<Wizzup>
where is cal used, other than for lock codes?
<Wizzup>
like, what other data is stored
<freemangordon>
some certificates, iirc
<freemangordon>
battery calibration data
<freemangordon>
wlan calibration
<freemangordon>
BT/wlan mac addresses
<freemangordon>
device/os data (device type, os release, etc)
<freemangordon>
or, we can do nandsim specific per device
<freemangordon>
and reuse some of the android partitions, somehow
<Wizzup>
I don't think we want to re-use android partitions
<Wizzup>
I'd much prefer loopback to any physical partition reuse
<freemangordon>
loopback on a file on abdroid partition was my idea
<freemangordon>
*android
<freemangordon>
that way reinstalling leste will not lead to data loss
<freemangordon>
als, we shall choose android partition in such a way that reionstalling android will not wipe it as well
<Wizzup>
is data loss really a problem is you reinstall leste?
<Wizzup>
I always found it kinda of crazy that lock code could live through fremantle flashing
<Wizzup>
I don't think the lock code should live through a reinstall
<Wizzup>
in any case I think we agree on loopback
<freemangordon>
Wizzup: the point of lock code surviving reflash is that it is a security feature that shall not be easily removed, like, if the device is stolen
<freemangordon>
so it makes perfect sense to me to survive
<freemangordon>
so, nandsim+loopback on file?
<freemangordon>
btw, IIRC nandsim can do loopback on its own
<freemangordon>
no need to do loopN
<freemangordon>
not 100% sure though
<Wizzup>
I don't think it makes sense since it's easy to reflash any/all android devices and partitions
<freemangordon>
even recovery partition?
<Wizzup>
btw, I don't think our current wlan calibration saves things to cal, just to disk
<Wizzup>
(which is probably not a bad thing)
<Wizzup>
freemangordon: probably depends on the device
<freemangordon>
well, on n900 CAL wln calibration is something written during the production
<Wizzup>
yeah, we do it on first boot
<freemangordon>
ok, we can at least try to come-up with something that is persistent across reinstalls
<Wizzup>
if we end up only storing the lock code in it, I'm not sure if it really matters that much
<freemangordon>
we can store battery calibration data as well
<freemangordon>
but yeah
<freemangordon>
the other option is to get rid of libcal
<freemangordon>
for lockcode at least
<sicelo>
android partition doesn't sound like good idea. there's pinephone
<freemangordon>
so?
<sicelo>
it doesn't have android partition. someday someone might port librem5 too
<freemangordon>
by "android partition" I mean any partition that was created by the manufacturer on either eMMC or nand or whatever internal storage
<Wizzup>
freemangordon: there is just mmc that it flashed by anyone on pinephone
<Wizzup>
so there's no well defined structure or anything
<freemangordon>
I think all of the devices have some partition that is dedicated to storing persistent data
<Wizzup>
but if we don't actually want the lock code to persist, why bother?
<freemangordon>
well, don;t know then
<freemangordon>
but, we want to
<Wizzup>
I don't :D
<sicelo>
:-P
<freemangordon>
otherwise it is more or less useless
<Wizzup>
I've read some horror stories online about people having to use john to unlock their fremantle device
<Wizzup>
that they bought online
<Wizzup>
freemangordon: this is not true, the lock code prevents people from getting immediate access to your phone
<freemangordon>
that's the point
<Wizzup>
and to your data, rather
<freemangordon>
not only
<sicelo>
Wizzup I agree that lock code should persist if possible
<freemangordon>
it should make it as hard as possible
akossh has joined #maemo-leste
<Wizzup>
it's all 'easy mode' at this point
<Wizzup>
even for the n900 there are relatively easy known ways to defeat it
<freemangordon>
it is not, if you have encrypted fs
<Wizzup>
in any case for the threat model we can disregard nand and libcal, as they add nothing there
<freemangordon>
BTW, maybe we shall integrate lockcode with encryptfs
<Wizzup>
I don't think a digit code is strong enough for fs encryption
<freemangordon>
I think it just protects the keys anyway
<Wizzup>
maybe as a way to unlock the real password/key
<freemangordon>
yes
<Wizzup>
in any case I have doubts as to whether we want to keep libcal if it's just for lock code, if we're going to look at FDE eventually, we probably do something more simple
<Wizzup>
at the same time we have to be careful with how we more forward, if we for example implement lock code now by saving it to some /etc/ file, then any future changes might lock users out of their device
<Wizzup>
how we move*
<Wizzup>
this might be too much of a distraction too, atm :)
<sicelo>
fde is a good goal for the future, yes. it's the modern way to secure things, and users expect it
<Wizzup>
wonder if we want the system data to separate from that
<Wizzup>
probably not I guess
<Wizzup>
if it was me I'd want to add plausible deniability