Thread: Xiaomi launches the InkPalm 5 mini e-reader for 599 yuan (~$91)
View Single Post
Old 05-20-2021, 04:20 PM   #96
qwerty12
Member
qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.qwerty12 ought to be getting tired of karma fortunes by now.
 
Posts: 14
Karma: 2168210
Join Date: Jun 2011
Device: Boox Nova 3, Xiaomi inkPalm 5
Quote:
Originally Posted by Quoth View Post
Sure there is if you have a decent Router, then the DNS is whatever the DHCP on the Router hands out.
But most ISP DNS are more private than 3rd party. Never use Google as it exists to track activity.
Also if the mac address or device name doesn't change a decent DHCP server can always assign a pre-decided IP.
I have DHCP disabled on my ISP supplied router as it has no bridge mode for a separate router and use DHCP server on an Open WRT router that's not used to route.

I've seen loads of Android stuff with no manual or Static IP, only ability to enter the key/password.
Thanks for the info. Yeah, I just saw yesterday that even my barebones, locked-down ISP router has the option to override the DNS server addresses it hands out. I would change things there but I don't want to break anything for anybody else on the network. I was going to set the inkPalm to AdGuard's servers to make up for the inability to use AdAway on this device or run another app that sets up a VPN.

I've honestly never had an Android device before that had locked down that part. I can't for the of life me understand why... I now suddenly see the value in having a Pi-hole set up

Quote:
Originally Posted by michel24 View Post
Hey qwerty12,
Thanks a lot for the report. I will receive mine in a few days
Hey, congrats, it's a great e-reader

Quote:
I'm also a bit concerned about eventual spyware. But are there actually real report that there is something?
No. I'm not an expert in security (or networking for that matter) in the slightest. There could be innocuous explanations for everything too. Like I've said that NetGuard doesn't work, and I'm quite sure of that too. NetGuard relies on the VPN functionality of Android, and that does seem broken here - when NG was active, the device's settings still said the VPN was off and it wouldn't let me turn on the always-on setting (this works without issue on my Samsung phone and Nova 3). Since this is a device meant to be sold only in China, Xiaomi may have to intentionally prevent the VPN functionality from working. But I haven't tested any other program that uses Android's VPN functionality, like Blokada or AdGuard or Intra or DNS66.

And I do find the locked down network settings annoying, but a DNS leak test shows the device using my ISP's DNS servers so there's no privacy issue there.

I still maintain the inclusion of a microphone without a corresponding speaker is odd (I might have damaged mine in my attempts to boot this thing into FEL mode and I'm not even sad about it) but it could be just easily be a compromise to include dictaphone functionality without compromising the weight of the device.

I haven't done a proper analysis (and I'm not sure I would be able to) but according to this device's logcat, http://captive.v2ex.co/generate_204 is contacted much like connectivitycheck.gstatic.com/generate_204 etc. usually is on a "normal" Android phone to check for Wi-Fi networks where you have to sign in. iotapi.adups.com is contacted every time the Wi-Fi is connected to check for firmware updates - from what I can see, there is nothing excessive sent at all.

Quote:
If yes, do you think that putting the device on the wifi is actually riskier than plugging it by usb on a pc/mac?
And what about always using the 4g network sharing of a smartphone instead of personnal wifi? I imagin it to be much more sandboxed, no?
I've not seen any evidence of this device trying to siphon data from other devices, for what it's worth. To be honest, the only reason I would connect it to Wi-Fi in the first place is to let Moon Reader sync book positions so I can pick up on my Boox. With a gig of RAM, browsing sites isn't probably going to be a comfortable experience.

---

This device does seem to use PWM for its backlight but for the price, I guess that's no surprise:

Code:
virgo-perf1:/proc/lm3630a $ zcat /proc/config.gz | grep PWM
# CONFIG_INPUT_PWM_BEEPER is not set
# CONFIG_SENSORS_PWM_FAN is not set
# CONFIG_REGULATOR_PWM is not set
# CONFIG_BACKLIGHT_PWM is not set
# CONFIG_LEDS_PWM is not set
# CONFIG_COMMON_CLK_PWM is not set
CONFIG_PWM=y
CONFIG_PWM_SYSFS=y
# CONFIG_PWM_FSL_FTM is not set
# CONFIG_PWM_PCA9685 is not set
# CONFIG_PWM_SUN4I is not set
CONFIG_PWM_SUNXI=y
virgo-perf1:/proc/lm3630a $ ls
debug_brightness leda_brightness ledb_brightness on_off_ramp runtime_ramp
debug_enable     leda_max_cur    ledb_max_cur    pwm_level
virgo-perf1:/proc/lm3630a $
qwerty12 is offline   Reply With Quote