Boz’s Open Letter to Xiaomi

Hi! I’m boz. Today I had a problem with my new Xiaomi Redmi Note 7. I was trying to reject the terms and conditions of Xiaomi, remove all the GoogleShit, and install Android LineageOS.

Spoiler: it was a bloodbath.

Preamble (don’t arrest me!)

Note. Rejecting terms and conditions is not an insane, lamer or illegal operation. Moreover, Android is basically the Android Open Source Project, designed to be used and improved by vendors, developers and end-users for whatever purpose. If you think otherwise, maybe you have an iPhone.

Xiaomi knows that. Probably because they are made in China; low cost; intrinsic healthy spirit of sharing tech stuff in DNA, plus other stereotypes I don’t know. Xiaomi has a nice procedure to unlock your bootloader, in order to use their hardware without software obligation.

https://en.miui.com/unlock/ – official Xiaomi tool to Free your device

And this ↑ is nice.

So? what happened?

Unfortunately the official Xiaomi tool was not be able to see my Xiaomi Redmi Note 7 and I was not able to proceed with the unlock procedure. I tried multiple times and in multiple ways. I’ve also tried my local Xiaomi phone support but without much success.

Hello support! I am trying to reject the terms and conditions. I was following this official Xiaomi proced… Yes I want to unlock the bootloader for personal motiv… Yes the bootloader, the thing on my phone that you have locked down… No no I’m not talking about the unlock screen… Yes I want to remove Google from my phone and I need to unlock my phone. No no it’s… uhm… OK. Shibboleet?

― not exactly my phone call but quite similar

Long story short, after 10 hours of troubleshooting, trying multiple Microsoft Windows versions (bleah), multiple USB ports, multiple Chinese drivers (I mean, literally in Chinese, from website to documentation and URLs) and after selling my soul to Satana installing the most borked unofficial software of the dark web, I was then able to reject the terms and conditions, unlocking my bootloader.

How? I’ve found this tool:

http://xiaomi-miui-ota-3rdrom.ks3-cn-beijing.ksyun.com/rom/u265827351/3.3.525.23/miflash_unlock-en-3.3.525.23.zip

It’s a suspicious URL but I think it’s legitimate since it comes from a “Xiaomi Super moderator”. Note that fresh users in the Xiaomi forum are not called “Super moderator” but are called “Rookie Bunny”. Yup, I am one of them 🥕.

https://c.mi.com/thread-1857937-1-1.html – old guide by Super moderator

So, it seems the official Xiaomi unlock tool, in recent versions, has not the possibility to install the right drivers anymore. But, that version above will install good old drivers (using the top-right menu of the application). Then, since that old version is completely outdated and stuck to the login screen, then I was able to proceed with the recent normal unlock tool (https://en.miui.com/unlock/).

Puff!
Now I have a Xiaomi Note 7 phone, flashed with LineageOS instead, and without any proprietary Google application, refusing both Google’s and Xiaomi’s terms and conditions, since I don’t use their services.

My Xiaomi Note 7 now, with LineageOS and F-Droid stuff :)

That’s why today I’m happy with Xiaomi!

Yesterday, anyway, I was in the mood How far can I throw this phone?

So, What I suggest to Xiaomi

Dear Xiaomi,

0 First of all, even if there is room for improvement, thank you for allowing users to refuse Xiaomi terms and conditions and have an official Xiaomi procedure and tool for that. For example to unlock my phone, to allow to clean my phone, do my stuff on my phone, increase privacy on my phone, etc. You are working in the right direction!

1 Often people who want to unlock their phones do so to avoid proprietary software. So they don’t want to use Microsoft Windows. If you can, make the unlocking procedure not require proprietary software or Microsoft Windows.

2 There are many unofficial Free and Open Source software that work better that the official proprietary one. This is surprisingly frequent but potentially very good for you. So, since you’re smart, I suggest to don’t kill these developers using your lawyers. Instead, contact these developers, support them, hire them, encourage them to write more good Free/Libre and Open Source software for Xiaomi devices.

3 Before you say “Oh my God there are too much Leenocs distributions to support!” keep calm and just take Ubuntu 20.04 LTS that is very mainstream, and start giving support to that. Amazingly, you will also support Trisquel GNU/Linux at no costs and a truckload of other distributions, giving more support to Xiaomi devices and more freedom to users.

4 Since it seems somebody in the world somehow already knows what your software does (I explain better later), do not try to obfuscate it. Instead, just release your software (as much as you can!) as Free/Libre and Open Source. It is a winning business strategy for Xiaomi to make experts happy, because they are the ones who then recommend Xiaomi phones to others. Additionally, you would have improvements and fixes from other experts all around the world, pratically improving Xiaomi support for you, and, more important, you will be able to easily find skilled developers to hire directly from your contributors, in a virtuous circle that boosts your loyalty marketing and puts more money in your piggy bank.

For example, it seems the world is really happy to have an unofficial unlock tool called XiaoMiToolV2 made by Francesco Tescari, who tried to understand what Xiaomi’s official software does to improve it. The result. It works for 3 operating systems (Microsoft Windows – macOS and GNU/Linux!) and is also able to flash ROMs, unbrick your Xiaomi device (!), restore factory data, support multiple languages and, among other features, it’s probably also able to give a good orgasm to the motherboard. Unfortunately, Francesco cannot release its source code because he is afraid of legal repercussions from Xiaomi. Remember, the official Xiaomi tool just works for Microsoft Windows (uff), sometime it does not work, and it’s ugly as hell (with all due respect) and, above all, its code is obfuscated (security through obscurity).

TL;DR

Dear Xiaomi, hire the Italian IT guy named Francesco Tescari. Give him permissions to do whatever he wants. Instead of sending Francesco to a Chinese jail, allow him to write more official documentation, produce more Free/Libre and Open Source software. For example, to convert Xiaomi phones into kitten-bots, create camera-enabled mosquito-killers etc. making Android experts damn happy to work with Xiaomi for their projects and damn inclined to play with Xiaomi hardware and reccommend Xiaomi to IT companies, local resellers and end users.

And what can Xiaomi do on Wednesday? Donate some devices and some documentation to Replicant, LineageOS and donate to the Free Software Foundation, and share the news to the world! They are definitely your friends. It’s pennies to you, but would be a crazy gratis advertising and a crazy big step for the Xiaomi corporate image.

Phone image by Minette Lontsie, CC BY-SA 4.0, via Wikimedia Common
Screenshot by Valerio Bozzolan and the owners of each single logo under same license

Share!

Xiaomi, are you ready?

Tomcat, VirtualBox, Systemd enter in a bar

This Friday I’ve seen Tomcat, VirtualBox and Systemd entering in a bar.

Let’s continue here in CC BY-SA:
Tomcat unable to execute VBoxManage: NS_ERROR_FAILURE (0x80004005)

Do not ask me why a Java application was issuing VirtualBox commands. It’s too painful to remember certain things. In any case, there is no reason in the world why it shouldn’t work. Or maybe one. Anyway I’ve learned more about Systemd silly features and that day was awesome.

Import huge iCloud calendars into nextCloud (without explosions)

Three weeks ago I received an URL of a really big iCloud shared calendar.

(Having said I’ve nothing against an iCloud shared calendar. If I can use free software to access it, that’s fine.)

So I tried importing that URL into my nextCloud instance.

So I caused very long time of CPU consumption and nextCloud explosions.

Allowed memory size of 1048576000 bytes exhausted

Long story short. iCloud takes six (6!) seconds to generate that huge document; nextCloud invests too much resources in parsing that wall of data.

Now. You can surely increase your limits… but it’s not a good idea to allow a spike of GBs of RAM and seconds and seconds of userspace CPU consumption just to see 50 fresh events, together with 500k legacy events. asd

Also because if you need to stay in sync you have to repeat this operation every some minute.

In order not to blow up my server and not slow down my computers and my LineageOS phone and to save electricity from Apple (which I think does a lot of calculations as well… asd) I wrote a script that orders my server to:

  1. download that shared calendar from iCloud (this takes at least 6 seconds asd)
  2. parse the content
  3. filter by creation date or last modification (sometimes the creation date is missing – asd)
  4. discard the appointments older than 6 months
  5. reconsolidate the remaining events
  6. save the result
  7. expose this last clean calendar to my nextCloud via HTTP

A daemon goes through this preparation process every 20 minutes. At the end I obtain a lightweight and fast resource to be scan by nextCloud whenever it wants, even every second.

Long story short:

  • Apple is happy
  • I’m happy
  • my nextCloud is happy

If you need that script:

https://gitpull.it/source/webcal-cleaner/

https://github.com/valerio-bozzolan/webcal-cleaner/

Manifesto SPID

Il mio manifesto su SPID.

SI RICHIEDE CHE
L’adozione di SPID, se obbligatoria, IN NESSUN MODO costringa ALCUN
service provider (e.g. anagrafe, università, biblioteca, sito, ecc.) a SOSTITUIRE INTERAMENTE i propri sistemi di autenticazione.

Tale requisito è per permettere che si possa far adottare SPID in serenità per dare un servizio aggiuntivo al cittadino SENZA IN ALCUN MODO SCAVALCARE completamente l’autonomia digitale del service provider e, di conseguenza, del cittadino, che potrebbe non essere affatto interessato a centralizzare il suo accesso per tale servizio.

In breve:

  • permettere al cittadino di accedere a SPID nella biblioteca: OK
  • permettere al cittadino di decidere se entrare nella biblioteca con SPID o con un altro sistema già in essere nella biblioteca: OK
  • costringere il cittadino ad usare solo SPID per l’accesso alla biblioteca: NO!
  • costringere la biblioteca a rinunciare al suo sistema di autenticazione: NO!

P.S.

“Biblioteca” è un esempio per qualsiasi service provider possa venirti in mente.