Replicant homepage and roadmap for the future

For a long time, the entry point for Replicant on the web was our blog, which holds status reports and news about the project. However, it did not fit well for providing easy access to relevant material about the project, nor did it give our (growing) community the attention it deserves. This is why we decided to launch a new homepage for the project, highlighting what really matters, in style.
We believe it is a good thing to have, in order to clearly spread the word about Replicant and ease the understanding of our message. The new homepage provides a clear explanation of what Replicant is about, provides answers to some common questions about the project and most importantly, holds a detailed overview of the core freedom and privacy/security issues that we face on mobile devices today, as well as recommendations regarding these topics.

Regarding progress in development, a few things happened recently and a lot more is on the way: time to take a step back, look at what’s in the works and what is next on our roadmap.
After attending RMLL/LSM in Montpellier, France, most of the development time was spent on completing a full rewrite of Samsung-RIL, the software in charge of the various aspects of telephony and mobile data on the Samsung devices we support. This rewrite brings many advantages in terms of stability, features support and also provides a sane and clear base to make external contributions easier. While this is an important contribution to achieve software freedom on mobile devices, these Samsung devices are severely flawed as they don’t allow running free bootloaders.

For some time already, we have decided to focus our development effort on better devices, that can run free bootloaders, in addition to a free system such as Replicant. First, we decided to bring Replicant 4.2 support to the Goldelico GTA04 and have already made good progress since the start. It is not currently usable as a daily phone, but we are confident about the future. The next step in the process is to work on supporting Allwinner devices, starting with cheap Chinese tablets. We are proud to be collaborating with the free software community built around the Allwinner Sunxi platforms: linux-sunxi. Our goal is to provide generic Replicant support for these platforms, so that as many devices as possible can be supported, with little effort required to support a new device. Thanks to the work of the linux-sunxi community, many of these devices can already run a free bootloader and have a community-maintained kernel available, providing a solid base for Replicant on Sunxi devices. In addition, we have spotted a few widely-spread devices that would also be good candidates for running a free bootloader and a free system: stay tuned as we will start documenting these devices soon!

In the meantime, we are more than ever willing to make Replicant as privacy/security-oriented as we can, especially by targeting devices that either don’t have a modem at all (Wi-Fi-only tablets, such as the many Sunxi ones) or are not proven to have bad modem isolation.

As of today, Replicant is still a one-man effort and while all these new directions are very exciting, it takes a lot of time to actually turn them into reality. Since we prefer to focus on these new directions, Replicant will stay based on version 4.2 of Android, even though newer versions are available upstream. Porting Replicant to a newer version requires a lot of effort and doesn’t bring any significant advantage when it comes to freedom.

Regarding the devices we already support that do not match the free bootloaders criteria, we are not going to drop development for them, but the majority of what was possible to achieve on them is already there and while we could keep adding support for more and more of these devices, we believe that development time is better spent on these new exciting directions!

Unveiling the Samsung Galaxy back-door

Yesterday, we disclosed our findings about the Samsung Galaxy back-door, an anti-feature found in Samsung Galaxy devices that lets the modem access the files stored on the device. For a complete statement about the issue, you can refer to the article we published at the Free Software Foundation’s website. A technical description of the issue is available on a dedicated page of the Replicant wiki, along with more information regarding the back-door.

The information spread out very quickly and we’re glad the press is finding interest in such matters as privacy and unjust control over one’s computing. This demonstrates yet another time why free software is essential and how a single piece of proprietary software can compromise a whole device.

We have yet to hear from Samsung about this issue, as we are hoping that the reason for the presence of this back-door will be clarified. In that regard, we’d be very glad to work with Samsung in order to make things right, for instance through releasing free software or documentation that would make it easy for community Android versions to get rid of the incriminated blob.

Update: Several sources, including Samsung, claim this is a non-issue. A complementary statement to address these claims was issued at Paul Kocialkowski’s personal blog.

Replicant 4.2 kicks out!

We’ve been working very hard over the past few months to push Replicant to a newer Android version: the work started when CyanogenMod released version 10.1.3, based on the latest Android 4.2 code, back in September 2013. Bringing Replicant to a new Android version is a really big piece of work, especially given that the project only counts one active developer (however, we have hopes to see more people getting involved in the future)! The biggest motivation for the new version is to allow us to port Replicant to newer devices, that were not supported by Android 4.0, upon which Replicant 4.0 is based. Aside of that, Replicant 4.2 also brings the various improvements that come along with Android 4.2 and CyanogenMod 10.1.

All the devices that were supported by Replicant 4.0 were successfully ported to version 4.2, but some devices encounter serious slowness issues that are yet to be resolved. On the bright side of things, support for a new device was added, the Galaxy Note 2 N7100, which is mostly similar to the already supported Galaxy S 3. That was only made possible thanks to the generous donations that were made to the project, which enable us to buy devices for the current developer to work on. We are looking forward to adding support for even more devices in the future as well! Our wiki was updated to reflect the status of the supported devices as of the Replicant 4.2 release and features updated installation and usage guides. The Replicant SDK was also updated and is available for download.

The Replicant website and wiki were also cleaned up a bit during the preparation of this release. Our blog shall now only be used for posting updated on the project while our wiki holds the core informations about Replicant. As a reminder, please do not use the comment section of this blog to ask general-purpose questions, but use our forums or mailing-list instead!

This release also puts the emphasis on security: given the recent concerns that raised up concerning wide-scale surveillance from governments and certain companies, we though it would be good to make Replicant more bullet-proof. The Replicant 4.2 images for devices are now built in the userdebug fashion, which ensures a better level of security, the shipped system applications are signed with our own private keys, for which we provide the certificates and the releases are signed with our very own GPG release key. It is encouraged that you check the authenticity of the Replicant images or binaries before installing anything you downloaded!

As usual, you can checkout the complete changelog, download the images from the ReplicantImages page and find installation instructions as well as build guides on the Replicant wiki.

Replicant 2.3 0005 images, fixing the USSD vulnerability

Earlier this week, we were noticed that an USSD vulnerability was discovered in Android. After doing a bit of research, we came to understand the nature of the vulnerability: intents can basically dial a number and start a call without asking confirmation to the user. That could seem harmless at first sight, but it turns out it also works with USSD codes, and some of them are very powerful. This is mostly the case of vendor-specific USSD codes (that are not included in Replicant), which could erase the phone’s user data.

What’s also problematic about this is that web pages can trigger such intents (through an iframe with the tel: prefix for instance).
Since this vulnerability was present in our Replicant images (although the damage was reduced as we don’t include vendor-specific USSD codes), we decided to include the fix in our code base and release new images. That’s nearly the only new feature of these images (Galaxy S also got a nasty graphic bug fixed).

You can download the images from the ReplicantImages page and find installation instructions as well as build guides on the Replicant wiki.

Replicant lacks tracking antifeatures

Recently there was a lot of hype about mobile operating systems spying the users: Apple iOSPalm WebOS, Google Android.

Since Replicant is based on Android someone could be concerned about our operating system too.

According to Magnus Eriksson on github:

The files are named cache.cell & cache.wifi and is located in /data/data/com.google.android.location/files on the Android device.

Well we are proud to confirm that on Replicant (tested both on htc dream and nexus one) those files are missing,  even with "Settings -> Location & Security -> Use wireless networks" enabled.

The directory that should contain those files( /data/data/com.google.android.location/files ) doesn’t even exist  in Replicant.

But beware: even if Replicant itself doesn’t track its users’ position, this doesn’t mean that the phone can’t spy on you.

A smartphone usually has two components that talk to each other: a cpu and a modem. If the modem gets a call, it tells the CPU about it and viceversa for outbound calls, the CPU will order the modem to make a call (if you are curious about how it works there is a paper about how mobile phones work).

The modem and the CPU running Replicant are separated, and while we are trying to do our best to ship a fully free mobile os, the code running on the modem is proprietary software and can’t be changed. Since we don’t know what it does, we have no way to be sure that it doesn’t spy.

Also note that on the HTC Dream and the nexus one mobile phones,  GPS and audio parts are controlled by the modem.

The cellphone network can also spy, in fact in order to work it has to know your location.

This is just to remind you that every mobile phone is a tracking device and if you don’t want to be spied at all you should not use one.

So why do people invest time on Replicant?

Here are some reasons:

  • The modem or the network has no access to the CPU where replicant is running. That opens up some possibilities such as VPN, TOR,SSH, etc…
  • If mobile phones become the computers of the future we want to run free software on them.

Edit: I learned that the Modem’s CPU has access to the memory(the RAM chips) of the CPU running replicant, in other words the modem CPU can spy replicant’s CPU.

That will force us to port replicant to some devices that don’t have this problem, such as the nokia n900 for instance.