maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   MeeGo / Harmattan (https://talk.maemo.org/forumdisplay.php?f=45)
-   -   Announcing INCEPTION: Deeper access to your N9 [0.1.1] (https://talk.maemo.org/showthread.php?t=82835)

itsnotabigtruck 2012-03-06 06:00

Announcing INCEPTION: Deeper access to your N9 [0.1.1]
 

I N C E P T I O N
Your phone is the scene of the hack
Interim Release 0.1.1

The Nokia N9 is an amazing piece of hardware running an amazing mobile OS. However, advanced users have often been frustrated by its sometimes-limiting Aegis security system. Aegis, like many other security frameworks, blocks many legitimate tasks beyond truly dangerous activity, and makes it difficult to customize your N9 to run on your terms.

This problem is one of the past: INCEPTION allows you to assume direct control and liberate your Nokia N9's full potential.

INCEPTION is:

  • Easy. INCEPTION allows you to open up your N9 in less than five minutes, with no need for a PC.
  • Safe. INCEPTION makes no major changes to your N9 on its own - it merely unlocks the door so that you can use your own discretion. INCEPTION can be uninstalled at any time with no side effects.
  • Effective. With INCEPTION, the only limits on what you can do with your N9 are your own. INCEPTION turns the N9 into what could be the most powerful and open handheld device on the market.

INCEPTION doesn't disable or remove Aegis by itself - it just puts you in the driver's seat.

The success of this project relies on building a community of users with access to such packages, so please spread the word and help make sure no N9 user is left in the dark.

The INCEPTION website provides comprehensive information on capabilities, risks, and instructions for getting started.

Instructions and download: Official site
Chat about INCEPTION: #inception on Freenode

Note: The developer mode update released on 2012-04-16 prevents the previous version of INCEPTION, 0.1, from being enabled. If you have installed the recent updates, make sure to use INCEPTION 0.1.1 in order to become incepted.

If INCEPTION has improved your N9 experience, a small donation would be greatly appreciated - scroll to the end of the official site

SamGan 2012-03-06 06:32

Re: Announcing INCEPTION: Deeper access to your N9
 
With great power comes great responsibility.

Does this mean that developers will be able to make use of inception to produce apps with deeper access?

SaQ 2012-03-06 06:49

Re: Announcing INCEPTION: Deeper access to your N9
 
WHOOO!! This is great. Now we just need to wait, what all developers and hackers can made from this :D

itsnotabigtruck 2012-03-06 07:02

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by SamGan (Post 1175022)
With great power comes great responsibility.

Does this mean that developers will be able to make use of inception to produce apps with deeper access?

That's exactly what INCEPTION is all about. It allows developers to build, and users to install, apps and mods that take advantage of the full spectrum of access to the N9. All privileges are now within reach.

Fuzzillogic 2012-03-06 09:03

Re: Announcing INCEPTION: Deeper access to your N9
 
Ohhh this is very welcome! But.. how does it work? I don't mean the user manual, that's clear enough, but how can it work? What technique is employed? There's some signing going on in the source code, but how can that work if you don't have Nokia's keys?

coderus 2012-03-06 09:17

Re: Announcing INCEPTION: Deeper access to your N9
 
thanks, fully working, opensh now have all maemo caps.

coderus 2012-03-06 09:22

Re: Announcing INCEPTION: Deeper access to your N9
 
Code:

~ $ opensh


BusyBox v1.20.0.git (MeeGo 3:1.20-0.1+0m7) built-in shell (ash)
Enter 'help' for a list of built-in commands.

/home/user # accli -I
Current mode: normal
IMEI: 357923040175103
Credentials:
        UID::root
        GID::root
        CAP::chown
        CAP::dac_override
        CAP::dac_read_search
        CAP::fowner
        CAP::fsetid
        CAP::kill
        CAP::setgid
        CAP::setuid
        CAP::linux_immutable
        CAP::net_bind_service
        CAP::net_broadcast
        CAP::net_admin
        CAP::net_raw
        CAP::ipc_lock
        CAP::ipc_owner
        CAP::sys_module
        CAP::sys_rawio
        CAP::sys_chroot
        CAP::sys_ptrace
        CAP::sys_pacct
        CAP::sys_admin
        CAP::sys_boot
        CAP::sys_nice
        CAP::sys_resource
        CAP::sys_time
        CAP::sys_tty_config
        CAP::mknod
        CAP::lease
        CAP::audit_write
        CAP::audit_control
        CAP::setfcap
        CAP::mac_override
        CAP::mac_admin
        GRP::root
        GRP::daemon
        GRP::bin
        GRP::sys
        GRP::adm
        GRP::tty
        GRP::disk
        GRP::lp
        GRP::mail
        GRP::news
        GRP::uucp
        GRP::man
        GRP::proxy
        GRP::kmem
        GRP::dialout
        GRP::fax
        GRP::voice
        GRP::cdrom
        GRP::floppy
        GRP::tape
        GRP::sudo
        GRP::audio
        GRP::dip
        GRP::www-data
        GRP::backup
        GRP::operator
        GRP::list
        GRP::irc
        GRP::src
        GRP::gnats
        GRP::shadow
        GRP::utmp
        GRP::video
        GRP::sasl
        GRP::plugdev
        GRP::staff
        GRP::games
        GRP::libuuid
        GRP::pulse
        GRP::pulse-access
        GRP::pulse-rt
        GRP::cal
        GRP::users
        GRP::input
        GRP::i2c
        GRP::adc
        GRP::upstart
        GRP::crypto
        GRP::metadata-users
        GRP::phonet
        GRP::signon
        GRP::csd
        GRP::messagebus
        GRP::gallerycoredata-users
        GRP::acm
        GRP::osa
        GRP::calendar
        GRP::libaccounts-noa
        GRP::lpm
        GRP::visualreminder
        GRP::nfc
        GRP::location
        GRP::slpgwd
        GRP::haldaemon
        GRP::powerdev
        GRP::developer
        GRP::ssh
        GRP::spool
        GRP::nogroup
        tcb
        libbb5-secbins::SEE_CCCWrite
        libbb5-secbins::SEE_DBIWrite
        libbb5-secbins::SEE_HWCWrite
        libbb5-secbins::SEE_NPCWrite
        libbb5-secbins::SEE_SecStorageMaintenance
        libbb5-secbins::SEE_SuperDongleWrite
        libbb5-secbins::SEE_SuperDongleOperation
        libbb5-secbins::SEE_SimLock3Write
        libbb5-secbins::SEE_SimLock3Operation
        libbb5-secbins::SEE_TerminalResponce
        libbb5-secbins::SEE_DeviceLockControl
        aegis-enabler::tcb-sign
        tracker::tracker-extract-access
        tracker::tracker-miner-fs-access
        libaccounts-noa::accesssvt
        package-manager::packagemanager_limited
        package-manager::packagemanager_private
        icd2::icd2-plugin
        Cellular
        TrackerReadAccess
        TrackerWriteAccess
        Location
        FacebookSocial
        dsme::DeviceStateControl
        aegisfs::AegisFSMountAdd
        aegisfs::aegisfs-verify
        signond::keychain-access
        signond::ssoProtectedWriteAccess
        signond::ssoProtectedReadAccess
        telepathy-spirit::telepathy-spirit
        mce::CallStateControl
        mce::DeviceModeControl
        mce::LEDControl
        mce::TKLockControl
        mce::SensorControl
        csd-base::csd-plugin
        usb-moded::usb-moded-dbus-bind
        usb-moded::USBControl
        timed::TimeControl
        timed::TimeBackup
        timed::TimedEventQueueWrite
        bme::BatteryControl
        applauncherd-launcher::access
        libaccounts-glib0::accounts-glib-access
        libaccounts-glib0::t
        libaccounts-glib0::tok
        smartsearch::RelevanceAllContentTypes
        account-plugin-skype::skype-access
        account-plugin-skype::sso-encryption-token
        phonet-at::acm-plugin
        account-plugin-ovi::noaaccess
        account-plugin-ovi::sso-encryption-token
        caldav-plugin::access
        account-plugin-caldav::sso-encryption-token
        account-plugin-caldav::caldav-access
        account-plugin-facebook::sso-encryption-token
        account-plugin-facebook::access-control
        account-plugin-flickr::flickr-access
        account-plugin-google::sso-encryption-token
        account-plugin-google::access-control
        account-plugin-sip::sso-encryption-token
        account-plugin-sip::access-control
        account-plugin-twitter::sso-encryption-token
        account-plugin-twitter::access-control
        account-plugin-youtube::sso-encryption-token
        account-plugin-youtube::access-control
        aegis-certman-common-ca::CertCACommonAdd
        aegis-certman-common-ca::CertCAGlobalCodeSignAdd
        aegis-certman-common-ca::CertCASSLAdd
        aegis-certman-common-ca::CertCAWifiAdd
        aegis-certman-common-ca::CertCASMIMEAdd
        aegis-certman-common-ca::CertCACodeSignAdd
        aegis-certman-common-ca::CertUserSSLUse
        aegis-certman-common-ca::CertUserWifiUse
        aegis-certman-common-ca::CertUserSMIMEUse
        aegis-certman-common-ca::CertCACodeSignUse
        devicelock::ProvisioningSettings_PasswordForceChange
        devicelock::ProvisioningSettings_MinimalDeviceWipeTypeRequired
        devicelock::ProvisioningSettings_RnD_additional_Debug
        devicelock::DeviceLock_SetPassword
        devicelock::DeviceLockServiceOwn
        devicelock::DeviceLockStorageAccess
        devicelock::State_Unlocked
        devicelock::State_Locked
        devicelock::State_WipeMMC
        devicelock::State_Inhibit
        devicelock::DeviceLockControl
        devicelock::SSO_Exchange
        backup-framework::backup
        libaegis-session::aegis-session-data
        clean-device::CUDOrRFS
        xserver-security-policy::record-input
        xserver-security-policy::playback-input
        xserver-security-policy::capture-drawables
        system-ui-screenlock-nokia::ScreenLockEventPublish
        call-ui::call-ui
        nfcd::ui-agent
        nfcd::tool
        duicontrolpanel-certificatesapplet::encryptedDBusMessages
        facebookqml::facebook-token
        mfe-account-ui-plugins::mfe-access
        mfe-account-ui-plugins::sso-encryption-token
        mms-manager::MmsProtectedWriteAccess
        mms-manager::MmsProtectedReadAccess
        mms-manager::MmsWorkerAccess
        libodnp::odnp
        libslpgw::slpgw
        location-ui::location-ui
        messaging-ui::messaging-ui
        ope-service0::OpeWapUtilAccess
        positioningd::LocationControl
        odnp-fpcd::odnp-fpcd
        signon-default-key-extension::key-storage
        signon-ui::signond-access
        telepathy-sasl-signon::sso-encryption-token
        grob::grob-access
        grob::sso-encryption-token
        groovem-account-ui-plugins::groovem-access
        groovem-account-ui-plugins::sso-encryption-token
        omb0::omb-communication
        npe-maemo0::LocationFW
        relevance::RelevanceAllContentTypes
        SRC::com.nokia.maemo/local
        AID::com.nokia.maemo/local.opensh.
        opensh::opensh


YavkatA 2012-03-06 09:42

Re: Announcing INCEPTION: Deeper access to your N9
 
Sweet! Now I can feel what it's like to really own my n9! Thank you!

F2thaK 2012-03-06 11:04

Re: Announcing INCEPTION: Deeper access to your N9
 
All I can say is wow.

Radishface 2012-03-06 12:06

Re: Announcing INCEPTION: Deeper access to your N9
 
RATS! How come this gets announced AFTER I purchased a Galaxy Nexus...

chemical1der 2012-03-06 12:43

Re: Announcing INCEPTION: Deeper access to your N9
 
sorry for my newbishness (coming from Android and still learning stuff) but will this allow kernel mods?

jerritee 2012-03-06 12:54

Re: Announcing INCEPTION: Deeper access to your N9
 
Awesome!! This just put a smile on every Nokia N9 owners face!!:)

Jaffa 2012-03-06 13:28

Re: Announcing INCEPTION: Deeper access to your N9
 
Could you describe how it actually works? The fact you mention not upgrading the OS suggests it may be exploiting a security hole? (which is worrying from a "I don't want malicious apps trampling all over everything" POV)

SaQ 2012-03-06 13:42

Re: Announcing INCEPTION: Deeper access to your N9
 
It would be GREAT if somebody could find a way to overclock N9 with this Inception!!

TMavica 2012-03-06 13:50

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by SaQ (Post 1175180)
It would be GREAT if somebody could find a way to overclock N9 with this Inception!!

Pali and freemangondon can do it

SaQ 2012-03-06 13:54

Re: Announcing INCEPTION: Deeper access to your N9
 
What.. How... Where...
Give me instructions, and I shall pay you many gold :D

edbanger 2012-03-06 15:27

Re: Announcing INCEPTION: Deeper access to your N9
 
Do things/apps that normally use Aegis keep working?

(In other words, can I keep Facebook, Gtalk, MfE,...)

-Tyler- 2012-03-06 15:35

Re: Announcing INCEPTION: Deeper access to your N9
 
Amazing!! with this we can flash custom kernels without having to reflash all the phone, good news no, excelent news!!

mscion 2012-03-06 15:49

Re: Announcing INCEPTION: Deeper access to your N9
 
Among many applications and software, if Inception opens the doorway for Easy Debian it will be a wonderful advancement!

Dragoss91 2012-03-06 15:57

Re: Announcing INCEPTION: Deeper access to your N9
 
That's great , now let's wait for overclockers . :D:D:D

rainisto 2012-03-06 16:07

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by -Tyler- (Post 1175238)
Amazing!! with this we can flash custom kernels without having to reflash all the phone, good news no, excelent news!!

It does not allow flashing custom kernels (that always triggers open mode), but it enables you to load custom kernel modules if you use the inception exploit to gain needed privileges. And most likely the hole will be fixed at some point, at least previous exploits were fixed quite quickly.

flotron 2012-03-06 16:12

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by Dragoss91 (Post 1175258)
That's great , now let's wait for overclockers . :D:D:D

Yes? we can do that know?awesome

People here should open an inception thread

nbedford 2012-03-06 16:16

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by rainisto (Post 1175268)
It does not allow flashing custom kernels (that always triggers open mode), but it enables you to load custom kernel modules if you use the inception exploit to gain needed privileges. And most likely the hole will be fixed at some point, at least previous exploits were fixed quite quickly.

You mean there will definately be PR1.3 and beyond...

rainisto 2012-03-06 16:19

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by nbedford (Post 1175276)
You mean there will definately be PR1.3 and beyond...

I have no knowledge if there will be any new PR releases, your guess is as good as mine. I just mean that it can be fixed even on PR1.2 if someone just updates a package.

itsnotabigtruck 2012-03-06 16:21

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by nbedford (Post 1175276)
You mean there will definately be PR1.3 and beyond...

PR1.3 was confirmed a long time ago. I suppose it's possible that they could call it off at the last minute, but all signs indicate it's en route.

gerbick 2012-03-06 16:58

Re: Announcing INCEPTION: Deeper access to your N9
 
Stupid, but very serious question. This is a very welcome thing... does this mean that folks really didn't "own" their machines before Inception? I know how Aegis got in the way of certain things, but this cannot be labeled a "jailbreak" or root, can it?

qole 2012-03-06 17:04

Re: Announcing INCEPTION: Deeper access to your N9
 
Currently, you need to flash the open kernel with the phone plugged into a PC. Would the Inception exploit allow on-device kernel flashing?

jutley 2012-03-06 17:08

Re: Announcing INCEPTION: Deeper access to your N9
 
Can we bend walls with inception?

YavkatA 2012-03-06 17:14

Re: Announcing INCEPTION: Deeper access to your N9
 
Inception + Opensh causes a reboot loop. Finnish 64 GB, #059j187
I can still boot the phone with
Code:

sudo flasher --set-rd-flags=no-lifeguard-reset --enable-rd-mode
. Will try and investigate further.

EDIT: Removing inception and opensh did not solve the problem. The phone shows the waves on the Nokia logo, and reboots much further in the boot porcess. Any ideas how I can fix this without a reflash? I can still boot in R&D.

www.rzr.online.fr 2012-03-06 18:27

Re: Announcing INCEPTION: Deeper access to your N9
 
let's hope this will not prevent upcoming firmware upgrade ...

itsnotabigtruck 2012-03-06 18:30

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by YavkatA (Post 1175320)
Inception + Opensh causes a reboot loop. Finnish 64 GB, #059j187
I can still boot the phone with
Code:

sudo flasher --set-rd-flags=no-lifeguard-reset --enable-rd-mode
. Will try and investigate further.

EDIT: Removing inception and opensh did not solve the problem. The phone shows the waves on the Nokia logo, and reboots much further in the boot porcess. Any ideas how I can fix this without a reflash? I can still boot in R&D.

I'm pretty sure this has nothing to do with INCEPTION itself and everything to do with the Avahi packages you mentioned in the other thread. As far as I know, those packages are untested and not Harmattanized, and generally shouldn't be used. (Someone else here made more Harmatan-friendly builds, IIRC)

Remember that uninstalling INCEPTION doesn't revert changes you made yourself - it only undoes the adjustment to Aegis.

coderus 2012-03-06 18:46

Re: Announcing INCEPTION: Deeper access to your N9
 
qole, of course, just need to reconfigure NOLO. i know one man who can do that.

AlphaX2 2012-03-06 19:24

Re: Announcing INCEPTION: Deeper access to your N9
 
You can't belive how much I have to thank you. At the moment I got some trouble with aegis and thanks to your tool, I know now, that it was NOT a bug in my code nor aegis. ;)

Just in the right moment. Thank you very very much! :)

Creamy Goodness 2012-03-06 19:34

Re: Announcing INCEPTION: Deeper access to your N9
 
Nobody explained how it works yet?
I don't really get it but it seems all the interesting stuff is in the .sh files.
It looks like it uses chroot and remounts the filesystems to temporarily gain access to some protected files used by dpkg/aegis when installing. It then patches in a dummy entry at the end of the file that can be used when installing later. Now, someone explain how wrong I am :)

wolke 2012-03-06 19:41

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by Creamy Goodness (Post 1175424)
Nobody explained how it works yet?
I don't really get it but it seems all the interesting stuff is in the .sh files.
It looks like it uses chroot and remounts the filesystems to temporarily gain access to some protected files used by dpkg/aegis when installing. It then patches in a dummy entry at the end of the file that can be used when installing later. Now, someone explain how wrong I am :)

yea, it's a security hole exploit. this is as much a demonstration of how aegis is ineffective in its fake-goal {keeping the user safe from external attack} as it is a practical tool for getting around aegis' real-goal {preventing full user control of the device to give nokia&partners the ability to do things not in the user's best interests}.

coopere 2012-03-06 20:10

Re: Announcing INCEPTION: Deeper access to your N9
 
So, it's like rooting an Android device. Nice. But think I'll wait til I see some good apps that absolutely need this access level

ja-pc 2012-03-06 20:35

Re: Announcing INCEPTION: Deeper access to your N9
 
this thing is great!

but as I mentioned in the Nokia & AEGIS open-mode topic, is something like this possible without Aegis?

YavkatA 2012-03-06 23:07

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by itsnotabigtruck (Post 1175378)
I'm pretty sure this has nothing to do with INCEPTION itself and everything to do with the Avahi packages you mentioned in the other thread. As far as I know, those packages are untested and not Harmattanized, and generally shouldn't be used. (Someone else here made more Harmatan-friendly builds, IIRC)

Remember that uninstalling INCEPTION doesn't revert changes you made yourself - it only undoes the adjustment to Aegis.

It's not realated to these packages - the same thing happened after I reflahsed.

EDIT: I will try to incept again with only filebox and meescan installed.

EDIT2: Incept was successful, no reboot loop. Will try to incept opensh now..

EDIT3: Opensh didn't cause a reboot loop either. Is it possible that using a reboot app is what caused the reboot loop?

itsnotabigtruck 2012-03-06 23:49

Re: Announcing INCEPTION: Deeper access to your N9
 
Quote:

Originally Posted by ja-pc (Post 1175455)
this thing is great!

but as I mentioned in the Nokia & AEGIS open-mode topic, is something like this possible without Aegis?

Well, the Aegis manifest (what my post talked about) is a major reason why Aegis can't simply be ripped out completely - anything that relies on gaining capabilities or switching users/groups through Aegis would break. Also, without Aegis it would be difficult to tell what sort of functionality a given program uses.

rcolistete 2012-03-07 01:13

Re: Announcing INCEPTION: Deeper access to your N9
 
Does Inception allows to use chroot ? For example, to run Qole Easy Debian without Harmattan open mode ?


All times are GMT. The time now is 05:14.

vBulletin® Version 3.8.8