Fairphone, Fairphone Open, backups, etc.
Feb. 1st, 2018 04:20 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
dizietI recently acquired a Fairphone 2. I'm running ‘Fairphone Open OS’ (FPOOS) which is the version without the big blob of Google spyware. I thought I would write up some of my experiences.
This is written from the perspective of someone who is completely new to having a smartphone. When I started I didn't know anything really about Android.
I get my apps from f-droid (almost exclusively). f-droid is useful
but very annoyingly it has no reviews system, rating system, and not
even something like Debian's popcon. So picking apps is a bit of a
crapshoot.
Android is in some sense a Linux system but the filesystem organisation and operating system is not like a normal Unix.
The primary structure is an OS core, with ‘apps’. Each app has a uid, and a private data area for its stuff. Apps communicate with the OS and with each other via IPC facilities; there are standard ways of doing this. It all seems to be done via Java libraries.
SELinux is heavily used in addition to the traditional Unix permissions and POSIX ACLs.
The filesystem layout is quite different. Each app is in /data/data/. Apps store their settings and often their data in their private area. (The internal app name looks like a reversed domain name - this is Java influence.)
The partitions include a boot partition, a system partition which contains the OS and all app code and data, and a ‘storage’ partition which Android thinks of as an sdcard (even if it isn't). This is mounted on /sdcard but that is actually a weird FUSE view. On my FP2 the underlying storage is actually in /storage/emulated/0. (I don't know what happens if you have an actual sd card too.)
The storage is the user-visibile part of the filesystem and contains subdiredctories like DCIM, Download, etc. An example of the storage's use is that the camera app puts all the pictures you take there. The storage is shared amongst all apps; every app that has the ‘Storage’ permission can access it.
This is moderately easy to do with TWRP. TWRP is a pre-boot environment. The stock FPOOS image from Fairphone comes with it (albeit a slightly out of date version at the time of writing). You use it by rebooting with a vulcan nerve pinch (phone off; volume up plus power on, release volume up when FP logo shows). It then offers to let you back up.
The backup does not include the storage partition. It is put into the storage partition, in a directory called TWRP.
There it can be read by any app on your phone, so to avoid leaking all the secrets of your phone to every app, you could use the encryption feature in TWRP. This is rather annoying because AFAICT it means you have to manually enter an encryption key. Instead, I used chmod as root in Termux to make the TWRP directory inaccessible. This has to be done in the real storage area, not the FUSE mount (see above), because the FUSE view discards permission changes.
(AFAICT recent versions of TWRP support backing up to an attached computer instead.)
Using TWRP I was able to successfully backup my whole phone and restore it onto a replacemnt (see below) - apart from the media aka ‘storage’, which you have to do separately.
FPOOS TWRP has a bug in that the file boot.emc.win gets the wrong permissions in the backup so that it's not accessible via MTP. You can work around this with Termux, or you can access the files via adb (see below) which, if you say ‘adb root’ bypasses permissions.
Annoyingly, if you have ‘become a developer’ (by tapping the build number at the bottom of ‘About phone’ repeatedly), the option to switch the charging to USB is then buried in the Developer Options. Look for ‘Select USB Configuration’ about 45% of the way through. This is probably some kind of bug.
Also by turning the phone off you can boot it into a debugging mode and then access the whole phone via ‘adb’ on a computer. This is how I made my most recent backup: I used ‘adb root’ and ‘adb pull’ to fetch the backup made by TWRP, and the other contents of the storage, onto my computer. I then deleted the massive map files that Osmand+ had downloaded from the backup.
I wanted to buy the phone outright rather than on some kind of 2-year-long comes-with-a-sim deal. This wasn't made easy, but I did find it in the ‘business’ section of their website.
The badness of ‘thephone.coop”s customer support became relevant in large part because my first handset was faulty: it was crashy, using the built-in apps eg the camera, even. Luckily ‘thephone.coop’ replaced it without too much fuss.
The replacemnt handset seemed crashy too. Amazingly ‘thephone.coop’ do not have a stress test app or anything. After a lot of struggling I was able to satisfy myself that this was a software problem: one of my other attempts at backups involved ‘oandbackup’, and that seems to have been responsible.
This is written from the perspective of someone who is completely new to having a smartphone. When I started I didn't know anything really about Android.
Software Freedom
My phone is not running fully Free Software, but then neither is my laptop. I decided that was too high a bar. FPOOS has binaries for the phone baseband and hardware support. The phone baseband has complete access to the phone, and is probably full of bugs, so the security is not brilliant. I won't be using this phone as my TCB.I get my apps from f-droid (almost exclusively). f-droid is useful
but very annoyingly it has no reviews system, rating system, and not
even something like Debian's popcon. So picking apps is a bit of a
crapshoot.
Apps I would recommend
- Osmand+
- Signal. You have to get this from https://signal.org/android/apk/
- AnySoftKeyboard
- Satstat
- Termux (if you want to use this a lot, get a bluetooth keyboard)
- Lightning (lightweight web browser; I turn JS off)
Notes on the shape of an android system AFAICT
I am no expert on Android but as an old Unix hand I found many things confusing.Android is in some sense a Linux system but the filesystem organisation and operating system is not like a normal Unix.
The primary structure is an OS core, with ‘apps’. Each app has a uid, and a private data area for its stuff. Apps communicate with the OS and with each other via IPC facilities; there are standard ways of doing this. It all seems to be done via Java libraries.
SELinux is heavily used in addition to the traditional Unix permissions and POSIX ACLs.
The filesystem layout is quite different. Each app is in /data/data/
The partitions include a boot partition, a system partition which contains the OS and all app code and data, and a ‘storage’ partition which Android thinks of as an sdcard (even if it isn't). This is mounted on /sdcard but that is actually a weird FUSE view. On my FP2 the underlying storage is actually in /storage/emulated/0. (I don't know what happens if you have an actual sd card too.)
The storage is the user-visibile part of the filesystem and contains subdiredctories like DCIM, Download, etc. An example of the storage's use is that the camera app puts all the pictures you take there. The storage is shared amongst all apps; every app that has the ‘Storage’ permission can access it.
Backups
I'm a weirdo who thinks their computing devices should be fully backed up. Not ‘synced to the cloud’ - actually backed up.This is moderately easy to do with TWRP. TWRP is a pre-boot environment. The stock FPOOS image from Fairphone comes with it (albeit a slightly out of date version at the time of writing). You use it by rebooting with a vulcan nerve pinch (phone off; volume up plus power on, release volume up when FP logo shows). It then offers to let you back up.
The backup does not include the storage partition. It is put into the storage partition, in a directory called TWRP.
There it can be read by any app on your phone, so to avoid leaking all the secrets of your phone to every app, you could use the encryption feature in TWRP. This is rather annoying because AFAICT it means you have to manually enter an encryption key. Instead, I used chmod as root in Termux to make the TWRP directory inaccessible. This has to be done in the real storage area, not the FUSE mount (see above), because the FUSE view discards permission changes.
(AFAICT recent versions of TWRP support backing up to an attached computer instead.)
Using TWRP I was able to successfully backup my whole phone and restore it onto a replacemnt (see below) - apart from the media aka ‘storage’, which you have to do separately.
FPOOS TWRP has a bug in that the file boot.emc.win gets the wrong permissions in the backup so that it's not accessible via MTP. You can work around this with Termux, or you can access the files via adb (see below) which, if you say ‘adb root’ bypasses permissions.
Access from a computer
You can get files onto and off your phone with a microusb cable and a protocol called MTP. With the phone connected to the computer, you will get a notification saying ‘usb for charging’, tapping which will let you select ‘MTP (Media Transfer Protocol)’. You can then use programs in Debian like ‘gmtp’ to browse the storage area.Annoyingly, if you have ‘become a developer’ (by tapping the build number at the bottom of ‘About phone’ repeatedly), the option to switch the charging to USB is then buried in the Developer Options. Look for ‘Select USB Configuration’ about 45% of the way through. This is probably some kind of bug.
Also by turning the phone off you can boot it into a debugging mode and then access the whole phone via ‘adb’ on a computer. This is how I made my most recent backup: I used ‘adb root’ and ‘adb pull’ to fetch the backup made by TWRP, and the other contents of the storage, onto my computer. I then deleted the massive map files that Osmand+ had downloaded from the backup.
thephone.coop are rather poor
I had to buy my FP2 from ‘thephone.coop’ because Fairphone themselves were (and still are AIUI) out of stock. This was not good. ‘thephone.coop’ are terribly disorganised. I won't list all of the daft things they did but as a helldesk they are truly hellish.I wanted to buy the phone outright rather than on some kind of 2-year-long comes-with-a-sim deal. This wasn't made easy, but I did find it in the ‘business’ section of their website.
The badness of ‘thephone.coop”s customer support became relevant in large part because my first handset was faulty: it was crashy, using the built-in apps eg the camera, even. Luckily ‘thephone.coop’ replaced it without too much fuss.
The replacemnt handset seemed crashy too. Amazingly ‘thephone.coop’ do not have a stress test app or anything. After a lot of struggling I was able to satisfy myself that this was a software problem: one of my other attempts at backups involved ‘oandbackup’, and that seems to have been responsible.