Okay, this is neat! A true mesh networking bluetooth app- The other one that's notable, Briar is super impressive - but i think it doesn't actually have proper mesh capability due to difficulties with how devices handle things
Where I come from: I've worked for NASA , as a System Administrator and Operational Test Conductor,helping to run field ops as well as maintain security , provision and administer their launch systems.
I've helped run operations involving multiple sites and multiple groups around the Country to that involved testing aspects of space hardware ,software involving multiple various teams and groups.
I currently am part of the requirement testing process for NASA's Launch Control Software and help design tests,and ensure the software is up to spec , and validate requirements for Artemis 2 and 3 actually putting the software through it's paces.
I'm a team-orientated, friendly, detail focused technologist with a eye towards expanding and delving more into the development side of tech, leveraging my experience in administration and operations over, and getting a little deeper to working with the innards that make things tick and being able to tweak them,.
Stripped version of my resume at https://ibb.co/tpqYm7nF I can be reached at lwir.voltage385@slmails dot com
... These sorts of patterns do not help at all, and will hurt those who have critical need for apps without a lot of users.
Speaking as somebody, who owns some mid-grade thermal cameras that stopped production in the past few years after a decade run, that depended on and are solely controlled and run on apps that were removed from the app store or no longer can run on modern phones because they are in 32-bit format ; this sort of thing would further punish that type of software and only speed up its demise.
When you spend thousands and thousands and thousands and of dollars and resources into getting unique capabilities like that, that can only be controlled through Android apps often, and is the only way to get that capability for some (this will apply to multiple and I imagine with niche capabilities that only have one or two methods of Access)
- this hurts a lot of opportunity, and this type of dark anti-pattern is far too blunt
They don't give a fuck. Just like Microsoft doesn't give a fuck about casual users running older software, or Apple doesn't give a fuck about power users who don't need their hands held through everything on their goddamn computers.
All these gigafuck companies have a minimum viable user in mind: someone who has disposable income, free time, and wants to use their phone to shop for shit or endlessy scroll on whichever social they happen to like most, and that's what their products are designed to do. Everything else is ancillary.
Spoken as someone who works on a niche app for both platforms that works with hardware we make: we get NO support. Arbitrary system changes fuck up our app constantly, without notice, and we have no recourse but to fix it ASAP and tell people to not update.
All the manufacturer has to do is publish an APK on their website. If all apps did this, Google would have no power. It's very easy for a volunteer to host the APK somewhere in an archiving effort. Much easier that it ever has been on iOS.
Yeah, but if you're a new app, Google doesn't let you have your APK signing keys, so you either have to go through Google to get an APK you can publish (with all the resources), or users can't cross-upgrade because on phone storage is tied to the signing key.
A Veracrypt style hidden OS profile that is forensically invisible would be a better option - This would allow one to enter a password and give another "profile" or OS- that unlike current alternate profile stuff- would be solid against Cellebrite and GreyKey snooping into the device, and it'd be impossible to tell there was a hidden user/etc on it
Does obtaining Global Entry minimize the chance of them deciding to harass a citizen crossing the border, I wonder? It is at the cost of your biometric - but data on your devices might be worth more, and as I note elsewhere in this thread, you can image a computer and back it up fully, but not a phone without some data loss, unfortunately. [ TWRP possibly can do it right perhaps, but it requires unlocking the bootloader (which wipes the phone), and once bootloader is unlocked, it's more vulnerable to Cellebrite and company, to my understanding, ]
seeing the latest (leaked?) Cellebrite info from 2024 Summer- BFU State[Before First Unlock state] after posting on, modernimoPuxelsiPhones on the latest OS, and graphene devices see moto be the hardest to get into.
Anyway- , with computers - this was a solved problem from a technical standpoint- Yes I'm talking Truecrypt then, and today Veracrypt. The Hidden Container feature is impressive- but the Hidden OS feature allows for a truly hidden OS behind the scenes that can't be found at all. However, there's a unfortunate weakness that makes this hard to use today- it's limited to MBR , not UEFI [GPT]systems- so unless you like your computer not being able to have more than 2 Tb - and only 4 partitions (so good luck If you do a lot of stuff from dualbooting to other whatnot)
We need a Veracrypt Hidden OS equivalent for UEFI systems that's truly undetectable.(That also will work for Linux and maybemeMac not just Windows as Veracrypt currently does - you can only make the Hidden Volumes on the non Windows versions of VC)
There was one project to do it - and there were articles and a black hat presentation on 'Russian Doll Steganogrpahy" for a OS- but it didn't go anywhere from what I can tell, and everyone is now wide open .... Unless you have a MBR system. I also think I've heard UEFI is more easily secured than MBR in general and for the foreseeable future...
This annoys me to no end and is a serious problem in my own use cases...
This is an issue I face- I have a collection of thermal cameras that use apps to control them- after every install onto a phone, they then reach out t oa server to authenticate.
Here's the issue- though I have a few older phones- these apps are 32 bit ones, so no modern phone after Android 13 will run them. And they are all now not on the app store anymore,as they all came out about around 2016. i did use a APK extractor to pull the APKs to store them - but the native backup functionality wouldn't capture that authorization in the future, I might rob myself of my ability to use some extremely expensive, and long-term invested capable hardware, by backing up and restoring-
I suspect a full image would solve this problem, but I don't think one can do that outside of things like TWRP- but that requires unlocking the bootloader, and if you do that it wipes your device- AND is more vulnerable to Custom's usage of Cellebrite and etc, to my undertanding.
I don't have this issue with laptops ,as I can fully image them and wipe and restore ahavend have a perfect replica/ no issues. But my thermal cameras do not run off of PC and th eform factor wouldn't work if they did
Veracrypt. It's successor, keeps this feature - of allowing for a truly hidden OS- but there's a HUGE flaw everyone missed- it requires your laptop to be setup as MBR-= which only allows for 4 partitions, and you can't have more than like 2 TB of filespace on it total.
We need a similar solution for UEFI- that allows for truly hidden, foolproof hidden OS installs.
This is something no on discusses but I've wondered heavily- GRUB can be made to not show a menu and then boot up Windows automatically, in like a second or two with no one the wiser. [There is an obnoxious welcome to grub message that pops up now but I see a public project out there that solves this very easily called GRUB shusher]
I don't know if other bootloaders outside GRUB have a silent/hidden start option, as well in a similar vein that would require you to hit a key in that first second to get the menu to appear, or else it just boots up normally
I wonder about the other approach, just going into the BIOS nad changing the order so Windows boots first, which should be doable in some setups. Lock the BIOS with a password, and you're in not bad shape. (Not sure if Secure Boot being enabled could also help here - probably couldn't hurt)
My approach would be to rename the Grub EFI image to something silly like "HP Windows Recovery", then set Windows to boot first. Someone could smash F11 then select the recovery option to make sure it was really recovery... but the average Keystone Kop at CBP would probably not figure this out. In fact, I think they would just turn the machine on, see it start to boot Windows, shrug, and turn it off again. If they image the machine, they can find that it has Linux with forensics, but I really struggle to imagine anyone caring enough to chase me down after the fact.
I am a US citizen though. The only real goal for me at CBP is to avoid secondary at all. I'm not worried at all about them coming for me after I leave the airport. If that sort of stuff starts to happen... I am screwed anyway. They can find records of everything I've said by just compelling US companies to disclose it to them.
Any examples of the silent GRUB setup? Sounds interesting.
I left a comment about Veracrypt offering the Hidden OS feature, with two passwords - one for the dummy OS and one for the real OS. However it doesn't seem to be supported anymore on Windows 11 or modern hardware, the option is greyed out on my laptop with no explanation.
This is an issue I face- I have a collection of thermal cameras that use apps to control them- after every install onto a phone, they then reach out t oa server to authenticate.
Here's the issue- though I have a few older phones- these apps are 32 bit ones, so no modern phone after Android 13 will run them. And they are all now not on the app store anymore,as they all came out about around 2016. i did use a APK extractor to pull the APKs to store them - but the native backup functionality wouldn't capture that authorization in the future, I might rob myself of my ability to use some extremely expensive, and long-term invested capable hardware, by backing up and restoring-
I suspect a full image would solve this problem, but I don't think one can do that outside of things like TWRP- but that requires unlocking the bootloader, and if you do that it wipes your device- AND is more vulnerable to Custom's usage of Cellebrite and etc, to my undertanding.
I don't have this issue with laptops ,as I can fully image them and wipe and restore ahavend have a perfect replica/ no issues. But my thermal cameras do not run off of PC and th eform factor wouldn't work if they did
This is an issue I face- I have a collection of thermal cameras that use apps to control them- after every install onto a phone, they then reach out t oa server to authenticate.
Here's the issue- though I have a few older phones- these apps are 32 bit ones, so no modern phone after Android 13 will run them. And they are all now not on the app store anymore,as they all came out about around 2016. i did use a APK extractor to pull the APKs to store them - but the native backup functionality wouldn't capture that authorization in the future, I might rob myself of my ability to use some extremely expensive, and long-term invested capable hardware, by backing up and restoring-
I suspect a full image would solve this problem, but I don't think one can do that outside of things like TWRP- but that requires unlocking the bootloader, and if you do that it wipes your device- AND is more vulnerable to Custom's usage of Cellebrite and etc, to my undertanding.
I don't have this issue with laptops ,as I can fully image them and wipe and restore ahavend have a perfect replica/ no issues. But my thermal cameras do not run off of PC and th eform factor wouldn't work if they did
(See: https://old.reddit.com/r/Briar/comments/gxiffy/what_exactly_...
https://news.ycombinator.com/item?id=43363031 }
Anyway, -Question: I take it Murmur is end to end encrypted fully? Also, just curious if this is open source?
This could become SUPER useful- having a actual mesh networking Bluetooth app , if it's open source/E2EE!