Tips for Free Software and Security Improvements - Nexus 6P Q&A, Help & Troubleshooting

I'm wanting to modify my 6P to increase my usage of free and open source software, and increase my overall security and privacy protection.
Unfortunately, I still have some proprietary Google dependencies, so I need to maintain access to the Play Store and a minimal set of GApps, so CopperheadOS is off the table (for now). Also, I want to be able to stay up to date, so something like Replicant is also out of consideration. Usability is a priority.
Currently I'm using OmniROM, with Brave for the browser, Silence for SMS. ProtonMail for email, and DuckDuckGo for search. I've gone back and forth between OmniSwitch and Trebuchet for my launcher---I'm not crazy about either, but haven't settled yet.
I'm currently rooted with SuperSU, but I'm planning to switch to phh's SuperUser soon.
Is Omni the most open source and security conscious ROM that is up to date, and GApps compatible? Are there other app substitutions you guys could suggest?

Related

[Q] Nexus 4 (or Android in general) Privacy from Google

Hi,
Is it possible to completely stop information leakage to google from my telephone, such as contacts or even aps purchased?
Oxy20 said:
Hi,
Is it possible to completely stop information leakage to google from my telephone, such as contacts or even aps purchased?
Click to expand...
Click to collapse
some options:
work without google apps! most custom roms come without it! GApps package is a additional zip!
many custom roms included privacy manager from cm. you define what the app is allowed to. for example read contacts yes or no
In AOSP Android (I think since 4.3 or 4.2) is app ops included. It's like privacy manager with detailed options.
hope it hepls. What rom you are using?
carepack said:
some options:
work without google apps! most custom roms come without it! GApps package is a additional zip!
many custom roms included privacy manager from cm. you define what the app is allowed to. for example read contacts yes or no
In AOSP Android (I think since 4.3 or 4.2) is app ops included. It's like privacy manager with detailed options.
hope it hepls. What rom you are using?
Click to expand...
Click to collapse
I am on 4.3 stock ROM. The phone is unlocked and rooted.
I tried CM Rom as part of 2 way call recording patch trial but had to revert back to ROM due to stability problems. But the problems were due to the trial nature of the patched ROM http://forum.xda-developers.com/showpost.php?p=45730852&postcount=47 I tried rather then general CM problems. So I suppose could try a stable, up to date version of CM ROM.
I suppose without Google Play I can not have paid apps like skvalex call recorder? If I have to leak some info to Google can I ensure no call details, contacts, calendar etc are shared / backed up etc to Google?
Oxy20 said:
I am on 4.3 stock ROM. The phone is unlocked and rooted.
I tried CM Rom as part of 2 way call recording patch trial but had to revert back to ROM due to stability problems. But the problems were due to the trial nature of the patched ROM http://forum.xda-developers.com/showpost.php?p=45730852&postcount=47 I tried rather then general CM problems. So I suppose could try a stable, up to date version of CM ROM.
I suppose without Google Play I can not have paid apps like skvalex call recorder? If I have to leak some info to Google can I ensure no call details, contacts, calendar etc are shared / backed up etc to Google?
Click to expand...
Click to collapse
try a look at here:
http://www.androidpolice.com/2013/0...ager-control-permissions-for-individual-apps/
Technically yes, but practically no. Even if you stop now, you probably have used Google services in the past and they already have those info. Even if you do not use Google apps, there are lots of way for your phone to connect to Google server (various core Google apks). Lots of apps and websites use Google Analytic as well, although that info is supposed to be anonymous, or apps that utilize Google services in some way or purchased apps that required verification. You basically have to micromanage the permission of every app and this isn't exactly easy and is time consuming, slips up are easy too.
My recommends are:
Most effective: Be lke Richard Stallman, stop using internet completely, except for devices that isn't your. Don't use telephone at all. Have no WiFi running in your house and remove your address from Google Maps, then move to South Georgia and the South Sandwich Islands.
Less effective: Don't use 'gapps' and Google apps at all. You can use Amazon AppStore to download apps. Or use Firefox OS or Ubuntu Touch instead.
Less effective alternative: Use permission management. There are many ways to do this. Android 4.3 have AppOps and there are shortcut apps to let you access to the hidden menu, however it's not very convenient to use. It's better to use CM or SlimRoms which in addition have the Privacy Guard toggle feature (Settings -> Security-> bottom of list). SlimRoms let you turn it on for installed apps by default. It blocks access to contacts and location. I'm not sure if it block network and phone IDs info though.
For more refined permission management, there is the Xposed Framework module called XPrivacy. It has a high learning curve and blocking the wrong permission will cripple your apps or make it not working. There is also LBE Security Master and OpenPDroid, but I much prefer XPrivacy.
You can also use AFwall+ which modify the Linux kernel's iptables to block internet connection, this is the most assured method to block internet connection access for apps imo.
If you still need to make use of Google apps or services, such as facelock and photosphere, but want to avoid installing 'Google services framework', you can use these gapps packages and not install the core package. Keep in mind, 'Google services framework' is important for connecting to Google server and without it some 'find your phone' apps won't work like Cerberus.
You can see if your phone is connected or syncing to Google server by the color of the WiFi icon color, gray means no, and blue means yes.
I have always wondered about why someone would buy a smartphone, Android or iOS and then worry about security? Why not just buy a simple TracPhone or something similar?
Not trying to knock on anyone, just wondering.
Sent from the Far Reaches Of The Earth!

Omnirom preinstalled apps?

Upon first launch these apps are installed
Apollo
Browser
Calculator
Calendar
Camera
Clock
Dev Tools
Documents
Downloads
DSP manager
Email
Gallery
Messaging
Movie Studio
OmniSwitch
People
Phone
Search
Settings
SIM Toolkit
Torch
Voice Dialer
I'd like to know which of these are actually supported.
I believe many of them have been abandoned by upstream, like Email, Calendar, Gallery, Messaging, etc.
Search should be removed, seeing as it hasn't been updated since like 1.5. Same with Movie Studio.
I disabled Apollo, Browser and Email within minutes, as there are better apps for their purposes.
VLC instead of Apollo, Firefox instead of browser and K-9 Mail instaed of email.
For some reason, Apollo, a third party app by Cyanogenmod gets included but not any other third party apps.
If third party apps are going to be included, there should be some kind of system as to what is included.
Is omnirom going to come with everything included or just what you need to get started?
bump
There are some open-source apps I'd like to include, but there are some issues (regarding package signatures) that make it difficult to properly include stuff that is also available on the Play Store.
Apollo's inclusion is mostly from inertia, I think that really needs a nuke and repave. Once it was submitted to CM it kind of just sat there. (I'm wondering if it was the victim of shady manuevering by the CM leadership like Focal was...)
Most of the other apps are included as part of AOSP - fixing these apps is something pulser is working on organizing in conjunction with some other projects.
In general, if an app doesn't automatically start a background service and is part of AOSP, we don't put significant effort into removing it since free space in /system achieves nothing for the user.
Frankly most of these apps are useless as Google has alternate in market eg.
Calendar
Browser
Voice dialer
Apollo
Camera
Dash clock widget
I generally freeze them after installing. Might use a script to flash and remove these after install
Sent from my Nexus 5 using XDA Free mobile app
shri_chanakya said:
Frankly most of these apps are useless as Google has alternate in market eg.
Calendar
Browser
Voice dialer
Apollo
Camera
Dash clock widget
I generally freeze them after installing. Might use a script to flash and remove these after install
Sent from my Nexus 5 using XDA Free mobile app
Click to expand...
Click to collapse
But a solid rom *must* include apps to cover that basic functionality, regardless of what else is availabe in the market. Preferrably it should include excellent apps to cover the basics like that. No calendar? No camera? No browser? Those are *must-have* apps to be included with any rom). Unless there's a replacement baked in, it would be a major slight to cut them out. It'd be better to leave what essential apps in as placeholders until superior replacements can be developed/incorporated, instead of just shipping with gaping holes in the ROM and telling users, 'You don't like a barren, crippled build? Ha! Go fish!'
That kind of thing reminds me of so many Linux distros who spend tons of time on slick graphics, but don't even include basic functionality (*cough-elemental-hack*), leaving users to fend with a half-assed barely functional experience. That is just an atrocious way to go about things, IMO.
shri_chanakya said:
Frankly most of these apps are useless as Google has alternate in market eg.
Click to expand...
Click to collapse
To add to what Culot said a post above: an AOSP ROM should include apps to cover that basic functionality, and provide a fully functional and useful experience, not only regardless of what else is available in the Play Store, but mostly because an AOSP ROM should be usable without even having Google Play Services.

Setting up CyanogenMod with maximum privacy (no more Google)

I'll try to make it as simple as I can.
Here is what I want:
CyanogenMod with root privileges
Full control over which app, service or system component can access my data and the Internet.
(at the moment for instance I can't alter the "network access" privileges of my apps)
Safe to use speech recognition software
Safe to use, sophisticated navigation software
My questions:
Is that even achievable without a ton of work?
Is there a simple way to flash CyanogenMod without pre-installed bloatware? (e.g. Google apps, Skype, Cortana, ...)
Which tools should I use to make sure that apps can only access what I want them to?
Is there speech recognition software for Android that doesn't require Internet access?
Is there a navigation app that is capable of using the offline maps of Google Maps without requiring an Internet connection?
(e.g. Google Maps makes itself useless if you don't update from their servers every 30 days)
From your experience, do apps refuse to work when you deny certain privileges?
ferivon said:
I'll try to make it as simple as I can.
Here is what I want:
CyanogenMod with root privileges
Full control over which app, service or system component can access my data and the Internet.
(at the moment for instance I can't alter the "network access" privileges of my apps)
Safe to use speech recognition software
Safe to use, sophisticated navigation software
My questions:
Is that even achievable without a ton of work?
Is there a simple way to flash CyanogenMod without pre-installed bloatware? (e.g. Google apps, Skype, Cortana, ...)
Which tools should I use to make sure that apps can only access what I want them to?
Is there speech recognition software for Android that doesn't require Internet access?
Is there a navigation app that is capable of using the offline maps of Google Maps without requiring an Internet connection?
(e.g. Google Maps makes itself useless if you don't update from their servers every 30 days)
From your experience, do apps refuse to work when you deny certain privileges?
Click to expand...
Click to collapse
Dude- You should start developing your own rom in this case.
But consfused here and at this point i think you dont know.
CyanogenMod & Cyanogen OS
Assuming- when you said, cortana etc etc--- i think you are on cyanogen OS.. Which is the original OS for 1+1.
1- To achieve, you need to work.
2- Some optimized COS builds in XDA one android dev section- try a search. but not latest 13.1.2-ZNH2KAS3P0. Root using SuperSU. and use system app uninstaller to remove apps you dont need. Some debloater zips also lurking around in XDA. If you install CyanogenMod, then no need of gapps flashing if you dont use google account.
3. you can stop background data for the apps you dont want. Settings in most roms.
4. Speech recognition can be used offline after u download all languages of your choice. Not 100% and dont use it.
5. Try Maps.me. i didnt know google map needed to be force updated every 30 days unless some one restructures the entire landscape and routes.
6. Certain apps refuse to work if you dont grant permission. yes. its like telling some 1 without hands to eat from hand,.
:good:
Thank you so much for your reply. I indeed did not know that there is a difference between Cyanogen OS and CyanogenMod. But if I understood you correctly, CyanogenMod comes without gapps. (I hope it also comes without Google Play Services?)
The offline speech recognition you linked to seems to be from Google. I bet it will require Google Play Services and an Internet connection after some time, just like Google Maps does and I'm really afraid of that.
I might give Maps.me a try, but I think Google Maps still has by far the best most detailed and correct maps especially when it comes to POIs.
I would consider using official Google Maps, if there was a 100% safe way to wipe all the data the app collects before I allow it to update the maps. Alternatively, maybe I could download the apps from a second device and just copy the map data over to my main device every once in a while.
An even more crazy approach might be to spoof the time/date data for Google Maps so that it thinks the 30 days haven't been reached yet.
But I would still be very concerned about Google Play Services. Would microG be sufficient for my purposes to replace Google Play Services?
edit:
Okay, I have a rooted CyanogenMod without gapps now on my OPO.
edit2:
I have Xposed with modules "Xprivacy" and "Per App Hacking" installed now.
Xprivacy is an app permission manager and "Per App Hacking" can be used to spoof the system time an app will see. Hopefully I'll be able to fool Google Maps with it.
edit3:
I have microG installed now. Hopefully this will be enough to run Google Maps.
I really need to make sure I understand Xprivacy before that though.
My recommendations:
1. I recommend full device encryption with long and secure boot password and easy to use pin lock screen password. Here's more info: http://forum.xda-developers.com/general/security/guide-separate-passwords-encrypted-t3048072
2. Get an email address from a provider that respects user privacy i.e. Riseup. https://riseup.net/
This is one the most important things to do if you don't want google / yahoo / microsoft scanning your email for surveillance / marketing purposes.
3. Use apps from F-Droid. It's an app "store" for open source apps.
4. Always use Afwall+ to have control over which apps have access to internet. Even better if you use Afwall with combination of Orbot. This way you can route some apps through tor (need a custom script though). Orwall does the same thing more easily.
5. Instead of closed source Supersu, use open source superuser http://forum.xda-developers.com/android/software-hacking/wip-selinux-capable-superuser-t3216394
6. For maps I recommend openstreetmap. Download Osmand from F-Droid. It has navigation too.
7. For cellbased location provider, use unified location provider found from F-droid. It's connected to microg projects.
8. For encrypted SMS use Silence from F-droid (recipient needs the same app if you use encryption).
9. For encrypted instant messaging use Conversations (XMPP client) from F-DROID. Or Riot (which will soon have strong encryption).
Hey tofu thanks for your answer, I appreciate it!
I'm only really concerned about my phones software spying on me.
About the email thing: I'm running my own email server for that.
But I'm still looking for a way to anonymously creating a google account without providing my phone number.
I'm using F-Droid already and it's great.
I'll never go back to the play store that's for sure.
And for anyone else reading this, please don't touch the amazon app store, it's pure poison.
I'm also using AFWall+ already, but I'm not satisfied at all. The creator doesn't really seem to care about ensuring that no data gets leaked ever. I read a lot of reports that data was being leaked every once in a while, especially during system boots.
This is really scary to me... I'd really like to have a safer firewall.
Blocking Internet/networking permissions directly just causes apps and the system to become extremely unstable. I soft-bricked my phone like 5 times while playing around with it the last few days.
I was not aware supersu was closed source. I'll switch to the open source alternative soon.
I just installed OsmAnd~ and I'm not very satisfied. Navigation was ok, the tts voice was absolutely terrible and I wasn't able to find a single POI, I wouldn't even be surprised if it would fail to find the next McDonald's to my place. Google Maps just seems completely unmatched to me.
And about that: I was actually able to get Google Maps running without Google Play Services installed and I was able to successfully use it offline, spoofing the system time for that app, so that my maps would never become outdated. I notices a few downsides though, for example it only works for car navigation (bicycle mode etc are not available). After completing the installation of all the microG components I wasn't able to get it to work anymore though (I couldn't download the offline maps, because I couldn't enter my google account data anymore...).
But I'll figure out how I did it and go with Google Maps then.
To complete the microG installation I installed unifiedNlp with GSMLocationNlpBackend.
For encrypted messaging I'll probably be forced to stay with WhatsApp, as I can't possibly convince all of my friends to switch. But hey at least WhatsApp claims that your messages are end-to-end encrypted.
But obviously WhatsApp will always know who I know... that problem seems pretty much unfixable to me though...
I have btw also tried to get Google Now (speech recognition) to work offline. But I was unsuccessful. I have read reports of others getting it to work for literal voice to text applications... it won't take voice commands though. So that's not very useful... unless there was a way to define your own voice commands somehow.
But my biggest worry at the moment really is the firewall. I feel like there is nothing that you can really trust to work reliably.
And also the fact that Xprivacy can't restrict file access to certain folders... it's either all or nothing.
The worst of all might actually be IPC though (inter process communication) which a lot of apps require permissions for. And from what I understand any app with that permission could use another app as a sort of proxy to access the Internet.
I'm using a Google-free device with maximum privacy, so maybe I can not answer all your questions but I can give you an idea. First of all - disclaimer: I'm here because my girlfriend has an Oneplus One (OPO), but I do not have one. I use her old Nexus 5 (N5), but you will get the general idea. You already noticed there is a difference between CyanogenOS (COS) and CyanogenMod (CM). It also took me a while to figure out that difference. If you still have a stock Android in your OPO, it should be a COS 13.1 which is based on Android 6.0.1 and comes with alot of bloatware from Google and Microsoft.
1. First step is to find a suitable ROM for your needs. If you are used to COS and have not much experience in chosing custom ROMs, you should give CM a try. Here is the official wiki which includes Download links and installation instructions: https://wiki.cyanogenmod.org/w/Bacon_Info
2. The 2nd step after installing CM is the full device encryption, can be found in Settings > Security. If you do it on a clean phone without any apps and data it only takes a couple of minutes and chances of breaking stuff are low at this step.
3. Now I usually root it (with SuperSU) and install some magic which is called XPOSED framework. It's something which allows you to install modules on your phone on system level, not like an Appstore, but rather like a Tweakstore. There are a lot if chances you break stuff and most of the modules do not work with CM, however, one module to beat them all is the XPRIVACY module. It gives you back full control on everything. You can manage App permissions, you can fake permissions or if apps do not want to run with your set of permissions, you can even feed fake data (like wrong GPS signals, etc.). Read more here. http://repo.xposed.info/module/biz.bokhorst.xprivacy
4. F-Droid, yeah, the one open-source repository for your new apps. I'll install it at this point.
5. Now, that the device is flashed with CM, probably rooted and with a custom recovery, you have to flash a stock recovery again and lock the bootloader. Stock recovery because it does not allow any malicious party (hacker with physical access, police, intelligence services, etc.) to deploy any code to your phone which compromises your privacy. Locked bootloader is important to disallow any malicious party to boot anything they want which also compromises your privacy.
And this is pretty much what you need to get started, a rock solid environment free from Google. Make sure you have a strong PIN, I also use randomized screen locker, so people can not "observe" the way you enter your PIN.
For encrypted calls and SMS there is Signal, but that does not work without Google services and LibreSignal, the Websockets version, was discontinued just recently. For encrypted IM use ChatSecure rather than Conversations. Both are XMPP clients, but Conversations does not allow you to import or export OTR keys, which is very annoying for an Jabber client. For not so sensitive chats, I use telegram.
Finally, not having Google Play and Google Services available, makes the experience a totally different for the android device. Apps like Snapchat which do not require Google, but still do for some unknown reasons checks for Google, wont run. Also, a lot of apps work without Google, but you can't install them without downloading suspicious APKs from dubious websites. Be very carefull from where you download and install software if you can not find what you need in F-Droid.
I hope that helps you for your considerations.
---
Edit, one more final note. I also use OsmAnd and have to say it never let me down on any occasion (except when I forgot to download the maps before going somewhere remote without internet). The geodata quality is excellent in most urban areas, but the interace and usability are a mess. If you find your way around in the interface, the navigation works out pretty well. I sometimes have issues calculating very long routes, but you start to live with that.
Thanks for your input 5chdn! Most of the stuff you mentioned it already on my phone.
I made some progress yesterday and I'd like to share my current configuration:
All the apps I mention in this post are (at the time of writing) available in F-Droid, unless stated otherwise.
Everything I mention in this post is free and open source, unless stated otherwise.
Recovery Image: TWRP
ROM: CyanogenMod
'Apps' that have to be flashed:
SuperUser (this roots your phone which means you can grant root access to apps)
Xposed (provides a lot of important privacy tools)
Apps:
F-Droid (app store that provides free open source apps)
AFWall+ (manage which app can access the Internet)
Autostarts (manage triggers that apps can use to start themselves)
AdAway (can remove ads from apps)
Xposed Modules:
BootManager (manage which apps can start on boot)
Xprivacy (manage/spoof app permissions for privacy)
Safely using Google Maps offline permanently:
Please note: Google Maps is not open source.
Install microG (open source alternative to Google Play Services)
The installation complete installation consists of:
'microG Services Core' (aka 'GsmCore') (app)
At the time of writing this app is NOT available in F-Droid. This app also automatically installs 'µg unifiedNlp (NO GAPPS)' for you.
'microG Services Framework Proxy' (aka 'GsfProxy') (app)
'FakeGapps' (Xposed module)
'FakeStore' (app)
'XposedGmsCoreUnifiedNlp' (Xposed module)
'LocalGsmNlpBackend' (app)
'NominatimNlpBackend' (app)
'µg unifiedNlp (NO GAPPS)' (app) (will be installed automatically!)
Install 'Per App Hacking' (Xposed module)
Use this module to spoof the system time/date that Google Maps sees e.g. to '2016-10-14 10:00' so that offline maps don't become outdated. The feature to spoof the time is called 'time machine'.
I would really like to improve what I got so far and share it with the community.
If you know of anything that could help improve privacy please tell me.
I do not mention things like device encryption, passwords, lock screens etc, as these are a separate issue.

Strategic Alliance: bundle F-Droid, add LineageOS repository, add microG

​All features, full flexibility, no bloat -- one simple solution!
On the one hand, it is frequently being suggested to build into Lineage various apps and features. Most of these suggestions are required by some users only, would bloat the core ROM, or have other downsides. On the other hand, these apps and features are usually already implemented somewhere, most users want incremental updates and many would prefer a fully-featured ROM without GApps installed.
To satisfy those wishes and yet avoid the downsides, I suggest simply supporting F-Droid and microG instead:
Idea outline:
Provide API for and build in F-Droid Privileged Extension
Thus have a Store, with automatic updates, and all bells and whistles
Ship with (rebranded fork of) F-Droid pre-installed and a custom LineageOS repository pre-configured (like Guardian Project in F-Droid)
Add AOSP apps, Lineage apps and Lineage-specific versions / branches of apps to LineageOS repository
Use "unstable update" marker in F-Droid to beta test new versions, e.g. of launcher, locker, ...
For additional, bloating apps and features, have users install what's already there (for instance, Location Services: UnifiedNLP with LocalWifiNlpBackend)
Add to Lineage Wiki a curated list of well-tested app suggestions for basic tasks (for instance, WebDAV: DAVdroid, Tasker, Etar, ...).
Key Advantages:
Developer effort most efficiently used
Faster time to market, because much is already implemented
Higher quality, less bloat, more features by referring users to existing apps and joining efforts
Easier innovation, because versions of pre-installed / system apps are publishable like regular apps
Developers happy, because LineageOS is clean at its core
Enthusiasts happy, because they can built on a minimal ROM
End Users happy, because they can easily use ROM, using curated list of apps
Regular, normal app updates for all system apps and pre-installed apps through Lineage repository
Does not prevent using GApps, but improves life without
Major step towards fully featured ROM, and yet without any proprietary apps or services
For good reasons, it's what Google does, it's what GNU/Linux distributions do.
One framework will solve most problems, provide most features ever suggested.
This will make everybody happy.
tldr
Bump!!!!
1, 2, 3 - Fully agree. If I had a proper Play Store alternative I wouldn't need Gapps at all.
4 - Essential in what way? I'd say its best to have only AOSP apps and to let every user download the apps he uses.
There would be practically no bloatware available and the ROM would truly give users the best choices.
8 - Additional preinstalled apps? Rather not.
9 - Rather AOSP mail. Someone might not want to use K-9, but for those who do they can always download it.
10 - Same as 9, avoid preinstalling apps that are already provided by AOSP.
11 - Eleven is OK for me, but still I find it somehow way underpowered. I really miss Apollo from early CM days...
14, 15 - I agree on ROM type. Allow users to select nightly, weekly or stable update channel through settings. Regarding basic preloaded apps, it would be OK only by means of AROMA installer where you could choose which ones you actually want/need.
Cheers!
In this thread it is being suggested to build into Lineage various Launchers, Themes, Widgets, Apps, WebDAV support, et cetera. As a contrasting response to that, I suggest simply supporting F-Droid and microG instead. A Lineage repository for F-Droid could include all AOSP apps; F-Droids own repository would supplement this.
It appears to me, almost everything which has been popularly requested would thereby be solved.
dj_chapz said:
4 - Essential in what way? I'd say its best to have only AOSP apps and to let every user download the apps he uses.
There would be practically no bloatware available and the ROM would truly give users the best choices.
Click to expand...
Click to collapse
Here, "essential" refers to, more or less, what's needed to install other apps (launcher, browser, file manager),
but could be thought of as to include functions, which were typical for feature phones, too (basic messenger, dailer, calendar).
dj_chapz said:
8 - Additional preinstalled apps? Rather not.
9 - Rather AOSP mail. Someone might not want to use K-9, but for those who do they can always download it.
10 - Same as 9, avoid preinstalling apps that are already provided by AOSP.
11 - Eleven is OK for me, but still I find it somehow way underpowered. I really miss Apollo from early CM days...
Click to expand...
Click to collapse
These were just written-out to illustrate what would be possible.
I'll adjust the original post for clarity.
Anybody can fork it and add their ideas. Some people do not want to support fdroid. Keep it clean + gapps.
goorek said:
Anybody can fork it and add their ideas. Some people do not want to support fdroid. Keep it clean + gapps.
Click to expand...
Click to collapse
Even if F-droid wasn't preinstalled, could be a Lineage repo for it?
LineageOS IMHO should really seek to become the ROM for professional PIM, self-employed, small-business or even big-business device users which seek to avoid GApps and rely on a clean slim ROM. So I like many of grefnab's ideas but currently have no clear idea what the stakeholders of LineageOS have as main goals for the midterm.
Having everything App based in an "FOSS App Package" (as GApps and commercial/device App replacement) with advanced support by LineageOS and/or other main CustomROMs would be geat. See my post in What features would you like to see in Lineage that CM didn't have?
support 1-3
I really hope that this thread will get recognition. I really like the idea of having priviliged F-Droid build into the ROM.
That would make everything much easier.
I fully support the three first points
Provide API for and build in F-Droid Privileged Extensio
Thus have a Store, with automatic updates, and all bells and whistles
Ship with F-Droid pre-installed and a custom LineageOS repository (like Guardian Project) pre-configured
Click to expand...
Click to collapse
The rest is nice but I would put emphasis on the first three points. They seem like a real advantage to have.
Rephrased some sentences to clarify
This seems like a very good idea to me :good:
I mean it is basically the same procedure Google has in place to keep its apps up-to-date without people having to update their firmwares. Being able to update the apps independently from the rom would be a huge benefit in my opinion. While I don't use gapps on my phone at all, I understand, that some people find it essential. Therefore it would be a bad idea if this interfered with installing gapps in any way.
herrritschwumm said:
While I don't use gapps on my phone at all, I understand, that some people find it essential. Therefore it would be a bad idea if this interfered with installing gapps in any way.
Click to expand...
Click to collapse
This would not prevent installing GApps, it would simplify and improve usage without them, though.
+1 for having LOS F-droid repo and bundling F-droid and having fewer other preinstalled apps.
I think this thread is a very good idea!
Just a clarification on technicalities:
microG kinda requires signature spoofing. More specifically MicroG effectively has two principal frameworks inside -- location services and GCM. Location services would work regardless, but iirc for GCM to work properly the ROM itself would need a signature spoofing support. All other ways to enable spoofing employing needlepatch or whatever are ridiculously impractical and one cannot expect normal users to bother with them.
I have two phones (OP1 and OP3) and for both the choice is of exactly ONE custom rom only (based on LineageOS14.1) with a spoofing patch. Therefore applying spoofing patch into the main code base would be great. However the caveat here is that any app or framework like SafetyNET would most likely stop working. Since the developers decided to push for compatibility, I seriously doubt that they would implement signature spoofing.
They could try to implement the patch in a flashable zip like with root but I don't know if it is possible.
fully agree for spoofing support since we are out ot cm
Sent from my Nexus 5 CAF using Tapatalk
I would like to see signature spoofing built into lineageOS or an optional flashible zip, too. But right now a flashible zip could take a long time to flash. See: https://github.com/microg/android_packages_apps_GmsCore/issues/196
Sounds great.
dj_chapz said:
If I had a proper Play Store alternative I wouldn't need Gapps at all.
Click to expand...
Click to collapse
You could try Yalp Store, it's there in the F-Droid repository.
@grefnab: My flashable zip help those that want to automatically without any effort: remove GApps, install microG and F-Droid Privileged Extension.
1plus said:
Just a clarification on technicalities:
microG kinda requires signature spoofing. More specifically MicroG effectively has two principal frameworks inside -- location services and GCM. Location services would work regardless, but iirc for GCM to work properly the ROM itself would need a signature spoofing support. All other ways to enable spoofing employing needlepatch or whatever are ridiculously impractical and one cannot expect normal users to bother with them.
However the caveat here is that any app or framework like SafetyNET would most likely stop working. Since the developers decided to push for compatibility, I seriously doubt that they would implement signature spoofing.
Click to expand...
Click to collapse
Tingle is very easy to use, if you find something impratical just tell me.
SafetyNet do pass for me.

why developers are not focusing more in sailfishOS?

I was just wondering why sailfishOS has still really bad apps.
and why is not developers are doing more apps for this amazing OS?
just wondering
it's very simple: no market.
In general you make apps to earn money. perhaps you'll find some developer or group of developers that will port a popular app as a hobby, student project, or simply because they are using sailfish and want an specific app.
so basically, if there is no market, there is no money. therefore no apps
Actually I have just bought xperia 10 plus to move away from toxic android ecosystem (from google to all the app junk), after I have figured out that I could delete 90% of application on my android phone and I would never miss them.
If you are using sailfish phone, you have an option to run apks there is no real need for native applications. Quite frankly in last few years I could hardly find any application that was something that "I have to have". All the really needed applications were added to the first smartphones: email, gps, browser, sms, mms, calls, video player, music player, camera, contacts, text editor, sound recording... and I am already stretching it with last two, I cant remember when I have last time wrote high volume of text on those tiny useless on screen keyboard or had a need to record some sound.
There is one app on android which I will need (access to online banking) and I hope it will work, it didnt work even on my previous android until I have reversed it and change some code to stop verifying for root and safetynet, so it should work here too.
Everything else is... more a toy than useful or actually some security application to prevent all others doing something that you don't want, from rolling ads to stealing data. I am waiting for this mobile application market to slowly collapse, there is no more value in it except maybe games. Everything else is just wasting time in the least constructive way.
And not having market is a huge bonus, if you check sailfish apps (jolla store and openrepos) you will find that you have everything you need for having a great phone, made by enthusiasts not people that want to become rich. And no one is making useless junk as, as valthunder said, there is no market. And this is fine. Actually great.
root said:
There is one app on android which I will need (access to online banking) and I hope it will work, it didnt work even on my previous android until I have reversed it and change some code to stop verifying for root and safetynet, so it should work here too.
Click to expand...
Click to collapse
Great to read about your decision!
For banking apps that require Google Services you could try to tweak your Sailfish Alien Dalvik with Signature Spoofing and a GServices replacement like MicroG.
The SafetyNet replacement here is the DroidGuard Helper that should be installed alongside GmsCore.
eltmosen said:
Great to read about your decision!
For banking apps that require Google Services you could try to tweak your Sailfish Alien Dalvik with Signature Spoofing and a GServices replacement like MicroG.
The SafetyNet replacement here is the DroidGuard Helper that should be installed alongside GmsCore.
Click to expand...
Click to collapse
Naah, I am having my own "cracked" apk build from previous phone, I have removed all checks to root and safetynet and it works fine, no need to change it. Since the app is just front end for web interface it works since forever, I have also removed version matching with server. Took a day or two but worth it
But I have one question: I am trying to integrate xposed framework (last version as there si no boot/recovery img to try with magisk) into system.img (8.1). And same goes for su. Is there any "official" way how to do it without unpacking system.img, adding binaries, repacking it...
root said:
But I have one question: I am trying to integrate xposed framework (last version as there si no boot/recovery img to try with magisk) into system.img (8.1). And same goes for su. Is there any "official" way how to do it without unpacking system.img, adding binaries, repacking it...
Click to expand...
Click to collapse
Following all things sfos quite closely i did not witness anyone get xposed framework to work. (at least no public report) That might be due to sfos users generally are not Android wizards. The matter might still be a low hanging fruit to anyone with deeper knowledge
Whenever rooting/xposed/su is brought up, much more competent guys then me hint at Alien Dalvik just being an AOSP tailored to run inside LXC on non android kernel plus filesystem integration, Intents integration, shared clipboard etc.
quoting my friend olf:
"Jolla uses many modern measures to confine the Android container: at LXC level, with cgroups, firewall rules, SElinux policies etc.
You may configure additional measures at all these levels, it is just a Linux machine and you are the administrator!"
So maybe what you want to achieve practically is even possible using a whole set of different tools then available in Android?
And yes, my vague explanation hinting at me being a simple user having no clue and just putting things together from forum posts is a correct observation

Categories

Resources