Our great sponsors
-
WebRTC
Home Assistant custom component for real-time viewing of almost any camera stream using WebRTC and other technologies. (by AlexxIT)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
hardened_malloc
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
-
The best way is to just start practicing. I would say pick some simple apps on your (Android) phone and dig straight in.
The great thing about Android applications is that often they generally decompile quite nice into human readable Java soo the barrier of entry can be quite low to start reversing.
Grab a copy of JADX[1] - it will decompress and decompile the APK files. If you don't have an Android handset, use an emulator and/or grab APKs from apkpure[2]
Dynamic analysis is a bit more challenging. In my blog post I use Frida[3] extensively.
If you get started on something and get stuck/looking for support, feel free to DM me on Twitter[4], more then happy to help.
[1] https://github.com/skylot/jadx
[2] https://frida.re/docs/android/
[3] https://m.apkpure.com/
[4] https://twitter.com/haxrob
It's worth a try though to push back. We are not talking holding off a bunch of murderous Russian troops. It's not a good look trying to recall " ... and they came for me" either.
Just push back. Here's an example: Reolink are a Chinese company, what makes cameras - nothing intrinsically wrong with that but you should expect them to be be required to comply with any requirements the CCP might ... require. Reolink are also quite a savvy bunch and have gradually ensured that their products don't actually require an internet connection, at all. They do offer an app and the requirements of using the app are that the cams need to see the interwebs and be gatewayed by systems that are eventually subject to the CCP.
Now this isn't quite yet perfect. Rio cams have offered ONVIF for at least five years, so Zoneminder, Frigate and all the rest can be your NVR. The camera's VLAN can be firewalled off from the internet. Mine is called THINGS and it is net door to SEWER for stuff I really worry about!
Their doorbell offering is pretty decent but two way comms needs some handling. At the moment their app is the best bet for functionality but there are signs that Home Assistant with webrtc - https://github.com/AlexxIT/WebRTC should be OK.
It is not impossible to live without prop software. At least care and try.
It sounds like what you want is graphene os.
https://grapheneos.org/
You can add them.
And I don't mean it as a knee-jerk response, this is open-source, anyone with skills is welcome and if you send a pull request here https://github.com/GrapheneOS/grapheneos.org with the screenshots presented in the way you'd expect them, it might get merged.