DocScrutinizer05 changed the topic of #neo900 to: http://neo900.org | conversations are logged to http://infobot.rikers.org/%23neo900/ and http://irclog.whitequark.org/neo900
paulk-collins has joined #neo900
xes has joined #neo900
xes has quit [Remote host closed the connection]
paulk-collins has quit [Quit: Quitte]
xes has joined #neo900
Humpelst1lzchen has joined #neo900
Humpelstilzchen has quit [Ping timeout: 264 seconds]
Beaches_ is now known as Beaches
Kabouik has quit [Ping timeout: 265 seconds]
mordac has joined #neo900
mordac has left #neo900 ["."]
xes_ has joined #neo900
xes has quit [Ping timeout: 250 seconds]
Oksana has quit [Read error: Connection reset by peer]
Oksana has joined #neo900
delphi has quit [Ping timeout: 264 seconds]
lobito1 has joined #neo900
trx has joined #neo900
lobito has quit [Ping timeout: 265 seconds]
lobito1 has left #neo900 [#neo900]
Oksana has quit [Ping timeout: 255 seconds]
freemangordon_ has joined #neo900
trx has quit [Ping timeout: 265 seconds]
ecloud has quit [Quit: No Ping reply in 180 seconds.]
ecloud has joined #neo900
trx has joined #neo900
rjeffries has quit [Ping timeout: 265 seconds]
mvaenskae has quit [Ping timeout: 240 seconds]
modem has joined #neo900
freemangordon_ has quit [Quit: Leaving.]
<enyc_> MonkeyofDoom: oooh thats useful to know armhf chroot works =)
enyc_ is now known as enyc
mvaenskae has joined #neo900
freemangordon_ has joined #neo900
<enyc> MonkeyofDoom: though some of the debian lxde images etc. had some custom/different pulseaudio package ... I should check the details, I might neet to reproduce something there to have that working again...
<enyc> MonkeyofDoom: I think I'll try just 'updating' one copy of the wheezy armel to jessie armel and see what happens... then consider making a jessie armhf variant =)
j has joined #neo900
j is now known as Guest35316
Guest35316 has quit [Client Quit]
sparetire_ has quit [Quit: sparetire_]
paulk-collins has joined #neo900
antiatom has joined #neo900
Kabouik has joined #neo900
che1 has joined #neo900
che1 has quit [Ping timeout: 240 seconds]
rjeffries has joined #neo900
rjeffries has quit [Ping timeout: 265 seconds]
louisdk has joined #neo900
lobito has joined #neo900
cybiko123 has joined #neo900
cybiko123 has quit [Client Quit]
cybiko123 has joined #neo900
cybiko123 has quit [Changing host]
cybiko123 has joined #neo900
lobito has quit [Remote host closed the connection]
lobito has joined #neo900
cybiko123 has quit [Quit: Leaving.]
Kabouik has quit [Remote host closed the connection]
Pali has joined #neo900
paulk-collins has quit [Remote host closed the connection]
Kabouik has joined #neo900
lobito has quit [Quit: Leaving.]
lobito has joined #neo900
HylianSavior has quit [Ping timeout: 248 seconds]
HylianSavior has joined #neo900
cybiko123 has joined #neo900
cybiko123 has quit [Changing host]
cybiko123 has joined #neo900
silviof has joined #neo900
lobito1 has joined #neo900
lobito has quit [Ping timeout: 255 seconds]
lobito has joined #neo900
lobito1 has quit [Ping timeout: 250 seconds]
lobito1 has joined #neo900
lobito has quit [Ping timeout: 252 seconds]
paulk-aldrin has joined #neo900
mvaenskae has quit [Ping timeout: 246 seconds]
silviof has quit [Quit: WeeChat 1.2]
silviof has joined #neo900
sparetire_ has joined #neo900
louisdk has quit [Ping timeout: 248 seconds]
arcean has joined #neo900
arcean has quit [Remote host closed the connection]
mvaenskae has joined #neo900
Kabouik has quit [Read error: Connection reset by peer]
xes_ has quit [Ping timeout: 244 seconds]
louisdk has joined #neo900
louisdk has quit [Ping timeout: 246 seconds]
Pali has quit [Remote host closed the connection]
louisdk has joined #neo900
louisdk has quit [Ping timeout: 255 seconds]
<enyc> DocScrutinizer05: oooh useful publicity sensible?
<DocScrutinizer05> sorry?
<enyc> DocScrutinizer05: i see all the mentioses of ccc.de and otherwise
<enyc> DocScrutinizer05: is this trying to get more publicity/interest in neo900 ?
louisdk has joined #neo900
<DocScrutinizer05> err basically yes. Neo900 will run a village on cccamp15 and Werner will do a talk. Of course this is to increase visibility of the project
<enyc> DocScrutinizer05: do you think you can present what the blockers and steps to completion are? I think more buyers would come if it looked like this might not fizzle-out / has clearly defined remaining tasks ?
<DocScrutinizer05> the remaining tasks are pretty simple: build it
<DocScrutinizer05> the blocker: get more preorders
<enyc> DocScrutinizer05: thats sounds simple but what are the underpinning steps and snags? are they listed anywhere enough to convince those that it looks like it will truly happen?
<enyc> DocScrutinizer05: and be 'workable' / 'usable'
<DocScrutinizer05> see neo900.org
<enyc> DocScrutinizer05: i think this 'appearance of ability to complete and work' (or lac therein) will hold up preorders... so is important... in my view
<DocScrutinizer05> I don't know what to present to you to convince you
<enyc> DocScrutinizer05: i'm not sut atlking about me... but anybody who hasn't been following in great detail
<DocScrutinizer05> so?
<enyc> DocScrutinizer05: underpinng steps, how many more board respins, realistic estimate of remanintg tasks and time
<enyc> DocScrutinizer05: so... i think this will hold up pre-orders if some may have underpinning suspiciton this could fizzle-out or similar
<enyc> DocScrutinizer05: fore xample, the simple point that ''pre orders is holding us up'' os not part of faq that i can see
<DocScrutinizer05> please read about all that in http://talk.maemo.org/showthread.php?t=91142 and http://neo900.org/
<DocScrutinizer05> for now we're on hold for preorders since we can only do one order for N900 devices and we have too few preorders yet to do that already. But that's not as bad as it sounds since Nikolaus is busy with Pyra until mid of August. After that we will continue with building proto_v2 and eventually we will order the N900, and at that point in time it's basically preorder "closed" since we cannot guarantee for further N900 getting available
<DocScrutinizer05> I'm pretty sure cccamp15 will result in another bunch of preorders, due to visibility. For feasibility see Neo Freeruner, GTA04, Pyra
louisdk has quit [Ping timeout: 244 seconds]
louisdk has joined #neo900
<DocScrutinizer05> "underpinng steps, how many more board respins, realistic estimate of remanintg tasks and time" is all mere guesswork and worth nothing to publish any detailed lists. We elaborated on the general timeline and steps to do, several times already. More detailed info isn't available
<DocScrutinizer05> proto_v2: get a "working device" with core system (CPU, RAM, storage and power) on attached BB-xM
<DocScrutinizer05> proto_v3: integrate core system into proto_v2 board and evaluate for production
<enyc> DocScrutinizer05: fair enough =) I think these points should be copied/linked into a faq entry so e.g. that specific thread is more visibele ... i could try to word something when i'm more awake =)
<DocScrutinizer05> additional board spins are needed when we did an oopsie somewhere. The longer we check design before building a protoboard (whether v2 or v3), the more likely we find all oopsies without wasting a board spin for it
<enyc> nodsnods
<DocScrutinizer05> we checked so much now, I'm almost sure we will have a working proto_v2 already, on first spin
<enyc> so explain in the 'completion guesswork' faq that it may or may not need a further protoboard, they next will be done when nokolaus ... pyra ... but your current proto_v2 ...
louisdk has quit [Ping timeout: 255 seconds]
<DocScrutinizer05> ilon: ^^^
<DocScrutinizer05> dos1: ^^^
<DocScrutinizer05> ilon: dos1: wpwrak: we also _need_ to send reminder mails now
<enyc> DocScrutinizer05: thankyou... for taking on board ... trying to be helpful here considering from a different pov...
<DocScrutinizer05> thanks a lot! :-)
louisdk has joined #neo900
<enyc> I had some very interesting discussions in arm discussing working between people of different types... engineers very interesting to manage =) projects and conflicting interests ... so it goes on...
paulk-aldrin has quit [Remote host closed the connection]
<ZetaR> DocScrutinizer05: I have been thinking about a possible attack on the modem setup on the Neo900. What do you think of creating "banal" misbehavior of the modem w.r.t. transmission when it is powered but supposed to be shut down, e.g. when the user wants to use GPS with modem transmission disabled? I imagine it to be similar to breaking into a secure facility by intentionally setting the alarm off over and over again, and then during the re
<DocScrutinizer05> sorry, I can't follow
<DocScrutinizer05> aaah, maybe I get the idea
<DocScrutinizer05> well, it's not our decision how users react on atypical behavior of modem
<ZetaR> Also, if the modem has banal misbehavior out-of-the-box, then it ruins the idea of security by monitoring signal transmission.
<DocScrutinizer05> modem starting to transmit when it shouldn't is a severe atypical behavior, and it's prolly a bad idea to ignore the alarm just because it repeats over and over again
<ZetaR> So you don't think that it is likely that the modem will have misbehaving transmitting behavior in any typical state, i.e. it would be an attack, or HW damage, or something?
<DocScrutinizer05> yes
<ZetaR> Okay, that is good to know. I know I have been frustrated in the past when trying to set up security on my computers by programs doing stupid things that they shouldn't have to do.
<DocScrutinizer05> when modem is active/online and not booked in to APN and no ongoing call, it is not supposed to send longer than 1.5s continuously. No matter what. And when modem is inactive but powered up, it must not transmit at all, no matter what
<ZetaR> Is this by government regulation, or just industry best practice?
<DocScrutinizer05> this is GSM operation specs
<ZetaR> Ah, okay. That is good.
<DocScrutinizer05> modem violating the known GSM specs is clearly something fishy, so -> ALARM
<DocScrutinizer05> problematic is inbound data traffic, since it causes modem to ack that traffic even when it's not really meant to arrive at your eth0 interface (e.g. pings or similar stuff, or wring IP or whatever)
<DocScrutinizer05> but that obviously only can happen when modem is associated to an APN
<ZetaR> Right.
<DocScrutinizer05> and when it happens, you know what might be the cause and could still check
<ZetaR> Is it possible to write to the modem firmware remotely, to your knowledge?
<DocScrutinizer05> with Neo900 you at least get to know about such events, with any other phone you wouldn't even realize
<DocScrutinizer05> yes, absolutely
<DocScrutinizer05> afaik all modems have an OTA-update option nowadays
<ZetaR> Can the user overwrite this using a firmware update utility, then?
<DocScrutinizer05> yes, you could reflash the original firmware
<ZetaR> Okay, good. So if you have "banal" misbehavior, you can always fall back on reflashing the firmware.
<DocScrutinizer05> though, you never have a warranty which firmware *really* is running on modem
<DocScrutinizer05> and just because of this simple fact, we don't trust *any* modem firmware
arossdotme has joined #neo900
<ZetaR> Well, I think we require a "good faith" assumption as far as hardware implementation goes. e.g. they can be forced to push firmware OTA, but it is not designed to secretly prevent reflashing.
<DocScrutinizer05> we rather supervise it and detect rogue or strange behavior
<DocScrutinizer05> it doesn't make any difference. The original firmware is as potentially rogue as the pushed new one
<ZetaR> This is true, but without a procedure for recovery the attacker can make it a choice between treating your modem as bricked and using an insecure modem.
<DocScrutinizer05> the modem *is* insecure
<DocScrutinizer05> *always*
<DocScrutinizer05> and we don't treat it as bricked, we treat it as suspicious / rogue
<DocScrutinizer05> always
<DocScrutinizer05> we don't hope for a good modem firmware behaving, we simply monitor it all the time
arossdotme-nolog has joined #neo900
<DocScrutinizer05> when it doesn't, you know somebody might have attacked you. This doesn't "brick" the modem, since the modem integration and sandboxing is still as safe and secure as it been designed
<ZetaR> Yes, I realize this, but my concern was specifically pertaining to causing "banal" (uninteresting) misbehaviors as a social engineering attack, and the user not having a recourse to prevent those headaches.
<DocScrutinizer05> there's no such thing
<ZetaR> If the original firmware is tested and does not have banal misbehaviors, then the user can always reflash that firmware to prevent it.
lobito has joined #neo900
<DocScrutinizer05> *shrug*
lobito1 has quit [Ping timeout: 256 seconds]
<DocScrutinizer05> there ARE NOT banal misbehaviors
<DocScrutinizer05> every misbehavior is a misbehavior
<ZetaR> Yes, I need to pick a different word... I understand that. I am having trouble explaining myself.
<DocScrutinizer05> and it has a reason
<DocScrutinizer05> and you prolly can't stop the reason, but you can know it exists and that's your joker
<DocScrutinizer05> the modem itself cannot go rogue more than we already assume it is
<DocScrutinizer05> actually such misbehaviors are as rogue as it gets, regading modem (well except maybe when it redirects all calls to a proxy of some TLA)
<DocScrutinizer05> then otoh what could you possibly do against them intercepting your calls, no matter if by redirecting to a proxy phonenumber or by less harsh more sophisticated means
<ZetaR> What I was trying to say is: there seems to be an assumption that the modem will not make itself "irritating" because of rogue firmware, and that the user should be able to fall back on a known non-irritating possibly-rogue firmware. But as you explained above, it should be possible to reflash to prevent "irritating" rogue firmware.
<DocScrutinizer05> again, 'irritating' is worst case
<ZetaR> Right.
<DocScrutinizer05> and when they did that once, they can do it twice
<ZetaR> Of course.
<DocScrutinizer05> A) define your exploits you are concerned about. B) consider what you can do to avoid them
<DocScrutinizer05> the exploit, the ONLY exploit they could inject into modem is making it send when it shouldn't
<DocScrutinizer05> they have no chance to access your local storage on Neo900, unlike any existing android phone out there
<DocScrutinizer05> they can't turn your phone into an eavesdropping device either
<DocScrutinizer05> again unlike... (see above)
<ZetaR> Yes, you have answered my main concerns: that misbehavior is probably malicious and not banal, and that reflash is possible to at least try to correct it.
<ZetaR> Thanks for the explanations.
<DocScrutinizer05> it's highly questionable if reflashing would help
<DocScrutinizer05> most probably any OTA exploit would be tenporary and get "deinstalled" by simply powercycling the modem
louisdk has quit [Ping timeout: 255 seconds]
<ZetaR> Sorry, I have to go AFK for a bit. I will think about what you said.
<DocScrutinizer05> cya later then
louisdk has joined #neo900
vakkov has quit [Ping timeout: 246 seconds]
xes has joined #neo900
vakkov has joined #neo900