Why was second factor authentication watered down?

As far as I can remember, two factor authentication was used since the first time I used online banking with BBS like text interface over a 14.4bps modem. Back in the day the second factor was a printed list with numbered codes.
The idea of using different factors is to prevent hackers form accessing your bank account in case they can sniff your password with a trojan keylogger on your system. The factors are generally divided into things you know, things you have and things you are. Hence the categorization of the factors is based on the user interaction. In general it is assumed that everything typed or stored on a multi purpose computing system can be extracted by an attacker. This is why I propose a different categorization farther down. My categorization is based on the threat it protects against.

Things you know (memorized):

  • username
  • password

The fist category is pretty much self explanatory. It is the typical password. Before we had hundreds of accounts, we were able to memorize our passwords. Single factor authentication with only a password is not only problematic because attackers can eavesdrop what we type, but also because computers are increasingly fast at trying different combinations.

Things you are (biometrics):

  • fingerprint
  • face
  • iris
  • veins

In theory biometrics would be the perfect method for authentication. Unfortunately the technical implementations have many weak points. There are countless stories of fooling fingerprint readers with sticky tape or jelly sweets. But even when you couldn’t fool the device itself, as long as the sensors are run on top of a general purpose computing device, the data can be stolen and manipulated. Once the biometric data are stolen, you can’t change a fingerprint or an iris as easily as you can change a password.

Things you have (possess):

  • printed list with codes
  • dedicated device for displaying codes
  • phone for receiving text messages
  • phone for running an app to display codes

This one is only simple at first sight. Lets dissect them a bit closer. For a printed list with codes it is not enough to install a trojan on your system. It generally requires physical access to make a copy of it, but you are not alerted when somebody with physical access makes a copy. As soon as you scan it and save a copy on your computer to make login more convenient for you, it also becomes more convenient for an attacker to steal your credentials. There are even banks who send a pdf with the 2FA codes electronically. As a general rule of thumb: once a secret is stored on a connected general purpose computer, its security is weakened considerably. Thus it is not only important how secret information is stored, but equally important how it was generated and how it was transported.

It may not be equally easy to compromise text messages with every cell operator, but it happened too may times and made this method become almost abandoned. As described above, information stored on connected general purpose computing devices can be extracted. This is an important fact to consider when using authentication apps such as Authy or Google authenticator. These apps are based on TOTP, but the important difference to TOTP hardware devices is how the secret is stored and protected.
That leaves us with dedicated hardware devices. These come in many forms. Some banks have used little TOTP devices for decades. There are devices that operate in conjunction with your plastic debit card and some that scan mosaic codes. What they all have in common is that they display a code that you enter on the logon screen.
And then there is FIDO U2FA. It is a standard that was established in 2014, but didn’t gain the traction yet that it deserves. The FIDO devices store a seed in protected memory, and generate a sub key for every site you want to visit securely, some even display the site you are about to login. This in fact also protects against phishing attempts. Meanwhile most Bitcoin hardware wallets can act as FIDO U2FA devices. But the most widely known and used dedicated 2FA device is surely the YubiKey which comes in a great form factor.

I propose a new categorization of factors:

  • things that a trojan can steal from your computer or smartphone
  • things that a thieve can copy when breaking into your apartment
  • things that can’t be copied and that you would notice immediately when stolen from your keyring

With this categorization, you realize that most snake oil app based 2FA belong into the first category along with good old passwords and password managers. Banking trojans that consist of a part for the computer and a part for the smartphone were around even before those 2FA apps became popular. And this is how you differentiate measures that improve security from security theatre. Security theatre is a term for measures that harass the users to give them a sense of security without really improving security. It only deters the opportunistic casual thieve, but does nothing against the well organized crima gangs. Its essentially all the pain without any gain. That is what 2FA smartphone apps are!

But I don’t want to carry around a device

Security is often a tradeoff with convenience. For me it was always clear that I want to protect every account that I can with the security offered by a dedicated device. But apparently there are enough people who don’t care about security, or simply don’t understand the tradeoffs. When I discovered that the Tesla account was only secured by a password, I was so shocked that I disabled remote access in the car. That was almost three years ago. In the forum discussions there were people arguing against carrying around a security device weighting a few grams. And indeed when Tesla introduced 2FA last week, they use solely TOTP. Whenever I have to use TOTP, I use it with my Yubikey. But still that procedure has one important weakness. When setting it up, the secret is displayed and/or entered on a general purpose computing device that must be connected to the internet. When this device is compromised, the whole 2FA is moot. Hence I will leave my car disconnected for the time being.
Since I have learnt about secure 2FA devices, I want to have all my accounts secured. Hence I switched my main bank account to a bank that supports hardware based 2FA a couple of years ago. Now at my new employer which also happens to be a bank, we use 2FA to logon to some systems. The default is a proprietary app that is only available for iOS and Android. My phones runs PureOS and UBPorts for security reasons. From the internal network, we can use TOTP and even FIDO U2FA. But when logging in from home, only the less secure method with the proprietary app is allowed. I will never understand the reason behind that. I can still work from home. I can access the git repos, but I can’t login to Jira nor Webex. Since I work for a bank now, I have an account with my employer, that has very favorable conditions. But again the 2FA is only possible with a proprietary app that is only available for iOS and Android. This is a real pity. I would love to make more use of that account. But even if that snake oil app was available for any of my phones, I would not deposit a lot, because of the weak security.

Why I am sending back my Librem5

After paying 0.163 BTC for a pre-order, I patiently waited two and a half years for the Librem 5 to finally arrive. Now after half a year with the phone, I finally lost patience. For some more context, please read my former blog posts The Librem 5 phone is still at an early stage and One month with the Librem5.

A computer that looks like a phone

When the phone arrived it could do computer things, but no basic phone tasks. The browser worked very well from the start. So it was more like a small tablet. Phone calls didn’t work at all for the first month. And text messages started working after about a week, but only with weird workarounds.

An expensive hand warmer

When the phone arrived, there was no power management implemented, meaning it constantly ran at full speed. No wonder was the device always warm and the battery was flat after an hour on average. It didn’t make a difference whether I used it or not. After about one or two weeks of having the device I charged it over the night while it was switched on. When I grabbed it in the morning, it was so hot that I could not hold it in my hands. The plastic part between the cellular and the wifi cards started melting together with the back cover.

Hot freezes

One common occurrence was from early on that it it would no longer react to any inputs after a while, but still burn the battery down at the same speed. It also at the same moment stopped responding from SSH connections, so it was not just the display.
The first freeze happened five minutes after I switched the phone on for the first time. When the issue started, I had a freeze about every second day, then every day, then twice a day. For a while it never ran for more than 15 minutes without freezing. Since about the time I had the phone for a month, it rarely runs for more than five minutes before freezing.
The freezing is the issue that rendered the phone completely useless for me. It triggered me to move the SIM card back to my five years old UBPorts phone. For the next few months I switched the phone on about once a week to install the latest software upgrades. Every time I hoped the freezing issue would be solved. From the responses on the forum, it appeared like my device was the only one experiencing these difficulties, but still it appeared like they were working on resolving the issue through software updates.

Bricked for the first time

Instead of fixing the freezing, an upgrade around Easter made the phone not boot any more. It started to boot, but was stuck at the terminal that is usually only visible for a second. Apparently it was a known issue, but the remedy that was provided, didn’t work on my phone. So I was advised to re-flash it. But the flashing procedure also didn’t work. After a while and some experimentation, I found out that, out of a computer and two notebooks, only my XPS13 was able to flash the phone. I am still puzzled why it didn’t work with the Librem13 especially. But to my disappointment, the freezing issue persisted.

Dead battery

I kept installing the upgrades on a weekly basis. In between I usually removed the battery. When I tested the voltage, it was always between 3.6 and 4 Volts. Then one day I left it plugged in with the original charger for about a week or two. Since then It wouldn’t boot any more. Not only did it stop booting in the middle of the process like before. This time there was no sign of life whatsoever. When I tested the battery, now it read 0 Volts no matter how many times I tried to charge it. I tried with the original charger as well as with others. I read somewhere that the L5 has an issue with the charging, in that it starts discharging after the battery is full. After that it apparently doesn’t start charging again until it is re-plugged. But I didn’t expect this to result in a battery that appears to be totally dead. Even if I wanted to charge it with an universal LiPo charger, I wouldn’t even know which way to connect it. The phone doesn’t run with a dead battery, and it also doesn’t boot without a battery.

Sending it back

The only thing left for me left to do is sending it back. I didn’t sign up for a museum piece. I just want a phone that works. It is up to Purism now if they can repair my phone, send me one from the current batch, or one from the mass production batch later on. After being through all this, I would prefer to wait for the batch that is hopefully more reliable. But I will take whatever Purism sends me.

Friends asking

I am often asked about this open source phone that I told everyone when waiting for it. I would love to tell them how great it was, and convince them to order theirs as well. I still think it is very important to have a phone that you can trust. But unfortunately I have to tell them what a disaster it was so far. I tell them that it appears that I got an exceptionally bad sample, and that most others are probably fine, or at least usable. But I can see from their reactions, that my experience is enough of a deterrent for them not to consider buying one.

Update September 2020

Soon after sending back the phone, I received a replacement unit. Unfortunately it came with a US modem. So I waited for another month for the correct modem. It arrived yesterday, and it was easy to replace. Now I finally have a working phone. I switched the SIM to the Librem5 and use it as my main phone now. Some things have improved a lot since last year. Especially the power consumption. Others not so much, such as bluetooth in the car. Anyway, I plan to write another post after gaining some more experience with it.

A decade of blogging

Yesterday it was exactly ten years ago, when I published the first post on my personal blog. Before that, I kind of blogged on the old, old version of ParaEasy about flying adventures. For our adventure in South America, we wrote our diary on a manually edited html page.
On my personal blog, I still write about paragliding, but also about Bitcoin, Tesla, electronics projects, software development, work and holidays. Whatever I deem interesting enough to write about and preserve for a couple of years. Over these years, I published 193 posts, and left 6 drafts unfinished. My first post a decade ago was about a handheld spectrum analyzer for the 2.4 GHz ISM band. That device is still running every day on my desk at work. The display lost a line or two at the bottom, but that doesn’t hurt the functionality much. And only recently I used part of the code again for another project.
The post that is probably read the most, judging by the number of comments, is about resetting my favorite Logitech keyboard. It helped countless people who had the same problem with their keyboards.
I don’t track visitors on principle. So I don’t know how many people visit the page and what articles they read. One time a company approached me with an offer to put advertisements on my blog. But it was very vague, and since I assumed that they would want to track my visitors, I didn’t answer. The blog is not for making money, and I don’t think my posts are interesting enough for lots of people that it would be worth wile for advertising anyway.
The page ran on WordPress from the start and it still is. For the first couple of years it was hosted on an Alix and for the last couple of years it has been on a NUC. There was also another computer in between that I can’t quite remember the specs. They all ran Debian or Ubuntu and served the pages with Apache.
For the last four years I have mirrored the new posts also on my blog on ZeroNet.

Our temporary tree house

I have been fascinated with tree houses for as long as I can remember. I don’t know if everybody is fascinated as much, and I don’t remember how it started. It might have been Peter Pan or the Evok bear folks in the Star Wars movie. In my teenage years, I built a simple tree house together with my brothers. I grew up in a single family house surrounded by meadows, and the forest started about one hundred meters from our house. So we had good pre-conditions for such an endeavor. Our kids share the same fascination. They looked through our book with the most beautiful tree houses many times and dreamed with us. My absolute favorite is the Heidi tree house chalet. Many times our kids told us that they wanted to build a tree house. Not just the perfect thing some time in a possible future. But a real one now. I always told them that it is not as simple as they might think. And that we can’t build a semi permanent structure in the public forest. So they started asking my uncle who owns a strip of forest. But that is also not so practicable to drive with the car for 20 minutes every time they want to build up.
I read about Tentsile tree tents a couple of years ago. They are awesome and cool, but a bit expensive for a tent, or a hammock. I was on the lookout for a while to rent one, or to catch a cheap one in a sale. They change prices from time to time, but they are still not cheap. But this spring I decided to buy one if the price would go down enough. For one, it is still a lot cheaper than a semi decent tree house. And if I wait for too long, the kids might not be as excited any more. Since it is listed on Galaxus, I could pay for it with Bitcoin. Due to the Corona situation, it took almost a month for it to arrive. When the post man brought the packet. The kids came running totally excited. They knew exactly what was in that cardboard box.
Of course I would also like to create a multi level stack. But I told the boys, I won’t buy more of the stuff. If it is important enough for them, they can wish the extension for Christmas or birthdays.
Today was finally the day we put it up for the first time. The nights are still too cold, so we will sleep in our fabric tree house another time. To spend more time in the forest, we brought some expedition meals that we boiled with the gas stove. The nap after lunch we spent in the tree tent hammock. It is really comfortable as long as the weight is distributed evenly. But if everybody sits in the same corner of the tent, it tilts quite a bit. The three person tent is big enough to host two adults and our two kids. The underfloor storage departments are very practical. Now we all look forward for the nights to become warm enough to sleep outside. The kids an me could probably do it already, but my wive is very temperature sensitive.
And for those who wonder about the corona lock down restrictions, the place where we suspended the tent is less than a kilometer from our home. And every time we cross somebody on the trail, we go to the side to maintain the two meters distance.


Working from home during the Corona shutdown

Like many people these days I currently work from home. Due to the corona pandemic, everything that is not essential is closed in Switzerland. Since I work in software development, it is possible to work at home. Most if not all people in my team do so. What is great about the new situation is that I can now eat lunch with my family. We also try to go for a short walk to the lake or the forest after lunch. But there are a couple of factors that make working at home challenging:

  • The factor that I anticipated to be the worst, is distraction. Normally when I try to work on something at home that needs concentration, it takes on average five minutes before somebody comes and wants something from me. And then again after another five minutes, and again and again. This is why I can usually only work at home, when everybody else is asleep. All the more astonished am I, that they leave me do my work now that it’s for my employer and not a hobby project of mine. A very important contribution is from my noise cancelling headphones. Without them this would not be possible.
  • The office at home is the size of a broom closet. It is 1.4 by 2.2 meters with no window or direct daylight. Thus it is important to go out to the patio from time to time to get some fresh air and some rays of sun light.
  • I have a very comfortable chair in my home office, and a nice solid table. But I grew so used to the table I have at work that I can raise to a standing position whenever I want. Even if I wanted to buy such a table, I couldn’t fit it in my small office at home. So I have to take care to move my body enough, not to develop back pain. Especially now that I can’t go swimming in the communal pool. I just hope the lock-down won’t get so bad that I can’t go running any more.
  • My screens are roughly 20 years old, and the low resolution makes it a bit challenging to work effectively. I wanted to order a new screen for years, but always postponed the purchase. Now that I knew that I would work from home, I figured it is the time to go ahead. Even though I ordered it very soon, delivery took more than a week, as the online shops and delivery companies are totally overwhelmed at the moment. The new screen is a blast. It is even bigger than I imagined.
  • And then, there is the elephant in the room. Let me begin by a quote I recently read on the website of the Session messenger: “Friends don’t let friends use compromised messengers”. This statement really resonated with me. On the opposite end of the spectrum, there is a communication software that is closed source, has a proprietary protocol, centralized infrastructure, no end-to-end encryption, constant access to the internet, the microphone, the webcam, the keyboard and the screen. On top of that it also has the capability to take over control of the computer. Back Orifice pales in comparison with these capabilities. That it is tedious to use and only fully works about half of the time is only the lesser evil. It was developed by a company with a long track record of deception and abuses. This software is called Microsoft Teams, and it was recently declared as the primary means of communication in our company. In the past, I flat out refused to use it. But in the current environment of emergency, I felt that I could not complicate things. Apparently, there was not much opposition against inviting the panopticon into our homes. When a co-worker told me that it could be used from within the browser, I was slightly relieved. As long as it is contained in the browser sandbox, the amount of harm it can do is somewhat limited. With the browser you have some control over what access you grant it. Unfortunately in the browser only the chat feature worked, but no audio or video calls. So my team lead asked me to install the desktop client. Installing malware directly on the machine was a no-go for me. So I installed it quarantined inside an empty virtual machine. This now works for audio conferences. But I feel uneasy, uncomfortable even stressed, whenever it is running. My stress level when Teams is running is comparable with sitting on a dentist chair. That is not healthy over time. Thus I often block access to the microphone and the network to the VM, but that brings only light improvement. So, when somebody writes on slack, I enable Teams, but I can’t have it running with full access all the time, I just can’t. I am reachable through slack, email, phone, text messages, tox, matrix, session, even telegram and soon Juggernaut. They all have an open source client that I can trust. I just need a quick note, to start Teams on request. Isn’t it ironic that with the struggle to care about physical hygiene, nobody seems to think about digital hygiene.

I often think about why I care more about digital security and privacy than average people. So many people carelessly ignore the security of their devices, it is completely reckless. How people voluntarily put something like an Amazon Alexa in their home is beyond me. I don’t think I have more to hide than other people. For a long time I have cared about FLOSS . It is not only that I dislike artificial barriers, vendor-lock-ins and planned obsolescence. It is also the trust gained through being able to inspect the software. But the biggest impact came, when I started to be involved with Bitcoin. This is when I really learned about the value of information, and how to protect it. There were times when I had more wealth sitting on my computer than on my bank account. Who wouldn’t think about how to protect it from the grabs of thieves. With Bitcoin, you are responsible for the private keys. When you fail to protect them, your wealth is gone. There is no bank you can beg to reverse the transaction. But on the plus side, If you protect your data well, nobody can steal it from you. If your bank goes bust, your Bitcoins are still save. Many people don’t want that responsibility, and prefer somebody else to handle it for them. I can see the same behavior with cloud computing. Bitcoin people are very passionate about OpSec. I am talking about the original cypherpunk people here, not the “get rich quick” crowd that showed up later on. There is a mantra in the Bitcoin world: “don’t trust, verify”. Everything that can’t be verified, such as closed source software has to be considered compromised.

Ok, enough of going on a tangent. This post is about working from home. My wive calculated the first day, that I should now be able to finish at least an hour earlier, because there is no more commute. Sounds reasonable, right? My usual day now looks like this: I get up at the same time as usual and take a shower. I dress the same way and groom the beard the same way as I would, if I went outside. Instead of having breakfast alone and driving to work, I start working. When everybody is ready, we have breakfast together. After that I work again until lunch is ready. When I have to go to the toilet, I also grab a fresh tea and go outside for a minute to get some fresh air and some sun. The lunch break is longer than at the office. The kids eat very slowly, and we have a rule at home that we all wait at the table for everybody to finish. Then we usually go for a walk to the forest and/or the lake. We are very fortunate that both are only about two hundred meters away. Because the lunch break is longer, I often work as long in the afternoon, as I usually am in the office. Sometimes I even work till the time I would otherwise arrive at home.

We also currently spend the weekends mostly at home. So I took the chance, to tidy up and clean my small office at home.

Interesting reading about privacy in the current state of emergency:

Last but not least, some conspiracy theory:

Bill Gates, The Caricature of a Villain

Could somebody please compete with Tesla

I am a Tesla fan boy. The first stock I ever bought was TSLA. And it is still my second biggest position after Bitcoin. So, of course I am delighted by the recent rally. But speculation was never the primary motivation. I only buy stocks or cryptos, if I see a benefit to our society at large and sustainability. I have an important investment disadvantage in that I only invest in companies that behave ethically. This excludes most of the highly profitable big tech stocks, such as: Apple, Google, Amazon, Microsoft and Disney. My investments are long term. The TSLA market cap raced past Daimler just two months ago, and past Volkswagen last week. In the meantime it is double that of Daimler and 20% above Volkswagen. Essentially, it trippled in the past half year. Should it continue with this pace, it could become the worlds most valuable car maker before the year ends. There are analysts who predict even much higher figures. After all, Tesla’s financial charts show numbers close to exponential.
In the past, Tesla was not perceived as a threat by the old guard of car makers. At least they wouldn’t publicly admit. Some still to this day act as if they could continue selling their pollution machines for the foreseeable future. These days, the tone has changed. Tesla is the benchmark for electric cars, and electric cars are the future.
Ever since I drove a Model S for the first time, I knew that this is the future. It is not just that driving electric is so much nicer, it is also the rest of the experience. Tesla owners are not surprised that their manufacturer leads the brand loyalty statistics. Over the years many Tesla killers were announced. All of them fell short. They have a hard time to even compete with the cars that Tesla released seven years ago. The Porsche Taycan was the first who can compete in terms of performance, but it is the least efficient electric car on the market. Meanwhile the Tesla model 3 is the most efficient car on the market. The Audi comes close in terms of charging speed, but is almost as inefficient as the Porsche. The Hyundai comes close in terms of efficiency, but lacks in everything else. There are so many unique features where Tesla is ahead of the pack: Supercharger network, over the air updates, really good software in the car, self driving, consistently rated as best in class safety. They are pushing the bar in so many directions.
In the foreseeable future, I wouldn’t even consider another car make. All these developments are great, and it seems as if the gap would even increase. But this trajectory leads to a future that slowly starts to concern me. Monopolies are never good. There are countless examples of companies who acted benign while growing up, but turned into bullies once they were big enough to get away with it. Cory Doctorow calls it “every pirate wants to become an admiral” in his book Information doesn’t want to be free. I never met Elon, but I think he is a good guy. Nevertheless every company can rotate personal and change direction. And Tesla customers are reliant on the company more than is usual. So far they never exploited their position, but who could assure that it never happens in the future.
On my last service visit they informed me that in the future they would only accept payments by credit cards. My last credit card expired five years ago, and I have no intentions to go back into the dark ages of pull payments. Also for supercharger usage, you only have three options: Either deposit credit card information in your Tesla account, having some free credit from referrals or the like, or having a car with unlimited lifetime free supercharging. Luckily I have the last option. Using credit cards and leaving its information everywhere can lead to unpleasant experiences like unintentionally buying upgrades. I am sure they will make it right this time, but maybe they could get away with something like this in the future.
Last year I was informed, that they no longer answer the phone at the service center. They want the customers to book the appointments in the Tesla app. Too bad that this app doesn’t run on any of my phones. When a door handle stopped working two weeks ago, I faced a dilemma. I didn’t call because I was told they wouldn’t answer the phone, and the phone number was no longer displayed in the navigation screen of the car. I sent an eMail to the service center and another one to the person I had contact the last time. Both were bounced immediately. There was no trace of the functionality to book appointments on the website. And as stated above, the app doesn’t run neither on my Librem5 nor on my UBPorts phone. So the only option left was to pay a visit in person at the service center. Luckily it is only a 10 minutes deviation from my regular commute. The person told me that a ranger would call me the next day to make an appointment, and that they would answer the phone again. A week later I called to ask if they forgot me. And indeed they didn’t know anything about it. But this time the person in the service center made an appointment. Now I am looking forward to have that door handle fixed.
As long as there is competition, companies have an incentive to keep customers happy. But if your product is so much better than everything else, that incentive goes away, and bad behavior is becoming the norm. So far, there is still some competition from polluting cars, but this will diminish in the coming decade. I am not even sure if it can be considered competition. Everybody (with very few exceptions) who ever drove an electric car never wants to go back. I read from people who say they were treated by Tesla employees as if they needed to be grateful for the privilege to get such a great product. So please, traditional car markers as well as startups: Don’t let that 17 year young Californian electric car company push you out of the market. But please don’t try to hinder them with cheating and throwing rocks like in the past. Better start making products that can compete with Tesla on many levels. Competition is healthy, and having choice is good. 

Update:

Having a ranger coming to fix the door handle was a next level experience. The day before the appointment, as usual I received a confirmation eMail. At about the announced time, I received a call from the ranger informing me that he is now in front of the office building. So I went down, and greeted a very sympathetic  guy in a Model S with a trunk full of tool shelves. After I showed him to my car, I went up to the office to work again. When he was finished less than an hour later, he called me again on the phone. I always like to talk to the technical people. He explained to me, how the design of the door handle improved so that they should no longer break like the first generation. He even confirmed, that the opposite door handle that was replaced earlier is also from the improved design. The price was reasonable as usual with Tesla repairs. At first he wanted a credit card. When I told him that I don’t have one, it was no problem at all. He sent me an invoice to my eMail address, and I paid the same day. So, in conclusion the experience for having the door handle fixed was really really great, after the difficulties with getting an appointment were ironed out.

The Librem 5 phone is still at an early stage

When I learned that Purism was going to develop a privacy respecting and security focused smart phone, I was immediately very excited. So far the only real open source phone was the OpenMoko, and that was almost a decade ago. I ordered one as soon as they opened the pre-orders. A quick look in my Bitcoin wallet revealed that I paid the phone pre-order on Aug 24th 2017. Of course I knew that it would take a while, and that problems are to be expected, which result in later deliveries. When they finally prepared for shipping, they asked everyone for their preferred batch. They warned that early batches would be not as flush as later iterations, and that the software was still a work in progress. Having waited for so long, I was eager to get it as soon as possible. Using an OpenMoko and later Ubuntu Touch device as my main phone, I gathered some experience with unfinished products. A solid base is more important to me than the finished product.
To my knowledge it is the only phone that separates the main CPU from the base band (correction in the comments). Like the Purism notebooks, it has hardware kill switches. One for wifi/bluetooth, one for camera/microphone, and one for the cellular modem. This makes it the only phone on the market where the user is in control. It allows the owner to own the phone instead of Google/Apple in combination with the phone company. In today’s economy, this is a very important development. Modern phones track their users in so many ways that hey have become golden hobbles. This is the main concern with Android, but even Apple is not without doubts in this area. The main issue I have with iOS is that it patronizes its users. If you don’t want neither of these evils, then you cannot just walk into the next phone store and expect to find something. Devices that came installed with Ubuntu Touch have sold out a long time ago. Purism describe their phone as:

hardware and software that treats you like a person and not a commodity to be exploited for profit

Last Friday, the waiting was finally over, and I received my Librem 5.
The first impression when unpacking was, that it is thick and heavy. In fact it is so thick that my kids make fun of me. The build quality is a lot better than I expected after the warnings about the early batches.
The on-off button doesn’t always work reliably, so I first charged it like the manual suggested. It is quite quick to boot. When I can’t get it to start with the on/off button, I usually open the device, and remove the battery for a moment. This always makes it boot reliably. Did I mention that it boots really fast?
Here is another report with unboxing pictures, so that I don’t have to make the pictures myself.
Switching apps and general usage of the phone OS makes a good impression. Not as good as current ubports, but a lot better than OpenMoko in its best days.

Wifi and bluetooth

Unfortunately the phone froze during the initial setup when trying to connect to the office wifi. After a reboot, I removed the wifi in the settings, and connected again. This time it appeared to connect, but it didn’t get an IP address, and thus I was unable to fetch anything from the internet. At home, connecting to the wifi worked as easy as with every other device.
I talked to a sysadmin, and he told me there is nothing special with the company wifi. But he told me that the signal strength is not great everywhere. So I went straight to the physical wifi router. In close proximity, the phone connected successfully, and I was able to browse the web. This is probably the reason there was something about antenna optimization in the description of a later batch.
The bluetooth configuration doesn’t work at all. But the phone is discoverable, and when another device wants to pair, it displays the code to compare. The other device then reports success. But so far I was not able to make use of bluetooth with the device. Bluetooth audio is one of the sore points with my current ubports phone. It used to work perfectly for a long time. But then I got an update last winter that crippled bluetooth functionality. For almost a year already, I could receive calls in the car, but after one second the audio connection breaks every time. It was one of my biggest hopes that bluetooth hands free in the car would work out of the box with the Librem 5.
I haven’t tested mobile data connection yet. This is because I rarely buy mobile data. I have wifi at most places I go. My car has an internet connection and a browser which is enough for on the way. The only time really I need mobile data is when I want to pay with Bitcoin in a restaurant, and no friend is with me who can set up an access point on his phone.

Text messages

Sending a text message worked on the first try. Only the integration with the address book still needs to be improved. Speaking of the address book, I haven’t found out yet how to synchronize or import my contacts.
So far I didn’t receive any text messages. I strongly suspect that at least some should have come my way in the last couple of days. I tried testing it myself with LnSms, but it didn’t arrive. This is possibly due to a bug with non numeric senders. But that I didn’t receive regular text messages is bothering me. A friend sent some to me for testing, and none arrived.

Phone

Even before I wanted to place a call, I read in the forum that there is a problem with audio routing. I didn’t even get that far. I cannot initiate a call, because below the dial buttons there is a message warning me that there is no voice-capable modem. Somewhere in the bug tracker I found a post that claimed that it should be possible to work around this by killing the cally app five times in a row. That didn’t work for me. So if this smart phone is no phone yet, I hope that it is at least smart 😉

Browser

It is not the best browser that exists for phones, but it works good enough for everything I tried so far. For sure it is better than the browser in the Tesla.

Settings

The settings pages look very familiar. In fact they are the same as in any modern Gnome desktop operating system. Some pages are too big for the screen, and some don’t make much sense for a phone, while some phone specific settings are missing. I already installed the first update, although I don’t know what it actually contained.
The audio page reveals that there are lots of audio devices. I went through them all, and clicked the test sound button, but I couldn’t hear any sound coming from the device.

Terminal

A linux smart phone needs a terminal. The Librem 5 comes with Kings Cross pre-installed. The terminal app itself looks quite good. But the virtual keyboard is lacking arrow and tab keys which are extremely helpful when working with a terminal.
I was delighted to find out that unlike with ubports, you can hack around with the actual system, and the packages seem to be apt based. I never liked click, snap or flatpack. Apt is my favorite package format.

Clock

For the first three days, after every reboot, the system date was reverted to February 2019. This rendered all TLS certificates issued after this date invalid. Thus preventing me from upgrading the system until I manually fixed the date every time. I am not sure what I did yesterday, but I suspect that I re-enabled automatic time synchronization just AFTER correcting the date. Since then, the system time is correct IF the phone has an internet connection. It is not yet synchronized from the cell phone network, or preserved across reboots.
For the last 20 years I used my phone to wake me up in the morning. Some phones also worked when switched of, while others had to be enabled to reliably wake me up. In the settings of the Librem 5, I can set multiple alarm clocks, and specify how to repeat and on which days of the week. So far so good, this is on par with most phones. Problem is, when the time comes, no sound emits from the device, and not even a reminder is visible on the screen.

Battery life

Whether the screen is on or off doesn’t seem to make a difference. The device gets very, very hot. It is no surprise that the battery doesn’t last very long. It doesn’t even last an hour. So I just have to switch the phone off while it is not being used and not plugged in. People at purism are working to tweak the kernel to dial down the frequency, switch off cores, and put the CPU to sleep when not in use. I hope they assign this issue a high priority.
Charging time when the phone it is turned off is ok. But when it is turned on, I don’t really know if it is slowly charging or slowly discharging. That is with the provided charger. Be careful where you plug in the phone for charging!
When I plug in the phone to my notebook, the notebook often looses internet connectivity. I didn’t investigate why yet. Maybe it adds another connection and assigns it priority in the routing table. I will try with an USB condom and see how that goes…. Indeed, no problem so far if I use an USB condom.
When I plug in the phone to the USB ports in the car, I often get a warning on the dash that there is a problem with the touch screen. The big screen in the middle of the car still updates, but it no longer processes touch inputs. I then have to unplug the phone and reboot the MCU. I’m not sure if the phone registers as an HDI device, draws too much power or interferes in another way.

Apps

The phone comes with the following apps pre installed: phone, messages, browser, contacts, clock, settings, help, terminal, software, text editor
Anything can be installed from the software app or at the command line from the apt repository, but so far I have mostly installed command line applications. I suspect most regular desktop applications don’t behave well on a phone. I am not aware of a list of applications that run well on phones. And I don’t think there are a lot of apps that were developed specifically for this device other than the apps from Purism themselves.
As a test I installed my favorite desktop Bitcoin wallet: Electrum. Unfortunately it didn’t start. At the commandline I saw an error about something missing to bridge Qt5 to Wayland. So far I didn’t investigate much further.
After using ubports for the longest time, I am used to most apps not being available to me, so the whole app thing is no big deal for me.
What I miss most on my current ubports phone is a decent Bitcoin wallet. As long as there is none, at least a qr code reader would be cool. This would be necessary if I want to use a web based wallet.

Conclusion

I hate to say it, but at the current state, this phone is even less usable than both my previous linux phones in their initial condition. The previous phones improved quickly and got more or less usable. I abandoned the OpenMoko after half a year, because it was just not reliable enough as a phone, especially the audio in calls. The Ubuntu Touch phone on the other hand has been my daily driver for almost five years.
Maybe I am too optimistic in wanting to use the Librem 5 as my main and only phone from the start. Lets see how things progress from here… With some software updates I hope it will become the phone that I want to use for the next five years.
I hope I didn’t discourage anybody from ordering a Librem 5. If you want a phone that preserves your dignity, this is pretty much the only option at the moment. And I am sure it will improve.

Flying AdHoc Network

The first time I heard about FANET was at a gathering of some paragliding friends last year. They mentioned that they can display each others position on their flight computers. While that sounds cool, I don’t often get to fly cross country any more. Thus this feature was not of particular interest to me. Then some months ago I read an article about the Skytraxx 3.0 in a paragliding magazine. It was mainly focused on the builtin database of aerial obstacles, namely dangerous cables. But it also mentioned that weather stations could broadcast wind information on FANET, which the flight computer would then display in real time. Now that was more interesting to me. The part I like the most about the FANET technology is that it is an open LoRa mesh network. I watched a video where the developer explained that it is even possible to transmit landing procedures based on wind direction to be displayed on the flight computer. Further pilots can send messages to each other, and change the mode from “flying” to “retrieve car” or “need a ride”. All of this together was too much to ignore.
While FANET was developed by Skytraxx, it is an open protocol, and other companies started including support for it in their devices. The Skytraxx devices that come with FANET, also include FLARM. FLARM started as collision avoidance system for sailplanes. But in the meantime, most light aircraft are equipped. Devices for paragliders only transmit to FLARM. They are unlikely to crash into one another due to the slow speed. But by transmitting their position, faster aircraft can be warned soon enough about their presence. Like FlightRadar for big airplanes there is GliderNet based on FLARM and SkyNet based on FANET. These sites are fed by ground stations that decode the signals broadcast by the aircraft. All you have to do in order to appear on these sites, is register with the Open Glider Network. If you register in addition with LiveTrack24 and link your OGN registration (the FLARM id), then your flights are automatically archived. What I like most about this, is that I can give the URL to my beloved ones. If I’m not home in time, they can check if I am still airborne, and where my last recorded position was. So in the improbable case of an accident, they could send search and rescue in the right direction.

Technical inspection with the Tesla

Cars have to go to the technical inspection every second year in Switzerland. New ones are exempt from this for the first five years. Now that my Model S is closing in on becoming six years old next month, I got the invitation to bring it in for inspection. Usually with my old ICE cars, I would visit the mechanic beforehand to bring everything in order and to wash the engine. The Tesla has no dirty engine to wash, and was in service last July. So I completely skipped the preparation part.
As usual, the expert performed a short test drive with hard braking. Then followed the indoor inspection. Testing brakes, suspension and lights was as usual. But that was it already. He admitted that he didn’t have much training for Teslas. His manual seemed to indicate that the parking brake was mechanical, while I am convinced it is electronically activated. So he tried to spot the cable. But we were unable to figure out which way it was, because everything is so well hidden behind covers. He said that the lower part of the car looked like from formula one, and wanted to know what material the shield of the battery was made of. He did not have a single complaint, and was done in less than 15 minutes. Wow, I never had a car before that was through the inspection so quickly.

So now is a good time to do some recap. I had the car now for three months short of three years. During this time, I did the following to it:
* Added 95’000 km to the odometer (essentially doubled it)
* Charged 19’208 kWh
* Paid CHF 2’082.5 for electricity
* Paid CHF 63.5 for parking that was only necessary for charging
* Bought three sets of new tires, that I paid all with Bitcoin

Here is some statistic about where I charge:

* 65% at home (typ2 16kWh)
* 15% superchargers
* 13% typ2 22kWh. Probably the lions share of this is the public charger near my in-law’s place, but it also includes Tesla destination chargers and most public chargers in general.
* 2% Chademo (50 kW) and CCS (150 kW)

Given that only 2% was Chademo and CCS together it seems silly that I bought both adapters that cost together close to CHF 1’000. But it was mainly about peace of mind, being sure I can charge everywhere. During holiday trips each one of them proved invaluable. Even if I have an insurance that covers the cost for towing, it would be very inconvenient to get stranded, especially far away from home.

I had a couple of repairs:
* Two xenon headlight bulbs replaced
* One 12V battery replaced
* One door handle replaced with newer version (known problem with the cable to the micro switches in the first revision)
* Tire pressure monitor system replaced with newer version.
* Front brake disks and pads replaced. Was damaged from under usage due to recuperation.
* One electric motor replaced under warranty. It worked still fine, but it was not completely silent any more.
* Replaced all lug nuts, because somebody damaged them using a wrong tool when changing tires.

In total, I paid something more than CHF 4’000 for all the repairs.

When a product is better than the description

When I was a kid I liked wrist watches from Casio. I had one with a calculator, one with an address database, one with an infrared remote control and one with an altimeter. But for the last 25 years I didn’t wear one. I don’t like to wrap anything around my wrist. And since I carry a phone, I have a way to find out what time it is.
When friends and neighbors started wearing fitness trackers, I thought I don’t need that. When I went running, I did it for my personal fitness, not to compare to somebody else. And I can care about my fitness without a device telling me to walk some more before going to bed. When my wive wanted to gift me a step counter for my birthday a couple of years ago, my response was: thanks, but no thanks. I have no use for a step counter.
Some times I brought my phone when I went running to record the GPS track just to try. Some co-workers upload all their activity to Strava, and claim “if it’s not on Strava, it didn’t happen”. Not so for me.
Since I started carrying my ultra light paraglider for run and fly, I took the phone with me more often. In the backpack it disturbs less than in the shirt. The main reason for carrying the phone was to be able to call for help in an emergency. And when I brought the phone with me anyway, I could just as well run the tracker app on it. But unfortunately it didn’t work very reliably. When the screen was off, it stopped tracking, and when the screen was on, it often registered fingers that weren’t there. So it happened often that it stopped tracking after a while, or deleted the track entirely. Sometimes I had a ton of apps open after running and I didn’t know what else happened to my phone. But still, with the few tracks that recorded at least the uphill running part, I could see my progress on that segment. That turned out to be more interesting than I anticipated.
So when my wife recently wanted ideas for my birthday, I told her “a cheap wristwatch with GPS tracker, that works without a crappy lock-in smartphone app”. My absolute nightmare is to have a closed source device that tracks my every move, where I have no control over the data it collects. Worst of all, it would become useless when the manufacturer decided to stop maintaining the app. I don’t want devices with planned obsolescence. Of course I had to do the research myself. On the product page they only mentioned their iOS and Android apps, which are of no use to me. I noticed a while ago, that there are some packages in the debian repo for Garmin Forerunner devices. Further research brought me to quite complicated methods to get the data from these watches. But then I found a page that stated that when you plug in the watch with its USB cable to a computer, it mounts a filesystem and you can just copy the activity files. If it is really that easy, then I really don’t understand all the fuss. Everything seemed to indicate that all Forerunner watches come with a USB cable for charging the device that also acts as a data cable. It is beyond me why they don’t mention that explicitly on the product page. So, for my purposes a relatively cheap Forerunner 30 or 35 should be just fine.
And so I got one for my birthday from my wive. It even has a heart rate sensor that I wouldn’t need. And indeed, just plugging it in with the USB cable, I can grab the fit files and either upload it directly to Strava, or convert it to a more common format using gpsbabel.