

Neo900 – Crafting the private phone [pdf] - nextos
http://neo900.org/stuff/ohsw2014/ohsw2014.pdf

======
mikegioia
I'm a recent n900 convert and at this point I don't know if I can ever go back
to Android/iOS. I'm eagerly awaiting the release of the neo900 and I honestly
think this device is the closest we'll come to a truly open phone that you can
use everyday.

I encourage anyone interested to consider supporting Joerg, Werner, Sebastian
and everyone else working on this project! [1] 100 euro now and at the very
least you can have a really cool device to hack around with.

[1] [http://neo900.org/donate](http://neo900.org/donate)

~~~
william20111
I agree im very exicited by this phone.

if you donate 100 euros do you get anything or is it just supporting the
project? Couldn’t quite figure out if by donating you got like an early
revision type thing?

~~~
seba_dos1
If you donate at least 100 euros, you can be sure that there will be a device
produced for you (it's built to order, not to shelf). Also, this amount you
pay now will already count to the final price, so if you donate 100 EUR now,
you'll pay 100 EUR less when finally ordering the ready device.

[http://neo900.org/faq](http://neo900.org/faq)

------
seba_dos1
There's also a recording from the presentation. That was my first "big" talk
in English and it's sometimes hard to listen to, but maybe someone will find
it useful :)
[https://www.youtube.com/watch?v=ahPFCFooBv0&list=PL-s0IumBit...](https://www.youtube.com/watch?v=ahPFCFooBv0&list=PL-s0IumBit8Mofxj0Fn2kH6RB9VtnKS4K)

------
edwintorok
See also [http://neo900.org/news/xmas-update](http://neo900.org/news/xmas-
update) for a status update.

------
omilu
Within a few years I think we'll see an open source phone similar to Bunnies
novena laptop project. Imagine a crowd-sourced phone becoming the #3 contender
in the smart phone wars, Android, Apple, and FOSS.

------
Timmmmmm
Nice to see someone is attempting this. Physical keyboard and resistive
touchscreen seem like pretty odd decisions though. I guess this is going to be
as enthusiast-only as the previous Neo phones which is a shame.

~~~
seba_dos1
I hate capacitive screens. They're great for tablets, but overly limiting on
phones with small screens - especially "hacker-oriented" ones.

I used to code using on-screen keyboard with fingernails on my old Neo
Freerunner. It maybe wasn't the greatest programming experience ever, but it
worked for me and I had some great debugging sessions while in tram :) I can't
imagine doing that if Freerunner had capacitive screen - even if there
wouldn't be a bezel around the screen anymore.

People seem to hate resistive screens based on their experiences with poor
ones (which is understandable, as most of them are pretty poor). However, a
good one is a real pleasure to use, and I find the one used in N900 a good
one.

------
dogma1138
I never got the purpose of projects like this, at least they admit that there
is no current way of guaranteeing a safe device. Even with "open" firmware
virtually any commercial hardware can be either backdoored or exploited.
Modern phones (as well as any other computing device) have so many software
components that i suspect intelligence agencies do not even have to exploit
the main user OS to get data of them. Modem and BBP OS, CPU microcode,
bootloaders, firmware for other hardware components ranging from the camera to
radio's not covered by the BBP, USB/OTG controllers and more. I have serious
doubts that "sandboxing" hardware components will actually work, especially in
any useable way. For example modems behave badly all the time, both due to
internal glitching and due to environmental reasons. Heck dump your BBP logs
from your mobile device and see how much shit it pulls off regardless of what
the OS tells it to do because it's manufacturer thinks they know better (and
they do most of the time), so every time there is some BS signal on the same
frequency or the modem decides to wake up or hop channels on it's own the
device will reboot? GL making a single call with that then. Not to mention
that i really don't see how they are going to do monitoring effectively, from
the schematics they are doing power management monitoring which is nice but
most BBP packages can receive even in "sleep" mode. The isolation they are
suggesting might also not really work, sure putting in "breakers" (which i
assume are either some low voltage relays switches or resettable fuses) and
cut the power off completely to the BBP might work but cutting off the antenna
from the BBP? doubtful RF signals should be able to hop most in circuit
breakers, and many BBP modules these days come with integrated antennas for at
least some of the low power/low gain RF stuff like BTLP and NFC. To me this
seems like another one of these "experiments" that will only result in
overpriced and outdated hardware with poor user experience. I would love to
see an N900/950 modernization just for the ability to run actual linux on the
phone to serve as a toolkit. But if anyone thinks that any device they can
hack together will give them any level of privacy over organizations like the
NSA is living in la-la land...

~~~
seba_dos1
>I would love to see an N900/950 modernization just for the ability to run
actual linux on the phone to serve as a toolkit.

That's what Neo900 is. All privacy-wise "features" are just a side effects of
designing it properly (as in: treating blackboxes as blackboxes instead of
explicitely giving them full control over user OS, controlling what data the
baseband has access to etc.). There are some additional measures like power
switches, monitors, breakers - but those are pretty cheap to put in.

Nothing will reboot "every time there is some BS signal on the same frequency
or the modem decides to wake up or hop channels on it's own". The point of
Neo900's monitoring is to let the user access to information that modem is
doing something. Of course if you really want to, you can then setup your
software to automatically reboot (or power cycle the modem alone) - but
outside of very special use cases, that would be pretty pointless. If you
don't care, you simply don't use that data.

>But if anyone thinks that any device they can hack together will give them
any level of privacy over organizations like the NSA is living in la-la
land...

Neo900 won't magically protect you from anything - no device will. Instead, it
gives you tools which, when used properly, can allow you to fight off some of
the mass surveillance techniques. Like encryption, which is pretty much
rendered moot in most of modern phones where the modem has direct RAM access.

Keep in mind however that when you are an explicit target of some three letter
agencies, they can probably employ better and more effective methods against
you than sniffing on your mobile phone.

tl;dr: Neo900's privacy solutions are rather targeted towards Stallman, not
Snowden or some intelligence agent from foreign country.

~~~
dogma1138
Again i went over most of the schematics and the specifications and nothing
actually in this project seems to be worth while. The privacy features are
kinda moot and not effective, and the hardware is a joke. Low end SOC(TI
DM3730 which is 4-5 years old now) with poor media support and very low
performance and only 1GB RAM. Limited RAM and extremely limited ROM/Onboard
FLASH which will limit the OS in the long run or force you to use the SSD card
which will lead to probably the most common leakage. Oh and the screen? 3.5"
TFT, 800x480 resistive, seriously where did they even find a resistive touch
screen these days at the bargain bin on Alibaba? And they expect people to pay
850 EURO's for that? So no this is not a modernization of the N900 it's pretty
much the N900 with hardware that is only slightly newer than what was
available when the N900 came to the market.

There is seriously no reason for this phone to be so poorly designed
especially with their mentality of sandbox rather than trust. We had quite a
few phone projects that were either designed by the community or by small
companies and all of them managed to use top of the line hardware. You have
Snapdragon 800/801 phones under 300$ these days, why use a SOC that will not
even be able to play a movie these days?

So sadly this isn't the driod you should be looking for, still waiting for a
Tizen/Meego phone worth while Samsung has been shipping some in India, and
Yatta has a very nicely designed phone out in Europe and Russia but none of
them are toolkit phones sadly.

~~~
remael
There is still a lively community around the n900, as certain folks love its
features. Though it has some drawbacks like only 256MiB RAM, no BT 4.0, no
LTE, propper USB OTG, no gyro, no compass.

The point of the neo900 project is to perserve the features of the n900 and
gently deminish the drawbacks. It is not about having a octacore and 16GiB of
RAM which people using the n900 don't even care about.

For me the most important features of the n[eo]900 are: modem properly
seperated from CPU/RAM (not the case for basically any smartphone of today),
hardware keyboard, propper linux environment

~~~
dogma1138
I have an N950(bought of ebay) and i care about meego/maemo/tizen/fork of the
week... And in general that is nonsense, you've just mentioned the drawbacks
of the N900 so why release a device which has the same drawbacks? The SOC was
lowend when it came out, and currently you could not find a smartphone with a
SOC which even comes near it's performance even if you look at the pre-paid
bargain bin at walmart.

We are literally talking about a SOC which will have issues playing a 1080p
movie. Why only 1GB RAM(other than the fact that the SOC they've chosen seems
to not support more than that)? RAM costs absolutely nothing these days, the
modems they've selected is also quite questionable considering it's made by a
subsidiary of Gemalto especially for a "privacy" oriented device. And 512MB
Flash? this just puts unnecessary limitation on future developments of the
Phone, which also means that it will probably not be well supported by the
latest Meego forks or any major Linux distribution.

BTW according to their latest schematics i don't see any decent level of
separation between the BPP and the SOC not on a hardware level at least, it
seems that for the most part they still rely on the software to bring the
modem back in line which well is iffy to begin with.

Just based on the hardware they put in the phone there is no reason for it to
cost 100 EURO's not to mention 800-900. They've could went with decent
hardware and still probably charge as half as much.

P.S. Considering they use a SOC with a PowerVR GPU which uses a closed source
linux driver and some other closed source drivers from what it seems i think
they should change their tag line to "a mostly free software phone" :) That
driver issue alone should make the entirety of the privacy angle moot, it's
completely closed and unaudited so for all you know it mirrors your screen so
the folks at the NSA can see the porn you watch...

~~~
seba_dos1
The same drawbacks? Let's see:

* "only 256MiB RAM" \- Neo900 has 4 times more. * "no BT 4.0" \- WG7351-00 has BT 4.0 support. * "no LTE" \- you can choose PLS8 modem with LTE. * "no proper USB OTG" \- Neo900 has it, plus even internal USB pins for homemade mods. * "no gyro" \- Neo900 has one. * "no compass" \- Neo900 has one.

512MB flash comes together with RAM package, and it's actually nice to have
just for better Maemo/N900 compatibility. There's no reason why you couldn't
boot OS from eMMC, which will for sure be at least 32GB. Actually, if you plan
to tinker a lot with the phone, I'd recommend having some sort of rescue OS in
flash, and your own OS of choice on the first partition of eMMC.

1080p movie may be a bit tough to play on this SoC, right. 720p however should
be fine, and I hardly see the point of going 1080p with 800x480 screen.

BPP and SoC are connected only via USB, audio codec and some GPIOs. It's
pretty much as separated as it can be - maybe except using serial line instead
of USB.

"They've could went with decent hardware and still probably charge as half as
much." Of course - if we could produce number of units with a bit more zeros
at its end, it would be very cheap. You haven't discovered anything special
here - it's just standard economy of scale. With our current scale, any
"modern" design would either cost ten times more, or wouldn't be possible to
build at all due to lack of available components to buy in such low amounts.

~~~
dogma1138
That would be nice and all if the SOC could allow decent internet browsing
experience and MM support. So sorry i don't see how putting out a device with
hardware which only slightly better than the original N900. Yeah you'll have
BT 4.0, decent WIFI and LTE but then again you won't be able to browse YouTube
on that SOC properly. I'm sorry but i really don't see the usefulness of a
device with a single core 1Ghz CPU and 1GB ram these days and it's a damn
shame, the whole idea behind Meamo/Meego is the freedom to do pretty much
everything why put hardware in it that will not allow you to do anything? Heck
with that screen even office and text editing will be a bitch :(

------
richiverse
Can't you just boot Ubuntu touch on a Nexus 4 or dual boot a oneplus with 3gb
ram?

~~~
seba_dos1
Why for? It won't change anything. On OnePlus the modem is tightly integrated
with the rest of the system, and on Nexus 4 you cannot even boot Android to
any usable state without proprietary blobs, so forget about any non-Android
based OS (remember that Ubuntu for mobiles is just a chroot-like layer on top
of Android base system).

