[MOD] [THINKTANK] Building TaintDroid in a ZTE Blade Kernel - Blade General

It would be great if TaintDroid could also be integrated in a Blade ROM.
ZTE Blade users, please show you're support if you also wish to see TaintDroid implemented in Custom ROM for your device.
webstas said:
A project for our Kernel devs maybe? i found this in the I9000 Forums and though i might keep it going over here in the Vibrant quadrant of XDA.
http://forum.xda-developers.com/showthread.php?t=812879
Click to expand...
Click to collapse
vasra said:
Most people don't yet know that many Android software leak all sorts of information to the internet with only scant user acknowledgement (basically what you accept when you install the app).
Due to this and the fact that there are already privacy information harvesting apps for Android on the marketplace - a team of security experts have created TaintDroid:
What is TaintDroid?
From the project's web page: "A realtime monitoring service called TaintDroid that precisely analyses how private information is obtained and released by applications "downloaded" to consumer phones."
From: http://appanalysis.org/index.html
How can I install TaintDroid?
As TaintDroid is currently compiled into the kernel, you cannot easily install it, but you have to cook your own kernel. Instructions (for Nexus 1) are available at the project web site: http://appanalysis.org/download.html
How does TaintDroid work?
Here's a video demonstrating how TaintDroid works once it is installed and configured:
http://appanalysis.org/demo/index.html
Why would you want to install this?
There can be many reasons for installint TaintDroid:
- You want to learn about privacy features and play with Android kernel
- As it is currently impossible to differentiate between innocent and sneaky Android apps based only on what access rights they request, you may want to dig in deeper
- You are worried about what apps are doing behind your back and you want to know which apps to uninstall
- You want to help create Android a more secure and privacy-protected platform, instead of the swiss cheese it currently is
What can you do?
As compiling kernels is mostly beyond the reach of mere mortals currently, consider cooking TaintDroid into your kernel, if you are cooking one yourself and offering it available for others to try and use.
Hopefully increased awareness and usage will bring this program eventually into other modders and perhaps even Google's attention and something more easily accessible is offered for the public at large.
BTW, I'm just a user, interested in getting TaintDroid on my own Galaxy S. I'm not affiliated with the research program, but I like what they are doing. This information is purely FYI.
Click to expand...
Click to collapse
ps: Sorry for replication but as this suggestion/request is taken up specifically for the ZTE Blade device, I thought it would be appropriate to duplicate the previous posts.

Related

Calling HTC Linux Geeks + Android Fans: MSM7200 Compatible Kernel Released!

Ok, there is plenty of speculation on Android and can we run it on our HTC devices, etc. I have started this new thread dedicated to the MSM7K Kernel release, and what it will take to get this running on our phones.
I would like this thread to become a resource, rather than just general theorizing. For example: "I know we need driver X to run Y on HTC device Foo." What I am not looking for: "Android is so l33t, plez tell me how to run on my Zaurus kthx". The difference is that the first example is constructive, and adds to the discussion.
The signal to noise ratio on the Android gGroup is terrible, and mostly consists of wild theorizing, self-promotion, and arguing. I have a feeling it will improve, but for now I'd like to discuss this subject away from all the SuperKoolNewAndroidForum.com forums.
My Goals for this Thread:
Establish what is known to work, and what the kernel is sorely lacking.
a) I know we have booted Linux on HTC devices, has it been done on the most current devices? (please link to thread/proof)
b) What are the main major roadblocks preventing Linux from being run on more HTC devices? (Obscure hardware design, bricking phone)
Compile a list of needed and helpful software for loading Android: bootloaders, useful Linux tools, filesystem images
Provide continual updates with photos/logs as we (hopefully) make progress
My bet is that the current 'gPhone' in the videos is an HTC device not unlike yours or mine. [link to my blog] IMHO, the hype over 'When will the first gPhone be released' is irrelevant, as Google has been working closely with HTC and Qualcomm for a long time -- and the specs for Android are so low, Google clearly expects to be able to run Android on existing hardware, without needing new hardware technology.
Of course, the tools and software we need are all in existence already, someone at Google is doing a good job of keeping their mouth shut. Therefore this is not an impossible task, just difficult, but I know you xda-hackers like a challenge! So, Let's go!!
Charles
FYI: I am aware XDA was founded with the Xanadux project, so this should be the perfect place to hack us a gPhone. I've also browsed threads, read the Wiki, studied up on the Hermes Linux project -- but things seem to have died since Feb 07, I'm hoping this latest development with Android will spark interest again, and we will be able to run Linux on our current, most powerful devices. I could make educated guesses about the state of the Xanadux project, but I'd rather hear it from XDA devs themselves who are most familiar.
Reserved for knowledge & files
Ok, I'll start:
Android.com *Now redirects (finally) to OpenHandsetAlliance.com
Download Android SDK
Official Android Dev gGroup
Here's what I know:
Announcement of the Kernel on the ARM Linux Mailing List
GIT Repository
gGroup for MSM7K Kernel Issues
[credit to Brian Swetland, Linux Kernel Lead, Android Project]
gGroups thread: Compiling C Binaries for Android
Filesystem dump from Android running on SDK Emulator: gGroups thread discussion | Benno's blog post with files
reserved for Android installation instructions
[ reserved ] Hopefully we will get this far
polyrhythmic said:
I've also browsed threads, read the Wiki, studied up on the Hermes Linux project -- but things seem to have died since Feb 07
Click to expand...
Click to collapse
If you are interested in the facts, and not some google-related hype, please
check this one
http://www.handhelds.org/moin/moin.cgi/UniversalStatus
My Android News blog (now on Russian language)
English version cooming soon.
http://android.my1.ru
Now it is under construction
Much thanks cr2!
n00bs are everywhere I'm trying not to be one of them.
I have been doing a lot of reading, things have been quiet on the Kaiser front but that soon will change. I just read the #htc-linux logs from the past few days, see you there after work!
Charles
(sent from das Kaiser)
WoW!
Is this going to be like getting Linux OS on my Trinity? I like the browser but a lot of the apps in teh demo vid rely too much on 3G. Data rates in the UK are prohibitive at the moment so I stick with WIFI
welcome to join AndroidPort group
hello:
you are welcome to join the AndroidPort group, where the
idea is to make Linux and Android work on a real or virtual
hardware phone platform.
looks like you are quite advanced in this area. we would
welcome your presence and expert knowledge.
have a look at our website. you will find a lot of
information for this subject in 1 place.
AndroidPort
http://groups.google.com/group/androidport
Aaron
Cool initiative, will write about it in my next News collection.
polyrhythmic said:
Ok, there is plenty of speculation on Android and can we run it on our HTC devices, etc. I have started this new thread dedicated to the MSM7K Kernel release, and what it will take to get this running on our phones.
I would like this thread to become a resource, rather than just general theorizing. For example: "I know we need driver X to run Y on HTC device Foo." What I am not looking for: "Android is so l33t, plez tell me how to run on my Zaurus kthx". The difference is that the first example is constructive, and adds to the discussion.
The signal to noise ratio on the Android gGroup is terrible, and mostly consists of wild theorizing, self-promotion, and arguing. I have a feeling it will improve, but for now I'd like to discuss this subject away from all the SuperKoolNewAndroidForum.com forums.
My Goals for this Thread:
Establish what is known to work, and what the kernel is sorely lacking.
a) I know we have booted Linux on HTC devices, has it been done on the most current devices? (please link to thread/proof)
b) What are the main major roadblocks preventing Linux from being run on more HTC devices? (Obscure hardware design, bricking phone)
Compile a list of needed and helpful software for loading Android: bootloaders, useful Linux tools, filesystem images
Provide continual updates with photos/logs as we (hopefully) make progress
My bet is that the current 'gPhone' in the videos is an HTC device not unlike yours or mine. [link to my blog] IMHO, the hype over 'When will the first gPhone be released' is irrelevant, as Google has been working closely with HTC and Qualcomm for a long time -- and the specs for Android are so low, Google clearly expects to be able to run Android on existing hardware, without needing new hardware technology.
Of course, the tools and software we need are all in existence already, someone at Google is doing a good job of keeping their mouth shut. Therefore this is not an impossible task, just difficult, but I know you xda-hackers like a challenge! So, Let's go!!
Charles
FYI: I am aware XDA was founded with the Xanadux project, so this should be the perfect place to hack us a gPhone. I've also browsed threads, read the Wiki, studied up on the Hermes Linux project -- but things seem to have died since Feb 07, I'm hoping this latest development with Android will spark interest again, and we will be able to run Linux on our current, most powerful devices. I could make educated guesses about the state of the Xanadux project, but I'd rather hear it from XDA devs themselves who are most familiar.
Click to expand...
Click to collapse
where is the video?
anheuer said:
where is the video?
Click to expand...
Click to collapse
YouTube Your best friend , along with google obviously

Support Cyanogen and the cause, read further

(Note posting in this topic as to dev category for obvious reasons)
This whole incident has taken me by surprise with the actions of Google against Cyanogen. Now the actions from my understanding so far are likely the result of the early release of the Market app with his new Donut based releases. There is a valid argument for Google in which it is their own proprietary code in which they want to release on their terms I would assume, however I prefer to take the side of the community. The community around XDA has supported and nurtured the development of the Android OS and the devices based upon it, with the developers pushing the limits on what they can do and implementing smarter and better solutions. We the community in a sense become beta testers for the latest and greatest Android has to offer, how many applications do you think have already added support for 1.6 due to Cyanogen's mods and our feedback?
In summary, I believe while Google does have a valid argument against, but it would better serve them to not continue with this course of action. I invite you all to write and use all social networks available to you to spread the world, submit to every news site, raise awareness of the problem. Don't waste your time with petitions, just spread the word, go viral with it.
Digg search for cyanogen:
http://digg.com/search?s=cyanogen
Original article:
http://androidandme.com/2009/09/hacks/cyanogenmod-in-trouble/
Facebook group:
http://www.facebook.com/group.php?gid=144634407186&ref=nf
Send tweets to @google also, flood the information stream.
Email the people at Engadget, Slashdot, Gizmodo, all the major blogs just to keep focus upon it.
Someone should put it up on reddit too, get some visibility on wired.com!
Listen, this situation is really cut and dry. Cyanogen had NO LICENSE to distribute the CLOSED SOURCE APPS. The rest of it is perfectly fine.
The solution:
Develop the roms, DELETE the closed source apps, sign, publish. When someone installs the roms, let them install the closed source apps themselves -- i.e., *somebody* (who won't be linked back to cyanogen) will likely post a simple "closed-source-google-apps-for-cyanogenmod-4.xx.xx.xx.zip" which can be installed from recovery mode.
Problem solved.
wont that person then be "under-fire"?
gospeed.racer said:
wont that person then be "under-fire"?
Click to expand...
Click to collapse
Only if the person gets caught.
tool to extract non free files and create a update image
If the binary files in a existing ROM can be used by cyanogenMod, what we need is a tool to reuse them in cyanogenMod. Am I wrong?
Or is it rebuild from source code ?
lbcoder said:
Listen, this situation is really cut and dry. Cyanogen had NO LICENSE to distribute the CLOSED SOURCE APPS. The rest of it is perfectly fine.
The solution:
Develop the roms, DELETE the closed source apps, sign, publish. When someone installs the roms, let them install the closed source apps themselves -- i.e., *somebody* (who won't be linked back to cyanogen) will likely post a simple "closed-source-google-apps-for-cyanogenmod-4.xx.xx.xx.zip" which can be installed from recovery mode.
Problem solved.
Click to expand...
Click to collapse
Are you a lawyer? no. So don't give your interpretation of what Cyanogen's license was and wasn't. You already started a thread about it and you're spamming the hell out of another. Don't mess with legal guesses, it's a bad bad idea. As I am someone who is studying law (and also a programmer/generally tech-smart), I am doing and suggesting to stay the hell away from that part when possible. Law -> politics -> flamewars -> ad hominem/bad posts. This is not tvtropes.
Meanwhile, can you even get past the start/initialization page without having the closed source apps, as they are market/gmail? This question is to actual modders.
Google has made a mess of thus, if they stop him from distributing with the apps it's only going to get *waaaay* messier.
You, are an IDIOT.
What happens when you *assume*? I'm sure that if you are, in fact, a law student (as you imply yourself to be, though you really only call yourself a "student" of the law, which could mean that you simply watch CNN from time to time), that this would have been answered on the first day of your first class.
Cyanogen's license *IS EXACTLY* the same as the license granted to *ALL OTHER USERS*. You want to read it? Its in your phone under About Phone --> Legal Information --> Google legal. Until you have read and understand *it all*, you should immediately cease offering your suggestions.
Edit: I just noticed your post count... 3.
Amazing, the audacity of some people. Whenever things start to get beyond the understanding of the average, all the chicken-littles come out from the woodwork and start crying about how evil the big company is. It is a direct function of a lack of understanding of the issues.
My advise: FORGET ABOUT IT. This has nothing to do with you and most likely won't have any (significant) impact on your life. At worst, you will have to add ONE SMALL STEP to the process of flashing the latest modrom.
Let me repeat: THIS IS NOT A BIG DEAL! IT DOESN'T REALLY MATTER! Your phone is NOT about to catch on fire or start spying on you.
Oh, and for you information: regarding how I know what Cyanogen's license was....
1) the fact that it is included with the phone.
2) the fact that he received a c&d order (which they wouldn't send if he was licensed, or if they had, it would be the simplest matter to resolve).
3) the fact that he said so himself.
designerfx said:
Are you a lawyer? no. So don't give your interpretation of what Cyanogen's license was and wasn't. You already started a thread about it and you're spamming the hell out of another. Don't mess with legal guesses, it's a bad bad idea. As I am someone who is studying law (and also a programmer/generally tech-smart), I am doing and suggesting to stay the hell away from that part when possible. Law -> politics -> flamewars -> ad hominem/bad posts. This is not tvtropes.
Meanwhile, can you even get past the start/initialization page without having the closed source apps, as they are market/gmail? This question is to actual modders.
Google has made a mess of thus, if they stop him from distributing with the apps it's only going to get *waaaay* messier.
Click to expand...
Click to collapse
gospeed.racer said:
wont that person then be "under-fire"?
Click to expand...
Click to collapse
At this point we're talking warez, and though I won't advocate warez, when was the last time you saw Ahmed Ahmed Ahmed from Iran get persecuted for distributing warez?
Remember that the US government can't even find Bin Laden....
Or the apps can be pulled by the users from *legitimate* images, like ADP1. This, at least, is legal for owners of ADP1's for use on ADP1's.
Frankly, adding a step to complicate the process would probably go at least a little way in getting the super-noobs out of the game. They get *really* annoying.
Oh FYI: I got that board you sent me more-or-less cleaned up now, going to start mapping it out soon.
setupr said:
If the binary files in a existing ROM can be used by cyanogenMod, what we need is a tool to reuse them in cyanogenMod. Am I wrong?
Or is it rebuild from source code ?
Click to expand...
Click to collapse
Exactly. It is incredibly simple.
unzip (official-update.zip) /path/to/file1toextract /path/to/file2toextract ... /path/to/filentoextract
zip -g (mod-rom-update.zip) /path/to/file1extract /path/to/file2extract ... /path/to/filenextract
java -jar testsign.jar (mod-rom-update.zip)
Then just copy file to /sdcard/, recovery, flash, done.
Yeah, I know that us modders will continue to be doing the same thing and continue on, I know they aren't going after the entire community. It was for distributing the new Market app before its release as I understand currently. Hell, all I would do I an adb pull from a rom and push it into a new release. Just like I will be doing with the Market app if he can't put it in another release haha.
However the point of this thread was not to see if Google had the right to do that, they did. It is that simple. It is their proprietary code that was released early, by cyanogen, but I think it is unnecessary. The point of it was to support cyanogen for more ideological reasons, this community pushes the development at a rapid pace. My Dream would have been a nightmare without the likes of JF, haykuro, cyanogen, Dude, etc. With cyanogen releasing Donut in his builds, our community has been pushing developers to up their support to it and fix bugs relating to 1.6 before it is pushed as an update. The same thing with the Market app applies, how many of those apps have screenshots already? Why alienate the true heart of the device, we are basically beta testers for those of us running experimental roms. I understand the Google position, I just wish they would see that no harm, no foul.
And don't equate the amount someone posts to the boards to their understanding of a situation. There are quite a few people that just get the ROMs, run them and can use a search button if they have problems.
holy cow batman, flame much? Some people lurk for a long time before registering such as I.
I agree it's a small issue, and cyanogen is probably already working on it at least based off of his twitter. However, it doesn't matter what you or I feels about the licensing, nor even what the courts would interpret were it to get to that point.
It however, is very inappropriate to be ad hominem and/or bar threatening to people over this issue, basically getting worked up yourself. Honestly, playing seniority and insulting my schooling? I was not trying to be threatning to you, simply pointing out that you are not a spokesperson for interpreting a software license. Really, it's like you went into an emotional rage the minute cyanogen got the C&D.
Cyanogen in trouble
I can't believe Google is pulling this crap. I can only hope that Google is smart enough to work something out with Cyanogen so he may continue to share his awesome developments. I would expect some restrictions, but they need to work with him and let him do his thing. Otherwise, where's the incentive for anyone else following in his footsteps to make programs better for Google?
setupr said:
If the binary files in a existing ROM can be used by cyanogenMod, what we need is a tool to reuse them in cyanogenMod. Am I wrong?
Or is it rebuild from source code ?
Click to expand...
Click to collapse
Maybe this is the answer?
cyanogen : And regarding the keep-proprietary-apps-on-device-for-custom-rom install, with all the odexing and resource id mismatches... Ugh.​http://twitter.com/cyanogen/status/4384352484

Android To get A Dedicated Cydia-Like Store for Root Apps

Koushik Dutta, who is a prominent member of the team behind the CyanogenMod project, has been wrestling with the idea of producing an alternative Android app store for quite some time and believes that it’s the right time to put the idea into practice. The initial ‘vision’ of the idea would be to provide a home for root applications which can be downloaded and installed on devices which have been rooted. However Dutta has expressed a desire to also include applications which have been shut down ‘for no reason’, citing carrier intervention or due to some corporation not liking it.
The team behind CyanogenMod are toying with the idea of building the application store directly into their firmware replacement, independent of the current Android Market, which would then be installed on the device as part of the modification. The CyanogenMod project has grown extensively in size, with the number of unique and active user installs about to breach the one million mark, which causes a problem for the development team. As the project grows, requirements for servers and hardware also grows which brings with it a financial burden.
Dutta and his team are suggest an application store which acts in similar functionality to Cydia, hosting modifications and applications which are either free of charge or sold at a cost depending on the developer involved and the complexity. The suggestion which has been ran by the community via Dutta’s Google+ page is that a percentage of the sale goes toward funding the CyanogenMod and all of the server and hardware requirements that it brings.
Dutta is keen to point out that the applications banned by Google are things like the one-click root apps, emulators and applications which include visual voicemail. When coming up with this idea of an alternative app store, he has also been in contact with Amazon about bundling their Appstore into CM but was given the cold shoulder. He has also mentioned to the community that the app store would not be exclusively distributed as part of the CyanogenMod firmware, and could be bundled into any custom ROM for wider distribution.
The concept of having all rooted enhancements, tweaks and modifications in one place is something which I am sure will appeal massively to the community and will no doubt give some ‘legitimacy’ to the people involved in the same manner that Cydia has for iOS devices. One of the main challenges I can see would be policing this app store, and the method of allowing developers to host their work for sale or download. Regardless of any challenges the team may have, judging by the replies from the Android community, it looks as if an unofficial application store would be a most welcome addition.
Source:RedMondPie
That would be great to see. It's a great concept. I guess now, it's a race to see who comes up with the best rooted market. Now for a domain name...
Sent from my ADR6425LVW using xda premium

[VM/App] Looking for Devs for LARGE project

Hello Developers,
The reason I am calling for some Developers is because I am creating a solution
(for both personal and Commercial) for Android Cloud VM's using AOSP.
Some of you might be thinking, well why would someone need that? why not just use a physical device? or even just host your own VM?
Well here is what I am doing with this project:
1. Anroid Cloud VM's can come in handy with products not open to I-devices.
Using an Android VM on say an iPod Touch or iPhone would spare the trouble of hacking or even buying a second device.
2. Maybe you cannot afford such a device because you just spent all your money on an iphone or blackberry and need access to an android device.
3. on a personal/business Smart phone, you can install this cloud device and use it for its oppiste use. (E.G on a business phone, use the VM to run personal apps, like email, web browsing, and other personal related stuff.)
The list goes on but you get the idea.
What I need to start off this project is:
-an iPhone/ iOS developer
-An android Developer (I only know Visual Basic so It is hard for me to learn a new language.)
-Some beta testers for when the team plans to release said software.
-Might need a C# or another VB.net or even a PC Java developer
In return for developers I can give per person (Sorry no teams as far as specific development.)
Following:
Depending on sales of the application(s) and other related items I can offer:
- 5% <--> 10% of sales Untaxed per developer. (depends on how many sales and how many developers.)
-Might be able to, depending on sales, donate devices.(Dev's Choice.)
-Unlimited access to said Cloud VM's. (I think that's a given yeah?)
I already have the plan laid out. I just need the resources.
If you seem interested and are willing to take the risk with me, PM with contact information (I am comfortable with IRC, Texting, or Phone calls.)
If you do not want to give away such information but still want to inquire about this project, Google Voice a free nubmer and send that number to me so I may contact you.
NOTE: Mods, I put this post here in hopes of finding a dev quickly, If I have in anyway posted to the wrong part of the forum, please move and contact me so I know.
Thank you.
Reserved
Reserved- Q/A
Having some experience in large operations like this. I offer this input.
First. You are taking on a huge project. You will need some sort of financial backing to provide the back end server hardware for all of this. Second. Licensing. Third. I cannot see something like this being completed easily or in the near future with one dev per section. You will definitely need teams. Your biggest of which will be setting up the remote system. Plan of action should either be cutting down on the need for so many Devs to make it more beneficial to the dev. Shoot me a pm if you would like more info or help.
Not saying its not possible. definitely a lot to consider tho
Sent from my Verizon Galaxy S3 running CyanogenMod 10.1 Nightlies
atc3030 said:
Having some experience in large operations like this. I offer this input.
First. You are taking on a huge project. You will need some sort of financial backing to provide the back end server hardware for all of this. Second. Licensing. Third. I cannot see something like this being completed easily or in the near future with one dev per section. You will definitely need teams. Your biggest of which will be setting up the remote system. Plan of action should either be cutting down on the need for so many Devs to make it more beneficial to the dev. Shoot me a pm if you would like more info or help.
Not saying its not possible. definitely a lot to consider tho
Sent from my Verizon Galaxy S3 running CyanogenMod 10.1 Nightlies
Click to expand...
Click to collapse
Well, I have the hardware, AOSP is opensource and seeing as I am not selling android to consumers, but instead offering a service of which they can access said Software, which to my understanding is under GPL. But I could be wrong, on any note, I will PM you because it seems you a knowlegdable on this kind of topic.

[Q] OmniROM - better than CyanogenMod?

Hello,
thinking about installing OmniROM which sounds great! I'm using CyanogenMod 10.1.3 Stable. If you guys had CM what do you think? Is there big difference between those two ROMs?
Well as far as I know about CyanogenMod is been the best to date..!! OmniRoM on the other had has made a huge followers list and has been lead by Chainfire (superuser app developer).
My opinion is to be in CyanogenMod as long as you need changes to play with. Moreover Cyanogen has more supported devices than that of Omni.. And if you have your device on their list.. Give it a shot!
Well now coming to differences, Omnirom has multi-window support, has over clocking, and the rest are the same but with different interface..
Sent from my Motorola Xoom using xda app-developers app
Thank you for answer. I'm on Nexus 4 (soon Nexus 5). So I will continue with CyanogenMod until there will be stable version of OmniROM
It is way too early to tell if OmniROM can have as great of a following as CM. OmniROM has a very long road ahead if it wants to compete with CM simply because it needs to be supported on all the flagship devices and more. That is the only way OmniROM's name will get out there. There are so many people out there that haven't even heard of OmniROM yet but ask anyone about CM and most will tell you that they have heard of it.
I will give OmniROM a chance but it has to come to the Sprint LG G2 or else they are losing potential followers.
Better? Who knows, too early to tell.
Different? Sure. Many of the first developers involved with Omni are former CM maintainers/contributors dissatisfied with certain recent events (frequent ninjamerges without review, leads -2ing things with little explanation beyond "I don't like it", and most importantly, attempting to use their Contributor License Agreement against a longtime contributor in order to create a proprietary closed-source derivative of Focal under a commercial license.) To a great degree, it's about the spirit in which the projects are developed. We're going to try to be as open and receptive to new ideas as we possibly can.
Among other things I expect to see going forward - as CyanogenMod attempts to obtain GMS certification for CM on some devices, you may see a lot more features getting removed/rejected. (GMS is the ability to officially include gapps with a device. The CTS and CDD which have been discussed many times in the past are a part of this, but GMS can actually go way beyond this. I've heard, for example, of one OEM that wanted to preinstall a particular rotation control app. While that app is readily available on the Play Store, Google effectively said to that OEM, "You can preinstall that app, or have a GMS license - not both.")
Entropy512 said:
Better? Who knows, too early to tell.
Different? Sure. Many of the first developers involved with Omni are former CM maintainers/contributors dissatisfied with certain recent events (frequent ninjamerges without review, leads -2ing things with little explanation beyond "I don't like it", and most importantly, attempting to use their Contributor License Agreement against a longtime contributor in order to create a proprietary closed-source derivative of Focal under a commercial license.) To a great degree, it's about the spirit in which the projects are developed. We're going to try to be as open and receptive to new ideas as we possibly can.
Among other things I expect to see going forward - as CyanogenMod attempts to obtain GMS certification for CM on some devices, you may see a lot more features getting removed/rejected. (GMS is the ability to officially include gapps with a device. The CTS and CDD which have been discussed many times in the past are a part of this, but GMS can actually go way beyond this. I've heard, for example, of one OEM that wanted to preinstall a particular rotation control app. While that app is readily available on the Play Store, Google effectively said to that OEM, "You can preinstall that app, or have a GMS license - not both.")
Click to expand...
Click to collapse
I noticed that Omni has a CLA as well (https://gerrit.omnirom.org/static/cla_individual_omni.html). How is the Omni CLA different from that of CM?
nushoin said:
I noticed that Omni has a CLA as well (https://gerrit.omnirom.org/static/cla_individual_omni.html). How is the Omni CLA different from that of CM?
Click to expand...
Click to collapse
you didn't read the full sentence
attempting to use their Contributor License Agreement against a longtime contributor in order to create a proprietary closed-source derivative of Focal under a commercial license
AFAIK CLA will be same, just that they won't try to trick authors into dual licensing like CM tried with focal
ericdabbs said:
I will give OmniROM a chance but it has to come to the Sprint LG G2 or else they are losing potential followers.
Click to expand...
Click to collapse
Lol
Sent from my SCH-I545 using XDA Premium 4 mobile app
munchy_cool said:
you didn't read the full sentence
attempting to use their Contributor License Agreement against a longtime contributor in order to create a proprietary closed-source derivative of Focal under a commercial license
AFAIK CLA will be same, just that they won't try to trick authors into dual licensing like CM tried with focal
Click to expand...
Click to collapse
Yeah.
To be absolutely, 100% clear - They attempted to represent the CLA as something that would give them the ability to relicense a GPL contribution if the contributor was the original copyright holder of said contribution. (In the event where the contributor is not original copyright holder, no CLA in existence would allow relicensing because the contributor didn't have the rights to relicense the code.)
THIS IS NOT THE CASE. YOU CAN'T USE THE CLA THAT WAY. But they attempted to do so anyway - not only was it just wrong to treat a contributor like that, they misrepresented the document as giving legal powers it didn't actually give them.
The CLA is there as a "cover your ass" legal document in the case of a nasty legal dispute. I hope to hell we never have a need to use it. (In fact, in my opinion, the CLA is redundant and unnecessary for Apache and GPL licensed contributions, as the Apache and GPL licenses explicitly grant compatible redistribution/usage rights. Some other contributions are not as clear in terms of licensing, for example, media assets.) Another place it might come into play is if someone submits something with a license like that found in this file:
https://github.com/oppo-source/R819...89/kernel/drivers/dum-char/partition_define.c
In theory, if someone who was in the category of MTK or a licensor contributed such an item to our Gerrit, that contribution in combination with the CLA would be written permission to reproduce/modify/disclose the file. Note that not just anyone can submit something like that - there are other clauses to handle that (clause 7 I think???) - effectively saying that you yourself have the legal rights to contribute whatever you're contributing.
Oh, FYI, that file and files with similar licensing are one of the things holding back support of MTK devices.
One thing to note: CLAs DO exist that do give the kinds of power that Cyanogen, Inc. wanted to wield. An example is Canonical's Harmony CLA:
http://mjg59.dreamwidth.org/4553.html - He links to the Harmony CLA there (direct link - http://www.canonical.com/sites/default/files/active/images/Canonical-HA-CLA-ANY-I.pdf ), take a look at clause 2.3 - it's nasty:
Code:
2.3 Outbound License
Based on the grant of rights in Sections 2.1 and 2.2, if We
include Your Contribution in a Material, We may license the
Contribution under any license, including copyleft,
permissive, commercial, or proprietary licenses. As a
condition on the exercise of this right, We agree to also
license the Contribution under the terms of the license or
licenses which We are using for the Material on the
Submission Date.
This is VERY different from the "sublicense" language in the AOSP CLA. For a bit on sublicensing:
(crap, can't find one of the better links I used to have...)
http://programmers.stackexchange.com/questions/189633/what-sublicense-actually-means has some info
http://www.contractstandards.com/document-checklists/technology-license-agreement/sublicenses - Note "Additionally the scope of rights that the Licensee can sublicense is often narrower than the scope of the original license (e.g. the purpose or end-product is limited to those specifically enumerated)." - Commercial dual-licensing of a GPL contribution is prett unambiguously expanding the scope of the original license and NOT something that a CLA which only grants you sublicensing rights allows.

Categories

Resources