Secure Owncloud setup

While the Owncloud Manual suggests enabling SSL, it unfortunately does not go into detail how to get a secure setup. The core problem is that the default SSL settings of Apache are not sane as in they do not enforce strong encryption. Furthermore the used default certificate will not match your server name and produce errors in the browser.

In the following a short guide in how to set-up a secure Apache 2.4 server for Owncloud will be presented.

Continue reading Secure Owncloud setup

How to root Android using Ubuntu

The Big Picture

Android consists of three parts relevant to rooting

  1. the bootloader
  2. recovery system
  3. main system

typically only the main system is running, that is the Linux Kernel, the launcher, the phone app etc.. If we talk about rooting, that means we want to add an additional app to the main system which may access secured parts of the main system and also acts as a gatekeeper for other apps that want to get access too.

The problem is that we need access to the secure parts of the system in order to do so, which means that we cant simply install that app (e.g. an apk) from within the main system.

This means we have to go one level down. This is where the recovery system is. Typically you do not see it, as it is only active when the main system can not run – either because a system update is installed or because you do a factory reset.
As the recovery system can do a full system update, it means that it has also access to the secured parts of the main system – exactly what we need. Unfortunately the stock recovery system does not allow installing apps, so we have to replace it.
But before that we have to talk about the bootloader.

The bootloader is a tiny piece of software which decides wether to start the recovery or the main system (or another main system, like Ubuntu Phone). But in the default configuration in only starts systems that it knows and trusts. In this configuration the bootloader is called locked. Although it prevents malicious software to change the phone and spy on us, it also prevents us from replacing the recovery system. This concept is also coming to the PC btw where it is called secure-boot.

Here is a graphical overview of the Android components:

android-brs

So what we need to do in order to get root access is

  1. unlock the bootloader
  2. replace the recovery system
  3. install a superuser app

Note that unlocking the bootloader also allows attackers to circumvent any of the android security features. It is possible directly access all the files on the phone from the bootloader.
Therefore android will wipe all userdata when the bootloader is unlocked

Preparations

First you need to install the fastboot binary to be able to perform low-level communication with the device

apt-get install android-tools-fastboot

Next you have to allow non-root users to execute commands over USB, so you do not have to run fastboot as root. For this create the file

/etc/udev/rules.d/51-android.rules

with the following content

SUBSYSTEM=="usb", ATTR{idVendor}=="<VENDOR>", MODE="0666", GROUP="plugdev"

you can find the value for <VENDOR> on the page linked here.

Finally you have to reboot into fastboot mode. Usually there is a key combination you have to press on startup.

Remember this key combination as you will need some more times.

Samsung Devices however, like the Galaxy S3, do not support the fastboot mode – instead they have a download mode, which uses a proprietary Samsung protocol. To flash those you have to use the Heimdall tool. While this article does not cover the heimdall CLI calls, the general discussion still applies.

Unlocking the Bootloader

for google devices, like a Nexus 4 or Nexus 7 it is just

fastboot oem unlock

if you have a Sony Xperia device, like a Xperia Z, you additionally have to request a unlock key and then do

fastboot oem unlock 0x<KEY>

where <KEY> is the key you obtained.

Replacing the Recovery System

There are two prominent alternative recovery systems with the ability to install apps

Clock Work Mod (CWM) is probably most known so we will use that one. From the Website linked above download the recovery image which fits your phone.
Here you have the choice between the ordinary recovery which uses the volume buttons of your device for navigation and the touch recovery which supports the touch screen.

fastboot flash recovery <RECOVERY>.img

where <RECOVERY> is the name of the file you downloaded. For instance for a Nexus 5 and CWM 6.0.4.5 it would be

fastboot flash recovery recovery-clockwork-6.0.4.5-hammerhead.img

Installing the superuser app

To my knowledge the only one superuser app that works with Android 5.0 lollipop is SuperSU. So we will have to use that. However there is also a pull-request for Superuser by CWM which might make it also work with Android 5.0 in the future.

The installation procedure is a little bit different. In the appropriate package for your device you will find a boot image which we have just to start once with

fastboot boot image/CF-Auto-Root-hammerhead-hammerhead-nexus5.img

note that there is no flash in the line above. The image which starts contains a script which installs SuperSU and modifies the startup procedure so it can get around SELinux.

Pre Android 5.0 lollipop

If you run devices with Adroid older than 5.0 lollipop you have several choices here

although SuperSU is the most prominent one, I would recommend getting Superuser by CWM, as it is open source and also nag-free as there is no “pro” version of it.

To install we need to get this zip archive and copy it to the device. To install it, we need to reboot into fastboot mode and then select “Recovery Mode” to get to the recovery system. Once in Recovery mode select

install zip -> choose zip from /sdcard

then browse and select the “superuser.zip” you just copied.

Once installed select

Go Back -> reboot system now

Once the system has started you should have a “Superuser” App on your device. Congratulations, you are done.

Optional: flash stock recovery

As the recovery is responsible for installing system updates it is a good idea to revert to stock version after you installed root, so the system can auto-update itself again. However a system update will also remove your superuser app so you will have to repeat the above procedure again.

If you have a Google Nexus Device, you can grab the factory images here.  There you will find a image of the stock recovery and restore it by

fastboot flash recovery recovery.img

Repairing the Philips HD4685 Kettle

The Philips HD4685 is one of the more advanced kettles, as not only automatically shuts-off when the water is boiled, but also allows setting a target temperature below 100°C. This is quite handy if you want to drink green tea, which is supposed to be boiled with only 80°C warm water. Unfortunately the extra electronics is another part which can make the Kettle fail. And this is exactly what happened to me.

Symptoms

I used the kettle for about 3 years on daily basis. One day however it stopped to make the “beep” which indicates that the water is ready when cooking at 100°C. But as this is not an essential functionality I just kept using the kettle. Unfortunately a few weeks later it did not cook at 100°C at all. Instead the kettle just turned off after reaching 80°C – even though 100°C were set.

Diagnosis

Under the hood one of the capacitors forming the capacitive power supply for the electronics started failing. Instead of supplying 0.47 μF, it merely supplied 0.1μF. So what was happening is that once more power consumer like the 100°C LED and the speaker were activated the power supply broke down and the whole circuit shut down.

So the solution is to replace the respective capacitor.

Therapy

Before you try to fix the kettle on your own, be aware that wrong assembly of the kettle can lead to a short-circuit that can cause a fire or lead to an electric shock. You should have fundamental knowledge of electrical engineering.

To access the faulty capacitor one must first disassemble almost the whole kettle:

  1. remove the screws on the bottom cover (torx 8)
  2. lever out the bottom plate with a flat screwdriver
  3. disconnect the power supply cables
  4. remove the screws on the top cover (torx 10). Then remove the top cover and the metallic ring. Also remove the handle cover.
  5. Pull out the electronics box, which is now free as you disconnected the power cables(3)
  6. unscrew and open the electronics box.
  7. replace the capacitor C1. (requires soldering) The capacitor specifications are MKP X2, 26.5 x 10 x 19 mm, 0.47 µF 275 V/AC ±10%, 22.5 mm pitch

For reassembly perform the steps in reverse order. The kettle should work now.

I would like to give credit to the according thread at elektronikwerkstatt.de, where I found the informations to create this post.

Final Words

I am not really sure if this is a case of planned obsolescence or just of insufficient testing, but I would really like philips to use higher quality capacitors and/ or rethink their power supply design. The kettle which is worth 50€ is still fully functional and just failed because of a 1€ part.

Flying RC helicopters in 3D

In case you are wondering what is so fascinating about flying RC helicopters – maybe you just got bored flying your own 4 channel helicopter – it is 3D flight. One might say that basically all helicopters are flying in 3D (up/ down, left/ right, forward/ backward), but 3D in this context means flying 3D pirouettes like loops and rolls which is not possible with an ordinary coaxial helicopter. See the following video to get an idea of what I am talking about

Continue reading Flying RC helicopters in 3D

Devention Theme for Deviation

In case you got confused by the title. This post is about a theme for the open source firmware Deviation to make it look like the original Walkera Devention Firmware.

Although the default theme of Deviation is more readable, you might have got used to the Devention icons, so this theme eases the transition.

Download Theme

Open issues:

  • the standard TX signal icons uses 8 bars, but the Devention one only displays 6. So you lose some information if you use the included “txpower.bmp”
  • The Devention icons are not quite as telling as the original ones, and Deviation unfortunately does not display any labels below the icons.

Note that this theme is based on the artwork included in the Walkera Devo 12S Firmware package. I assume the usage of this firmware is not restricted by Walkera copyright as not stated otherwise on their webpage. But obviously the CC-license of my website does not apply to this work.

Flying the Nine Eagles Solo Pro 125

If you are considering getting into 3D flybarless helicopters, one of your choices is Nine Eagles (NE) Solo Pro 125 (SP125) helicopter. As Nine Eagles is a quite prominent brand and the price of about 150€ RTF is affordable, this once is certainly worth considering. Unfortunately there is very little information on the Internet regarding reviews and flying experiences. So this is what the following text intends to change.

Continue reading Flying the Nine Eagles Solo Pro 125

Getting into RC Helicopters

Everything started when I got myself a coaxial RC helicopter for Christmas. I was playing with the idea for quite some time, and the moment seemed perfect to waste some money. Since then I have learned quite a lot about how helicopters work an by now I have moved on to a more capable helicopter. Unfortunately it is also more expensive to fly.. This post shall explain some general topics about RC helicopters which are useful if you are also considering getting a RC helicopter yourself. One can already get a small indoor RC helicopter for about 30€, but most likely you will get bored flying it after a few days. If you want to have something that lasts longer, there are some things you should consider, which we will discuss next.

Continue reading Getting into RC Helicopters

Debugging native code with ndk-gdb using standalone CMake toolchain

I recently ran into this problem and could not find any good solution on the Internet. So next comes a small summary of the problem with hopefully enough buzzwords, so Google can lead you here.

If you want to do C++ development on Android, you need the NDK for cross compilation. It comes by default with its own build system called ndk-build, which basically is a bunch of custom makefiles. But if you are sharing code between the Android Platform and lets say plain Linux, you have likely already a build system installed. For C/C++ CMake is quite popular as it supports different platforms and compilers. Fortunately there is already a project which adds Android support to CMake. I will not cover that – instead I assume you are using it already.

Unfortunately you cant use the ndk-gdb script supplied with the NDK to debug your application as it relies on the behaviour of ndk-build. But as said earlier, ndk-build is no wizardy, but just a bunch of scripts. So it is possible to emulate the behaviour using CMake, as following:

Add the following macro to your CMakeLists.txt file

macro(ndk_gdb_debuggable TARGET_NAME)
    get_property(TARGET_LOCATION TARGET ${TARGET_NAME} PROPERTY LOCATION)
    
    # create custom target that depends on the real target so it gets executed afterwards
    add_custom_target(NDK_GDB ALL) 
    add_dependencies(NDK_GDB ${TARGET_NAME})
    
    set(GDB_SOLIB_PATH ${PROJECT_SOURCE_DIR}/obj/local/${ANDROID_NDK_ABI_NAME}/)
    
    # 1. generate essential Android Makefiles
    file(WRITE ${PROJECT_SOURCE_DIR}/jni/Android.mk "APP_ABI := ${ANDROID_NDK_ABI_NAME}\n")
    file(WRITE ${PROJECT_SOURCE_DIR}/jni/Application.mk "APP_ABI := ${ANDROID_NDK_ABI_NAME}\n")

    # 2. generate gdb.setup
    get_directory_property(PROJECT_INCLUDES DIRECTORY ${PROJECT_SOURCE_DIR} INCLUDE_DIRECTORIES)
    string(REGEX REPLACE ";" " " PROJECT_INCLUDES "${PROJECT_INCLUDES}")
    file(WRITE ${PROJECT_SOURCE_DIR}/libs/${ANDROID_NDK_ABI_NAME}/gdb.setup "set solib-search-path ${GDB_SOLIB_PATH}\n")
    file(APPEND ${PROJECT_SOURCE_DIR}/libs/${ANDROID_NDK_ABI_NAME}/gdb.setup "directory ${PROJECT_INCLUDES}\n")

    # 3. copy gdbserver executable
    file(COPY ${ANDROID_NDK}/prebuilt/android-arm/gdbserver/gdbserver DESTINATION ${PROJECT_SOURCE_DIR}/libs/${ANDROID_NDK_ABI_NAME}/)

    # 4. copy lib to obj
    add_custom_command(TARGET NDK_GDB POST_BUILD COMMAND mkdir -p ${GDB_SOLIB_PATH})
    add_custom_command(TARGET NDK_GDB POST_BUILD COMMAND cp ${TARGET_LOCATION} ${GDB_SOLIB_PATH})

    # 5. strip symbols
    add_custom_command(TARGET NDK_GDB POST_BUILD COMMAND ${CMAKE_STRIP} ${TARGET_LOCATION})
endmacro()

Then use it like

add_library(YourTarget ...)
ndk_gdb_debuggable(YourTarget)

You should now be able to use ndk-gdb with CMake, just as if you would have used ndk-build.

Note that steps 4 and 5 are optional for debugging. They just reduce the size of the library that has to be transferred to the device. If you dont care, you can just leave them out. But then the solib search path from step 2 must be set to:

file(WRITE ./libs/${ANDROID_NDK_ABI_NAME}/gdb.setup "set solib-search-path ./libs/${ANDROID_NDK_ABI_NAME}\n")

Ideally someone should integrate that in the Android toolchain linked above.

Update Merged Upstream