Slashdot Mirror

← Back to Stories (view on slashdot.org)

Debian Running On the T-Mobile G1

Posted by timothy on from the teaching-the-android-to-fetch-and-sit dept.

chrb writes "Following hot on the heels of the G1 root exploit, Jay Freeman now has Debian ARM running on the G1. The RC30 update has fixed the root hole, but with utilities and images already available to replace the flash image with your own signed code, it looks like the manufacturer-hacker arms race is on."

34 of 127 comments (clear)

  1. Isn't that the whole idea of an open platform? by Anonymous Coward · · Score: 5, Insightful

    i.e., to enable hackers to experiment and thereby improve the platform further.

    1. Re:Isn't that the whole idea of an open platform? by Microlith · · Score: 3, Insightful

      Well sure, within the context of running applications in a Java sandbox and doing things in emulators.

      Once you bring in carriers into the mix, "open" goes out the window because it gives people the ability to step around your nickel and diming.

    2. Re:Isn't that the whole idea of an open platform? by Brian+Gordon · · Score: 2, Insightful

      Yeah but regardless of the politics, it's still possible to make your phone open. All that means is that Google's phone isn't open out of the box like some people expected. Which means it's just another phone- it has to compete fairly based on features instead of hopping on the "Free" train towards moneyville. But you can still jailbreak it just like anything else. Also some people would argue that giving a reasonably powerful java sandbox is pretty much all you need. You can't really change the hardware anyway, or the network, so it's not like you have complete control even with a fully open phone. Of course a fully open phone is more desirable, but Android isn't really that terrible. And if you don't like the nickel-and-diming, then don't use the network, or at least those features of the network. Instead of using $10,000 per gigabyte SMS, use email. It's not terribly hard.

    3. Re:Isn't that the whole idea of an open platform? by Chyeld · · Score: 2, Funny

      Instead of using $10,000 per gigabyte SMS, use email

      I understand your point, but my fingers still have sympathy blisters and my wrists ache thinking about actually sending a gigabyte's worth of SMS texting....

    4. Re:Isn't that the whole idea of an open platform? by chrb · · Score: 2, Interesting

      it's still possible to make your phone open... But you can still jailbreak it just like anything else.

      Not anymore, at least not with such a simple root exploit. I guess we'll have to wait for another exploit to come along... wouldn't it be nice to be given root access to hardware that you own? And if a java sandbox were really all we needed, then why are so many people trying to get (and keep) root access on the G1?

    5. Re:Isn't that the whole idea of an open platform? by mikiN · · Score: 2, Insightful

      Well I told people so, also here on Slashdot, when the media was all abuzz about Android and how it would revolutionize phone software hacking.

      At great risk of sounding like a broken record and repeating myself over and over again:

      • Grab a fr.. (nah leave that word out already) GSM module.
      • Hook it up to your favorite SC/SoC evaluation module
      • Bootstrap your favorite OS
      • Start hacking already

      Much better than carrying your carrier's ball-and-chain around your neck always, anxiously waiting for the next OTA provisioning download that CALEA-stricken providers stuff in your phone's guts at some ungodly hour in the middle of the night, to have them turn on your phone's mic or camera to big-brother you on a whim, or is it?

      --
      The Hacker's Guide To The Kernel: Don't panic()!
    6. Re:Isn't that the whole idea of an open platform? by CodeBuster · · Score: 4, Informative

      Once you bring in carriers into the mix, "open" goes out the window because it gives people the ability to step around your nickel and diming.

      Yes, but T-Mobile is better than most other US Carriers in this regard. They use GSM phones so just about any phone that takes GSM should work on their network. They don't play games like Verizon does with bluetooth connectivity and ringtones and they gave me the unlock code for my phone three (3) months into the contract. My only real complaints are that their coverage is not as good as Verizon and the prices on their data services are a bit higher, but with all of the restrictions that other US Carriers place on their "unlimited" data plans you have to wonder whether there really is a difference in price relative to what you get.

    7. Re:Isn't that the whole idea of an open platform? by Nursie · · Score: 4, Informative

      "Same thing as the iPhone. You're either in the sandbox or you jailbreak."

      No, not same as the iPhone at all. On the iPhone you have to jailbreak if you want to run non-approved apps, even in the sandbox.

      OTOH, it is a bit crap, but at least with android we have the source. I have it running on my freerunner now

    8. Re:Isn't that the whole idea of an open platform? by Nursie · · Score: 2, Interesting

      OK, I'd say not yet.

      Compared to any of the openmoko distributions (There are lots) it looks like it's going to be the best option.
      2007.2 is discontinued and wasn't great anyway
      2008.08/09/XX is a royal pain in the butt - it takes ages to boot, periodically doesn't wake up from sleep, has abysmal battery life, has some real design flaws and the developers seem to be working on bells and whistles rather than basic platform stuff. The sound quality is bad and I always got terrible echo. answering a call is a problem because the "answer" button is unresponsive and if you hit it twice then it stores up the event and applies it to the "hang up" button that appears in the same place.
      FDOM is just 2008.XX with a bunch of patches, fixes and more apps by default.
      FSO is experimental.
      Debian is a fun toy but runs the same interface as FSO, which is really basic and still as unresponsive as the rest.

      Android - it's pretty, the hardware is responsive, call sound quality is great and echo is gone, most of the hardware works. Current problems are - no resume from suspend, therefore battery life is about 6 hours because it's always on, there's no way to answer a call because there aren't enough hardware buttons on the freerunner and nobody's put on-screen answer button in place, and you can't type anything because there's no on-screen keyboard. You can't implement one easily at present either.

      Early next year (first quarter) Google are supposed to be fixing the on screen keyboard thing, and hopefully the rest will be sorted before long. I know that other than the community effort there is a company called Koolu doing an android-freerunner port.

      Basically, I nearly sold my freerunner before android came along as I have little faith in the openmoko platform getting anywhere anytime soon. If I were you I'd wait until early next year, when I hope to have a usable device. For now it's a toy and I had to buy a cheap Pay As You Go phone for day to day use.

    9. Re:Isn't that the whole idea of an open platform? by cl0s · · Score: 3, Informative

      You can download Android apps directly from the web to the phone and install, push them to the phone from your computer using the android tool kit or download them from Android Market. In the market you can even find a J2ME installer that lets you install JAR files off the web.

      I have an ssh client and terminal emulator that I downloaded directly from the Market, plus a few other apps for rss, meebo for AIM (so it doesn't use up text messages), games, Compare Everywhere for scanning bar-codes and finding deals, and more all from the Market. There is even half working VNC viewer that I found online. They've got an iTunes remote that works nice, but I need one for Rhythmbox or Elisa on Ubuntu. With the "openness" that Android does provide, you can get really creative and innovative though.

      That's not to say you can't push it even further by jail-breaking and installing Debian ARM or some other GNU/Linux OS. This little thing could be a low powered router with a few extra features and much more jail-broken. I'm trying to get a rig going where I can just have it be the media player for my car, I mean it's even got streaming Internet radio (imeem & last fm so far). I'm all for openness, I was contemplating getting the OpenMoko before this, but I really don't have much to complain about with Android so far. Hopefully T-mobile doesn't fuck it up.

  2. I'm confused... by maestro371 · · Score: 5, Interesting

    I thought the whole point of the G1 was that it was an open platform. Why on earth is there a "manufacturer-hacker arms race"?

    1. Re:I'm confused... by Facegarden · · Score: 5, Insightful

      Why on earth is there a "manufacturer-hacker arms race"?

      There isn't, it's BS, and none of the blogs seem to get is. So far as we can tell, google only fixed the root exploit because it was a serious security concern, because of how it worked. I don't think they are going to make a real effort to stop people from hacking their device aside from fixing security flaws. Even if they do, this is so far not an indication of that, contrary to what most sites say.
      -Taylor

      --
      Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
    2. Re:I'm confused... by larry+bagina · · Score: 2, Informative

      It's not Google's device. It's T-Mobile's device.

      --
      Do you even lift?

      These aren't the 'roids you're looking for.

    3. Re:I'm confused... by R3d+M3rcury · · Score: 4, Interesting

      It depends on your definition of "platform," I believe.

      Android is open software platform in that you can do whatever you want within Android. But that doesn't make the G1 an open hardware platform, where you could install a different operating system.

      OpenMoko is an open hardware platform.

      Now, personally, I see no reason why T-Mobile would care whether you're running Android or Debian. Google might care because they want you running those nice Android apps which interface with Google because that's how they're paying for Android development. But I'm not sure that they have any kind of agreement which would require the makers of the G1 to make sure that the phones are tamper-proof.

    4. Re:I'm confused... by jelizondo · · Score: 2, Interesting

      One needs to be aware of where the money is made. The actual phone manufacturer makes money by selling a locked version to a telecom, the telecom makes money by selling the phone and the phone service to retail clients.

      If you get a free phone with a low monthly service charge and then you hack it, you could make expensive calls over IP and pay the telecom, nothing more than the monthly rent.

      Thus the telecom needs the phone to be locked to make (more) money and the manufacturer has to lock the phone in order to please the telecom, who is, after all, its client.

      Yes, there will be an arms race because its about controlling the money making process.

      --
      Be very, very careful what you put into that head, because you will never, ever get it out. - Cardinal Wolsey
    5. Re:I'm confused... by Timmmm · · Score: 2, Insightful

      "you could make expensive calls over IP and pay the telecom, nothing more than the monthly rent."

      Bullshit. At least in the UK the monthly line rental usually includes more than enough minutes/texts for most people. The vast majority of their income must come from the base line rental (which isn't cheap!).

      They're just used to being able to control everything and don't want to give that up. Hopefully it will change eventually.

    6. Re:I'm confused... by Facegarden · · Score: 3, Interesting

      One needs to be aware of where the money is made. The actual phone manufacturer makes money by selling a locked version to a telecom, the telecom makes money by selling the phone and the phone service to retail clients.

      If you get a free phone with a low monthly service charge and then you hack it, you could make expensive calls over IP and pay the telecom, nothing more than the monthly rent.

      Thus the telecom needs the phone to be locked to make (more) money and the manufacturer has to lock the phone in order to please the telecom, who is, after all, its client.

      Yes, there will be an arms race because its about controlling the money making process.

      The CEO of T-Mobile straight up said they will allow VOIP apps, and will do nothing to stop them. That's the entire point of android being open, but everyone keeps assuming it will be more and more locked down.

      In that same interview the CEO also said they won't stop unlockers. Why would they anyway? You agreed to a contract and they can charge you an ETF if you leave, so if you want to unlock it and use it on business, there is no reason not to let you.

      The _ENTIRE_ point of android is that it is open, and i wholeheartedly believe that google will stick to that.
      -Taylor

      --
      Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
    7. Re:I'm confused... by dlevitan · · Score: 5, Insightful

      Now, personally, I see no reason why T-Mobile would care whether you're running Android or Debian. Google might care because they want you running those nice Android apps which interface with Google because that's how they're paying for Android development. But I'm not sure that they have any kind of agreement which would require the makers of the G1 to make sure that the phones are tamper-proof.

      I doubt even Google will care. How many people will actually install Debian on a G1? How many people will actually install it and keep it on there? I doubt even 0.1% of users will do either. But these are also the people who will praise Google for an open platform and for not locking it up like the iPhone. They're also the people who'll probably create apps for Android that bypass Google. Will Google notice the drop in revenue? Probably not, and certainly not enough to offset the bad PR.

    8. Re:I'm confused... by jrumney · · Score: 2, Interesting

      The phone companies themselves don't understand their own economics. I was turned down for a free upgrade a few years ago, because I was "not a good customer, you don't make enough calls". On asking how much I'd need to make to qualify, the level was still less than the number of bundled minutes that I was already paying for, so the phone company would be making no more money out of me, at an extra cost to them.

    9. Re:I'm confused... by Toll_Free · · Score: 2, Insightful

      And that's the problem.

      You pay for the "device".

      Google OWNS the operating system.

      Duetch Telecom OWNS the device.

      You only pay for it to rent it while you use it, and then pay a monthly fee for network access on top of that.

      And this is open, how?

      --Toll_Free

    10. Re:I'm confused... by Toll_Free · · Score: 2, Informative

      Really?

      Every major phone company and vendor would argue with you.

      The only way it's your device is if you pay FULL retail for it, and get the unlock code, or if you purchase it fully unlocked (legally) at the time of purchase.

      Otherwise, you own the plastic. The actual bits of code (I HATE that MS buzzword) is owned by Google, and the network you operate it on is owned by the telco.

      Shame, as I would LOVE to agree with you, but the fact of the matter is, I doubt very much most of us actually paid RETAIL cost for our phones, therefore, we DON'T own them at ALL until the phone contract is up.

      If you don't like that fact, then just pay full retail. Then, don't accept any updates, etc.

      And I think that if we DO pay full retail, or after the 2 years (typical) contract period, we SHOULD get unlocked phones that we can choose the updates (to the OS, not to the phone itself operating system (the electronics)) to install or not to install to.

      The actual radio OS isn't anything to be played with, and should be locked.

      --Toll_Free

    11. Re:I'm confused... by chrb · · Score: 2, Insightful

      Now, personally, I see no reason why T-Mobile would care whether you're running Android or Debian.

      They probably don't. What they do care about is support calls and returns because someone bricked their G1 whilst trying to flash some fancy new OS image. They may even think that installing a new OS allows users to use other networks, or VOIP applications, more easily. Basically, if you can imagine a revenue stream that might be possible on the G1, and imagine a way in which a completely open platform might remove that revenue stream, then that is a reason (in the view of T-Mobile) for T-Mobile to worry.

    12. Re:I'm confused... by Facegarden · · Score: 5, Informative

      And that's the problem.

      You pay for the "device".

      Google OWNS the operating system.

      Duetch Telecom OWNS the device.

      You only pay for it to rent it while you use it, and then pay a monthly fee for network access on top of that.

      And this is open, how?

      --Toll_Free

      Umm... it's open because the entire OS is released under the Apache or GLPv3 (depending on which part of the OS) licenses. I'm not well versed in which licenses are or are not "really" open, but i am under the impression that both of those are supposed to be. Android is based on version 2.6 of the linux kernel, and the framework on top of that was written by google, and the source code was released under Apache and heavily documented.

      That's way more open than any other successful phone out there.

      And I don't know if you're exaggerating or if it's different in your country, but in the U.S. you OWN your cell phone. And i fail to see how paying a monthly fee to access a network has anything to do with whether or not the phone is open - no one is going to let you use their multi-billion dollar network for free, and i'm fine with that.

      Why is everyone so bent on hating android, even with no facts to back up what they say? Google fixes a security bug and everyone flips out, but the countless times google and the t-mobile CEO have said they will keep the device open? No one seems to remember or care.
      -Taylor

      --
      Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
    13. Re:I'm confused... by chrb · · Score: 4, Insightful

      It's Google's OS though.

      No, it was written by Linus Torvalds and thousands of other contributors, and released under the GPL. It's our OS. Google just borrowed it for a while.

    14. Re:I'm confused... by chrb · · Score: 2, Insightful

      the countless times google and the t-mobile CEO have said they will keep the device open? No one seems to remember or care.

      I guess it's like politicians: don't judge them by what they promise, but by their actions. One thing is not like the other.

    15. Re:I'm confused... by Facegarden · · Score: 2, Insightful

      It's BS, and none of the blogs seem to get is. So far as we can tell, google only fixed the root exploit because it was a serious security concern, because of how it worked. I don't think they are going to make a real effort to stop people from hacking their device aside from fixing security flaws.

      We'll see. The fact is that the only root exploit discovered thus far was closed within a few days. I really don't think Google has that much to do with it - let's look at what they actually do: provide an open source software stack to the telcos. T-Mobile control their network and the devices using it, they control the cryptographic keys for the G1, so if an OTA update is rolled out that fixes some issue, obviously T-Mobile didn't like that issue. What power does Google actually have in this arrangement? They're just an upstream provider of source code.

      Bottom line: if Google wanted the G1 to ship with root access, and they had the power to do so, they it would've happened already.

      It was closed because it was a huge security hole! Did you never read the description of the issue? EVERYTHING that was EVER typed on the device also went to a command line as root. That is not good. Just because google closed that has nothing to do with whether or not they *want* you to have root. The point of being open is not to give you everything, but just to make it possible for you to do anything. They don't need to ship the device with root, but everything that runs Android has source code published for it, so anyone with sufficient knowledge of code should be able to make it happen.

      Google and T-Mobile have said over and over that they won't stop people from doing non-malicious things, yet no one believes them. I have a feeling that if it hadn't been for Steve Jobs holding every iphone user by the balls for the last year and a half, people would be more inclined to believe them, but the point is Google is NOT Apple, and they said they will keep it open. Why is a security fix making everyone freak out?

      Most articles fail to mention HOW the root exploit was a problem, and i think that is the real issue here - people read the article and don't realize it was an honest issue that needed to be fixed, they think google is fighting back against the hackers and they just arent.

      -Taylor

      --
      Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
    16. Re:I'm confused... by spisska · · Score: 2, Interesting

      The point of android is to provide a new platform to compete with winmo,[...]

      Windows mobile is not the target. That platform got an early start and is still at the back of the pack in terms of capability and adoption.

      The competition is Symbian, RIM, and Apple.

      And hopefully what Google is doing with Android will make the platform less and less relevant, and make the content and capabilities really shine.

      All the same, I'm hanging on to my Nokia candy-bar at least until the second generation of Android, or until my venerable machine dies. Judging from its battle scars, that may be a while.

  3. That's Android, not G1... by SuperKendall · · Score: 3, Informative

    There isn't, it's BS, and none of the blogs seem to get is. So far as we can tell, google only fixed the root exploit

    The root exploit is unrelated to the ability to flash the ROM. The question then is, will there be attempts made to stop user flashing of updates to the device...

    I do not think there will be, it's just that Android fixes should not be confused with openness of the device itself.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:That's Android, not G1... by chrb · · Score: 4, Informative

      The root exploit is unrelated to the ability to flash the ROM.

      From what I've heard, you need root access or the T-Mobile private key to flash the ROM.

      The question then is, will there be attempts made to stop user flashing of updates to the device...

      Err, yes, the head of the Android team at Google has actually confirmed that only the manufacturer or the cell network provider have the cryptographic keys required to flash the G1 (via OTA updates or otherwise).

      I do not think there will be, it's just that Android fixes should not be confused with openness of the device itself.

      When root access to the G1 is denied by default, and exploits that allow root access are quickly patched, how would you interpret this? The fact is that you do not get root access to the G1 by default, and as of this moment, there is no known way to get root access, or to flash your own kernel, on a RC30 G1.

  4. Re:So? by clang_jangle · · Score: 5, Informative

    Not quite so. FTFA: "This does not replace Android. This also gives you access to the full plethora of programs available in Debian and let's you continue using your phone as it was intended to be: as an Android device with all the capabilities thereof."

    --
    Caveat Utilitor
  5. Re:Damn Shame by Tom · · Score: 2, Interesting

    You shouldn't judge the world-wide telecom market by the US "standard". T-Mobile is a german company, and part of the old government-owned telecommunications monopoly, so no need for bribery there. However, the german telecom market is very different from the US one, and there are no local monopolies. T-Com is still the largest player, but they other telcos don't have monopolies and most likely didn't make bribes.

    --
    Assorted stuff I do sometimes: Lemuria.org
  6. Re:Damn Shame by Free+the+Cowards · · Score: 2, Insightful

    It's whiny and pointless to complain about contract terms in an open market where you can negotiate.

    Alas, the US cell phone market is not such a market. There are a grand total of four nationwide companies, and a small handful of smaller ones. They have largely identical policies and pricing in nearly every respect. If I want to buy my own unlocked phone separately so I can avoid paying the "phone subsidy" fee written into every carrier's subscription plans... nope! There is basically no choice in the market. It's an oligopoly which means that we, the customers, lose out.

    --
    If you mod me Overrated, you are admitting that you have no penis.
  7. No, that's the idea of a free platform by Mateo_LeFou · · Score: 2, Insightful

    The whole "it's your phone you can do what you want with it" paradigm comes from *free software, not an "open source" software.

    As for "shut up and show them the code" this G1 is a great example.

    "Look, we're an open platform! Look at the code, isn't it neat! Don't TOUCH it!!!"

    --
    My turnips listen for the soft cry of your love
  8. Re:WTF? Open platform that you must sign code to u by Nursie · · Score: 2, Informative

    "Google G1 / Android / HTC / TMobile have been telling us this is going to be an open platform."

    It is, to some extent. The source is open and you can install whatever you like.

    "Someone already "broke" the phone (which isn't a problem on an open platform)"

    Yeah, google broke it. For some reason (poor QA) they left a terminal running under the GUI, at root, and getting all the keystrokes.

    "Someone is already working on getting unsigned code working? I thought it was an open platform?"

    There are two parts to this. you don't need java apps signed. BUT there's no officially sanctioned API for non-java apps. Maybe someone's working on that.

    "Manu / Hacker arms race? Why? Isn't this an open platform?"

    Nope, the hole (mentioned above) was a stupid QA problem, someone left debug mode on :)

    "IOW, Good job, Google. You've turned into everything you detested."

    Nah, you've just misread the situation.