Android ham radio? It's possible! 📻

https://news.itsfoss.com/android-open-source-ham-radio/

Small but mighty? Raspberry Pi 5 takes on 9 popular LLMs!

https://itsfoss.com/llms-for-raspberry-pi/

Amir Taaki
@Narodism
States track our phones using the #IMEI code. But you can change it. They don't want people to know. This info is kept secret.

But today I am making it public in this guide. You will get a hotspot usable with any phone that protects your IMEI from the government for $300.

Your phone broadcasts 2 pieces of info: the IMEI which is tied to the phone's hardware and the IMSI which is tied to the SIM card. To change the IMSI, simply use change your SIM card every so often.

The Pinephone allows you to change this number. Here's a guide to setup the phone for this. You will need a Pinephone, a micro SD card and an adapter for your computer.

Terminology

There are 3 storage types: SPI-NOR, eMMC and the SD card.

The SPI-NOR stores the bootloader. The eMMC is internal memory for the OS. We will use the SD card to load the bootloader into the SPI-NOR.

Setup the Installer Environment

We install the OS to the pinephone using a tool called pmbootstrap, but it needs root access. So I instead made a VM with a USB passthrough and installed Manjaro Linux there.

You can do this with virt-manager, then add a new VM with the Manjaro VM and install it. Then inside Manjaro, you can install spice guest tools for more seemless integration (optional).

For the USB passthrough, I had to edit /etc/libvirt/qemu/manjaro.xml, where I added this code:

<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none'/>
<source dev='/dev/sdb'/>
<target dev='vdb' bus='virtio'/>
<address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
</disk>

(replace /dev/sdb and the other details with the relevant info you need)

Now when I boot the VM, I see a device called /dev/vdb which corresponds to my host computer's /dev/sdb.
Install pmbootstrap and we're ready to go.

Install PostmarketOS

We will install PostmarketOS with SXMO which is a tiling WM. It's quite easy to learn, just read the userguide. Don't be lazy. But if you're a normie, fine you can use Phosh instead which is just like Android.

Using pmbootstrap

Now connect the Pinephone Pro to your computer and put it in the mount mode (blue light), and it should appear on your computer with lsblk.

Inside the Manjaro VM, perform the install:

pmbootstrap zap
pmbootstrap init
pmbootstrap install --fde --sdcard=/dev/vdb ----cipher aes-cbc-essiv:sha256

We need the cipher option due to bug #2916 on postmarketOS bug tracker.

Install Bootloader

Now on your normal machine, put the tow-boot installer. Download tow-boot's spi.installer.img and dd to your SD card. Follow the SPI installer instructions.

Now your phone should boot pmOS.

Tweaks

Disable suspend in System Menu -> Config -> Auto-suspend / Auto-screen-off.

Optionally install an Arch Linux chroot for access to more packages you might not have in pmOS.

IMEI Changing

Now for the juicy part of the guide.

SSH is enabled by default, so SSH in. On your phone, open a terminal and type ip a to find your IP. Then just use ssh username@XXXX. Now sudo su as root. Create this file /root/.bashrc.

alias show-imei="echo 'AT+EGMR=0,7' | atinout - /dev/EG25.AT /dev/stdout"

function _set_imei() {
IMEI=$1
echo "AT+EGMR=1,7,\"$IMEI\"" | atinout - /dev/EG25.AT /dev/stdout
}
# Vanity, I prefer - to _ for cmds ;)
alias set-imei=_set_imei

Now reload your shell using source ~/.bashrc. You now have the commands show-imei and set-imei XXXXX.

To get the IMEI code, we will impersonate legit devices. I scraped all the TAC code prefixes from public DBs and made a little util for that. Download it from github: narodnik/immi. You simply run ./imeichanger.py and it gives you an IMEI code you can put into set-imei.

Mobile Internet + Wifi Hotspot Tethering

Put your SIM in. Now you have cellular.

To activate mobile internet, you need to add your GSM. Do this in System Menu -> Add a GSM Network. You can find the details online by Google. Usually your phone provider will even send you the details via SMS.

OK now you have mobile internet. Making the Wifi hotspot tether is super easy. Just go in System Menu -> Networks -> Add a Wifi Hotspot and enter the hotspot details.

Finally whenever you want to put your phone in "airplane mode", just go to System Menu -> Networks -> Disable GSM.

Final Tips and Tricks

You may want to configure or disable the firewall.

SSH comes preconfigured but you might want to disable password logins.

Received SMS are stored in ~/.local/share/sxmo/modem/ as text files so you can read them comfy from your computer with SSH.

Pipewire is installed native. You can even install a node editor like qpwgraph so you can pipe audio to multiple audio devices simultaneously. Cool af huh?

See the SXMO tips and trickspage on pmOS wiki.

F-Droid is the first third-party app store to support Android 15's app archiving feature!

The popular repository for FOSS apps is preparing to add support for app archiving in its next release, using new APIs Google added in Android 15.

🔗Details in this article on Android Authority.

(The contributor who submitted the patch to add app archiving support to F-Droid used my articles as background ❤️. I love when my articles help developers!)

Checking in on Google Anti-Trust. Nothing the DOJ does is good. What is their purpose behind these moves?

https://arstechnica.com/tech-policy/2024/10/googles-ai-deals-could-hurt-its-search-monopoly-appeal-expert-says/

Microsoft Reports 7,000 Password Attacks per Second
https://www.gizchina.com/2024/10/16/microsoft-digital-defense-report-2024/

Also interesting guide's 👆👆👆

Deal With It

GIF emoji generator. All done artisanally and securely in your browser.

🔗 Links:
- Website
- Screenshots
- Features
- Source Code

🌐 @popmodsnetwork
🎁 Donate to our admins
🏷 Tags: #Website #Online #Fun

#PixelWeather

Google is working on a silly gimmick for the Pixel Weather app

✅ More Details - https://www.androidauthority.com/google-pixel-weather-app-update-weather-vibrations-3491337/

@GappsLeaks

👥 Follow me on
• Threads | • Mastodon | • X

🚨 Zero Trust in Google Workspace: Don’t Wait Until 2025 to Start! 🚨

Nearly 50% of companies planning to implement Zero Trust security within #googlecloud environments in 2025 struggle with getting started due to challenges like handling granular access controls, monitoring and auditing. Facing similar roadblocks?

💼 Join ex-Google expert Mikael Klambro and the Zenphi_co team in this free webinar to learn practical solutions, including:

▶ Automating user access controls 🌐
▶ Managing least privilege access for employees and third-party collaborators 👥
▶ Ensuring secure collaboration in a cloud-first environment ☁️

🎁 Bonus: Register now to receive our Zero Trust Implementation Blueprint—a resource that will not only enhance your organization’s #datasecurity but also set you apart as a top-tier Google Workspace and cybersecurity professional.

💡 Stay ahead of the curve in #accessmanagement and prepare your organization for 2025 — don’t miss it!

https://thn.news/zero-trust-gworkspace-webinar

I ment to post this a while back when it was being discussed...

You should also avoid buying phones preloaded with /e/ OS (sometimes branded as the Murena phones). /e/ OS in itself is extremely insecure, engaging in security bad practices that include, but are not limited to, not supporting verified boot; shipping userdebug build; shipping months-old version of Chromium; and bundling years-old version of Orbot into their operating system, then marketing it as “Advanced Privacy”. There was also a recent incident where their cloud service mishandled session keys and gave users access to other’s files, then proceeded to mislead users that the server cannot see their files, despite there being no end-to-end encryption.
You should also be very wary of low quality privacy branded phones like the Freedom Phone, BraX2 Phone, Volta Phone, and the like. These are cheap Chinese phones with the Mediatek Helio P60 from 2018, which has already reached or is near end-of-life. Needless to say, you should also avoid any vendor...

https://privsec.dev/posts/android/android-tips/

lots more tips at the link.