AB9IL.net

Galaxy Nexus Robust Communications

Disclosure: AB9IL.net is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program such that this site earns advertising fees by linking to Amazon.com. If you make a qualifying purchase after clicking a link on this website, the associate affiliated with this site may earn a comission at no cost to you.


#Advert: Supercharge your computing on systems and parts from Computer Upgrade King

New Features: Global Quick Tune Internet SDR List Improve Your Radio Knowledge at "YouTube SDR School"
Article Index --- click here to unfold ---
Newest Pages NEW: Trumpists Kicking the Hornets Nest
NEW: Introduction to Catbird Linux
NEW: Skywave Linux Updated to ver 4.1
NEW: i3wm: Using i3-ipc to Float Windows
How to Record from WebSDR and OpenWebRX Sites
Programmatic RTL-SDR Frequency Claibration
Public KiwiSDR Lists
Malaysia Airlines Flight MH17: Simply Mass Murder
The Anonymous Cathay Pacific Employee Letter to Hong Kong
For For Cathay Crews Crossing Borders With Electronics
Photo Gallery 9: The New Life Movement in China, 1944
E Pluribus Unum: From Many, One, Dammit
HFGCS Quick Tune SDR List
The Robert Mueller Iron Triangle Speech
A Rant About One Party Rule
Best OpenWebRX and WebSDR Servers
SDR School via YouTube
ADALM-PlutoSDR on Linux Systems
MOFO Linux: Defeating State Censorship and Surveillance
Linux: Distros, Code, and Nifty Software NEW: Introduction to Catbird Linux
NEW: Skywave Linux Updated to ver 4.1
NEW: i3wm: Using i3-ipc to Float Windows
Skywave Linux: HPSDR, WebSDR, and RTL-SDR ready to run.
Siduction Linux with the Cinnamon Desktop
Siduction Linux with the LXQT Desktop
Andy's Ham Radio Linux 15 and QtRadio
Booting Multiple Linux Disc Images with Grub2
Porteus Linux Hard Drive Installation
UPDATED: MOFO Linux - For Unrestricted Internet
Aptosid with LXDE
Asus EeePC 1215N with Linux
Autostart Tweaks for KDE3 and KDE4
Broadband Speed Tweaks For Linux
Fixing the Firefox 3 Rendering Bug
Linux on Solid State Drives
Linux Wireless Interface Driver Updates
Setting Polkit to Automount USB Devices
Sidux with LXDE
Fixing Skype Inverted Video
SLAX Remix - kernel upgrades
Flash Drive Linux - Introduction
Flash Drive Knoppix 5.3 - Part 1
Flash Drive Knoppix 5.3 - Part 2
Flash Drive Knoppix 6.0 - Part 1
Flash Drive Knoppix 6.0 - Part 2
Flash Drive SLAX - Part 1
Flash Drive SLAX - Part 2
Flash Drive Bluewhite64 - Part 1
Flash Drive Bluewhite64 - Part 2
Flash Drive Linux - Basic Customization
SLAX Customization - Part 1
SLAX Customization - Part 2
Bluewhite64 Customization - Part 1
Bluewhite64 Customization - Part 2
Long Range Wi-Fi Basics of Long Range Wireless Networking
Linear Focus Parabolic Wi Fi Antenna
High Gain Wi Fi Dish Antenna
High Gain Helical Wi Fi Antenna
High Gain Yagi Wi Fi Antenna
High Power Wireless Adapters
Wi Fi Extender Antenna for Routers
Belkin F5D7050 External Wi Fi Antenna
Linksys WUSB54GC External Antenna Mod
Compat Wireless Linux Drivers
Installing WPA_Supplicant for Wi-Fi Security
Linux Wireless Interface Driver Updates
Linux Wireless Interface Driver Support
NetworkManager and Consolekit
RT73 Wireless Drivers for Linux Kernel 2.6.27+
RT2860 Wireless Drivers for Linux Kernel 2.6.27+
Radio: Amateur Radio, Aero Radio, Shortwave, etc NEW: Programmatic RTL-SDR Frequency Claibration
NEW: Public KiwiSDR Lists
NEW: GHFS Quick Tune SDR List
UPDATED: Best OpenWebRX and WebSDR Servers
UPDATED: Skywave Linux: HPSDR, WebSDR, and RTL-SDR ready to run.
CubicSDR on Debian, Ubuntu, and Linux Mint
Dump1090 for Linux Mint 17.1 and Siduction 2014.1
Software Defined Radio - An Introduction
QS1R Direct Sampling SDR
Chaining SDR Audio Interfaces
FLEX-6000 Direct Sampling SDR
UPDATED: RTL2832 Software Defined Radio
WebSDR Digimode Reception
Enabling FLASH in Jack Audio
Realtime Software Audio Processing
Liberation Technology MOFO Linux - For Unrestricted Internet
Veracrypt Encryption for Linux
Veracrypt Encryption for Windows
Using Google Within China
Popcorn Time and Flixtor for Uncensored Streaming Media
DNS Encryption using DNSCrypt
Galaxy Nexus Privacy and Robustness Enhancements
Galaxy SIII Privacy and Robustness Enhancements
Flash Drive Encryption for Linux
Flash Drive Encryption for Windows
Multihop VPN Connections for Strong Internet Privacy
Open and Free DNS Server List
OpenVPN Cloaking against Deep Packet Inspection The Serval Mesh Phone Project
Skype's Robust Security
Man in the Middle Wireless Security Risks
Wireless Security and Surveillance
Digital Audio Adjusting Audio Dynamics in VLC
Backing Track Prep Guide
Ipod Music Processing Guide
How To Record Record Live Music Performances
Realtime Software Audio Processing
Chaining SDR Audio Interfaces
Aerospace Radio, Aviation, Pontification, and Opinion NEW: Trumpists Kicking the Hornets Nest
NEW: The Anonymous Cathay Pacific Employee Letter to Hong Kong
NEW: For For Cathay Crews Crossing Borders With Electronics
NEW: E Pluribus Unum: From Many, One, Dammit
NEW: HFGCS Quick Tune SDR List
NEW: The Robert Mueller Iron Triangle Speech
NEW: A Rant About One Party Rule
Captains Authority Versus Autocratic Airline Management
Malaysia Airlines Flight MH17: Simply Mass Murder
Malaysia Airlines Flight MH370 - A Media Circus
High Gain Air Band Antennas
Apollo Unified S Band Communications
Chinese Anti-Stealth VHF Radar
Oceanic Communications - Procedures, Equipment, Voice and HFDL
Boeing 737NG Radio Equipment
Boeing 767 Radio Equipment
NAOC-TACAMO Monitoring
My Flight on 9/11
Joshua Chamberlain's Leadership Tips
Special Operations Forces Truths
TWA 800: Just Give Me Some Truth
Photo Gallery Aviation Photo Gallery 1: Snapshots From My Journeys
Aviation Photo Gallery 2: On the Road With ATA Airlines
Aviation Photo Gallery 3: More ATA Airlines
Aviation Photo Gallery 4: Southwest Airlines is the Borg Empire
Aviation Photo Gallery 5: Starting Over, Moving On...
Aviation Photo Gallery 6: More Viva Macau
Aviation Photo Gallery 7: Mainland China Airline Flying
Aviation Photo Gallery 8: Chinese Smog and Fog
NEW: Photo Gallery 9: The New Life Movement in China, 1944
Broadcasting BBC Radio Blooper - Adolf Merckle
TV DXing the World Trade Center
New York TV after 9/11
Live Music Recording Adjusting Audio Dynamics in VLC
Backing Track Prep Guide
Ipod Music Processing Guide
How To Record Record Live Music Performances
Radio Poetry and Arts In Distress, by David Wagoner
Just A Radio Operator, by Robert A. Wallace
Radio Circuit Modifications ATS-909 Modifications
ATS-909 Manuals
ATS-909 Alignment Procedure
ATS-909 Alignment Spectrograms
Very Low Frequency (VLF) Radio Internet Based VLF Radio Listening
Windows Tips Windows Performance Enhancement Tips
A Faster Windows 7
Windows 7 SSD Setup

This page is written for people using the Samsung Galaxy Nexus mobile phone who would like enhanced privacy, unblocked internet, and the ability to communicate without normal mobile telephony infrastructure. If you happen to dislike the stock software installed by the manufacturer or local vendors, you can change the system to a customized version that is more suitable. Concerned about surveillance "backdoors" in phones sold in countries with oppressive governments? Erase the phone's software and replace it with a trustworthy and high performance system featuring the best encryption, SMS, and telephony applications! This guide focuses on the Galaxy Nexus GSM phone, but the method is applicable to other Android phones or tablet computers.

CAUTION and DISCLAIMER: Unlocking / Rooting the Galaxy Nexus will erase your present settings, pictures, music, contacts, and applications! It is most convenient to root the phone immediately after purchase - before large amounts of data are saved. Back-up any user data you intend to retain for future use. In addition, you root and modify at your own risk - this website is not responsible if you destroy important data or make your phone unusable.


Get Root Priveleges on the Galaxy Nexus

Root the Galaxy Nexus using the instructions given here. It involves setting the phone in USB debugging mode, connecting it to a computer (windows, Linux, or Mac), installing the superuser application, and reconfiguring files for rooted operation. It is actually a simple matter of using a utility called "fastboot" to unlock and "flash" the new data into the Nexus' ROM (Read-Only Memory).

#Advert: Muscle up your project on an MSI Mobile Workstation


Install ClockworkMod Recovery Software

The next stage of customizing the Galaxy Nexus software is installing the ClockworkMod ROM Manager. This handy tool is used to back-up or install the Android operating system. While the ROM manager is often used to simply back up phones in stock condition, it will be used here to install a customized ROM. ClockworkMod Recovery is easy to install: simply download it directly to your phone from their website or find it on the Android Market. Follow the menus and install it to the Galaxy Nexus.


Installing Custom ROM onto the Galaxy Nexus

After researching available ROMs, Apex ROM v1.1.2 was chosen for installation to the privacy enhanced / super robust Galaxy Nexus. It provides an updated Android system with a better kernel and hardware drivers, Busybox, overclocking, and power consumption improvements. Apex ROM v1.1.2 makes a great platform on which to build a suite of apps on a smoking hot Android phone.

Apex ROM actually comes in two parts: the operating system and a package of Google applications. After downloading the ROM and Google Applications zip files, installation is accomplished using the ClockworkMod ROM Manager. Instead of the rather crude method of manually transferring and flashing the files from the recovery mode, ClockworkMod merely requires the user to navigate to the directory containing Apex Rom and Google Apps zip files.

CAUTION: It is important to wipe the phone's dalvik software and cache as a step before flashing the new ROM.

After flashing the new ROM, reboot the phone and wait patiently for the phone to set itself up. The first boot sequence takes longer than subsequent boots. When the phone is ready, configure the wi-fi, backlighting, wallpaper, and other settings as desired.


Installing New Applications

Waste no time after installing the new ROM before installing the essential communications applications. For Starters, consider software provided by the Guardian Project. These are at the cutting edge of Android applications protecting the privacy, security, and anonymity of smart phone users. Also be sure to install Skype, which can provide robust VOIP communications if internet connectivity is available.

Of particular importance is Serval Mesh Networking, a new and developing software package which enables the Galaxy Nexus to make direct phone-to-phone calls and send store-and-forward SMS messages independent of the local phone network. Mesh networking is an added capability for Android phones that decentralizes the network and enables communication even during emergencies, civil unrest, or when a group of users are simply too far from regular mobile phone infrastructure. More phones with Serval mean more robust comms when using a mesh network.

CAUTION: Serval gets you connected, but it does not encrypt communications - use a layer of encryption for voice, email, and SMS messages.

Consider RedPhone for protecting your voice communications from surveillance. It is a new, open sourced, and advanced application for voice encryption on Android phones, and available through Google Play and other Android Application repositories. RedPhone is sophisticated but easy to use, and requires both parties to have RedPhone installed. It works well and is quite effective protection against unwanted monitoring.

For protection from spyware, viruses and other malicious programs, install AVAST or AVG Mobilation. Do this! Skype and other VOIP services have been compromized by spyware able to tap the raw mic and speaker audio.


Using Trustworthy DNS Servers

When using Wi-Fi for internet access, the local internet service provider's DNS servers may be subject to censorship or DNS poisoning. For greater freedom from such filtering or redirection, consider more trustworthy servers. Google DNS or OpenDNS are fast, unrestricted, and free from government tampering. Android devices set the DNS servers with the file /system/etc/dhcpcd/dhcpcd-hooks/20-dns.conf. Use the code below to make Google DNS the default servers. Select other servers if you have a better option!

Note: The /system partition is normally mounted as read-only. Re-mount the same in re-write mode, then edit the original or overwrite the new file. New DNS server defaults will take effect after rebooting the phone.


/system/etc/dhcpcd/dhcpcd-hooks/20-dns.conf
set_dns_props()
{
case "" in
"") return 0;;
esac

count=1
for i in 1 2 3 4; do
setprop dhcp..dns ""
done

count=1
for dnsaddr in ; do
setprop dhcp..dns 
count=$(( + 1))
done

setprop dhcp..dns1 8.8.8.8
setprop dhcp..dns2 8.8.4.4
}

unset_dns_props()
{
for i in 1 2 3 4; do
setprop dhcp..dns ""
done
}

case "" in
BOUND|INFORM|REBIND|REBOOT|RENEW|TIMEOUT) set_dns_props;;
EXPIRE|FAIL|IPV4LL|RELEASE|STOP) unset_dns_props;;
esac


OpenVPN on Android Phones

OpenVPN Installer and OpenVPN Settings are essential Android applications if you intend to protect your privacy and overcome national censorship barriers on the internet! Both applications can be downloaded and installed from the Android Market or the developer's website. Installation takes minutes, but beforehand you must have a VPN service and prepare a set of configuration files for the gateways / portals to be used. Generally, the menus and prompts lead to a working installation, except they do not specify the fact that the openvpn binary should be installed to /system/xbin/.

Using a file manager, create a directory on the internal SD card named openvpn and copy your *.ca, both *.crt, and all of the service's *.ovpn files there. The config files should all be edited to indicate the names and paths to the *.ca and both *.crt files. Normally, a path for the tun.ko kernel module is not necessary, though old internet advice sometimes advocated its presence in the config file.

Shown below is a sample openvpnvpn config file usable on a cryptographically enhanced Galaxy Nexus:


# example for hypothetical cryptomasters
# vpn service New York gateway
# in file named /sdcard/openvpn/newyork.ovpn
# edit this to configure for your vpn provider

client

dev tun
proto udp
remote vpn.newyork.cryptomasters.net 1194
remote-random

resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
cipher bf-cbc
comp-lzo
verb 3
mute 20
fragment 0
mssfix 0

ca /sdcard/openvpn/ca.crt
key /sdcard/openvpn/mister_mofo.key
cert /sdcard/openvpn/mister_mofo.crt

Here is another config file example - for a service using TLS gateways for users in certain countries that are more aggressive in attacking VPN traffic:


# example for hypothetical cryptomasters
# vpn service Boston TLS gateway
# in file named /sdcard/openvpn/boston-tls.ovpn
# edit this to configure for your vpn provider

client

dev tun
proto tcp
remote tlsvpn.boston.cryptomasters.net 443
remote-random

resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
cipher bf-cbc
comp-lzo
verb 3
mute 20
fragment 0
mssfix 0

ca /sdcard/openvpn/ca.crt
key /sdcard/openvpn/mister_mofo.key
cert /sdcard/openvpn/mister_mofo.crt

After OpenVPN is installed, along with the config files, certificates, and key files, start OpenVPN Settings. The app should show a list of gateways, selectable by check boxes. Check the top box to start OpenVPN then select a gateway. As for settings, look in the menus to make any secesary changes (loading the tun.ko kernel module, showing ads, and so forth). Selecting a gateway begins the connection process - monitor the messages on screen for VPN status. CatLog is a useful app for monitoring the system for status messages and tracking down software glitches or incompatibilities. The webmaster discovered a syntax error in one ovpn file using CatLog and fixed the problem in minutes. To use your VPN most effectively, consider these 10 tips for VPN users.

There is a new application written by the developers of OpenVPN, which will is a good replacement for both OpenVPN Installer and OpenVPN Settings. Called OpenVPN Connect, it permits easy VPN usage without rooting the phone. Set-up is easy: simply import the config file and keys, then connect.

A security enhanced, radio-robust, and internet-unrestricted smartphone is possible to create with modern hardware using the Android operating system. Though the tasks involved are not trivial (and risky if not thoughtfully performed), easily downloadable software apps make it possible to fully reconfigure a stock phone, such as the Samsung Galaxy Nexus, in an hour or two. Use the above information as a guide for escaping a great deal of the surveillance and restrictions placed on smartphone telephony and internet access. With Serval mesh networking, it is possible to use the Galaxy Nexus for communications without infrastructure. Good luck, and never be muzzled.

Android Software Used in the Unlocked / Security Enhanced Samsung Galaxy Nexus
Galaxy Nexus Root Toolkit for windows PCs
ClockworkMod Recovery - Backup Software
ClockworkMod ROM Manager - easy Android app
Apex ROM v1.1.2 for performance enhancing the Galaxy Nexus
Galaxy Nexus Custom ROMS
CatLog System Log viewer
Rhythmsoft Android File Manager
Orbot - Onion Routing for Android
Orweb - TOR enhanced Android web browser
Gibberbot encrypted SMS messaging
RedPhone Android Telephone Encryption
Secure camera application for Android
Serval Mesh Telephony for Android
Skype VOIP telephony - don't use Tom Skype!
OpenVPN Installer
OpenVPN Android Settings
OpenVPN Connect

Top Forums Carrying Galaxy Nexus and Android Hacks, Mods, and Tweaks
Galaxy Nexus Forum
XDA Developers Forum - Android Phone Upgrades, Mods, and Development

Rooting the Samsung Galaxy Nexus


Installing Custom ROM on the Samsung Galaxy Nexus


A discussion and demonstration of Serval Mesh Networking, SMS, and the Batphone.


A demonstration of Serval Mesh Encrypted Voice Calling!




Tags: galaxy siii, galaxy s3, android vpn, android encryption

©2005 - 2020 AB9IL, All Rights Reserved.
About, Contact, Privacy Policy and Affiliate Disclosure, XML Sitemap.