[HN Gopher] Repurposing an old Android phone as a web server
___________________________________________________________________
Repurposing an old Android phone as a web server
Author : anthropodie
Score : 65 points
Date : 2022-06-22 19:55 UTC (3 hours ago)
(HTM) web link (lbrito1.github.io)
(TXT) w3m dump (lbrito1.github.io)
| cdev_gl wrote:
| This is basically similar to the process I've used to turn my
| phone into a dev/writing environment for spending months thru-
| hiking in areas without internet.
|
| I use termux to host a jupyterlab instance and bring along a tiny
| folding bluetooth keyboard. Even in airplane mode I can connect
| to the locally hosted jupyterlab instance. Notebooks are kept in
| git and synced up to my private repo when I'm back on grid.
|
| There are simpler solutions for writing, but this allows me to
| keep a single workflow across home/travel contexts. Being able to
| run graphs, basic code and computation as needed is also a plus.
| ASalazarMX wrote:
| I don't know what is braver, if hiking for months or developing
| on a Bluetooth keyboard and a phone.
| alphanumeric0 wrote:
| My older mac book recently died and instead of buying a new
| laptop I'm using termux to connect to a droplet for side
| projects. I've tried two different bluetooth keyboards so far
| and found one I liked with back-lit keys. Also recently setup
| wireguard on a raspberry pi at home and had fun working on my
| droplet through my VPN while on a flight. What a time to be
| alive.
| tengbretson wrote:
| Any tips on how to do this without eventually exploding your
| battery from having it permanently plugged in and under load?
| kupfer wrote:
| If the phone is rooted, you can use Advanced Charging
| Controller to cycle it between min/max values. That would only
| prolong it, of course.
| password4321 wrote:
| https://github.com/Magisk-Modules-Repo/acc
|
| also mentioned at
| https://news.ycombinator.com/item?id=27576120#27578301
|
| and related
| https://news.ycombinator.com/item?id=31325191#31325561
| (laptop)
|
| Also, an alternative to termux,
| https://github.com/CypherpunkArmory/UserLAnd found
| https://news.ycombinator.com/item?id=30119029
| mmastrac wrote:
| Usually these don't like booting without the battery, but maybe
| there's a way to provide data-only USB connections and a
| lithium-level voltage internally. Often the early boot stages
| will interrogate the battery level and refuse to boot if it's
| too low, but it's very much model dependent.
| z3t4 wrote:
| had two batteries "explode" (ballooned 1) because of this, then
| I switched to another phone and knock on wood the battery has
| not yet exploded (about 2 years).
|
| 1 This is probably why you should not cut off the battery
| plastic sealing like some DIY guides tell you to do, it's
| probably there for a reason.
| utopman wrote:
| I have a quite kiss solution for this I gess It is a low
| level / harware solution that should solve th issue : a plug
| timer (https://www.amazon.com/s?k=plug+timer&crid=3ORDWNDPTFJ
| C4&spr...)
| ASalazarMX wrote:
| > This is probably why you should not cut off the battery
| plastic sealing like some DIY guides tell you to do
|
| Wait, what? What is the purpose of that advice?
| bityard wrote:
| You can leave a phone plugged in all the time with no issues,
| the same way you can do the same with a laptop or any number of
| the other ubiquitous USB-chargeable things these days. The only
| time it's an issue is if the device was _extremely_ poorly
| designed.
|
| Some good phones will even notice that they are plugged in all
| the time and drop the charge level to 80%, where most batteries
| are happiest to stay for long periods of time.
| mgdlbp wrote:
| There should be little current through the battery while the
| phone is plugged in, virtually none if the charger can meet its
| peak power draw. If degradation over time is a concern (perhaps
| it boot loops if the battery is very dead), a charge-limiting
| app set to 50%, the level recommended for storage and used in
| the Microsoft Surface UEFI Kiosk mode, should maximize life.
| rodolphoarruda wrote:
| I have always thought the best possible repurposing project for
| old Androids would be Mesh routers.
|
| https://rodolphoarruda.pro.br/ideias/#202206MESH (Portuguese)
| hifikuno wrote:
| It's worth mentioning if you are going to follow these
| instructions that the creator of Termux no longer recommends you
| install from the Play Store[1], and to instead install from
| F-Droid or Github.
|
| ---
|
| 1.
| https://wiki.termux.com/wiki/Main_Page#:~:text=do%20not%20in...
| readyoubestbook wrote:
| Does he also mention why?
| andyjohnson0 wrote:
| Its to do with the Play Store requiring apps to target the
| Android 10 api level. Details at [1].
|
| [1] https://www.xda-developers.com/termux-terminal-linux-
| google-...
| rektide wrote:
| The "write-or-execute" policy causing this havoc is
| remarkably similar to what is being done with WebExtensions
| v3 banning any dynamic code execution. Termux wants to be
| able to bring down code & let users run it, but that's
| verboten. Similarly, all WebExtensions will be forbidden
| from bringing down code (or accepting user entered code).
|
| That sounds fine/good for like 98% of extensions. But the
| other 2%... extensions like
| GreaseMonkey/VioletMonkey/TamperMonkey, or one could
| imagine something like IFTTT or PushBullet, where the
| extension might perhaps want some intrinsic extensibility
| to itself: those are all now verboten. There's not really
| any discussion or push/pull on the new security regimes.
| Computers just get more and more clamped down.
|
| I'm interested to see how Termux goes forward. In the past
| they seemed to have some "in-APK packaging" notions for how
| to deal with Android 10+. I haven't stumbled upon a good
| description of what this is or how it would work, and I'm
| not really sure whether these ideas are still active or
| whether F-Droid and using ever aging SDKs is the way
| forward.
| syrrim wrote:
| The play store version isn't being updated, owing to a policy
| change by google affecting their package manager
| [deleted]
| xchip wrote:
| Not only a web server, it is my personal cloud!
| jrib wrote:
| what software are you using?
| ChrisArchitect wrote:
| (2020)
| bityard wrote:
| Doesn't Android's aggressive app sleeping/killing policies
| (ostensibly to extend battery life) make this somewhat... well if
| not useless then at least a challenge?
|
| I have a bunch of old Android phones kicking around that I'd like
| repurpose for random IoT/monitoring things but I don't trust them
| to stay "on" all the time. And Raspberry Pis are pretty cheap,
| so...
| aroldan85 wrote:
| Raspberry Pi's haven't been cheap for quite a while now.
| butterNaN wrote:
| This is very interesting, and I want to try it out.
|
| The part about them immediately receiving 'attack packets' made
| me realise that I am quite ignorant about the realities of web
| security. It is eye opening to me that a lot of web traffic is
| malicious.
|
| Are there any 'security hardening your server 101 for n00bs'
| resources? It should be useful for any of these 'phone servers'
| as well (preferably tool agnostic)
| killjoywashere wrote:
| Step 1) If it's not installed, it can't be exploited.
| RajT88 wrote:
| Use ubiquitous open source software, which has been battle-
| hardened over the years.
|
| I ran a web forum for years, either on PhPbb, or YAF.net. Never
| got compromised. Constant, round-the-clock attacks though.
|
| I think the ultimate saving grace is that the site didn't
| contain anything of interest - it wasn't selling anything, so
| no stored credit cards. No digital goods to steal, no public
| forum topics which relate to videogames, politics, etc. It was
| a small forum for friends of mine, so there was no obvious
| community anyone wanted to ruin.
|
| The worst we got, was some spam bots once in a while would
| breach the captcha, and start posting ads. Easily fixed. Not a
| hack, per se, but neither benign. I don't think we ever
| attracted the attention of a human hacker, and that's likely
| why we never got breached.
| RajT88 wrote:
| Also - I am more knowledgeable now. Also install ModSecurity.
| That will block a lot of malicious stuff once you tune it to
| your application.
___________________________________________________________________
(page generated 2022-06-22 23:00 UTC)