Karam Assany's Blog

Playing with an obscure smartphone

To summarize it up, I'm more of a PC-person than a smartphone one. My reasons are clear: PCs offer multiple levels of hardware and software freedom that are simply absent in smartphones, even the most restrictive PCs (those of Apple, maybe) are way "freer" than %96 of smartphones available today. Smartphones are not only restricted, they also have very limited hardware (well, by "limited" I mean lacking a lot of user control). As a non-average computer user, I don't feel comfortable dealing with these small computers, especially using the default setting (virtual keyboard, touch input, small monitor, etc). However, in early 2020, I've become more attracted to smartphones than any time in the past. So I'm going to tell a story about me dealing with the first modern smartphone I ever owned.

In reality, the first "smartphone" I owned was a Nokia C5-03, running Symbian OS, that is, proprietary and very limited. It was back in 2011, and I used this phone for about 8 years (till mid-2019). In this span of time, my whole technological focus was on PCs (desktops and laptops) and I didn't pay much attention for my smartphone as its support was discontinued by the manufacturer and the development kits for Symbian OS were not available anymore. Lately, in the time of the Android revolution, I sat down and was just an observer, actually an interested one.

Anyways, in late 2019, I finally managed to get a modern, Android-running smartphone. It wasn't the smartphone of my dreams, but honestly very close to. It's an X-BO S87, a typical obscure Chinese smartphone. My sister used it for about two years, then threw it in the trash (metaphorically). I had to pick that smarty up from the trash, factory reset it, and then being frustrated because I have no control over it (i.e. I can't login into the superuser account of the operating system).

That moment, Android world was still foreign to me, actually I have used Android since 2015, but I didn't own an Android-running smartphone to tamper with and tweak its operating system. I primarily wanted root access, because that is what I have on all systems I use (i.e. GNU).

"Rooting" my phone

I asked an Android-savvy college friend about the ability to get root access in my phone's operating system and the answers were: "Your mobile is obscure" and "You are a noob." And to be quite honest, most of so-called Android "powerusers" are actually just a lazy users waiting developers to release stuff for their specific, widely popular smartphone. It is a reality that I actually hate.

One day, while wanderingly browsing my system's settings, I realized that I have an OEM unlocking switch in the developer settings. I wondered what that means so I researched it and began entering the Android underground world. After a short while, I attached my phone into a PC, disabled the OEM lock by simply issuing fastboot oem unlock. Honestly, I didn't expect that to be so easy! My fear was that some unlock code is required, which is something I'll never obtain from an obscure OEM. Anyways, after wiping my data (mandated but kinda stupid), I didn't know how to progress to the next step: Installing an advanced recovery system. As we know, the pre-installed recovery system cannot do much than wiping your data and installing an OEM-approved updates, while an advanced recovery system like TWRP or CWM gives you at least an ADB root shell (and busybox). So, as usual, I searched for TWRP or CWM for my phone, and as usual, my phone is not supported (or known to start with).

Being frustrated, I downloaded miscellaneous images of TWRP from their website and "flashed" them via fastboot (hoping one of them will work). And one failure caused a so-called bootloop, though I didn't touch any partition beyond recovery.

To get out of trouble, I downloaded an unofficial "stock ROM" for my phone (I wonder how I found something for my phone!), extracted it and flashed every partition available one by one. Some partitions like preload and secro didn't allowed to be overwritten. Other partitions like userdata, system and cache were too larger than the allowed download size, so I cannot copy them in the usual way (using tools like img2simg didn't help). Anyways, what I did was good enough to get things back to work. I re-installed the default recovery system (didn't have another choice).

After doing more research, I realized that Magisk does not install itself in system partition, but in boot. That was nice, 'cause I can someway patch the "stock" boot image I early got to install Magisk on it, and then install it back via fastboot. And luckily, the Magisk Installer app did patch the boot image for me, and tada! Now I got root access. But that was not the whole story.

Messing things up

When I got root access, I planned to do many things, the first one that came on my mind was to remove all bloatware that is system apps. Accidentally, I moved the dialer/phone app into normal apps, something that caused telephony as whole failed to work, I tried to fix that by re-moving everything back, but nah, things got worse; I almost lost my control over the UI.

Given the technical limitation I'm surrounded with, I decided to copy the system image from the "stock ROM" to the system partition by using dd, but unfortunately that won't work 'cause the system partition cannot be unmounted after booting Android; 'cuz it is frequently used (read) by the operating system. Not to mention that dd itself is located inside that partition (actually at that time I could've just copied busybox into another partition, but I wasn't aware of this). So what did I do? I mounted the system image somewhere and then copy-pasted everything to the system partition, during that, there happened a soft reboot, I tried to make things good again by doing a full reboot, but worse what happened. My phone failed to boot from Android, and it directed me to recovery.

As I said, pre-installed recovery systems cannot do very much. In that moment, I did more research for ways to flash large partitions, but it didn't help, fastboot fails to "flash" system. I tried using stupid tools like "SP Flash Tools", but stupid tools do stupid things, and "SP Flash Tools" simply didn't work. I realized how much I'm limited by being stuck with a smartphone with corrupted operating system (Android) and a limited one (recovery).

But hope never fade! I managed somehow, following a rarely-to-see sophisticated guide I found on XDA Forums (which I'm not fond of), to port TWRP to my phone. After that, I finally managed to dd the system image into the system partition. It was a bit easy, I had to fdisk -l /dev/block/mmcblk0 to detect where is the system partition. I read logs generated by the default recovery to get some clues. Anyways, I finally made it! Yay!

Porting a "ROM"

My story won't stop here, all of above has happened in one week. My ambition is to port a sophisticated operating system for my phone. I don't know why I'm wasting my time on an obscure phone, but sometimes self-dependence makes the impossible. Even when my smartphone's hardware (SoC, touch screen, battery, ...) is laggy, even when my smartphone's manufacturer is located on Mars, I still love how that phone is following the standards (for a good extent), and making it easy for me to live with it as a user and as a hacker.

unfortunately, it appeared that my phone's operating system is using a nonfree Linux image. Which is something extremely popular in Mediatek-based smartphones. Being forced to run a nonfree kernel s***s and it sadly prevented me from achieving what I wanted to do. So, I repeat, I'm not interested in smartphones that much, as long as they are closed and stupid like most ones. (There are actually a few promising exceptions, like the Librem 5, the Pinephone and the Fairphone, I hope I can buy one of these.)