This is the Official Jaguar rom for Leo, which is based on AOSP with some flavors from Slim and Dirtyunicorn plus a bunch of features only this rom has, such as a working camera button. . The rom was originally made for Xperia Z1 Honami in August 2015, then extended to Z1c and now to Z2/Z3/Z3c. The rom has been downloaded thousands times and enjoyed great success. I hope the trend will continue with Jaguar for Leo.
Why LP, as opposed to MM and Nougat? Several reasons. The main one is Sony's unfriendliness to development community. Camera sucks, because Sony wouldn't provide proper blobs. Also, MM brings very few features, as opposed to LP. MM is still in alpha, but is already being abandoned by developers in favor of Nougat. Nougat will never work for Z1/Z2/Z3, because Sony wants you to buy a newer device. And finally, all LP roms, except Jaguar, have been abandoned by their developers since November 2015. CM still publishes nightly LP, but they have abandoned CM 12.1 kernel, meaning, they haven't incorporated about 800 security patches from Google and Code Aurora in LP kernel. Another reason - I take changes from Android Gerrit Master Branch, Code Aurora, Google Security Bulletins and 3.10, 3.18 and 4.x kernels. Enough reasons for you?
The main difference from other roms is the emphasis on security and multiple features. With that in mind , let's see what Jaguar has to offer:
1. Hardened Kernel, modified M5; hardened rom built with HYPERTOOL 5.4
2. All ciphers enabled in kernel instead of just a few
3. Hardened/Fortified Bionic and Libs
4. Fstack protection strong to resist buffer overflows
5. Many System apps and processes are made read-only, to reduce elevation of privilege
6. Selinux replaced with Tomoyo Security, Yam security
7. Disc encryption, keymaster to 256 bit AES instead of 128
8. Latest TWRP with working brightness and ability to decrypt Data (Coming Soon)
9. Random number generation mixed hardware/software, as recommended by Linus Torwalds
10. Options to randomize host on every boot
11. Option to have a separate password for lock screen and boot
12. Qualcomm's Time Services disabled due to leaking on early boot (set time to automatic to get it from your carrier)
13. WIFI Background Scanning disabled to prevent leaking
14. Internet disabled for both WIFI and Data until Afwall is set and activiated (Afwall included in download, install as regular app)
15. The phone is VOLTE ready and you have all network options available in Cell menu (not just LTE/WCDMA/GSM)
16. GRsecurity features, such as Sidechannel implemented
17. Some Pax Security Features
18. Option to deny USB connection: denied always; denied when locked; and allowed always
19. Hardened webview with Google and other "interesting" IPs removed
20. Prevention of bruteforcing screen pin: the phone will reboot upon 3 unsuccessful attempts
21. Perfect_Event_Paranoid ported from Grsecurity: now third party apps can't use other apps including system to elevate privileges
22. Camera hardware button works to focus, take pictures and start video recording
23. Option to disable writing to Tombstones (a lot of private info is dumped there if there is a crash)
24. Option to disable continuing writing of logcat
25. Option to disable device cameras: back; front, both or none
26. Option to disable third party apps to access clipboard
27. Always latest Google Security Patches
28. Always latest Code Aurora Security Patches
29. Changes ported directly from Google Android Gerrit, so most of those in MM and even N are in this rom
30. About 80% of kernel changes are ported into Jaguar kernel from 3.10 and 3.18 (not Sony AOSP 3.10 that has Down Syndrome, but Linux/Google/Code Aurora one)
31. Rom is odexed to significantly increase boot speed (under 30 seconds) and application start
32. Many more security features ported from Linux and Copperhead OS
33. Dns Crypt: a feature allowing to choose among many Dns providers (all encrypted)
34. Seccomp: secure computing enabled in kernel
Other features include: Layers Theme Engine; Native Call Recording with interface integrated in Dialer with no restrictions; Privacy Guard; Native Wakelock Blocker; Native Black List; Global Menu; Slim Recents; Traffic Indicators; Advanced Reboot; Slim Pie; CPU Info on Screen; Ram Bar in Recents; Open Source Supeuser included and integrated in Settings; True Offline Charging with Screen Off; Kernel Adiutor included (unzip and install as a normal app) and integrated in Settings plus more
Things users need to know to have smooth experience:. These are not bugs, but rather an explanation of some features
1. If you want to do data encryption, keep in mind that unlike Android, Jaguar uses 256 bit encryption. If you were encrypted on other roms, you won't be able to decrypt. So, wipe encryption and then re-encrypt on Jaguar. Also, keep in mind that if you ever did factory reset on official TWRP 3+ for honami, your data partition is screwed and have to be resized to enable encryption. This has nothing to do with the rom, but rather with the official TWRP itself. Fastboot my unofficial TWRP 3.0.2, (it is coming for Xperia Z3c, which, by the way has working brightness, as well as ability to decrypt and mount data
2. Jaguar contains a script running on early boot, which cuts the internet access to both WIFI and Data until Afwall is running. This is done to prevent leaking, as well as having all your internet traffic routed through some interesting number of servers, including this IP: 26.147.196.22. So, install Afwall and activate it, otherwise, no Internet for you
3. If your system language is different from English and you want to make changes in Phone/Cell Network settings, switch to English first, make the changes and then return to your language. The changes you made will hold. If you try to make the changes in your language, you will have com.android.phone crash. Localization takes time and is virtually impossible to implement in Jaguar, which is a one-person-rom
4. Sony TimeKeep, which is ported from MM/N, now sets the correct time on reboot without the Internet or GSM signal. All you need to do is set it once and TimeKeep will save/recalculate/restore the same on each reboot
5. GAPPS: if you use them, you need to flash them right after the rom (or each update) and before reboot. Flashing after reboot will result in multiple f/c
6. Due to Volte implementation, you might be required to flash LP or MM stock baseband (only if you have no 2g/3g signal)
7. Helpful fastboot commands: for flashing TWRP: fastboot flash recovery recovery.img
for flashing kernel: fastboot flash boot boot.img
Download: All updates and change logs are in Post #3
Instructions:
1. Be on LP at least, have TWRP, unlocked bootloader and root
2. In TWRP, wipe data/factory reset, then wipe System/Data/Cache/Dalvik
3. Flash the rom
4. Reboot, install Afwall and Kernel Adiutor as normal apps; activate Afwall to have Internet
5. Enjoy the rom, say thank you, donate or do both
Warning: If your device and/or anyone in the immediate vicinity dies, don't blame me: it is all China and Russia's fault.
Credit: CM, AOSP, Slimroms, DU, Copperhead OS, Myself5 (kernel)
UPDATED KERNEL SOURCE: https://forum.xda-developers.com/devdb/project/dl/?id=23107 . Don't flash. This is not kernel, but rather sources to compile kernel
Kernel Source: https://github.com/AOSP-Jaguar/kernel_sony_msm8974
XDA:DevDB Information
JAGUAR LEO OFFICIAL HARDENED, ROM for the Sony Xperia Z3
Contributors
optimumpro
ROM OS Version: 5.1.x Lollipop
ROM Kernel: Linux 3.4.x
ROM Firmware Required: Unlocked Bootloader
Based On: AOSP,CM,SLIM,DU
Version Information
Status: Stable
Stable Release Date: 2016-10-18
Created 2016-10-18
Last Updated 2017-02-09
Development update and some Screenshots
I broke my Z1 screen again and I am not in the mood for after market screens. And I am sick and tired of Sony crappy treatment of development community.
I am now looking at Lenovo Zuk Z2 or Z2 pro. Both excellent phones with the latest CPU and made out of metal and glass by Motorola which they bought from Google a couple of years ago. Zuk is friendly to developers and their blobs don't dumb down camera and they don't seek to "unify" bugs for all their devices. I no longer wish to support a fat bastard corporation that can't make a good phone, but thinks that just by putting their logo on the phone would make it worth $700.
RE Jaguar. I will continue to maintain Jaguar mainly with security patches... for a while, but my main work will be concentrated on Zuk. There is a lot of work to be done cleaning Android N and implementing security and other features from Jaguar...
Screenshots are here: http://forum.xda-developers.com/showpost.php?p=62560391&postcount=2
Download Section
February 9: New release including
1. February security patches
2. Sony TimeKeep to set the correct time on boot
3. Dns_Crypt (numerous choices of encrypted Dns providers) in Settings/Security
4. Open Source Superuser integrated in Settings
5. Seccomp/secure computing implemented and enabled in kernel
6. Twrp that supports data decryption, as well as TimeKeep
To use Dns_Crypt, you must allow Internet for 'apps run as root' in Afwall
Download Rom: https://forum.xda-developers.com/devdb/project/dl/?id=23079
Download TWRP: https://forum.xda-developers.com/devdb/project/dl/?id=23078
__________________________________________________________________
January 29. XDA is having a problem with upload/download. So, here is updated TWRP 3.0.2 that is able to decrypt and mount encrypted data partition. This one is different from the originally posted, because it includes the correct time. Together with the February release (not now), it will set the correct time both in recovery and the rom:
Download: https://www.androidfilehost.com/?fid=745425885120704246 There is a new TWRP on top of this post and in the download section...
January 12: New release This should take care of a color line on Auo displays. Also included is the fully working NFC-HCE for Android Pay (to pass Safety Net, you'll have to delete Supersu and su binary). And January security patches, of course...
Download: https://forum.xda-developers.com/devdb/project/dl/?id=22563
You may flash dirty on top of another Jaguar release. Otherwise - clean install
__________________________________________________________________________________
December 31. TWRP 3.0.2 able to decrypt data. This works well for Xperia Z1 and Z1c, but, since I don't have the device, it may or may not work for Z3. So, test it and report
Unzip the file (attached to this post) and flash in fastboot like this: fastboot flash recovery recovery.img
____________________________________________________________________________________________
December 14. New build with increased brightness levels. Flash only if you have a type of display that has flickering on low brightness. If you have no flickering, no need to upgrade
Download: http://forum.xda-developers.com/devdb/project/dl/?id=22108
______________________________________________________________________________
December 10: Rom updated to include
1. December security patches
2. Signature Spoofing (Omnirom type), switch in Developer settings
3. USSD fixed (maybe)
Download: http://forum.xda-developers.com/devdb/project/dl/?id=22020
__________________________________________________________________________________
November 10: Rom updated to include November Security Patches. I have also removed SuperSU, as there is a built-in root manager and quite a few people no longer like the Chinese owned SuperSU[/COLOR]
Download: http://forum.xda-developers.com/devdb/project/dl/?id=21437
__________________________________________________________________________________
October 18. New release including Code Aurora and Google latest security patches. Also, there is a new feature - option to prevent apps from accessing clipboard in background.
Download Rom: http://forum.xda-developers.com/devdb/project/dl/?id=20976
Download Afwall/KernelAdiutor: http://forum.xda-developers.com/devdb/project/dl/?id=20974
Any support for d6633?
I flash the baseband but after reboot the baseband is unknown again. And the ussd code not working.
leesiangcheng said:
I flash the baseband but after reboot the baseband is unknown again. And the ussd code not working.
Click to expand...
Click to collapse
Flash the correct baseband AFTER flashing the rom. If it says unknown baseband, you won't have even a sim card recognized.
USSD is a known issue. It works, but slowly: I get a response in 2-3 minutes...
Flash baseband alreadyworking .but after reboot the base band is gone.btw the rom is super fast.hope u can fix the baseband and ussd. Thanks for the rom.
leesiangcheng said:
Flash baseband alreadyworking .but after reboot the base band is gone.btw the rom is super fast.hope u can fix the baseband and ussd. Thanks for the rom.
Click to expand...
Click to collapse
You have to flash baseband for your country variant. I am in the US and had euro baseband and it took 10 sec for the phone to find signal. Then I flashed US baseband and and now I get signal right away...
Yes I flash my country baseband. At first it shows the baseband.but after reboot the baseband turn to unknow again.
Thanks for a great aosp rom! I'll try whenever I have time.
What do you mean with "localisation takes time"? Do you mean that gps is slow?
Sent from my D6603 using Tapatalk
blackhawk_LA said:
Thanks for a great aosp rom! I'll try whenever I have time.
What do you mean with "localisation takes time"? Do you mean that gps is slow?
Sent from my D6603 using Tapatalk
Click to expand...
Click to collapse
No, everything is fast here. Localization means translation to foreign languages. If you want to change mobile network settings (2g/3g/Lte), you would have to switch to English, make changes and then return to your language. That's the only area where you need to do that...
Wow looks amazing, but the million $ question is, is fisheye still present? Since camera is pretty useless on aosp with this fisheye since day 1 on z3..
Sent from my D6603 using XDA-Developers mobile app
corpsegrinder62 said:
Wow looks amazing, but the million $ question is, is fisheye still present? Since camera is pretty useless on aosp with this fisheye since day 1 on z3..
Sent from my D6603 using XDA-Developers mobile app
Click to expand...
Click to collapse
I don't know. Z2 users say there is no fish eye, but there is one on Z3 compact...
Thanks ! Amazing work !
Any plans for a dual sim version ? (D6633/D6683)
The ROM is FAAAST. Incredible, it restored my apps with titanium twice as fast as with other ROMs .
I have a little request, and is to have the network speed indicators in the right side, at the left of the WiFi indicator.
Thanks!
Sent from my Xperia Z3 using Tapatalk
This is greatest Z3 endeavor so far focused on security and stability!
We cant blame Sony for lack of official N ROM, however, lack of working MM source, no up to date MM ROM, which on galaxy s5 is something obvious makes me wonder if Sony doesn't make z3 obsolete for purpose.
Thank you for your effort!
Are there any prolonged battery life features?
Could any of users share battery life and image quality info?
To check if there is any camera distortion its enough to shot something like computer screen and see if its rectangle or it is distorted.
Camera fisheye bug is present.
Also, I I'm experiencing some light flickering on the screen at minimum brightness. Is more noticeable on white screens.
Sent from my Xperia Z3 using Tapatalk
This is awesome! I didn't expect a proper ROM for the Z3 anymore; Paranoid Android development seems slow and I'm still on infected's last CM12.1 ROM – so this is exactly what I'm looking for: A ROM with focus on security. I'll try it out as soon as possible.
Do you guys experience overheating? I encrypted my phone and it burns now... Using the same ROM but for Z3C...
Edit:
Is it possible to decrypt my phone ? I can only see the information that my phone is encrypted, can't click on it.
king960 said:
Do you guys experience overheating? I encrypted my phone and it burns now... Using the same ROM but for Z3C...
Edit:
Is it possible to decrypt my phone ? I can only see the information that my phone is encrypted, can't click on it.
Click to expand...
Click to collapse
Your phone is 'burninig', not because of encryption, but because you changed some settings in Kernel Adiutor. If you don't know what you are doing, don't touch anything. Untick all 'apply on boot' and reboot the phone to load default values. Jaguar on Z3c doesn't get over 50 degrees at highest loads (playing graphic intensive games)...
Welcome to Jaguar Oreo 8.1. As some may know, the emphasis of the project is on Security and Performance. I have recently transitioned from Lenovo Zuk Z2 plus and previously from Sony Xperias, and the rom is still actively maintained for Zuk Z2. You are welcome to visit the thread for user feedback: https://forum.xda-developers.com/lenovo-zuk-z2/development/jaguar-oreo-8-1-official-t3734597
In addition to most, if not all, familiar Oreo features starting from multiple options in statusbar, navbar, QS, gestures etc. to alarm blocker, wakelock blocker, smart pixels and omni features (I am not going to list all of them), you will have the following:
1. Hardened/fortified bionic (over 150 commits) to prevent bad behavior by system and third party apps.
2. Many classes and resources are NOT pre-loaded or compiled during boot. Instead, they are compiled after the initial startup and put in ram and cache. So, after initial settling, you will have increased speed in almost everything: interface transitions, app startup time, etc. . In addition, it takes 4-5 seconds to fully boot, after Oneplus logo ends (initial boot after flashing will obviously take longer).
3. Most runtime permissions are limited to 'read only'.
4. FBE encryption is replaced with FDE, and it is not forced. Plus, you can have separate passwords, one longer for boot and another short one for screen lock. I, personally, don't like FBE. I think it is weaker than FDE. Also, I don't want my device to boot at all or be partially decrypted, unless I enter boot password.
5. Many additional security features are enabled in kernel. Kernel is based on DU for Oneplus 5 (the work on it just started).
6. Yama security to replace Selinux.
7. Wireguard support in kernel
8. DNS over TLS
9. Background WIFI scanning is hard-disabled
10. Type zero sms: phone's silent response 'received and processed' (without user noticing) eliminated. If you don't know what type zero sms is, Google it. Not class zero sms, which flashes on screen, but doesn't get saved, but rather type zero, which doesn't show at all, but nonetheless is silently acknowledged. Creepy.
11. MicroG support.
12. Builtin CPU power profiles, based on AKT profiles (heavily modified)
13. Sound control and KCAL are added in kernel
14. Fully working native recorder (in Dialer on active call)
INSTRUCTIONS:
1. Be on 5.1.4 firmware
2. If you are encrypted, you must do factory reset in TWRP (you will have to type 'YES' for factory reset). This will result in all data including internal SD erased. So, transfer the contents to your PC. If you are decrypted, you may skip this step. You may think you are decrypted, but make sure that it is in fact so: check in Settings/Security. If it says phone encrypted, you must do factory reset in TWRP.
3. After factory reset, reboot in TWRP and format system/dalvik-cache/data/internal SD again, as TWRP apparently leaves some remnants of encryption after factory reset.
4. Transfer the rom, Gapps, Magisk and whatever else you need to internal card; flash the rom; flash Gapps (optionally) and reboot
5. Go back to TWRP and flash Magisk (optionally). Why not flash Magisk right away? Because Gapps need to run once before Magisk to get appropriate permissions
ROM DOWNLOAD: https://androidfilehost.com/?fid=1322778262904007030
Subsequent releases (and I will continue to update until Android 9 becomes stable) will be in post #3.
WARNINGS: Usual XDA: Get ready to be burned and don't complain
CREDIT: AOSP, CopperheadOS, DU, Omni, Slim, Lineage, Benzo, Carbon, Xtended, AKT profiles team
Also, credit for a Jaguar bootanimation to @Ashish9 and @The.Night.King who made one of the header's icons
Kernel Source for October 8 release and on: https://github.com/AOSPME/android_kernel_oneplus_msm8998
Kernel Source: https://github.com/optimumpr/android_kernel_oneplus_msm8998
Bionic Source where most commits came from: https://github.com/CopperheadOS/platform_bionic
XDA:DevDB Information
JAGUAR OREO ONEPLUS 5, ROM for the OnePlus 5
Contributors
optimumpro, optimumpro
Source Code: https://github.com/optimumpr/android_kernel_oneplus_msm8998
ROM OS Version: 8.x Oreo
ROM Kernel: Linux 4.x
ROM Firmware Required: Unlocked bootloader and 5.1.4 firmware
Based On: AOSP, DU, Lineage, Omni, Xtended, Carbon, Benzo, Slim
Version Information
Status: Stable
Stable Release Date: 2018-09-16
Created 2018-09-16
Last Updated 2019-01-12
Instructions on FDE encryption
How to encrypt the phone:
The rom has FDE, instead of FBE, and it is not forced. So, you will be decrypted, unless you encrypt.
You can encrypt within Settings, but the preferred way is to do it via ADB. This way, you could have 2 separate passwords one longer for boot and another shorter for screen lock. YOU MUST HAVE MAGISK INSTALLED FOR ADB method to work.
1. DON'T set up screen lock pin/password/pattern yet
2. Enable ADB in Developer settings
3. Connect the phone to your PC. Open terminal (on PC) and type adb devices to make sure that the phone is listed
4. Type adb shell and press enter; type su and press enter - at this point, you should have Magisk prompt (on the phone) for root; grant it for at least 20 minutes - the prompt on terminal should change to root
Now the fun part:
5. type vdc cryptfs enablecrypto inplace password "your actual password" and press enter
WARNING: No quotation marks anywhere in terminal, and don't type the words 'your actual password', but rather your chosen password. There is no limit on the length of boot password.
The phone will reboot and start encrypting. In about 10-15 minutes, you will get a familiar prompt for boot password. After the first password input, the phone might not fully boot (it happened to me). In this case, just force-shutdown and reboot.
After encrypting, you will lose root. So, re-flash Magisk. Otherwise, you might have kernel panic, due to Magisk not being able to find your lockscreen pin..
6. After everything is done and Magisk is working, set up a short pin/pattern/password for screen. WHEN ASKED IF YOU WANT SECURE BOOT, SELECT NO, because you already have it. If you select 'yes, your long boot password will be overwritten, which you don't want.
P.S. You can also do the same on phone's Terminal. In this case, skip 'adb shell' and start with 'su'. But in my experience, if you make a slight mistake with the password, you won't be able to boot, and you will have to do factory reset in TWRP, which will result in the loss of all data. On PC, you can still see the password you set and boot the phone
Updates are in this post
January 12. New release
1. January security patches
2. Oreo release 60
3. New and hardened clang chain
4. Separate ringtones for Sim1/2
5. Updated kernel
1. If you are on a previous release, you may flash dirty. Just make sure to wipe dalvik/cache
2. Coming from another rom, read the OP about doing factory reset
Download rom January 12 release: https://androidfilehost.com/?fid=11410963190603897246
November 8. New release
November security patches
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom release November 8: https://forum.xda-developers.com/devdb/project/dl/?id=30812
October 11. New release
1. Fully working native call recording
2. KCAL in kernel
3. Sound control in kernel
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom, October 11 release: https://forum.xda-developers.com/devdb/project/dl/?id=30630
____________________________________________________________________________________________________________________
October 8. Major release
1. Different kernel. EAS thrown out, as providing no benefits, and actually slowing down the phone. Now you have one of the best governors, Interactive, back
2. CPU profiles built in. Based on AKT profiles, but heavily modified. Now, you have 16 working CPU profiles (must be on Interactive)
Instructions:
1. If you are on a previous release, you may flash dirty
2. Coming from another rom, read the OP about doing factory reset
Download rom October 8 release: https://forum.xda-developers.com/devdb/project/dl/?id=30586
_______________________________________________________________________________________________________________________
October 5. New release
1. October security patches, Google Oreo release 48
2. Kernel overclocked to 2035 and 2592
Download Rom, October5 release: https://forum.xda-developers.com/devdb/project/dl/?id=30551
Instructions
If you are on a previous release, you can flash dirty. If coming from another rom, clean flash. If force-encrypted, you need to do factory reset in TWRP, reboot in TWRP and manually format /system/data/dalvik/cache/internalSD. Why? Because Jaguar has FDE, as opposed to FBE encryption, and it is not forced.
________________________________________________________________________________________________________________________
September 26. New release
1. Alert slider is fixed - all options work
2. System update toggle removed
Instructions: if you are on a previous release (or the original one), dirty flash; otherwise - clean flash
Download rom September 26 release: https://forum.xda-developers.com/devdb/project/dl/?id=30488
September 20. Rom updated
1. DNS-over-TLS (in Development settings)
2. Wireguard support added
3. A bunch of other commits in kernel.
Download rom release September 20: https://forum.xda-developers.com/devdb/project/dl/?id=30444
If you are on a previous release, dirty flash is fine.
What's U/B? And does the ROM support signature spoofing?
d1n0x said:
What's U/B? And does the ROM support signature spoofing?
Click to expand...
Click to collapse
U/B is unlocked bootloader. Signature spoofing is missing. Next release will have it.
optimumpro said:
U/B is unlocked bootloader. Signature spoofing is missing. Next release will have it.
Click to expand...
Click to collapse
Well considering you need to have an unlocked bootloader to flash TWRP and consequently custom ROMs, it's kind of redundant info
Alright, gonna try out the next release with MicroG!
Nice to see you here, i used to use jaguar at my z2 plus, WELCOME!!!
Welcome @optimumpro ? your ROMs for the Xperia Z1 were legendary. Good to see you here.
d1n0x said:
Well considering you need to have an unlocked bootloader to flash TWRP and consequently custom ROMs, it's kind of redundant info
Alright, gonna try out the next release with MicroG!
Click to expand...
Click to collapse
Most devs stopped implementing Microg, because you have both Xposed and Magisk modules for that.
Security and performance, I see! What about battery life?
Im_Mattgame said:
Security and performance, I see! What about battery life?
Click to expand...
Click to collapse
That's superior too, but emphasis is on security & performance.
This is a ROM that's truly user customized, request a useful feature and watch it get added.
Keep it up OP.:good:
Does this have MAC randomizer?
Zocker1304 said:
Does this have MAC randomizer?
Click to expand...
Click to collapse
The rom has it, but I haven't implemented it in kernel yet.
@optimumpro keep it up .
And to others .
The JAGUAR ROM emphasise mainly on SECURITY & RAW PERFORMANCE. Since you have a SD 835 , this ROM will make sure to use everything it has to offer .
So if you are searching for a performance ROM this is it.
PS : Jaguar is best served GAAPS LESS so if you are a anti google guy this might be the ROM for you.
optimumpro said:
The rom has it, but I haven't implemented it in kernel yet.
Click to expand...
Click to collapse
Means when implemented it will randomize my Mac on every reconnect?
WOW!
thank you!
learned from this thread already and hope very much to see this project continue.
is the fact that this is a userdebug build, test keys, and a permissive kernel a security/ privacy concern? maybe some of this will change? maybe xposed is the reason?
I lost track of xposed stuff quite awile back, maybe it will returning to my life! lol
ROM is very feature rich already, and the randomizer post a few back really caught my attention. Know of the reasoning for, but never have had the oportunity to use anything of the like
concerning the type zero sms. After googling about it im still not exactly sure about it all, but a question about it if i may. Does it matter what sms app is used?
I have been a fan if Signal for some time. I understand how it is best utilized when both/all parties use it. Seems it hides your sms from other apps tho too. Opinions of it? recomendations for differs?
please excuse my ignorance on amy of this, so much has changed over the past couple of years reguarding tech, privacy/security and android OS, while at that same time my time in front of a PC has grown less and less. I havent kept up as well as i should. I am not a dev, but always managed to follow along to maximize user control. I can read! lol
scorch away! but i wont be posting like a lil school girl any more. will be watching tho! :cyclops:
Fellings about bromite browser? maybe it can be implemented as the default webview? or even default browser?
https://www.bromite.org/
opinions on dnscrypt magisk module? i use it in its default installed iptables config
:good::highfive::silly:
Vcolumn said:
thank you!
is the fact that this is a userdebug build, test keys, and a permissive kernel a security/ privacy concern? maybe some of this will change? maybe xposed is the reason?
ROM is very feature rich already, and the randomizer post a few back really caught my attention. Know of the reasoning for, but never have had the oportunity to use anything of the like
concerning the type zero sms. After googling about it im still not exactly sure about it all, but a question about it if i may. Does it matter what sms app is used?
I have been a fan if Signal for some time. I understand how it is best utilized when both/all parties use it. Seems it hides your sms from other apps tho too. Opinions of it? recomendations for differs?
Fellings about bromite browser? maybe it can be implemented as the default webview? or even default browser?
opinions on dnscrypt magisk module? i use it in its default installed iptables config
Click to expand...
Click to collapse
User debug builds are no less secure than user builds. Instead of Selinux, you have Yama security implemented in kernel. I don't like Selinux. Apart from questionable origins, it is a huge monster that is, in my view, an unnecessary overhead.
Test key, as opposed to development/release key is just a name. All my keys, including the test key, have been uniquely re-generated. So, they are not Google's outdated keys that are included by default in all custom builds.
I use Icecat browser. With regard to dnscrypt, I have a better idea: DNS over TLS, and it is already done (will be in the next release), see picture.
Signal: There are many problems with the app and the developer. It's a long discussion, and I have already posted about in on XDA. One I would mention: the dev used to be harassed by TSA in airports. Then all of a sudden, he obtained over a $13 million funding channeled to him through a known government hand for "development" purposes. Then again, all of a sudden, he got lucrative contracts to provide "security" for one of the widely known "bastions" of privacy What'sup/Facebook. You don't get that for nothing. Next, he removed encryption capabilities from SMS portion of the app, the ones that really were forcing adversaries to go through the pains of targeting individual phones through the air, which is expensive. To tell you more: as long, as you have Gapps installed, any encryption is useless, as Google can get your outgoing messages before they are encrypted, and incoming ones after they are decrypted. People may say "sand box", "permissions", but as long as you have Google Services Framework, which is the central part of Google apps, it can do with your device whatever it wants without you ever noticing. And Signal can't work without Google services.
I use Silence for SMS.
Zocker1304 said:
Means when implemented it will randomize my Mac on every reconnect?
Click to expand...
Click to collapse
Yes. Although, it is somewhat difficult, because Qualcomm has a proprietary (as opposed to open source) implementation of MAC.
@optimumpro
Mate, any snapshots, please? Also, will MicroG or Nano-Droid work?
Also, does the GPS work, cause, that is the only reason, I am not able to get out of GApps. I want to be free of Google's Slavery Programme.
Danke. Vishal
vdbhb59 said:
@optimumpro
Mate, any snapshots, please? Also, will MicroG or Nano-Droid work?
Also, does the GPS work, cause, that is the only reason, I am not able to get out of GApps. I want to be free of Google's Slavery Programme.
Danke. Vishal
Click to expand...
Click to collapse
Microg should work with either Xposed or Magisk module. Without Google services, GPS would work with most apps, but not with Google maps, which require Gapps.
optimumpro said:
User debug builds are no less secure than user builds. Instead of Selinux, you have Yama security implemented in kernel. I don't like Selinux. Apart from questionable origins, it is a huge monster that is, in my view, an unnecessary overhead.
Test key, as opposed to development/release key is just a name. All my keys, including the test key, have been uniquely re-generated. So, they are not Google's outdated keys that are included by default in all custom builds.
I use Icecat browser. With regard to dnscrypt, I have a better idea: DNS over TLS, and it is already done (will be in the next release), see picture.
Signal: There are many problems with the app and the developer. It's a long discussion, and I have already posted about in on XDA. One I would mention: the dev used to be harassed by TSA in airports. Then all of a sudden, he obtained over a $13 million funding channeled to him through a known government hand for "development" purposes. Then again, all of a sudden, he got lucrative contracts to provide "security" for one of the widely known "bastions" of privacy What'sup/Facebook. You don't get that for nothing. Next, he removed encryption capabilities from SMS portion of the app, the ones that really were forcing adversaries to go through the pains of targeting individual phones through the air, which is expensive. To tell you more: as long, as you have Gapps installed, any encryption is useless, as Google can get your outgoing messages before they are encrypted, and incoming ones after they are decrypted. People may say "sand box", "permissions", but as long as you have Google Services Framework, which is the central part of Google apps, it can do with your device whatever it wants without you ever noticing. And Signal can't work without Google services.
I use Silence for SMS.
Yes. Although, it is somewhat difficult, because Qualcomm has a proprietary (as opposed to open source) implementation of MAC.
Click to expand...
Click to collapse
Thank you for the detailed insight. Although I have to say that Signal does work without Google play services. However, it falls back to a legacy polling method (increasing battery drain a bit) and shows a persistent notification in the status bar.
Great to see some privacy-conscious people here, amidst all of the Google fanboys who share every part of their life with Google and in the process jeopardize other people's privacy for the sake of "convenience".