First post. Sorry it’s too long but thought background info might be good:
A GNU/Linux person here (with a Librem 5) who’s resisted the spy-phone duopoly so far. Unfortunately the world however merrily insists that everyone must use their spy-applications. However Murena looks to offer a great alternative and just bought a Fairphone 5 hoping I could use it.
Despite being a complete novice I did manage to flash it with the Official build type. Then again with the Community type expecting a little better control / functionality.
Fortunately the device remained better than a door-stop although I do feel very sorry for all in the mean-spirited anti-rollback pit and hope they climb out without too much cost / trouble.
Big questions now for anyone who might be able to help:
a) How if possible can I install OpenSSH so that sshd allows remote sessions?
b) What credential choices if any are there to gain superuser privileges and access all areas?
c) If a superuser password is needed may that be set or would doing that mess up anything?
Apologies if the above have already been answered; did look but didn’t see.
Thanks for reading this far and best wishes to all.
a) termux and install from there (Android 16 will bring it’s own virtualized Linux terminal, though not sure if a distributions package manager will be attached to fetch openssh etc from the get go)
b) you can enable “adb root” in community builds and do root things when tethered to a device
c) there can be made a way to su from a regular user, but never went that route myself. adb root can place su binaries or using Magisk
The qcm6490 in the FP5 seem to shape up to have good mainline support should Android ever fall out the picture
Thanks so much for the rapid response - much appreciated.
a) Wasn’t clear if termux can access Android space or if confined to its own system.
b) Yeah saw the “adb root” - one reason to re-flash with the community build - just a bit scared of accidentally causing a disaster with it.
c) Thought I might be able to create a non-“root” user in wheel group but not too keen on using Magisk if that works on my Debian box.
The FP5 has a reasonably powerful SoC with longevity but its Baseband processor and SIM (another processor) may well have control of phones invisible to main processors (running Android etc) and owners taking all sort of precautions. Split tunneling is a huge security risk - VPNs or no. The industry remains tight-lipped on this subject (apart from Apple stating does it bypass VPNs). If you’re in the USA I recommend joining the Calyx Institute and moving your SIM from the phone to its tethered hotspot and using VOIP for calls. Unfortunately I live in the UK where Internet connections cost money…
baseband vs SoC: there’s been more separation last few years, it’s not direct memory access anymore. But yes people forget there are many little cpus and firmwares on one board, some inaccessible and very closed source
Don’t know if you’re intent on using OpenSSH specifically, but you can open a remote shell using ADB over Wi-Fi. Of course you can alternately use a USB connection which is what people commonly do.
ADB over Wi-Fi requires a one time pairing of the phone to your PC done through an ADB command. Once connected you can open an ADB shell on your PC. The ADB shell is basically a Linux terminal. To get root access you have to allow it through developer options and use the command “adb root” before calling up the shell with “adb shell”. ADB has a good help screen, use “adb --help”.
Well put. Avoiding the duopoly is pretty difficult to do. You have two choices and both are equally bad. It’s frustrating the way every business expects you to have a Google or Apple phone now. It’s like maybe I don’t want to use your hostile spyware app to do business, and maybe I don’t want to use a phone at all.
OpenSSH would be ideal I think. I want to keep things as simple as possible and manage the FP5 as similarly as possible to other things on the local network. I have an natural aversion to adding wrappers and packages around already familiar solid connection methods - given a choice. I like the quality and security of cables for static devices and convenience of wireless for smaller more mobile devices.
It’s all a bit new to me and I was wondering if it’s necessary to change how the FP5 runs to allow remote connection sessions and file transfers as a superuser. Using adb seems to imply this for USB but hoped wifi would be enough when the FP5 runs normally.
It wouldn’t be fair to compare an FP5 with a Librem 5. The latter is more a phone-format computer that does phone stuff (except duopoly apps) and was hoping the former would be a phone that also does computer networky stuff - especially as it runs a version of GNU/Linux. Hope I make some sense - let me know if not.
Thanks again for the info; good pointers if and when I next get chance to investigate some more. Will let everyone know how if it does work in the end.
Sorry replied to your earlier post then saw your second. Thanks again.
It’s good to make contact with like-minded people - such a change from all the blind sheep.
For the moment I’m still telling them I don’t have a mobile phone but that’s becoming so much harder and it really is a good thing /e/ exists. Ads and greed are probably the biggest threats to the free software world and privacy - no suprises G is primarily a greedy ad agency - even dragging Mozilla into the abyss it seems. Hang on - mustn’t go off piste into browser woes here…
I can relate to keeping things simple and consistent. I try to do that myself. Unfortunately, the design philosophy of phones versus general purpose computers is not in the same ballpark. They just do things quite differently in most cases. There’s no reason it has to be that way since Android runs on a Linux kernel, but for better or worse Android takes a sharp turn from traditional computing.
I wouldn’t consider ADB a wrapper in the traditional sense, it’s more of an interface layer. In any case it’s what we use for low level access on Android. It may be possible to run OpenSSH on an Android phone, but you’ll have to get into the nuts and bolts to do it.
This is a side issue to my original questions to which I still need guidance but I wanted without scaring people to just emphasize when owners switch “off” their phones so the displays goes black and speakers silent the baseband processors still communicate with SIMs in secret. They have full mobile network access and some control of the phones - cameras & microphones perhaps. VPNs and OS data leaks are all irrelevant. The industrial secrecy surrounding this is creepy. It would be better to let owners switch off all sensors and radio comms when not needed. One day perhaps…
People could use Faraday cages til then if they value privacy and cannot remove batteries. The downside is those methods block both ways and will of course prevent incoming calls.
Getting late now and a G device somewhere is no-doubt expecting to record my valuable farts & snoring…
Yes phones don’t actually turn off in the same manner as removing the battery. They are still powered. The SOC simply powers down peripheral devices goes into an off state. It can still wake up momentarily and do some task. For a phone with a non-removable battery the only way to be sure it’s not communicating is to put it in a Faraday bag, but that might be considered paranoid. The best solution is to use an operating system that does not misbehave in the first place. That excludes iOS and OEM Android.
Sorry I’m not good at explaining - another go with apologies for repeating stuff:
Processors other than that which runs a perfectly leak-free OS are also in the phone such as the baseband processor. That processor interacts with the processor in the SIM to communicate with the local mobile network and the two also have some control of the phone independently of the OS.
We know some Apple devices bypass the OS and therefore any VPN by using the mobile network when communicating with places on the Internet. The rest are well-guarded secrets. For example cameras and microphones may be involved in isolation of the OS and the phone’s owner who only experiences their device through its screen and audio systems.
The industry’s refusal to document or discuss exactly what capabilities the baseband and SIM processors have in terms of phone control and communication is the problem - a creepy one.
An OS however good cannot prevent transmission of private data to big business if it’s being excluded from having any involvement. Although I must just add an OS such as /e/OS [or “Murena” now?] which maximizes what data privacy it can is excellent. All this digression probably belongs on a different thread really - sorry.
Any extra info regarding the three questions in my original post would be fab as it is still my aim to be able to make fiddle-free connections to manage the FP5. Thanks again for the ideas and contributions so far - most kind.
