 | GrapheneOS Public Development | 1318 Members |
| Official GrapheneOS public development chat room. Join #grapheneos:grapheneos.org for the main room, #testing:grapheneos.org for providing feedback on Beta releases and #community:grapheneos.org for the space. Formerly known as CopperheadOS. Due to relentless misinformation and harassment from CalyxOS and Techlore supported by their leadership and project members, we apply stricter rules to users from those communities. | 122 Servers |
| Sender | Message | Time |
|---|---|---|
| 28 Sep 2022 | ||
 maade93791 | you dont need sudo | 09:30:40 |
| maade93791 | if your not building with root | 09:31:19 |
 dazinism | In reply to @omori:tchncs.de jbnm: costco cow wholesale As I understand it, it is possible to use special recovery software/techniques to recover files in a user profile if you are able to unlock the profile. As it is flash storage the only way to reliably make files unrecoverable is to delete a secondary user profile (or factory reset for the main profile). This reliably flushes the encryption keys for all data in that user. Alternatively you could create and keep files in an app which use the Titan security chip/strongbox to encrypt files and supports deleting the keys from strongbox (i think that, depending on app design, this may take clearing storage on the app). Would have to be careful to only use said file with other apps that dont end up creating a copy of it (eg. some gallery apps may create a thumbnail) Although its beta/not mature this app uses strongbox and makes it possible to create files & take photos within its encrypted storage A better app design would use Storage Access Framework. This would provide the possibility to work on encrypted files with other apps while keeping them encrypted. | 09:34:06 |
| dazinism | * jbnm: costco cow wholesale As I understand it, it is possible to use special recovery software/techniques to recover files in a user profile if you are able to unlock the profile. As it is flash storage the only way to reliably make files unrecoverable is to delete a secondary user profile (or factory reset for the main profile). This reliably flushes the encryption keys for all data in that user. Alternatively you could create and keep files in an app which use the Titan security chip/strongbox to encrypt files and supports deleting the keys from strongbox (i think that, depending on app design, this may take clearing storage on the app). Would have to be careful to only use said file with other apps that dont end up creating a copy of it (eg. some gallery apps may create a thumbnail) Although its beta/not mature this app uses strongbox and makes it possible to create files & take photos within its encrypted storage https://github.com/Secure-File-Manager/Secure-File-Manager/wiki/Frequently-Asked-Questions/_edit#how-are-my-files-encrypted A better app design would comply with the Storage Access Framework and act as a document provider. This would provide the possibility to work on encrypted files with other apps while keeping them encrypted. | 09:35:24 |
 steadfasterX | In reply to @maade93791:matrix.orgI wanted to have it installed for all users thats why. but it does not matter as I completely uninstalled it and installed as user and still the same error | 09:36:39 |
| dazinism | * jbnm: costco cow wholesale As I understand it, it is possible to use special recovery software/techniques to recover files in a user profile if you are able to unlock the profile. As it is flash storage the only way to reliably make files unrecoverable is to delete a secondary user profile (or factory reset for the main profile). This reliably flushes the encryption keys for all data in that user. Alternatively you could create and keep files in an app which use the Titan security chip/strongbox to encrypt files and supports deleting the keys from strongbox (i think that, depending on app design, this may take clearing storage on the app). Would have to be careful to only use said file with other apps that dont end up creating a copy of it (eg. some gallery apps may create a thumbnail) Although its beta/not mature this app uses strongbox and makes it possible to create files & take photos within its encrypted storage https://github.com/Secure-File-Manager/Secure-File-Manager/wiki/Frequently-Asked-Questions/_edit#how-are-my-files-encrypted A better app design would comply with the Storage Access Framework (SAF) and act as a document provider. This would provide the possibility to work on encrypted files with other apps, which also properly support SAF, while keeping them encrypted. | 09:38:04 |
| dazinism | jbnm costco cow wholesale Safest/easiest way is to delete the user profile. Would then be certain that you had also deleted any copies other apps that accessed the file could have made | 09:54:43 |
| dazinism | The Gallery app / thumbnail example I used isnt great. Better example is - Some text editing apps may hold their own copy of text they are editing to guard against data loss if the app crashes/device runs out of power. | 10:05:39 |
 candidlurker | In reply to @candidlurker:matrix.orgI reviewed my build process and set EXTRAVERSION = -FullLTO in the kernel Makefiles. After installing the update I can see the custom version in the output of adb shell cat /proc/version. So I think my P6a is running the kernel built with FullLTO just fine. | 10:05:40 |
| maade93791 | can you zcat /proc/config.gz | 10:07:20 |
| candidlurker | Sure, is it ok to paste the entire output here, or shall I apply some grepping? | 10:09:17 |
| maade93791 | you can save output to a file | 10:09:57 |
| candidlurker | Download p6a_proc_config.gz.txt | 10:10:19 |
| maade93791 | yep, seems to be working | 10:12:09 |
| maade93791 |  Download Screenshot_20220928-131148.png | 10:12:24 |
 pixip | Trying to rebuild the latest stable bluejay (pixel 6A) release here. I get an error of a missing abl.img file when running "m target-files-package". failed to build some targets (02:26 (mm:ss))I can't find abl.img in any of the ota/factory images of bluejay. What am I doing wrong? | 10:26:46 |
| candidlurker | m vendorbootimage target-files-package | 10:29:30 |
| candidlurker | * `m vendorbootimage target-files-package`? | 10:29:52 |
| pixip | yes I did. m vendorbootimage completes ok. | 10:30:36 |
| pixip | is abl.img something that I extract from the factory/ota images or is it generated locally? | 10:36:28 |
| candidlurker | For me it's in ./vendor/google_devices/bluejay/firmware/abl.img. So it's vendor file related. | 11:11:36 |
 Abchanchu changed their profile picture. | 11:17:37 | |
| maade93791 | re-extract vendor | 11:21:11 |
 aZa joined the room. | 11:38:37 | |
| pixip | will try to reextract. I only have bootloader and radio.img in that folder. really weird. | 12:01:27 |
| steadfasterX | pixip: what is your distro and version? | 12:13:09 |
| pixip | using Ubuntu 22.04.1 LTS | 12:30:41 |
| pixip | It's a new clean vm only for this build. | 12:31:07 |
| pixip | I started from scratch now. new resync and everything and following the build doc to the letter. Will let you know. | 12:32:26 |
| pixip | Restarting all from scratch seems to have fixed the problems. I must have made a mistake somewhere earlier. Now I have the abl.img. The build is fine now. I apologize for the noise. | 14:08:41 |