I am looking into developing an app using the live video feed of a device's IR camera for a particular use case. My research was not very fruitful so far.
Question: Is there any device on the market letting me access the IR camera, stock or rooted? Are there custom ROMs or open drivers allowing this?
I know there is a Lineage OS (v.16) ROM for the Poco F1 with IR face unlock support. Is this a possible starting point, or is access to the IR camera also locked? If the latter, how is the access prevented? Via encryption of the video feed? Via a security subsystem, be it hard- or software? Or just via obfuscating how to interact with the device?
EDIT: The app I am planning does not have to run on many different devices. At the current project state it is only about creating a demonstrator, a proof of concept. And it is not about spying on people, in case anyone wonders about my cryptic first sentence. I am looking into alternative authentication options.
https://forum.xda-developers.com/poco-f1/themes/ir-camera-pocophone-t3886516
Related
Wanted to start a thread on this subject as I have yet to see anything regarding AfW anywhere in these threads.
Does anyone have any information on how the o/s will handle securely wrapping applications and how the o/s creates a second partition/perimeter that is secured from the personal side?
Google Android For Work if you haven't heard about it.
I'm wondering if a rooted device would be able to trick the MDM protected work perimeter to think it has a secure bootrom, recovery partition and valid o/s?
Anyone have a picture of what the filesystem difference looks like?
There's such little information on this, yet it was released with 5.0 lollipop and I'm sure if we reverse engineer the way it functions we could create our own pki enabled MDM open source solution. This would allow end users to freely use there phone without the fear of being snooped on by viruses, corporations for marketing purposes, etc. Overall an open source Mobile Iron solution is what I'm getting to.
Let me know what you guys think.
First I am looking for a device where I have full privacy control.
This means: If I install something like Skype or Whatsapp I could select manually which contacts should be available for that app. If I deny some rights, the app should be provided with fake data so that it still will run.
Which software and OS will do the job?
The next request unfortunately makes everything more difficult: I'd prefer a device with hardware keyboard.
Unfortunately the Blackberry Priv and Keyone cannot be rooted, so i guess I won't be able to get the privacy control I wish there.
The Galaxy S6/7/8 support a NFC keyboard cover, which won't work with custom ROMs (like Lineage OS). Maybe it would be possible to install Xprivacy on the standard ROM?
Any other ideas?
I was under the impression that on Android pie Google would allow all biometrics as options to login to apps instead of fingerprint only.
Is anyone successful with this?
I'm guessing no as face recognition isn't very secure.
Having said that I use the fingerprint sensor.
Huawei Mate20 Pro LYA-L09
taniwhatuu said:
I'm guessing no as face recognition isn't very secure.
Having said that I use the fingerprint sensor.
Huawei Mate20 Pro LYA-L09
Click to expand...
Click to collapse
This is not the standard face recognition that most android phones use. This is with a dot projector and infrared light like the iPhone X models
I think it requires 3rd party developers to implement. Can't really see this happening as only a few phones have the 3d face scanning built in. I mean I think even Huawei doesn't have any apps that uses this technology i.e vault or secure notes.
Faspaiso said:
I was under the impression that on Android pie Google would allow all biometrics as options to login to apps instead of fingerprint only.
Is anyone successful with this?
Click to expand...
Click to collapse
I haven't tried my banking app yet but google pay uses it.
It is also just as secure as fingerprint and as secure as iphone.
addicted2phones said:
I think it requires 3rd party developers to implement. Can't really see this happening as only a few phones have the 3d face scanning built in. I mean I think even Huawei doesn't have any apps that uses this technology i.e vault or secure notes.
Click to expand...
Click to collapse
It was just my understanding that Google implemented it for Pie the same way as for iOS. The apps for ios is just coded for biometric. No need to specify if it should be faceID or an older touchid phone.
So the apps should just ask for biometric authentication and therefor it should use whatever I has active.
The app developer would need to code it for FaceID, both my banking apps have settings within the app to use fingerprint login, there would be a setting required to provide faceID login likewise. The same also applies to my phone carriers usage meter, they have only just modified it for fingerprint login.
Sent from my HUAWEI LYA-L09 using XDA Labs
There is currently no Android standard for face unlock so using it as an identification for banking apps or making payments would be very insecure. Different Android phones currently use different methods to implement face unlock and some of those methods can be bypassed with a photograph.
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
I too would be interested to hear about anyones experience regarding this OS
johndoe118 said:
Hey guys,
what do you think about GrapheneOS? (https://grapheneos.org)
I think there are some disadvantages:
- only Pixel devices (because only these have some security "flags")
- no root access
- hardcoded Google domains
and some advantages:
- good hardware support
- hardenized aosp
- closed bootloader after flashing
Now I would like to discus about this ROM
Click to expand...
Click to collapse
I'm interested in this ROM too. I have a Pixel 3a. I haven't flashed it yet because I'm trying to find out what people's experiences are first. There doesn't seem to be a lot of posts about it. Did you ever flash it? Also, what do you mean by "hardcoded Google domains"?
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi. That was one reason why I lost interest in the ROM. The other was the limited device support and missing root access. I absolutely need access to the iptables. As a one-man show, the ROM can be adjusted at any time.
johndoe118 said:
Well, the captiveportal contacts the Google servers regularly when you connect to a WiFi.
Click to expand...
Click to collapse
Do you have some kind of reference for that? I'm using it now and would really like some proof to bring up in their subreddit as a WTF.
graphene seems great, no root does not
I don't want the bootloader locked.
I want Magisk extensions
I need root for LP _only_ to remove ads. Is there something like LP that allows (interactively) disabling app activities?
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
HTTPS: https://www.google.com/generate_204
HTTP: http://connectivitycheck.gstatic.com/generate_204
HTTP fallback: http://www.google.com/gen_204
HTTP other fallback: http://play.googleapis.com/generate_204
Click to expand...
Click to collapse
nay_ said:
hardcoded google domains info from faq
https://grapheneos.org/faq#device-support
Click to expand...
Click to collapse
Thanks, right from there
I have Graphene OS taimen-factory-2020.07.06.20.zip on my Pixel 2 XL.Under "System update settings" is "Check for updates" but nothing happens if I tap.Only the field becomes darker.Has someone experience with this?
Update with adb sideloading to 2020.08.03.22 works.
OTA update from 2020.08.03.22 to 2020.08.07.01 likewise.
I'm personally not a fan of these kinds of projects, they aren't really all that 'secure', you're still using proprietary vendor blobs and such
help please
Hello! In the description
I pointed out that you can change servers just not through the GUI.
Has anyone tried this?
```
Providing a toggle in the Settings app for using connectivitycheck.grapheneos.org as an alternative is planned. The option to blend into the crowd with the standard URLs is important and must remain supported for people who need to be able to blend in rather than getting the nice feeling that comes from using GrapheneOS servers. It's possible to use connectivitycheck.grapheneos.org already, but not via the GUI.
```
captive portal leak + location services data leak
Few points:
1. General idea is that privacy/security oriented OS (as graphene is advertised) should limit network activity as much as possible, and not ping google using captive portal service every few seconds providing perfect IP-based location to google
It is possible to switch it off, but should be off by default
2. Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google):
"blog.wirelessmoves.com/2014/08/supl-reveals-my-identity-and-location-to-google.html"
Graphene still allows those connections (check their FAQ on website)
W/O root no way to switch this off. Even some devices ignore config files and still leak data (on the level of cellular modem most probably)
3. Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
w/o root no way to install afwall to block everything
Is graphene built-in firewall capable of blocking system services from network access?
Hello together,
does anyone know why the ToF sensor on the 1 III isnt supported by the ARCore Depth API (see [1]) and if there will be a fix in the near future?
Are there any 3D scanner apps that can utilize the ToF sensor without relying on ARCore or is there an alternative ROM with ToF support?
Best regards,
some XDA greenhorn
[1] https://github.com/google-ar/arcore-android-sdk/issues/1327
Your github link already has the answer. It isn't supported because Sony did not implement the Depth API to use their TOF sensor. Simple as they didn't do it. This is the drawback of an "open" operating system. It is up to the OEM/Vendor/Manufacturer to implement features that are not "mandatory" by the OS creator, Google.
Why they didnt do it we will never know. It might be a way to reduce development costs. Maybe Sony thinks that their target market will only use the TOF for photography and not for anything else.
So there are no other apps that can take advantage of something that to the apps knowledge does not exist. Only Sony apps can "see" the TOF sensor, it is not exposed outside of that. No other apps will be able to see it unless they know how to access whatever API Sony maybe using. Or maybe Sony just access the TOF sensor directly in the camera app only, there is no API involved.
Maybe a third party rom can expose it if they can figure out how to access it, either via drivers released by Sony, or by their own trial and error, reverse engineering, etc.