The Treehouse Blog

Phone Phreaking

on Feb.13, 2017, under Technology

I recently read (well, listened to the excellent Audible narration while hiking and driving) Phil Lapsley’s excellent book Exploding the Phone. While I had heard Steves Jobs and Wozniak describe their phone phreaking exploits in documentaries in the past, and had an understanding of the fundamentals of the security issues associated with in-band telephone signaling, this book is the first time I’ve learned about the history of phreaking in any depth. It was both fascinating and riveting. In addition to the book, Phil maintains a website of his sources and other material.

After reading the book, I found some other things of related interest. On Youtube, and other places, there are various recordings of what the using a phone sounded like in the past. I’m not sure when exactly Newburg’s switch was upgraded to a “Northern Telecom Remote Switching Center”. I’ve seen on document that has a “10/90” as part of the description of the switch, so I’m guessing that is the date it was installed. I don’t have any memory of the transition, so for all of my memory of phones, it’s all been digital switching.

Another fun curiosity I came across is Project MF, which provides an Asterisk phone switch with patches that allow it to emulate a trunk and switch susceptible to a Blue Box. I’ve not gotten around to building a Blue Box to play with it yet, though.

Comments Off on Phone Phreaking :, , , more...

Automated hotspot control on the Nexus 5x, continued: Android 7.1.1

on Jan.23, 2017, under Android

I’m in the habit of manually upgrading the OS on my Nexus 5x for each monthly update of the AOSP from Google. I root my phone, and from some past experiences, don’t bother trying to apply the OTA updates. I also reinstall my HSC (hot spot control) application in /system/priv-app each time, and then run it through its paces – I use an NFC widget to do an almost-end-to-end test of my automation with Macrodroid. When I see the WiFi icon disappear, the LTE connection come up, and the hotspot icon appear, I know I’m good to go.

Until recently. On Saturday morning, I was trying to get Google navigation to work in my car. It showed that it was connected to the AP, but it acted like it did not have data. Manually cycling the hotspot on the phone solved the problem. I dismissed it as a fluke. Then on Sunday, the exact same thing happened. The fact that the WiFi was showing connected had me thinking there was something wrong with the car radio instead of my hotspot. I tried it at home with my NFC widget and laptop… and the laptop would connect, but it would never get an IP address. Manually enabled it would. So… again there is something that has changed with the (private) hotspot APIs in Android. Since my testing method didn’t catch it, I’m not certain which version it broke in, but 7.1.1 seems to be a reasonable guess.

The method I had been using, setWifiApEnabled() would bring up the access point mode, but it would not set up the other network services needed to tether traffic. I found this git log entry that seemed to be relevant:

commit 26bd4efcaaad4a866310d6421909645e81167d1f
Author: Christopher Wiley
Date: Wed Jul 13 19:36:03 2016 -0700

TetherUtil: Use ConnectivityManager for tethering

In the past, enabling the SoftAP would cause tethering to happen because
of some unfortunate side effects. This is no longer the case, and
using WifiManager for this purpose is not a good idea.

With some more poking around, I found that the ConnectivityManager class now (well, it looks like the code is from Jan 2016, 36c7aa03255d91cfa0808323ac475ad02d161d7d) has startTethering() and stopTethering() methods, which handle the necessary service startups. After a few more annoying attempts (my workflow to test this is to reboot the phone in recovery, apply the update, reboot in system, and then try it… do I really need to do that?), I dialed in some reflection that seems to work (AndroidStudio annoyingly can’t see @SystemApi stuff, and it seems non-trivial to fix it), and found that I additionally had to give myself ACCESS_NETWORK_STATE and MANAGE_USERS permissions. The relevant code (which is not as clean/safe as it could be) now looks like this:


ConnectivityManager cm = (ConnectivityManager) context.getSystemService(context.CONNECTIVITY_SERVICE);
final int TETHERING_WIFI = 0;

if (enableHotspot) {
Method startTethering = null;
for (Method method : cm.getClass().getDeclaredMethods()) {
if (method.getName().equals("startTethering") && (method.getParameterTypes().length == 3)) {
startTethering = method;
}
}

startTethering.invoke(cm, TETHERING_WIFI, false, null);
}
else
{
Method stopTethering = cm.getClass().getMethod("stopTethering", int.class);
stopTethering.invoke(cm, TETHERING_WIFI);
}

The updated APK is here.

And Google… how about giving us a public API for controlling the mobile hotspot? Please?

Comments Off on Automated hotspot control on the Nexus 5x, continued: Android 7.1.1 more...

Automated hotspot control on the Nexus 5x

on Feb.07, 2016, under Android

There are few things more frustrating than when an upgrade causes the loss of features you depend upon.  In the case of my upgrade from the Nexus 4 to the Nexus 5x (and therefore from Android 5 to 6, ahem, Lollipop to Marshmallow) I lost my automation that would enable the WiFi hotspot while in my vehicle.  Tethering works fine by enabling it through Settings, but it generates an error when enabling it with Macrodroid.

Enabling the hotspot is not something that is accessible from a public API, so the ordinary method seems to be to use reflection to make the change using the private API.

From setWifiApEnabled(), eventually enforceTetherChangePermission() is called in ConnectivityManager.java. This method checks if config_mobile_hotspot_provision_app is set, and if so, requires the CONNECTIVITY_INTERNAL permission which is only granted to system applications.

The cause of my problem, therefore, seems to be that “Entitlement APP provisioning for Tethering” (config_mobile_hotspot_provision_app) is enabled in the Nexus 5x-specific configuration for at least my mcc/mnc, and was not present on the Nexus 4.

After not finding any other applications or configuration to solve this problem, the path I went down was to create my own system application with the CONNECTIVITY_INTERNAL permission, to see if it could enable the hotspot. I was successful, so I implemented the application as a Locale plugin (i.e., quickly hacked it together with the example plugin) so that it could be called directly by Macrodroid. This seems to be working fine. You can (at your own risk) download it here and then you will need to move it into /system/priv-app for it to get the privileges of a system application, probably using your recovery image (TWRP, for instance).

It may also be possible (and perhaps better) to resolve this by removing the config_mobile_hotspot_provision_app configuration, after which it should be possible to use the native Macrodroid hotspot actions, as described here, but I’ve not tried it yet for myself.

Update 2016-09-10: For Android 7 / Nougat, the permission required is now TETHER_PRIVILEGED, but otherwise the above method still works. An updated APK is here.

Comments Off on Automated hotspot control on the Nexus 5x : more...

Pennsylvania Game Commission and Hiking

on Feb.16, 2015, under Hiking, Politics

Over the past year or so, there has been the occasional threat of the Pennsylvania Game Commission requiring permits for and partially banning hiking on State Game Lands.  As someone who grew up with Game Lands literally in the back yard, I’ve been following this with concern.

Naturally, media coverage is abysmal, but at least it exists.  But fortunately, the PGC does post its meeting minutes.  Reading from the September minutes (the January minutes are not yet posted… does that wait until they are approved at the next meeting?), the most vocal dissent of the proposal came from Commissioner Martone:

Before this proposal comes to a vote, I want to make it clear the details surrounding this proposal.  As of last Thursday there were 869 comments from hunters and non-hunters opposed to this, while 197 were in favor.  That’s the initial count.  I will admit, that includes 597 Rails-to-Trails comments that were all opposed.  Key legislators, including take 25 member at a House Game and Fisheries Committee and two other legislators are opposed to this.  The Governor’s Advisory Council for hunting, fishing, and conservation unanimously opposed this.  Our key conservation partners, including the Western Pennsylvania Conservancy, National Wild Turkey Federation, United Bow Hunters of Pennsylvania, Pennsylvania Federation of Sportsmen’s Clubs, all opposed to this.

Major organizations representing the Pennsylvania Equine Council, Pennsylvania State Snowmobilers Association, International Mountain Bikers Association, Keystone Rails-to-Trails, all opposed to this proposal.  And most important of all, this issue is opposed by the Pennsylvania Game Commission itself.  From the field staff, regional staff, headquarters staff and even senior administration, all oppose this proposal.

I would encourage everyone following this issue to pay close attention to the results of today’s vote and pay attention to who voted and how they voted, I think it’s important.  Thank you.

But Commissioner Martone no longer has his position.  He was replaced by a new Commissioner as one of Governor Corbett’s final acts.  Ostensibly, it was administrative issue – his term was due to expire, and his replacement was named.

Now, we do know that the revised proposal was removed from the agenda of the January meeting.  But it seems likely it’s not dead and buried, and in some form, it will resurface again.  In the meantime, you may want to let your opinion be known on this, through the PGC, PA legislature, etc.

I’m starting to think that my preferred solution would be for all of the State Game Lands to be ceded to the Bureau of Forestry, which of all of the state lands, seems the most accommodating of all uses of public land.  Now, you can cry about Game Fund money having been used to purchase all of this land, but really – with 1.5 million acres already… can’t you give some of us folks who would like to privately buy some land a chance?  Perhaps the license fees need to start contributing back to the state’s general fund, instead of contributing to the Game Commission’s empire building.  I’m sure there’s lots of red tape that causes it to be the way it is (which has Federal fingerprints all over it with money from the Firearms and Ammunition Excise Tax involved).

 

Comments Off on Pennsylvania Game Commission and Hiking : more...

2014 Read List

on Jan.02, 2015, under Happenings

What did I read in 2014?

Not as much as I should have.  I have a lot of books on the queue, and just didn’t spend a lot of time reading this past year.

The Three Investigator’s (read these from the library as a kid; building my own collection now and re-reading them as I get them):

 

  • The Liberty Amendments: Restoring the American Republic
    • Levin presents some interesting ideas on constitutional amendments, many in support of providing for additional checks and balances in the system.
  • One Second After
    • Forstchen provides an account of how a small town is affected by an EMP attack on the United States.  While I’m hopeful that the situation would not be as bad as the author supposes, it is a compelling story about how we would react to having most of our technology suddenly stripped away.
  • Lila: An Inquiry into Morals
    • Interesting, but to me seemed to end without concluding much useful.
  • The Martian: A Novel
    • The best book I read this year.  Take the premise of Apollo 13 – bad stuff happens, and lots of problems need to be thought out and worked around to stay alive and get home.  The book fully embraces the technical aspects of things, and reminds me a lot of a Michael Crichton novel.

 

Comments Off on 2014 Read List more...

August 2019
S M T W T F S
« Mar    
 123
45678910
11121314151617
18192021222324
25262728293031

Archives



Content Copyright © 2004 - 2018 Brady Alleman.
All Rights Reserved.