04:55 <drathir> Xiaoman: even if trusted You cant put of hands Your phone... 01:39 < Xiaoman> If my kernel is trusted it won't make a difference, if my kernel is untrusted then that hardware getting abused is the least of my worries.

04:56 <drathir> Xiaoman: unles You get full encryption including /boot partition...

04:57 <Joerg-Neo900> plus the degree of coldboot/coldflash protection we implement in Neo900

04:58 <drathir> Joerg-Neo900: yea cold flashing indeed very useful thing ^^

04:58 <Joerg-Neo900> also a very dangerous thing

05:00 <drathir> Joerg-Neo900: flashing n900 was really incredible easy thing even not mention fast as light 'almost', but still in case of murphy law <fan here> good to have support for cold flashing...

05:01 <Joerg-Neo900> https://en.wikipedia.org/wiki/Evil_Maid_attack

05:03 <Joerg-Neo900> Neo900 even offers two levels of evil maid protection, the 'normal' (default) one being effective against the more common and more dangerous "evil USB charger, at airport" scenario where you use an unknown public /rogue) USB charger that reflashes your bootloader or reads out your data. The more effective "full protected mode" is impossible to revert by any attacker that has no full featured hardware rework and forensics lab with them, and

05:03 <Joerg-Neo900> sufficient time to accomplish the attack (more than an hour, possibly several hours of time) -- usual encryption of all storage is up to user/admin, and we provide the hardware means to make boot sufficiently tamper-proof to withstand attacks shorter than 1h

05:04 <drathir> Joerg-Neo900: personally using daily full encryption including /boot + verify if nothing rewrite on the fy boot, if full encryption performed not easy possible to access and mess with data...

05:05 <drathir> Joerg-Neo900: but true hard to secure under running device...

05:05 <Joerg-Neo900> unless you can do cold reflash

05:07 <Joerg-Neo900> another approach is to use secure boot that only loads and executes checksummed+signed bootloaders and kernels, but that needs user to possess a *unique* secret signature key for their device

05:07 <drathir> Joerg-Neo900: if something get root on running device no possibility to protect sadly...

05:08 <Joerg-Neo900> yes, but that's orthogonal to what I'm talking about here

05:09 <Joerg-Neo900> this attack vector targets at bootloader where no concept of users like "root" exists yet. Those concepts get introduced by kernel

05:10 <drathir> there is little different than in pc not possible probably encrypt full boot, but at pc there os possibility to verify boot if not changed before unlock root partition...

05:10 <drathir> there os/there is*

05:11 <Joerg-Neo900> yes, this is called secure boot and based on concepts of Trusted Computing

05:12 <Joerg-Neo900> some immutable mechanism in your hardware needs to verify the hash across your first stage bootloader before executing it

05:12 <drathir> yes detecting if kernel is untouched even before unlock root checking checksums, sadly again that not protect if root acces is gained and evil kernel instaled sadly ;/

05:13 <Joerg-Neo900> no, that's a different and inapt means to try and establish security against coldflash attacks

05:16 <drathir> more in way that user define method iven if gpg based kind of, and not some 3rd companies which leak private keys make all devices vulnerable...

05:16 <drathir> even*

05:18 <drathir> there in theory are tpm devices but honestly not so technically sure if them are really so secure and dont have hidden backdoors inside...

05:18 <Joerg-Neo900> Neo900 protects/blocks the hardware attack vector to modify bootloaders, by not allowing (unsolicited by user) coldflashing. All other methods to alter the bootloader require root permissions in the system and thus are not in the scope of hardware

05:20 <drathir> Joerg-Neo900: what if under root flashing eg power down device get hard bricked?

05:21 <Joerg-Neo900> TPM *is* a backdoor per definition, since the manufacturer installs and thus knows the root cert that's used to verify the bootloader. Apart from that this concept is very well understood and implemented in a bug-free way meanwhile, which means you hardly can find an exploit to gain root on your own device when manufacturer doesn't allow it

05:22 <Joerg-Neo900> drathir: sorry? please rephrase

05:24 <drathir> Joerg-Neo900: in case flashing kernel fil from some reason some error/run of battery power in that scenario no possible to reflasf device bring it to life again?

05:25 <drathir> i guess great in my opinion would be kind of user definied eg sdcard preparation which pair card with device allowing bricked device flash in that method...

05:27 <Joerg-Neo900> drathir: please read what I posted above. There are two levels of protection, one is based on user doing a special hardware-only input to enable coldflashing on lowest chip level. And then there's the ultimate protection that irrecoverably blocks this feature so yiu cannot recover from bricking your bootloader

05:28 <drathir> Joerg-Neo900: /me like solutions where user generating keys not like keys are hardcoded/generated by producer... even more give possibility to import keys not generated by hw rng but by software...

05:29 <Joerg-Neo900> that's software and not subject to developing a secure device hardware, unless you talk about TPM

05:30 <Joerg-Neo900> Neo900 has no TPM and I'm not sorry about that

05:31 <Joerg-Neo900> we have a method that yields equivalent protection against attacks but doesn't need TPM and thus doesn't introduce the TPM "backdoor"

05:31 <drathir> what would looks like that hardware-only input kind of pres user definied combination of keys before enter cold flashing?

05:32 <Joerg-Neo900> remove battery lid

05:35 <Joerg-Neo900> without battery lid removed, device will not allow coldflashing

05:35 <drathir> yea even hw rng sadly not always could be so trully random...

05:35 <drathir> Joerg-Neo900: thats interesting...

05:36 <drathir> btw if may ask if till battery cover unmounting sdcard ?

05:36 <drathir> yill/still*

05:36 <Joerg-Neo900> no, we changed that

05:37 <drathir> ++

05:37 <Joerg-Neo900> now senses unlocking of uSD holder

05:38 <Joerg-Neo900> but the recommended method is to manually umount, via UI means

05:38 <Joerg-Neo900> "manually" as in "by software means triggered by user interaction"

05:39 <drathir> Joerg-Neo900: yea thats much better sounds to me... including hot-swappable batteries is really nice feature...

05:41 <Joerg-Neo900> the hot-swap feature is yet up to evaluation, nit guaranteed to work reliably. However we have suspend to RAM and suspend to disk now, in system, which guarantees hotswap will work

05:42 <drathir> and how aboyu cmos like onboard battery?

05:42 <Joerg-Neo900> suggested method is to detect battery lid removal to "ask user" if to umount uSD or to go into suspend state for allowing bat hotswap

05:42 <Joerg-Neo900> too big and bulky

05:42 <Joerg-Neo900> modem could draw as much as 2A

05:43 <Joerg-Neo900> you want to sort of suspend system before battery hotswap

05:44 <drathir> yep suspendng is nice and reasonable way to save power drain of device...

05:46 <drathir> in older devices them like to corode, even if working still...there is any way to improve switch to something more life longer solution?

05:47 <drathir> corode mean that small onboard battery...

05:49 <drathir> also wonder if there is planned connector fr gsm/wifi antenna signal extender? yea i know its kind of crazy idea...

05:50 <drathir> fr/for*

05:50 <Joerg-Neo900> yes, we have connectors for both :-)

05:51 <drathir> Joerg-Neo900: O.o woow once again suprised ^^

05:52 <drathir> ++

05:52 <Joerg-Neo900> please beware! those connectors are not meant for daily usage, so you need to plug your own piggytail adapter with a antenna connector made to survive more mating cycles

05:53 <Joerg-Neo900> the ones we got are only certified for ~50 mating cycles

05:53 <Joerg-Neo900> alas there's no better solution

05:55 <Joerg-Neo900> and obviously you need to drill a hole to the case to access those jacks

05:55 <Joerg-Neo900> luckily under battery cover

05:57 <Joerg-Neo900> please rephrase your question about corrosion

05:58 <Joerg-Neo900> are you asking about a better replacement for backup battery in N900?

06:02 <drathir> Joerg-Neo900: Yea sure thing hard to pack rp-sma connector ^^

06:02 <Joerg-Neo900> yep :-D

06:02 <Joerg-Neo900> too big

06:04 <drathir> indeed place waste...

06:08 <drathir> the old n900 gets onboard battery included after years,years,years that battery started changing colours to green and in place visable coroding started even if battery still keep a time after fast fattery replacement there will be still that kind of battery or replaced by something more long life survive thing?

06:09 <Joerg-Neo900> use a polyacene capacitor type "battery" replacement

06:09 <Joerg-Neo900> ~bupbat

06:09 <infobot> well, bupbat is use the capacitive type, LiIon are breaking during 12 months, or http://www.digikey.de/product-detail/de/PAS414HR-VG1/587-2157-1-ND/1959153, or https://hbe-shop.de/Art-2112777-TAIYO-YUDEN-PAS414HR-VA5R-KONDENSATOR006F-33V-STAKED-COIN, or http://talk.maemo.org/showthread.php?t=90864

06:10 <Joerg-Neo900> it's a tad tricky to find the 414 type anymore, but occasionally the show up every now and then

06:10 <Joerg-Neo900> they*

06:11 <drathir> no idea if even there any kind of replacement ;p not sure if there are li-pol batteries of that kind builded...

06:11 <Joerg-Neo900> don't use Li battery, use a polyacene capacitor! see above links

06:12 <Joerg-Neo900> https://www.digikey.de/product-detail/de/PAS414HR-VG1/587-2157-1-ND/1959153 (not available)

06:12 <Joerg-Neo900> but you can possibly find them elsewhere in internet

06:13 <drathir> yea now searching how looks them...

06:16 <Joerg-Neo900> if you feel comfortable with some modding you can use a prismatic formfactor type instead, they seem more commonly available

06:20 <Joerg-Neo900> ROTFL! https://www.abcde.de/pas414hr-va5r-s.phtml 50 bucks

06:33 <Joerg-Neo900> drathir: check this series: https://www.digikey.de/product-detail/de/seiko-instruments/XH414HG-IV01E/728-1050-1-ND/1889211

06:35 <Joerg-Neo900> rather this one: https://www.digikey.de/product-detail/de/elna-america/DSK-3R3H204T614-H2L/604-1147-6-ND/2171204

06:37 <Joerg-Neo900> hmm the first one has right size but wrong pins, second one is quite a bit larger and won't fit I guess

06:41 <Joerg-Neo900> it's weird. https://www.digikey.de/products/de?FV=ffec620f just the right one is "obsolete"

06:42 <Joerg-Neo900> I.E. you still can get the XH414HG-IV01E but not the (right pins) XH414HG-II06E

06:43 <Joerg-Neo900> with a tiny bit of yellow wire you can use the former

06:46 <Joerg-Neo900> or use a smaller one (1/4 the capacity, still will power the clock for several minutes or even hours, I don't have the exact values at hand right now) https://www.digikey.de/product-detail/de/seiko-instruments/XH311HG-IV07E/728-1051-1-ND/1889212

06:46 <Joerg-Neo900> drathir: ^^^

13:15 <drathir> Joerg-Neo900: thanks a lot them are interesting solutions...