG Optimus Fuel, and put it on the cheapest plan I could find, a $20 <abbr title="United States Dollars">USD</abbr> plan that only needs to be renewed every three months.
	This device also has two other useful features, which are that it comes with a small micro<abbr title="Secure Digital">SD</abbr> card and that it is rootable without the use of a Windows machine.
	Unfortunately, the only known rooting method I could find for this device requires the use of a proprietary mobile application.
	This is certainly not acceptable for my Replicant device, which needs to be free and needs to be trusted, but this secondary device is already burdened by proprietary software and can never be trusted.
	By rooting the device, I was at least able to make the device partially behave itself and not spy on me on Google&apos;s behalf as much.
</p>
<p>
	Before resorting to the know-to-work rooting method, which requires the use of a proprietary application, I first tried modifying a free solution to meet my needs.
	Some software called <a href="http://forum.xda-developers.com/note-2-verizon/general/root-adb-ghettoroot-v0-1-towelroot-port-t2864125">Ghetto Root</a> claims to be a reverse engineering of the proprietary application, though it is only known to work on one device, and it is no the one that I am working with.
	Like the proprietary option, Ghetto Root is supposed to install the same proprietary root access manager, so I edited the code to instead try to install <a href="http://koush.com/">Superuser</a>, the free root access manager.
	I additionally added the &quot;mod string&quot; appropriate for my device.
	The installer claims success, but it seems to actually fail.
	After running it, I found a symbolic link at <code>/system/bin/su</code>, but it points to a file that does not exist and I cannot be sure that that symbolic link did not already exist.
	Being unable to do this the free way, and the alternative being that I walk around with a spyware-enabled device that offered no privacy or freedom whatsoever, I resorted to temporarily using the proprietary rooter, knowing that once it installed the proprietary root manager, I could swap it out for the free root manager and remove the rooting application.
	Before starting, I reset the device for good measure.
</p>
<p>
	It is important to note that before starting, I did not activate any mobile plan and did not give the mobile access to my Wi-Fi network.
	I could not allow the device to phone home before the process was complete.
	I downloaded both the proprietary rooting application, the free <a href="https://f-droid.org/repository/browse/?fdid=com.koushikdutta.superuser">Superuser</a> application, <a href="https://f-droid.org/">F-Droid</a>, <a href="https://f-droid.org/repository/browse/?fdfilter=orbot&amp;fdid=org.torproject.android">Orbot</a>, <a href="https://f-droid.org/repository/browse/?fdfilter=orbot&amp;fdid=org.ethack.orwall">orWall</a>, and the <a href="https://repo.xposed.info/module/de.robv.android.xposed.installer">Xposed Installer</a> on my laptop, not the mobile.
	I tried to keep my list of applications to add minimal, but felt that these five applications were justified for the following reasons.
	Superuser, orWall, and the Xposed installer all make changes to the <code>/system</code> partition, which on this device, is a pain to modify.
	We should be able to modify it once, then forget about it, having our changes survive even when performing a factory reset.
	orWall changes the system such that all Internet connectivity is broken unless orWall and a root application are present, so we need orWall and Superuser installed at all times to prevent us from having to look up complicated solutions or reinstall the applications after a system reset.
	F-Droid and the Xposed Installer both act as application repositories, and it would be nice to be able to install the applications we want right away instead of having to look for the repository applications first.
	(Please be careful about what you install from the Xposed Installer.
	It does not commit to keeping its repository stocked with only free applications, so many applications it contains are proprietary.
	Still, the application store itself and some of the applications it carries are in fact free.) Lastly, Orbot seemed like a good idea, given that orWall was already in the group.
	Without Orbot, orWall and Superuser could still be used to enable clearnet network connectivity, even if just long enough to install Orbot, but why not do things right instead? Why not have the Orbot installation survive system resets so that we can send our traffic through <abbr title="The Onion Router">Tor</abbr> from the start?
</p>
<p>
	I went through the Android setup dialog, disabling automatic rotation and networking, but skipping all the input options.
	I quickly found that this device does not come with a file manager, making direct installation of packages placed in the file system impossible.
	I tried to install the application via <abbr title="Android Debug Bridge">ADB</abbr>, but <abbr title="Android Debug Bridge">ADB</abbr> could not find the device.
	I went into the device settings menu and tapped on the &quot;build number&quot; information rapidly until the developer options were enabled, went the the developer options menu, and enabled &quot;<abbr title="Universal Serial Bus">USB</abbr> debugging&quot;.
	This fixed the issue, and I was able to install the proprietary rooting application, using a <a href="http://forum.xda-developers.com/showpost.php?s=262b98da09caccb6a61f052ddd650850&amp;p=22547664&amp;postcount=3">command retrieved from a forum</a>.
	Using <a href="https://androidarea51.com/all-things-root/working-root-for-lg-optimus-fuel-woot/msg29830/#msg29830">instructions from another forum</a>, I tweaked the settings of the proprietary rooting application and tried to root the device.
	However, the rooting application refused to perform without a network connection.
	My guess is that the rooting application wants to be able to phone home for statistical purposes.
	Being unable to route the connection through <abbr title="The Onion Router">Tor</abbr>, as the device was not rooted yet, I disabled or uninstalled every application that I could aside from the rooting application (so that they would have the smallest chance of phoning home), and am now waiting until I have a chance to use a public Wi-Fi point, turn on the Wi-Fi functionality, and root the device.
	It is unfortunate that the rooting application will probably report my hardware information such as the <abbr title="media access control">MAC</abbr> address, as well as an <abbr title="Internet Protocol">IP</abbr> address that pinpoints my city (or rather, the city directly touching my city), but at least it will be unable to get my home <abbr title="Internet Protocol">IP</abbr> address or any sort of telephone number.
	While disabling all the applications, I found that supposedly, this device has a file manager, though I cannot find any way to access it.
</p>
<p>
	I kind of want to try my hand at creating a <abbr title="The Onion Router">Tor</abbr>-based search engine.
	It has been done before, but I see no reason why I cannot build one too.
	If I end up gathering too much of an index though, I will probably have to shut it down out of lack of resources.
</p>
<p>
	My <a href="/a/canary.txt">canary</a> still sings the tune of freedom and transparency.
</p>
		<hr/>
		<p>
			Copyright © 2015 Alex Yst;
			You may modify and/or redistribute this document under the terms of the <a rel="license" href="/license/gpl-3.0-standalone.xhtml"><abbr title="GNU&apos;s Not Unix">GNU</abbr> <abbr title="General Public License version Three or later">GPLv3+</abbr></a>.
			If for some reason you would prefer to modify and/or distribute this document under other free copyleft terms, please ask me via email.
			My address is in the source comments near the top of this document.
			This license also applies to embedded content such as images.
			For more information on that, see <a href="/en/a/licensing.xhtml">licensing</a>.
		</p>
		<p>
			<abbr title="World Wide Web Consortium">W3C</abbr> standards are important.
			This document conforms to the <a href="https://validator.w3.org./nu/?doc=https%3A%2F%2Fy.st.%2Fen%2Fweblog%2F2015%2F12-December%2F25.xhtml"><abbr title="Extensible Hypertext Markup Language">XHTML</abbr> 5.1</a> specification and uses style sheets that conform to the <a href="http://jigsaw.w3.org./css-validator/validator?uri=https%3A%2F%2Fy.st.%2Fen%2Fweblog%2F2015%2F12-December%2F25.xhtml"><abbr title="Cascading Style Sheets">CSS</abbr>3</a> specification.
		</p>
	</body>
</html>