summaryrefslogtreecommitdiffstats
path: root/software/android.page
blob: 0a7e0a8423e51cfdda1ff19ed2f9d042a5a7d71b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

# Packages

* F-Droid for open source package management
* K-9 for email
* Apollo for music
* Lighting browser
* OsmAnd for maps
* Signal for messaging
* Atomic for IRC

# Rooting/Cyanogen

My directions were a little different from the instructions I found on the net.
These directions are for the Nexus S hardware.

First install the Android SDK locally and add-on the fastboot command line tool
(google for it).

Put the phone in bootloader and unlock it (deleting all data). Reboot normally
and download the signed SuperUser and CyangoGen mod packages. Reboot into
bootloader and flash the twrp-crespo-2.0.0RC0.img recovery mode image (mirrored
on my static site). Use recovery mode to install SuperUser from the "Install"
menu (could skip this step?). Then install the CyanogenMod package the same
way.

# Full disk encryption

Using a short pin or swipe pattern is generally reasonable on android devices
to protect against many attacks because the unlock program will lock up after
repeated incorrect attempts, making naive brute forcing impractical. The best
technique for brute forcing is to take a full disk image and crack offline, in
which case a short pin will be defeated trivially. Notably, off the shelf
hardware seems to exist for dump images quickly and easily, eg at a border
crossing. So there is a good motivation to have a stronger disk encryption
password and a short (convenient) screen unlock pin.

The default policy in android 3.1 doesn't allow this using the UI, but it can
be done [from the command line](http://nelenkov.blogspot.com/2012/08/changing-androids-disk-encryption.html):

    $ su -c "vdc cryptfs changepw <newpass>"

# Reference

A full set of instructions for the Galaxy Nexus are
[here](http://pof.eslack.org/2012/07/30/fortifying-a-galaxy-nexus-with-stock-ish-image-and-root-access/).