Mindset » Android

Android

Hopefully, all about the dancing seam.

[Guide] USSD UPI

- Posted in Android by

TL;WW

I tried paying via USSD UPI today, and it worked. I had to use the UPI ID function, and did not go through with mobile number, but it worked.

All I did was *99# > 1 > 3 > UPI ID > Amount > Text/Ref > UPI PIN > Confirm

One can also do it in shorter steps, like in any USSD code: *99*1*3# > UPI ID > Amount > Text/Ref > UPI PIN > Confirm

Please mind that you need to have the USSD UPI function activated, else this does not work.

I have captured it step wise in the below image as well.

USSD UPI Steps

Update: I just cross checked to see what it shows up on my BHIM UPI, now this is weird. It is blank name and upi detail for the receiver. Very odd. Bug maybe?
Update 2: This seemed to be a temporary issue. Rest 4-5 payments I made, all showed correctly, without any issues.
BHIM Corrupted Entry
Though the SMS which I received, showed correct details. See image below
SMS Shows Correct details

Mastodon

Server side secure banking in India?

- Posted in Android by

India specifically has a approach of client side encryption, which for banking/payments is not necessary at all. Nothing is stored client side on an app, or a browser, so why do you need client side security?

If I am rooted, using magisk, shizuku or whatever on my phone, why would it matter to you as a bank? If your server side encryption is ON, robust, working, and is there, then you have nothing to worry. You anyways prohibit snapshot, recent gets blurred; so, why the heck do you force us to use your senseless apps which should in the first place not be reading what I have installed, or which app is using which feature on my phone. This is privacy breach, no safe space for me, and you are violating my constitutional rights, all in one go.

All Indian banking and UPI apps force you to not have #accessibility turned on (even though they f'ing use it themselves); no #root; no #bootloader-unlocked (seriously, you are snooping to kernel level!!!); no #developer-mode on; no #debugging mode on; no 3rd party #keyboards (reason: they snoop, and foogle does not snoop? The first thing foogle keyboard does is share your typing data to its servers); only keyboards in /sys/priv & /sys/priv-apps are permitted. What nonsense... What are you trying to hide that debugging will reveal, or any of these will reveal? You have closed source your codes, you do everything behind paywall, and you stink!

#indianbankingapps; #hsbc; #bob; #sbi; #hdfc; #icici; #bhimupi & rest of #illiterate-developers

Ref: RBI_Circular (PDF)

Termux & Remote SSH

- Posted in Android by

Install Termux & Termux Styling

Upgrade packages & install openssh and iproute2 on termux.Also, install root packages & busybox package if you need them.

pkg update -y && pkg upgrade -y
pkg install openssh -y
pkg install iproute2 -y
pkg install root-repo -y
pkg install busybox termux-services -y

If you like, you can also add the following termux repositories:

echo "deb https://grimler.se/termux-packages-24 stable main" > $PREFIX/etc/apt/sources.list
echo "deb https://grimler.se/termux-packages-24 stable main" > $PREFIX/etc/apt/sources.list.d/game.list
echo "deb https://grimler.se/termux-packages-24 stable main" > $PREFIX/etc/apt/sources.list.d/science.list

Ensure to setup the storage and stuff beforehand. See here: Setup Storage

Create SSH Private/Public Key Pair on Android - Termux

In our android device, we need to generate SSH key pair for connecting to SSH server the remote machine (example debian). So, run the following command (this will also name the file as android for easy referencing):

ssh-keygen -t ed25519 -f id_ed25519_android

This will create the public & private key files in the ~/.ssh folder (/data/data/com.termux/files/homes/.ssh)

Send SSH Public Key to Remote Machine

Run cat ~/.ssh/id_ed25519_android.pub from termux which will return the public key for your android device.

It will be something like this:

ssh-ed25519 ABCDE1AaaA1aAAA1AAA1AAAAAAAAAaaaA1AaaAaaaAaaa1aAAAAaaAAAAaAaaaAAaaAA user@host

Now copy and paste this key to your remote machine either via the chat box option in the file transfer assistant app PlainApp or copying the id_ed25519_android.pub file across to your remote machine and then copy the content to ~/.ssh/authorized_keys file ($HOME/.ssh/authorized_keys).

Now kill any running sshd service by typing in termux: pkill -9 sshd. This is to let go of any cache or broken service pipes.

Now rerun sshd and connect to your remote server using the private key as pairing for the public key, via:

ssh -i ~/.ssh/id_ed25519_android user@host -p 1234


Sources & my own racking of 5 days:

Termux Wiki | Termux Repos | Some Logic


Sample images:

  • Main Screen

Termux Main Window

  • SSH Connected

SSH Connected

  • Sample Commands

Commands being run

FreeTubeCordova - An open source YouTube player built with privacy in mind

- Posted in Android by
FreeTubeCordova - An open source YouTube player built with privacy in mind

FreeTubeCordova - An open source YouTube player built with privacy in mind

io.freetubeapp.freetube | MarmadileManteater (Emma) | AGPL-3.0-or-later | 2023-01-23 / 0.18.0.98

Releases | Latest | Online-Website

FreeTube Cordova is a YouTube client that uses the Invidious API to serve data and videos from YouTube. No official YouTube APIs are used to obtain data. Your subscriptions and history are stored locally on your device and are never sent out.

Features:

Watch videos without ads
Use YouTube without Google tracking you using cookies and JavaScript
Organize your subscriptions into Profiles to create a more focused feed
Export and import subscriptions from a variety of sources (Ex: YouTube, NewPipe, Invidious)
Support for SponsorBlock
Support for Comments and Replies
Support for YouTube Chapters
Option to password protect settings
Parental controls
Subscribe to channels without an account

FreeTube Cordova is currently in Beta. While it should work well for most users, there are still bugs and missing features that need to be addressed.

Anti-Features:

ApplicationDebuggable: APK files of this application are compiled for debugging („application-debuggable“). 
NonFreeNet: This application promotes or entirely depends a non-Free network service.

Permissions:

BLUETOOTH
FOREGROUND_SERVICE
INTERNET
MODIFY_AUDIO_SETTINGS
READ_EXTERNAL_STORAGE
RECORD_AUDIO
WAKE_LOCK
WRITE_EXTERNAL_STORAGE

Libraries:

Android Support v4 (Development Framework)
AndroidX Activity (Utility)
Android Jetpack Annotations (Utility)
Arch (Utility)
AppCompat (Utility)
Asynclayoutinflater (UI Component)
Android Support Library collections (Utility)
Coordinatorlayout (UI Component)
Androidx Core (Utility)
AndroidX Cursor Adapter (Utility)
Android Support Library Custom View (UI Component)
Documentfile (UI Component)
Drawerlayout (UI Component)
AndroidX Fragment (UI Component)
Interpolator (UI Component)
androidx.legacy (Utility)
Lifecycle (Utility)
Loader (Utility)
AndroidX Local Broadcast Manager (Utility)
Media (Utility)
Print (Utility)
Android Activity Saved State (Utility)
Slidingpanelayout (UI Component)
Swiperefreshlayout (UI Component)
Tracing (Utility)
Vectordrawable (UI Component)
Android Jetpack VersionedParcelable (Utility)
Viewpager (UI Component)
Webkit (Utility)
Cordova Music Controls Plugin (UI Component)
CordovaClipboard (Utility)
Cordova Background Plugin (Utility)
Cordova Background Plugin (Utility)
Cordova plugin for theme detection (Utility)
Apache Cordova (Development Framework)
Webkit Boundary Interfaces (Utility)

Snapshots

snap01 snap02 snap03