spamtrap

The HP Touchpad was released in a flurry of tablet releases, and killed in a flurry of axes six months later. Its bill of materials was between $200 and $300, originally being sold for twice that, but eventually for half of it.

WebOS itself is a GNU/Linux system with a custome UI and framework. The key to making a touchpad useful is installing Preware, which also provides an X server that can run inside of the native WebOS GUI.

With a little bit of effort, you can configure it for the following additional features:

The following is a brief description of how I configured my HP Touchpad:

  1. Configure your tablet and enable developer mode. You can do the latter by entering webos20090606 into the Just Type... field.
  2. Install the HP SDK. This will provide you with novaterm and palm-install commands to allow you to access your device over USB once devmode is enabled.
  3. Find, install, and configure the WebOS doctor to re structure the partitions. On a 16GB touchpad, I set:
    • VAR_PARTITION_SIZE = 2 GB
    • SWAP_PARTITION_SIZE = 1 GB
    • EXT3FS_PARTITION_SIZE = 6 GB
    As well as the following settings:
    • ENABLE_DEVELOPER_MODE= 1
    • ENABLE_BETA_FEEDS = 1
    • DISABLE_UPLOAD_DAEMON = 1
    • ENABLE_USB_NETWORKING = 1
    Per the instructions, you must also set:
    • DEVICE = touchpad
    • CARRIER= wifi
    Doctoring took eight (8) minutes when I measured.
  4. You will need to reconfigure your device once it is doctored. If you plan to not make use of Palm/HP's backup services, now is a good time to select backup from the settings tab of the launcher, and disable backups. This setting gets reset every time you re-initialize a device.
  5. Edit /etc/fstab (you'll need to remount / as rw) adding /dev/mapper/store-ext3fs /media/ext3fs ext3 noatime,data=writeback 0 0
  6. Optional From the Device Info applet under Settings, you can run a custom application (from the menu) to reduce the copious amounts of logs that are generated. The application to do this is ##LOGS#.
  7. Get the ARM ipk of PreWare.
  8. Install PreWare using palm-install org.webosinternals.preware.ipk. PreWare should now be visibile in the Downloads tab off the launcher on your device.
  9. Launch PreWare. I suggest (from the preferences) telling it to fetch data only once a day, but this is up to you. I suggest looking through the patches category, and seeing which patches interest you. I suggest the following, but choose for yourself:
    • Ad Blocker (or Max Blocker)
    • Advanced Reset Options
    • Device Profile Service Override
    • Faster Card Animations HYPER Version
    • Handle non-uppercase Ogg Vorbis fields
    • Increase Touch Sensitivity and Smoothness
    • Just Charge Button Label
    • Just Charge By Default
    • Private Browsing
    • Unhide Dev Mode Icon
    • Unthrottle Download Manager
    The following applications will also be helpful:
    • Debian 6.0.2 Chroot
    • EOM Overlord Monitor
    • Govnah
    • Impostah
    • OpenSSH
    • OpenVPN
    • Remove Untrusted SSL Certs
    • Tweaks
    • UberKernel
    • Xecutah
  10. This is optional, and will break some automatic system updates: Once you have installed impostah, you can disassociate your device from a WebOS profile. This will prevent you from using the WebOS Catalog, but you can continue to use PreWare.
    1. Open Impostah from the launcher
    2. Select Palm Profile
    3. Select Reset Palm Profile
    4. Select Delete
    5. Your device is now dissassociated. DO NOT PRESS OK as doing so will restart your device and wipe it. Instead, cancel the device restart and wipe.
    6. You may now manually restart your device.
  11. Configure OpenVPN. This will require you to reach a terminal, either through an emulator such as XTerm (via Xecutah), over USB (via novaterm), or over WiFi and SSH if you've already copied over your authorized_keys file as part of the doctor process (if you've not populated ~root/.ssh/authorized_keys you might want to do that while you're connected via novaterm).
    1. Create a configuration, copy whatever secrets you need.
    2. Your configuraiton will need to call a script after creating the tunnel because the default firewall rules will not let you access the machine via SSH (or otherwise) over the tunnel interface.
    3. You can have the tunnel start automatically by adding an upstart script as /etc/event.d/openvpn outside of the Debian chroot. My script causes openvpn to start after dnsmasq is done starting, so we are guaranteed to have networking available. My script does not stop openvpn on any specific event. Manually, you can always stop openvpn and then manually start openvpn, if it seems like there is a problem with the tunnel.
    4. It is simplest to just put a handful of hosts through the VPN in /etc/hosts, although you can always configure your tablet to use a specific DNS server that is aware of your tunnel.
  12. Launch Xecutah, and select the Debian chroot. We'll configure that now.
    • Install files you might want, including a window manager. I found that icewm works well with some tweaks, so the following might be a good start: apt-get install openssl less icewm psi iceweasel gimp openoffice.org
    • Create a symlink to a reasonable zoneinfo file. e.g., for the eastern United States, ln -s /usr/share/zoneinfo/EST5EDT /etc/zoneinfo from inside your chroot.
    • Configuring an encrypted home directory.
      1. Create an empty file for your home directory:
        dd if=/dev/zero of=/media/ext3fs/debian-squeeze-chroot/home/home.img bs=1024 count=1048576
        This will create a 1GB image. You can adjust the requested size if you need more or less.
        nb: Using /dev/zero is less secure than using /dev/random, however, if you're doing this on device, I find /dev/random is not well populated. If you have another machine with lots of entropy, you can create the image there, and then transfer it to the device.
      2. Create a key file:
        dd if=/dev/random of=home.key bs=1 count=32
        This will create a 256-bit key for you to use called home.key (really, you can call it whatever you want--maybe touchpad.key will be easier for you to remember). You should keep this file somewhere safe, like the encrypted home directory on your desktop.
      3. Create an encrypted key file:
        1. Download encfskey
        2. Run encfskey giving it the location of your key file. Provide a password when prompted.
        3. Copy the resulting file (e.g. home.key.enc) to your tablet into the root of the chroot.
        This will allow you to change your password later should the need arise. (The script references mkcryptimg—this basically does what the previous two steps do, and you can ignore it.)
    • Mount the encrypted home directory. nb: If you have directories in /home already, you can move these out, and mv them back once you mount the encrypted image. Alternatively, you can have the encrypted image mounted as a subdirectory for the user you will create in the next step. If you choose to do the latter, just create directory under /home/ which is the name of the user you will create in the next step. It's usually helpful to chmod 000 the mount point, but that's purely optional. It will reduce the chances that unwanted files will get written there instead of to the encrypted filesystem.
    • Add an untrusted user to the chroot, which you can use using adduser.
    • Configure a script to mount the encrypted filesystem and start the window manager. (You can either call this manually whenever you launch the chroot from Xecutah, or you can configure this to start automatically by putting it in one of root's start-up files inside of the chroot.)
      • Copy xor into /usr/local/bin/ inside of your chroot.
      • Save ui to /usr/local/bin/, and configure it to fit your configuration (e.g. by changing your window manager, image name, and key). You will then be able to type ui to start your window manager once you have started the chroot from Xecutah.
      If you see an error after the window manager starts and your home directory has not been mounted, this may be because mtab hasn't been cleared-out. You can try unmounting as if the mount had succeeded, and then restart the chroot.
    • Once you've mounted the encrypted home directory, and started the window manager as an untrusted user, you can start configuring your work environment! Create your Jabber accounts in Psi, and begin installing the extensions that you usually use in iceweasel (firefox). I suggest, especially, the grab-and-drag extension.
      • If you are using icewm, start by copying /usr/share/icewm/preferences to ~/.icewm/preferences. Then add:
        • ScrollBarX=48
        • ScrollBarY=48
        • MenuIconSize=32
        • SmallIconSize=32
        • LargeIconSize=96
        • HugeIconSize=128

/stuff/texts/docs/*nix/linux/webos/touchpad/files/

--