Related
Guardian Rom by x942Thanks to:
The Guardian Project
Cyanogen Mod
Android Open Source Project
Open-Pdroid Project
Any one else I am missing
Click to expand...
Click to collapse
What is Guardian Rom?
Guardian ROM is a custom android ROM multiple devices. The ROM is completely Open Source and based off of the CM10.1. While this build is stable because it's based on CM10.1 it is a preview so please expect some bugs, & missing features (i.e updater).
What Features does Guardian Rom have?
Kernel is hardened with SecDroid Tweaks.
ROM is patched with and includes OpenPdoird for
permissions management.
Guardian Project apps are pre-installed – These include Orbot (Tor), Gibberbot (Secure IM),
and more.
CSSimple and OStel (https://guardianproject.info/wiki/Ostel) are included as replacements to the
built calling apps. providing encrypted communications.
If encryption is enabled and password is entered wrong 10 times the phone wipes user data.
Click to expand...
Click to collapse
Coming Soon:
Including support for Deniable Encryption (similar to Truecrypt hidden volumes).
Including GRSecurity for exploit mitigation and more secure phone.
Including SQLCipher to ensure all data is encrypted whenever possible
Including a customer “app store” for our repos.
Different lockscreen pin and Pre-Boot authentication password.
Auto-Prompt for encryption setup on first boot.
Click to expand...
Click to collapse
How to use:
Simply flash the flashable zip through your favorite custom recovery. (TWRP is recommended as it supports encrypted devices). Once flashed you should enable Full Disk Encryption by doing the following (may very depending on device):
Code:
Settings --> Security ---> Password [enter a strong 8-16 char password]
Than
Code:
Settings --> Security ---> Encryption --> Enable Encryption
Downloads:Downloads are over here.
Please verify the downloaded file with the attached GPG signature to ensure is is a legit copy.
GAPPS
Google Apps are NOT included and before you flash them you may want to read this article.
UPDATES:
Since this is a preview I have not had a chance to remove or modify the CM Updater. Please do NOT use it as you will be flashing a stock CM10.1 build and not Guardian Rom. This will be fixed shortly.
always been curious about this rom, so I may give this a whirl! thanks for the hard work!
Any reviews?
Sent from my Nexus 7 using Tapatalk 4 Beta
Since these NSA Android stories are rolling out there might be more traffic coming this way.
SAMSUNG S4
Will this be available for an unbranded international S2, GT-I9100 ?
I am currently trying out CM10.1 and installed most of the included apps manually, but there is a problem with encryption and updating the nightlies and CWM, so I'd like to try out Guardian Rom.
danw1028 said:
Since these NSA Android stories are rolling out there might be more traffic coming this way.
SAMSUNG S4
Click to expand...
Click to collapse
Those stories are FUD. Don't believe them. The only code the NSA put in android is SeLinux which hardens android. It's opensource and has been in linux for years.
MrWil said:
Will this be available for an unbranded international S2, GT-I9100 ?
I am currently trying out CM10.1 and installed most of the included apps manually, but there is a problem with encryption and updating the nightlies and CWM, so I'd like to try out Guardian Rom.
Click to expand...
Click to collapse
Not for now. Nexus device get primary support as they have an AOSP Source tree.
A very worthwhile effort. I wish I would own one of the supported devices to see how it goes.
I hope that more developers will start to put liberty and privacy into Android.
Keep up the good work.
zurpher said:
A very worthwhile effort. I wish I would own one of the supported devices to see how it goes.
I hope that more developers will start to put liberty and privacy into Android.
Keep up the good work.
Click to expand...
Click to collapse
More is coming soon. Guardian Rom is going to be on more device soon, We have a working once-click installer for all supported devices at this point, easy setup for Full Disk Encryption and Deniable Encryption, Policy Management and more. We are about to launch for a round of funding so stay tuned. Things are going to get exciting.
Dead?
Is this project dead? There is not much information on their site and its out of date.
I cant seem to find a download link for jflte
sonymsam said:
I cant seem to find a download link for jflte
Click to expand...
Click to collapse
To be honest, I hope these guys are okay. Privacy rights are important and these guys are also helping protect whistle blowers. Given that, I hope they haven't been whisked away to a black site. Yeah, that's a paranoid statement but not outside the realm of possibility.
.
sorrow777 said:
Is this project dead? There is not much information on their site and its out of date.
Click to expand...
Click to collapse
sonymsam said:
I cant seem to find a download link for jflte
Click to expand...
Click to collapse
Locoman_ said:
To be honest, I hope these guys are okay. Privacy rights are important and these guys are also helping protect whistle blowers. Given that, I hope they haven't been whisked away to a black site. Yeah, that's a paranoid statement but not outside the realm of possibility.
.
Click to expand...
Click to collapse
Looked into this project earlier. You can't find a dl link for jflte because it's only currently got beta release for the nexus line. The guy has a page on Kickstarter trying to raise 35 thousand dollars to support development. He promises to make a stable build and support more devices only if his 35k support fund is together by april 30th. Don't think it's gonna happen bc he's only at 1500.
sonymsam said:
I cant seem to find a download link for jflte
Click to expand...
Click to collapse
I take it this ROM is dead?
Milamber said:
I take it this ROM is dead?
Click to expand...
Click to collapse
If it is don't take it!
Hello
I am going to release unofficial builds of LineageOS 14.1 for Wileyfox Crackling. The builds will be updated every month after a new security patch level is reached.
The build I made can be flashed on top of Cyanogenmod 13 build (with wiping dalvik and cache). It should work without any problems; I do not experience any.
But I do not take any responsibility if your favorite app/setting/etc. is not working anymore.
If it makes problems, wipe data/dalvik/cache and install again.
Besides that the ROM has two extra features:
I patched signature spoofing support into the ROM. Now it is possible to install microG. This is a re-implementation of Google’s proprietary Android user space apps and libraries. So for many cases you do not have to install the proprietary GAPPS anymore.
Note: This feature is disabled by default and will not affect the ROM in any way. It has to be enabled in the according settings.
Also, there's an option available to record calls now. Please respect the privacy of others.
Android security patch level:
Code:
[URL="https://source.android.com/security/bulletin/2017-02-01.html"]February[/URL] | 2017-02-05 security patch level
Version/Filename:
Code:
lineage-14.1-20170227-UNOFFICIAL-crackling.zip
Download:
Code:
[B][SIZE="2"]Openload.co:[/SIZE][/B]
https://openload.co/f/DBKYItUGllA/lineage-14.1-20170227-UNOFFICIAL-crackling.zip
https://openload.co/f/grRwId0HJJE/lineage-14.1-20170227-UNOFFICIAL-crackling.zip.md5sum
Alternativ:
[B][SIZE="2"]Free.fr:[/SIZE][/B]
http://dl.free.fr/uqIBAf8dM
The kernel and device sources I used to build the ROM can be found here:
Code:
https://github.com/lineageos
thomson.aa said:
Hello
This is my first build of LineageOS for Wileyfox Crackling.
I flashed it on top of my Cyanogenmod 13 build (with only wiping dalvik and cache) and it so far works without any problems.
But I do not take any responsibility if your favorite app/setting/etc. is not working anymore.
This release has the root access option disabled because LineageOS disables root for apps by default. It has to be enabled before building the rom - I didn't know that so I will provide an updated rom with root access for apps available.
Besides that the rom has one extra feature:
I patched signature spoofing support into the rom. Now it is possbible to install microG. This is a re-implementation of Google’s proprietary Android user space apps and libraries. So for many cases you do not have to install the proprietary GAPPS anymore.
Note: This feature is disabled by default and has to be enabled in the according settings.
Android security patch level:
Code:
[URL="https://source.android.com/security/bulletin/2017-01-01.html"]January[/URL] | 2017-01-05 security patch level
Version/Filename:
Code:
lineage-14.1-20170117-UNOFFICIAL-crackling.zip
Download:
Code:
https://openload.co/f/WCt_JxGZ-UE/lineage-14.1-20170117-UNOFFICIAL-crackling.zip
Click to expand...
Click to collapse
Sorry thomson.aa sorry i do not have english my google translation. Work is very nice thanks one has a mistake sim card people do not see a way to solve it? I wish you continued success.
Where is the source ? You can't post this without kernel source
I dirty flashed this over crDroid and it seems to be working pretty well. Thanks.
All my app's (not many at the moment) were working fine.
Playstore thinks it's 'no carrier Wileyfox Wileyfox Swift'... but I guess that's better than 'Wileyfox Pixel XL' (crDroid).
On initial booting the status bar wouldn't pull down but works ok after a reboot.
Buttons were a bit messed up which only gave me a back button even though the usual defaults were all set. After deleting them and re-adding them they worked fine. I'm guessing this may be due to dirty flashing. Shame the button customisation is just as basic as cm13 especially after using crDroid.
Using Kernal Auditor Mod I see that the cpu only scales down to 800mhz and the gpu scales up to 400mhz. I don't know much about this but won't this make it a little power hungry?
Going through the settings, I'm thinking that LOS14 isn't quite as complete as the cm13 I was using a few weeks ago. Although I guess this is to be expected at this stage. And I'm used to the more versatile crDroid now so I'll be restoring that in a mo.
This MicroG project sounds great. It seems a bit complex to get it working as I'd like but I definitely be having a go when I get my head around it.
All in all, Great job. Keep up the good work... please. I'm already waiting for the next release.
Oh, and er... Surely you could find a better file host???
I tried to build the Image myself by using your other Thread's How-To and after flashing i had no WIFI.
Now i flashed this build and WIFI is also not working.
[Edit]
I've collected some Logs - perhaps they'll help.
[Edit2]
Now i tried another '14.1-ROM' and i've the same problem....
During all my Tests the shown MAC-Address during the 'inital install' was weird: 02:00:00:00:00:00.
Before the 14.1 Lineage i had the latest CMmod 13 running without any Problems :/
Ok - solved it....
I encrypted my Device during CM13 and always entered my Key during Boot/TWRP and Formatting/Installation of 14.1.
Now i *really* formated all the Data (and the former encryption), rebooted to Recovery and sideloaded the Image+Gapps.
Now WIFI is working.
How do I enable signature spoofing ? I can't find any relevant setting.
M.A.K said:
How do I enable signature spoofing ? I can't find any relevant setting.
Click to expand...
Click to collapse
Settings -> Apps -> Gear symbol -> App permissions -> Spoof package signature
No... it's not there for me.
M.A.K said:
No... it's not there for me.
Click to expand...
Click to collapse
Works like it is supposed to be. The setting/app permission is only available if you install an app that requires that permission.
So, if you install microG the setting for signature spoofing will become available.
fred0r said:
Now i *really* formated all the Data (and the former encryption)
Click to expand...
Click to collapse
Could you tell me how to do that? I remember trying to find a way to remove encryption back in the day on my Nexus 5 and wasn't able to do it. Thanks!
thomson.aa said:
Works like it is supposed to be. The setting/app permission is only available if you install an app that requires that permission.
So, if you install microG the setting for signature spoofing will become available.
Click to expand...
Click to collapse
Ah, yes... got it now, thanks.
jobedius said:
Could you tell me how to do that? I remember trying to find a way to remove encryption back in the day on my Nexus 5 and wasn't able to do it. Thanks!
Click to expand...
Click to collapse
I booted into the TWRP 3.0.3 and did not enter my Encryption-PW (cancel) and then clicked 'Wipe' and then 'Format Data'.
update to official build?
Is it possible to update (aka dirty flash) to the now released official build? I had some problems doing that, see https://forum.xda-developers.com/showpost.php?p=70829582&postcount=8
Cheers
Nope, its not
Mithodin said:
Is it possible to update (aka dirty flash) to the now released official build? I had some problems doing that, see https://forum.xda-developers.com/showpost.php?p=70829582&postcount=8
Cheers
Click to expand...
Click to collapse
Twrp shows error 7(the data is incompatible). You need to wipe data, cache partitions and the system partition. Then install the zip with arm64 android 7.1 g-apps.
Cheers:good:
fred0r said:
I booted into the TWRP 3.0.3 and did not enter my Encryption-PW (cancel) and then clicked 'Wipe' and then 'Format Data'.
Click to expand...
Click to collapse
Aahhh, that makes sense if you know it! Thanks!
Welcome to Jaguar Oreo 8.1. As some may know, the emphasis of the project is on Security and Performance. I have recently transitioned from Lenovo Zuk Z2 plus and previously from Sony Xperias, and the rom is still actively maintained for Zuk Z2. You are welcome to visit the thread for user feedback: https://forum.xda-developers.com/lenovo-zuk-z2/development/jaguar-oreo-8-1-official-t3734597
In addition to most, if not all, familiar Oreo features starting from multiple options in statusbar, navbar, QS, gestures etc. to alarm blocker, wakelock blocker, smart pixels and omni features (I am not going to list all of them), you will have the following:
1. Hardened/fortified bionic (over 150 commits) to prevent bad behavior by system and third party apps.
2. Many classes and resources are NOT pre-loaded or compiled during boot. Instead, they are compiled after the initial startup and put in ram and cache. So, after initial settling, you will have increased speed in almost everything: interface transitions, app startup time, etc. . In addition, it takes 4-5 seconds to fully boot, after Oneplus logo ends (initial boot after flashing will obviously take longer).
3. Most runtime permissions are limited to 'read only'.
4. FBE encryption is replaced with FDE, and it is not forced. Plus, you can have separate passwords, one longer for boot and another short one for screen lock. I, personally, don't like FBE. I think it is weaker than FDE. Also, I don't want my device to boot at all or be partially decrypted, unless I enter boot password.
5. Many additional security features are enabled in kernel. Kernel is based on DU for Oneplus 5 (the work on it just started).
6. Yama security to replace Selinux.
7. Wireguard support in kernel
8. DNS over TLS
9. Background WIFI scanning is hard-disabled
10. Type zero sms: phone's silent response 'received and processed' (without user noticing) eliminated. If you don't know what type zero sms is, Google it. Not class zero sms, which flashes on screen, but doesn't get saved, but rather type zero, which doesn't show at all, but nonetheless is silently acknowledged. Creepy.
11. MicroG support.
12. Builtin CPU power profiles, based on AKT profiles (heavily modified)
13. Sound control and KCAL are added in kernel
14. Fully working native recorder (in Dialer on active call)
INSTRUCTIONS:
1. Be on 5.1.4 firmware
2. If you are encrypted, you must do factory reset in TWRP (you will have to type 'YES' for factory reset). This will result in all data including internal SD erased. So, transfer the contents to your PC. If you are decrypted, you may skip this step. You may think you are decrypted, but make sure that it is in fact so: check in Settings/Security. If it says phone encrypted, you must do factory reset in TWRP.
3. After factory reset, reboot in TWRP and format system/dalvik-cache/data/internal SD again, as TWRP apparently leaves some remnants of encryption after factory reset.
4. Transfer the rom, Gapps, Magisk and whatever else you need to internal card; flash the rom; flash Gapps (optionally) and reboot
5. Go back to TWRP and flash Magisk (optionally). Why not flash Magisk right away? Because Gapps need to run once before Magisk to get appropriate permissions
ROM DOWNLOAD: https://androidfilehost.com/?fid=1322778262904007030
Subsequent releases (and I will continue to update until Android 9 becomes stable) will be in post #3.
WARNINGS: Usual XDA: Get ready to be burned and don't complain
CREDIT: AOSP, CopperheadOS, DU, Omni, Slim, Lineage, Benzo, Carbon, Xtended, AKT profiles team
Also, credit for a Jaguar bootanimation to @Ashish9 and @The.Night.King who made one of the header's icons
Kernel Source for October 8 release and on: https://github.com/AOSPME/android_kernel_oneplus_msm8998
Kernel Source: https://github.com/optimumpr/android_kernel_oneplus_msm8998
Bionic Source where most commits came from: https://github.com/CopperheadOS/platform_bionic
XDA:DevDB Information
JAGUAR OREO ONEPLUS 5, ROM for the OnePlus 5
Contributors
optimumpro, optimumpro
Source Code: https://github.com/optimumpr/android_kernel_oneplus_msm8998
ROM OS Version: 8.x Oreo
ROM Kernel: Linux 4.x
ROM Firmware Required: Unlocked bootloader and 5.1.4 firmware
Based On: AOSP, DU, Lineage, Omni, Xtended, Carbon, Benzo, Slim
Version Information
Status: Stable
Stable Release Date: 2018-09-16
Created 2018-09-16
Last Updated 2019-01-12
Instructions on FDE encryption
How to encrypt the phone:
The rom has FDE, instead of FBE, and it is not forced. So, you will be decrypted, unless you encrypt.
You can encrypt within Settings, but the preferred way is to do it via ADB. This way, you could have 2 separate passwords one longer for boot and another shorter for screen lock. YOU MUST HAVE MAGISK INSTALLED FOR ADB method to work.
1. DON'T set up screen lock pin/password/pattern yet
2. Enable ADB in Developer settings
3. Connect the phone to your PC. Open terminal (on PC) and type adb devices to make sure that the phone is listed
4. Type adb shell and press enter; type su and press enter - at this point, you should have Magisk prompt (on the phone) for root; grant it for at least 20 minutes - the prompt on terminal should change to root
Now the fun part:
5. type vdc cryptfs enablecrypto inplace password "your actual password" and press enter
WARNING: No quotation marks anywhere in terminal, and don't type the words 'your actual password', but rather your chosen password. There is no limit on the length of boot password.
The phone will reboot and start encrypting. In about 10-15 minutes, you will get a familiar prompt for boot password. After the first password input, the phone might not fully boot (it happened to me). In this case, just force-shutdown and reboot.
After encrypting, you will lose root. So, re-flash Magisk. Otherwise, you might have kernel panic, due to Magisk not being able to find your lockscreen pin..
6. After everything is done and Magisk is working, set up a short pin/pattern/password for screen. WHEN ASKED IF YOU WANT SECURE BOOT, SELECT NO, because you already have it. If you select 'yes, your long boot password will be overwritten, which you don't want.
P.S. You can also do the same on phone's Terminal. In this case, skip 'adb shell' and start with 'su'. But in my experience, if you make a slight mistake with the password, you won't be able to boot, and you will have to do factory reset in TWRP, which will result in the loss of all data. On PC, you can still see the password you set and boot the phone
Updates are in this post
January 12. New release
1. January security patches
2. Oreo release 60
3. New and hardened clang chain
4. Separate ringtones for Sim1/2
5. Updated kernel
1. If you are on a previous release, you may flash dirty. Just make sure to wipe dalvik/cache
2. Coming from another rom, read the OP about doing factory reset
Download rom January 12 release: https://androidfilehost.com/?fid=11410963190603897246
November 8. New release
November security patches
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom release November 8: https://forum.xda-developers.com/devdb/project/dl/?id=30812
October 11. New release
1. Fully working native call recording
2. KCAL in kernel
3. Sound control in kernel
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom, October 11 release: https://forum.xda-developers.com/devdb/project/dl/?id=30630
____________________________________________________________________________________________________________________
October 8. Major release
1. Different kernel. EAS thrown out, as providing no benefits, and actually slowing down the phone. Now you have one of the best governors, Interactive, back
2. CPU profiles built in. Based on AKT profiles, but heavily modified. Now, you have 16 working CPU profiles (must be on Interactive)
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom October 8 release: https://forum.xda-developers.com/devdb/project/dl/?id=30586
_______________________________________________________________________________________________________________________
October 5. New release
1. October security patches, Google Oreo release 48
2. Kernel overclocked to 2035 and 2592
Download Rom, October5 release: https://forum.xda-developers.com/devdb/project/dl/?id=30551
Instructions
If you are on a previous release, you can flash dirty. If coming from another rom, clean flash. If force-encrypted, you need to do factory reset in TWRP, reboot in TWRP and manually format /system/data/dalvik/cache/internalSD. Why? Because Jaguar has FDE, as opposed to FBE encryption, and it is not forced.
________________________________________________________________________________________________________________________
September 26. New release
1. Alert slider is fixed - all options work
2. System update toggle removed
Instructions: if you are on a previous release (or the original one), dirty flash; otherwise - clean flash
Download rom September 26 release: https://forum.xda-developers.com/devdb/project/dl/?id=30488
September 20. Rom updated
1. DNS-over-TLS (in Development settings)
2. Wireguard support added
3. A bunch of other commits in kernel.
Download rom release September 20: https://forum.xda-developers.com/devdb/project/dl/?id=30444
If you are on a previous release, dirty flash is fine.
What's U/B? And does the ROM support signature spoofing?
d1n0x said:
What's U/B? And does the ROM support signature spoofing?
Click to expand...
Click to collapse
U/B is unlocked bootloader. Signature spoofing is missing. Next release will have it.
optimumpro said:
U/B is unlocked bootloader. Signature spoofing is missing. Next release will have it.
Click to expand...
Click to collapse
Well considering you need to have an unlocked bootloader to flash TWRP and consequently custom ROMs, it's kind of redundant info
Alright, gonna try out the next release with MicroG!
Nice to see you here, i used to use jaguar at my z2 plus, WELCOME!!!
Welcome @optimumpro ? your ROMs for the Xperia Z1 were legendary. Good to see you here.
d1n0x said:
Well considering you need to have an unlocked bootloader to flash TWRP and consequently custom ROMs, it's kind of redundant info
Alright, gonna try out the next release with MicroG!
Click to expand...
Click to collapse
Most devs stopped implementing Microg, because you have both Xposed and Magisk modules for that.
Security and performance, I see! What about battery life?
Im_Mattgame said:
Security and performance, I see! What about battery life?
Click to expand...
Click to collapse
That's superior too, but emphasis is on security & performance.
This is a ROM that's truly user customized, request a useful feature and watch it get added.
Keep it up OP.:good:
Does this have MAC randomizer?
Zocker1304 said:
Does this have MAC randomizer?
Click to expand...
Click to collapse
The rom has it, but I haven't implemented it in kernel yet.
@optimumpro keep it up .
And to others .
The JAGUAR ROM emphasise mainly on SECURITY & RAW PERFORMANCE. Since you have a SD 835 , this ROM will make sure to use everything it has to offer .
So if you are searching for a performance ROM this is it.
PS : Jaguar is best served GAAPS LESS so if you are a anti google guy this might be the ROM for you.
optimumpro said:
The rom has it, but I haven't implemented it in kernel yet.
Click to expand...
Click to collapse
Means when implemented it will randomize my Mac on every reconnect?
WOW!
thank you!
learned from this thread already and hope very much to see this project continue.
is the fact that this is a userdebug build, test keys, and a permissive kernel a security/ privacy concern? maybe some of this will change? maybe xposed is the reason?
I lost track of xposed stuff quite awile back, maybe it will returning to my life! lol
ROM is very feature rich already, and the randomizer post a few back really caught my attention. Know of the reasoning for, but never have had the oportunity to use anything of the like
concerning the type zero sms. After googling about it im still not exactly sure about it all, but a question about it if i may. Does it matter what sms app is used?
I have been a fan if Signal for some time. I understand how it is best utilized when both/all parties use it. Seems it hides your sms from other apps tho too. Opinions of it? recomendations for differs?
please excuse my ignorance on amy of this, so much has changed over the past couple of years reguarding tech, privacy/security and android OS, while at that same time my time in front of a PC has grown less and less. I havent kept up as well as i should. I am not a dev, but always managed to follow along to maximize user control. I can read! lol
scorch away! but i wont be posting like a lil school girl any more. will be watching tho! :cyclops:
Fellings about bromite browser? maybe it can be implemented as the default webview? or even default browser?
https://www.bromite.org/
opinions on dnscrypt magisk module? i use it in its default installed iptables config
:good::highfive::silly:
Vcolumn said:
thank you!
is the fact that this is a userdebug build, test keys, and a permissive kernel a security/ privacy concern? maybe some of this will change? maybe xposed is the reason?
ROM is very feature rich already, and the randomizer post a few back really caught my attention. Know of the reasoning for, but never have had the oportunity to use anything of the like
concerning the type zero sms. After googling about it im still not exactly sure about it all, but a question about it if i may. Does it matter what sms app is used?
I have been a fan if Signal for some time. I understand how it is best utilized when both/all parties use it. Seems it hides your sms from other apps tho too. Opinions of it? recomendations for differs?
Fellings about bromite browser? maybe it can be implemented as the default webview? or even default browser?
opinions on dnscrypt magisk module? i use it in its default installed iptables config
Click to expand...
Click to collapse
User debug builds are no less secure than user builds. Instead of Selinux, you have Yama security implemented in kernel. I don't like Selinux. Apart from questionable origins, it is a huge monster that is, in my view, an unnecessary overhead.
Test key, as opposed to development/release key is just a name. All my keys, including the test key, have been uniquely re-generated. So, they are not Google's outdated keys that are included by default in all custom builds.
I use Icecat browser. With regard to dnscrypt, I have a better idea: DNS over TLS, and it is already done (will be in the next release), see picture.
Signal: There are many problems with the app and the developer. It's a long discussion, and I have already posted about in on XDA. One I would mention: the dev used to be harassed by TSA in airports. Then all of a sudden, he obtained over a $13 million funding channeled to him through a known government hand for "development" purposes. Then again, all of a sudden, he got lucrative contracts to provide "security" for one of the widely known "bastions" of privacy What'sup/Facebook. You don't get that for nothing. Next, he removed encryption capabilities from SMS portion of the app, the ones that really were forcing adversaries to go through the pains of targeting individual phones through the air, which is expensive. To tell you more: as long, as you have Gapps installed, any encryption is useless, as Google can get your outgoing messages before they are encrypted, and incoming ones after they are decrypted. People may say "sand box", "permissions", but as long as you have Google Services Framework, which is the central part of Google apps, it can do with your device whatever it wants without you ever noticing. And Signal can't work without Google services.
I use Silence for SMS.
Zocker1304 said:
Means when implemented it will randomize my Mac on every reconnect?
Click to expand...
Click to collapse
Yes. Although, it is somewhat difficult, because Qualcomm has a proprietary (as opposed to open source) implementation of MAC.
@optimumpro
Mate, any snapshots, please? Also, will MicroG or Nano-Droid work?
Also, does the GPS work, cause, that is the only reason, I am not able to get out of GApps. I want to be free of Google's Slavery Programme.
Danke. Vishal
vdbhb59 said:
@optimumpro
Mate, any snapshots, please? Also, will MicroG or Nano-Droid work?
Also, does the GPS work, cause, that is the only reason, I am not able to get out of GApps. I want to be free of Google's Slavery Programme.
Danke. Vishal
Click to expand...
Click to collapse
Microg should work with either Xposed or Magisk module. Without Google services, GPS would work with most apps, but not with Google maps, which require Gapps.
optimumpro said:
User debug builds are no less secure than user builds. Instead of Selinux, you have Yama security implemented in kernel. I don't like Selinux. Apart from questionable origins, it is a huge monster that is, in my view, an unnecessary overhead.
Test key, as opposed to development/release key is just a name. All my keys, including the test key, have been uniquely re-generated. So, they are not Google's outdated keys that are included by default in all custom builds.
I use Icecat browser. With regard to dnscrypt, I have a better idea: DNS over TLS, and it is already done (will be in the next release), see picture.
Signal: There are many problems with the app and the developer. It's a long discussion, and I have already posted about in on XDA. One I would mention: the dev used to be harassed by TSA in airports. Then all of a sudden, he obtained over a $13 million funding channeled to him through a known government hand for "development" purposes. Then again, all of a sudden, he got lucrative contracts to provide "security" for one of the widely known "bastions" of privacy What'sup/Facebook. You don't get that for nothing. Next, he removed encryption capabilities from SMS portion of the app, the ones that really were forcing adversaries to go through the pains of targeting individual phones through the air, which is expensive. To tell you more: as long, as you have Gapps installed, any encryption is useless, as Google can get your outgoing messages before they are encrypted, and incoming ones after they are decrypted. People may say "sand box", "permissions", but as long as you have Google Services Framework, which is the central part of Google apps, it can do with your device whatever it wants without you ever noticing. And Signal can't work without Google services.
I use Silence for SMS.
Yes. Although, it is somewhat difficult, because Qualcomm has a proprietary (as opposed to open source) implementation of MAC.
Click to expand...
Click to collapse
Thank you for the detailed insight. Although I have to say that Signal does work without Google play services. However, it falls back to a legacy polling method (increasing battery drain a bit) and shows a persistent notification in the status bar.
Great to see some privacy-conscious people here, amidst all of the Google fanboys who share every part of their life with Google and in the process jeopardize other people's privacy for the sake of "convenience".
COSP
Code:
**** Disclaimer: I'm not responsible if you destroy your device. Use at your own risk!!! ****
Welcome to COSP, your new future Android Operating System.
Our goal is to have an Pixel-like android ROM that isn't spying on you and uses as few system space as possible. Also, we provide the option to go completely without GApps using MicroG support.
Why us?
We are focusing on stability and performance, having an debloated ROM is essential for that. Also, we want Users to decide what kind of Store they want to use, either F-Droid or the Play Store.
Also, we take User requests serious. To suggest something, contact us on telegram.
Features:
1) All systemUI tuning elements
2) An handy Network indicator
3) Charging Information
4) Lawnchair and Quickstep as default
5) Quick Settings mods
6) Signature spoofing
7) OP gestures
8) Navbar tuner
9) Rootless Substratum (with fixes to theme system correctly)
10) Screenshot/screenrecord tile
11) Advanced power menu
12) Double tap to sleep on statusbar
13) Option to disable quick settings/power menu on secure lockscreen
+ it looks like Pixel's stock ROM!
OTA Updating for official devices enables Users to get the newest version with ease.
DOWNLOADS:
https://mirror.codebucket.de/cosp/taimen/
Just get the newest build listed there!
Sources:
ROM Source: https://github.com/cosp-project/
Kernel Source code: https://github.com/AospExtended-Devices/kernel_google_wahoo
ROM OS Version: 9.0 Pie
ROM Kernel: Linux 4.x
ROM Firmware Required: Unlocked Bootloader, TWRP
Based On: AOSP
Version Information
Status: Beta
Release Date: 2019-02-08
reserved
I like this idea...a barebones rom sound awesome....the one I currently use seems to be the lightest footprint but COSP sounds promising.
I vote for it to have the fixes needed for F droid functionality but will need a separate package to flash....therefore the people who want Google won't have to uninstall any apps which will keep the rom light.
Sent from my Pixel 2 XL using Tapatalk
This looks very promising, I'm certainly intrigued and keeping an eye on this thread ?.
clothednblack said:
This looks very promising, I'm certainly intrigued and keeping an eye on this thread .
Click to expand...
Click to collapse
I agree. The only thing that its missing is privacy guard for me.
adamokari said:
I agree. The only thing that its missing is privacy guard for me.
Click to expand...
Click to collapse
I submitted your request to the devs!
p8tgames said:
I submitted your request to the devs!
Click to expand...
Click to collapse
Who are the devs?
Does this rom comes with Gcam & Portrait mode ?
edgarrosandy said:
Does this rom comes with Gcam & Portrait mode ?
Click to expand...
Click to collapse
Nope, but you can install GCam from the Play Store/as apk and it works
So this rom is like strictly stock that we can still receive updates from Google, correct?
If so would it possible to add clock/date options ? TIA
Is there an option to install Yalp Store as a system app?
Now THIS right here is a ROM i can get behind if they keep it AOSP-Barebones ROM with option maybe sideload zip you can install for more options. I want to go Google free when MicroG gets better. Keep up the Good work will be monitoring this Rom, new daily driver.
mykenyc said:
Now THIS right here is a ROM i can get behind if they keep it AOSP-Barebones ROM with option maybe sideload zip you can install for more options. I want to go Google free when MicroG gets better. Keep up the Good work will be monitoring this Rom, new daily driver.
Click to expand...
Click to collapse
Barebones with sidoadable zips would be real cool. I don't know to what extent things can be done this way, but even things like privacy guard so people have a choice. That'd be so cool. A flashable zip that contains privacy guard. Really though don't think that's a possibility.
Just posting this cause it's something that's always been on my mind. It's way above my pay grade and maybe just a pipe dream anyway...
I've often thought it would be cool to have a minimal Rom installable with either a PC based script or aroma.
It would let you pick the features then install. Lol
Jiggs82 said:
So this rom is like strictly stock that we can still receive updates from Google, correct?
If so would it possible to add clock/date options ? TIA
Click to expand...
Click to collapse
No. Custom ROMs are just that. Custom.
Google monthly updates only work for stock. You need to wait until the dev merges updates from Google into their code.
hey, this is the best ROM I've seen around here since I want to get rid of Google
I've only been testing for a day, but here are some questions and bug reports
- I can't use the Phone app to call anyone (using Virgin Mobile network)
- Netflix won't play UHD content
If I flash another kernel, would it be ok? I'm thinking of trying the Elemental X
otherwise, only good things, keep it up
There's gonna be an update this week! Some new exciting changes included!
Glad this ROM has signature spoofing. Now if only I could get Snapchat to work
Flashed this with simple gapps and it's running great. Nice work. :good:
Edmontonchef said:
Flashed this with simple gapps and it's running great. Nice work. :good:
Click to expand...
Click to collapse
Curious about trying this Rom , where did you get the simple gapps from ? or did you mean opengapps ?
Code:
*** Disclamer
Please behave responsibly and avoid thermonuclear war. I am
not responsible for any bricked devices, etc.
Introduction
This is Zest Kernel. It's an optimized kernel for our device which includes a few nifty features. Built, on every security update, you'll have the best of the best. Features will be listed below and shared, to the most of my ability, across all my supported devices. This isn't just my kernel it's yours too - request any features you like and I'll try to add them in. However, I'm also busy with studies so please don't ask for dumb stuff.
Click to expand...
Click to collapse
Images
Possibly the fastest [clean] ROM for our device, benchmarks coming soon .
Click to expand...
Click to collapse
Features
Google's exclusive features for Pixel devices (except Music Ticker and Call Screening)
Lawnchair launcher
Spoofed stock device to pass SN
Widevine L3
Faster encryption device-wide
Daydream VR
Fast, optimised Zest Kernel
EAS
Markup screenshot editing
Google Sound Picker
Google Wallpapers
Digital Wellbeing
Optimised GPU rendering for Pie
Custom Clang and GCC toolchains for building - optimised LLVM with PGO, and GCC 9.1
OpenGApps pico included
GCam HDR+ support
Click to expand...
Click to collapse
Installation instructions
* Go download https://developer.sony.com/file/download/software-binaries-for-aosp-pie-android-9-0-kernel-4-9-yoshino.
* Unzip the download to get an .img file.
* Install fastboot (drivers for this can be gotten from Google directly), drivers for flashmode for Windows can be gotten from newflasher.
* Enter your command prompt or terminal whatever and fastboot flash oem THEFILEYOUEXTRACTED.img.
* Find a decent TWRP and flash it.
* Download the ROM for your device. They are all in this folder https://jenkins.cosmic-os.org/job/zfsodp-core/ws/lastbuild so click the one for your codename (eg. G8141 is single sim maple and G8142 is dual sim maple).
* Flash it in TWRP and wipe internal storage and format data (the option that has red text and makes you type yes).
* Enjoy!
Click to expand...
Click to collapse
Download
Latest is on my Jenkins job.
Click to expand...
Click to collapse
FAQ
PM me in XDA's Sony group.
Click to expand...
Click to collapse
Special Thanks To
Code:
* @kholk for his kernel advise
* @Sultanxda for his kernel advise
* @deletescape for Lawnchair
XDA:DevDB Information
Zest-flavoured SODP, ROM for the Sony Xperia XZ Premium
Contributors
LazerL0rd, The entire SODP team
Source Code: https://github.com/ZfSODP
ROM OS Version: 9.x Pie
ROM Kernel: Linux 4.x
ROM Firmware Required: Latest Sony OSS OEM binaries
Based On: SODP
Version Information
Status: Beta
Beta Release Date: 2019-07-06
Created 2019-07-06
Last Updated 2019-08-10
Reserved
Reserved
nice, try tonight:good:
----------------------------------------------------------------------------------------------
HAVE BEEN DELETED, I don't know what happen, his own website and his kernel is also deleted.
I have the same as the #5, but a bit different, there were 4 identical page on the screen, such like 4 1080p in a 4k screen, I think the 120HZ 1080p display driver is the reason.
I was on latest stock when flashing (following every step), when it boots and show the sony logo, it gets distorted (characters in the top and middle) and then reboots. I've reflashed stock, wiped everything including system, tried older twrp, and even flashed the G8142 image on my G8141, but i keep getting the distorted sony logo followed by a reboot. Is there anything else i have to do?
I had this issue before with AOSP but i never figured out how to fix it.
G8141, unlocked bootloader, .80 stock, twrp 3.3.1.0 and 3.2.3.0
del
Can I flash the kernel through twrp, then flash the zip?
Hey the Download Link is unavailable. Also your website is 404. I can't obtain your Kernel -OR- rom
Psychoticism said:
Hey the Download Link is unavailable. Also your website is 404. I can't obtain your Kernel -OR- rom
Click to expand...
Click to collapse
Give it a week or so mate, lazerl0rd is studying/having exams for a while.
Hey, have you tested the performance of EAS kernel ?
Could you please test the scores of GeekBench ?
BTW, you'd better remove the rqbalance in devices tree and disable cpu_quiet in kernel.
Besides, you need to replace the PowerHal in common. The PowerHal of SODP doesn't support EAS, you need to port it from Pixel 2.
All in all, well done!
Any screenshot of the performance?
It was stopped at the android logo, it ran all night and did not enter the system. please help me!
still on logo android !/
Sjll said:
Hey, have you tested the performance of EAS kernel ?
Could you please test the scores of GeekBench ?
BTW, you'd better remove the rqbalance in devices tree and disable cpu_quiet in kernel.
Besides, you need to replace the PowerHal in common. The PowerHal of SODP doesn't support EAS, you need to port it from Pixel 2.
All in all, well done!
Click to expand...
Click to collapse
SOME Screenshots here. driveDOTgoogleDOTcom/folderview?id=1rrF_kQA5sU_FIlXxERuZG0dxiX3xHn1m(Sorry but I cannot put link before I have 10 post)
It broken easily if screen off so please hold it on all the time.
With 120Hz all the gpu text showed obvious frame fluctuation.
Laplacetor said:
SOME Screenshots here. driveDOTgoogleDOTcom/folderview?id=1rrF_kQA5sU_FIlXxERuZG0dxiX3xHn1m(Sorry but I cannot put link before I have 10 post)
It broken easily if screen off so please hold it on all the time.
With 120Hz all the gpu text showed obvious frame fluctuation.
Click to expand...
Click to collapse
EAS is not stable on SODP. GPU of MSM8998 is hard to afford 120Hz.
Smooth, fast(20sec boot time including 5 second bootloader unlocked nag!) and clean rom thanks a lot! Sadly not going to be my daily driver because lack of features, and my device overheats sadly because of 120hz. Also it takes me 3 reboots to get into recovery any idea why?
Advices:
Get rid of pre installed google, allow users to install separately.
JamesDSP should be stabilized, I just get FC all time can't get it to work. (Would be better to just remove as well and allow user to install separately)
Default DPI is too low, should be 420 for ease of use.
Sony camera should be added, as in Sjll's LineageOS. ***
Ancient app logos (kitkat calendar calculator etc) should be updated.
Device-wide dark mode which includes Phone, Calendar, Settings and Files should be made. **
Phone application should be de-google-ified, Spam filter inside just feeds Google with private call data. ***
Option to switch resolution and frame rate on the go.
Heyo, wondering if you can add a quick and dirty CIFS kernel module. There are some universal versions floating around online.
Signing them is above my skill level. I don't know if the signing process has to be implemented on a device by device level. If that is an impediment, maybe consider removing the requirement for kernel modules to be signed in the first place? I don't know, I'm no expert.
Just a PSA. Someone got rclone mounts working via Magisk. Can be found in repo. Sadly, no support for cifs or nfs. But webDav works. The largest downside is that the mounts can't be mounted directly onto sdcard. Something the cifs kernel module did no problem. With rclone you'll need an app with root browsing capability. Or at least full access to /storage.
UPDATE: The rclone Magisk version has been updated to support direct sdcard mounts! Yay! So, there isn't really a need for a cifs module.
However, I'm certain the performance will be better with a cifs module. So, it's not necessary, but could be a cool benefit if added.
Thanks for all the work! It doesn't go unnoticed.
i hope you add other version special 90hz because 120hz make my device overheats and thank you
Moarten said:
I was on latest stock when flashing (following every step), when it boots and show the sony logo, it gets distorted (characters in the top and middle) and then reboots. I've reflashed stock, wiped everything including system, tried older twrp, and even flashed the G8142 image on my G8141, but i keep getting the distorted sony logo followed by a reboot. Is there anything else i have to do?
I had this issue before with AOSP but i never figured out how to fix it.
G8141, unlocked bootloader, .80 stock, twrp 3.3.1.0 and 3.2.3.0
Click to expand...
Click to collapse
Try again, a few of the previous builds were bootlooping, I'll try update instructions too.
Laplacetor said:
nice, try tonight:good:
----------------------------------------------------------------------------------------------
HAVE BEEN DELETED, I don't know what happen, his own website and his kernel is also deleted.
I have the same as the #5, but a bit different, there were 4 identical page on the screen, such like 4 1080p in a 4k screen, I think the 120HZ 1080p display driver is the reason.
Click to expand...
Click to collapse
Psychoticism said:
Hey the Download Link is unavailable. Also your website is 404. I can't obtain your Kernel -OR- rom
Click to expand...
Click to collapse
Try again, a few of the previous builds were bootlooping, I'll try update instructions too. ROM isn't on my website and never was .
wolfmanstr said:
Can I flash the kernel through twrp, then flash the zip?
Click to expand...
Click to collapse
Don't use my stock kernel with this.
Sjll said:
Hey, have you tested the performance of EAS kernel ?
Could you please test the scores of GeekBench ?
BTW, you'd better remove the rqbalance in devices tree and disable cpu_quiet in kernel.
Besides, you need to replace the PowerHal in common. The PowerHal of SODP doesn't support EAS, you need to port it from Pixel 2.
All in all, well done!
Click to expand...
Click to collapse
It performs better, battery is decent now (after a load of changes). We now (as of today) have a Power HAL (libperfmgr) which supports DT2W on supported devices too. I may or may not update it to version 1.3.
SilverGamer_YT said:
Any screenshot of the performance?
Click to expand...
Click to collapse
No, it's EAS and you could test it out.
tronganhha29 said:
It was stopped at the android logo, it ran all night and did not enter the system. please help me!
Click to expand...
Click to collapse
Yeah, I fixed that a while ago - try again please.
CRNO said:
still on logo android !/
Click to expand...
Click to collapse
Yeah, I fixed that a while ago - try again please.
Laplacetor said:
SOME Screenshots here. driveDOTgoogleDOTcom/folderview?id=1rrF_kQA5sU_FIlXxERuZG0dxiX3xHn1m(Sorry but I cannot put link before I have 10 post)
It broken easily if screen off so please hold it on all the time.
With 120Hz all the gpu text showed obvious frame fluctuation.
Click to expand...
Click to collapse
I don't get all this 120Hz issue, it's not as simple as "set 120Hz get lag" and like our phone can handle it on UI, at least. The worst case is battery but IIRC it wasn't too different from 60Hz. Anyways it's 90Hz now.
Sjll said:
EAS is not stable on SODP. GPU of MSM8998 is hard to afford 120Hz.
Click to expand...
Click to collapse
I don't get all this 120Hz issue, it's not as simple as "set 120Hz get lag" and like our phone can handle it on UI, at least. The worst case is battery but IIRC it wasn't too different from 60Hz. Anyways it's 90Hz now. EAS seems stable, here. The bugs we have aren't really EAS related.
undefine said:
Smooth, fast(20sec boot time including 5 second bootloader unlocked nag!) and clean rom thanks a lot! Sadly not going to be my daily driver because lack of features, and my device overheats sadly because of 120hz. Also it takes me 3 reboots to get into recovery any idea why?
Advices:
Get rid of pre installed google, allow users to install separately.
JamesDSP should be stabilized, I just get FC all time can't get it to work. (Would be better to just remove as well and allow user to install separately)
Default DPI is too low, should be 420 for ease of use.
Sony camera should be added, as in Sjll's LineageOS. ***
Ancient app logos (kitkat calendar calculator etc) should be updated.
Device-wide dark mode which includes Phone, Calendar, Settings and Files should be made. **
Phone application should be de-google-ified, Spam filter inside just feeds Google with private call data. ***
Option to switch resolution and frame rate on the go.
Click to expand...
Click to collapse
I don't get all this 120Hz issue, it's not as simple as "set 120Hz get overheat" and like our phone can handle it on UI, at least. I changed up the thermal driver so it should be good now. Btw those thermal modules in Magisk won't change a thing as I use sultan's thermal framework now - not RQBalance stuff. DPI has an option on setup under "vision", choose what you like. I added GCam instead, it's gonna be better quality than Sony's crappy cam app. Ancient app logos aren't gonna be updated, these are ASOP packages - instead I'm replacing them with Google packages. Also I made everything Squircle shaped too. Device-wide dark mode will be coming soon, needs some kanging [with original authorship] from Q. Phone application should be de-google-ified -> you can turn off the spam filter and install any Dialer you want. I'm not dealing with darkening AOSP's package so that's why I'm using Googles. Google can get your data if Play Services is installed anyways. Option to switch resolution and frame rate on the go -> idk why SODP removed that.
Astoras said:
Heyo, wondering if you can add a quick and dirty CIFS kernel module. There are some universal versions floating around online.
Signing them is above my skill level. I don't know if the signing process has to be implemented on a device by device level. If that is an impediment, maybe consider removing the requirement for kernel modules to be signed in the first place? I don't know, I'm no expert.
Just a PSA. Someone got rclone mounts working via Magisk. Can be found in repo. Sadly, no support for cifs or nfs. But webDav works. The largest downside is that the mounts can't be mounted directly onto sdcard. Something the cifs kernel module did no problem. With rclone you'll need an app with root browsing capability. Or at least full access to /storage.
UPDATE: The rclone Magisk version has been updated to support direct sdcard mounts! Yay! So, there isn't really a need for a cifs module.
However, I'm certain the performance will be better with a cifs module. So, it's not necessary, but could be a cool benefit if added.
Thanks for all the work! It doesn't go unnoticed.
Click to expand...
Click to collapse
For Android kernels, you can't just chuck a module in. But I'll add it to the kernel config for ya.
CRNO said:
i hope you add other version special 90hz because 120hz make my device overheats and thank you
Click to expand...
Click to collapse
Already done. And - "I don't get all this 120Hz issue, it's not as simple as "set 120Hz get overheat" and like our phone can handle it on UI, at least."