[Linux-aus] Grant Application for PinePhones

[Adam Nielsen]

> OSs such as Android and ChromeOS are free to use but are implemented
> in locked down configurations and have a development process that is
> extremely unwelcoming to contributions from the community.  While the
> F-Droid [3] project does some good work the common use for Android is
> for mostly proprietary apps.  

I can't comment on the development process, but a lot of the issues are
around security (trying to limit the damage a rogue app can do).  If
you're going to allow untrusted code to run on a system owned by
someone that is not tech savvy, you don't have a lot of choice here.

But this is one reason why I have chosen to use Google-branded phones
over the alternatives.  They have a well documented process for
unlocking the bootloader and allowing you to run your own code on the
device.

I'm certainly not trying to downplay the efforts of PinePhone (as they
are doing more than just opening the OS) but the core Android OS is
already relatively open, at least as shipped by Google.

> Also because Android is designed to be used as a locked-down system
> there aren't good options for performing standard Unix operations
> such as rsync'ing your home directory to a new device, sshing to your
> device from a server for remote backups and management, etc.  

If you want to SSH and rsync on an Android device, I recommend the free
app SimpleSSHD[1].  It provides an SSH server and common commands like
rsync.  I have used it for many years on my phones for regular backups,
including moving photos and videos off the device while keeping the
original quality files.  Once it's set up, SSH'ing into your Android
device works the same as any other embedded system.

If you don't have root access on your phone, you have to configure sshd
via the app to listen on a port above 1024 and you can only get access
to your user data (like any other app).

However if you have root access to your phone (which you should!) then
you can configure it to listen on port 22 and log in as the root user.
Perhaps this comes with some security risks, however it allows you to
rsync as the root user, meaning you get access to the whole device -
the OS, all the app data for all apps, the lot.  This allows you to do
a full phone backup.

As a side note, being able to get in as root also allows you to do nice
things like extract the secrets directly from the Google Authenticator
SQLite data file.  You can then use these with oathtool to generate your
numeric MFA tokens on more than one device.  This means if you lose your
phone or it breaks, you won't get locked out of any accounts as you can
still generate the same MFA tokens on another device.

Cheers,
Adam.

[1]: https://play.google.com/store/apps/details?id=org.galexander.sshd