{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Introduction
iodéOS is a privacy-focused operating system powered by LineageOS and based on the Android mobile platform. iodéOS aims at protecting the user's privacy with a built-in adblocker and by freeing the smartphone from snitches.
The objectives in the conception of this ROM are threefold:
To keep the stability and security level of LineageOS, by minimizing the modifications made to the system. Apart the system modifications required by the adblocker, we mainly only added a few useful options commonly found in other custom ROMs, made some cosmetic changes, modified a few default settings to prevent data leaks to Google servers.
To ease a quick adoption of this ROM by new users. We especially target users that are concerned by the protection of their privacy, but are not reluctant to still use inquisitive apps like Google ones. We thus included MicroG as well as a coherent set of default apps, and simplified the initial setup of the system. Particularly, an initialization of MicroG has been made with GCM notifications allowed by default, a privacy-friendly network location provider (DéjàVu) pre-selected, as well as Nominatim Geocoder.
To provide a new and powerful way of blocking ads, malwares, data leaks of all kinds to many intrusive servers. We are developing an analyzer, tightly integrated into the system, that captures all DNS requests and network traffic, as well as a user interface (the iodé app). Compared to some other well-known adblockers, this has the advantages of:
Avoiding to lock the VPN for that use. You can even use another adblocker that uses VPN technology alongside our blocker.
Being independent of the kind of DNS server used by the system or set by an independent app: classical DNS on UDP port 53 or any other one, DNS over TLS (DoT), DNS over HTTPS (DoH), ..., as we capture the DNS requests before they are transmitted to the system function that emits the DNS request. What we do not support, is DoH when it is natively built into applications, i.e. when an app communicates directly with a DoH server, without asking name resolution to the system. It would require to decrypt HTTPS packets between such an app and the DoH server, which may create a big security hole.
Precisely mapping DNS requests and network packets to the Android apps that emitted (or received) them.
Deciding which apps have a filtered network usage (by default, all apps), and which ones can communicate with blacklisted servers.
Since its first versions, we added many features to the iodé blocker: several levels of protection, fine-grained control over the hosts that should be blocked or authorized, displaying statistics on a map to see the quantity of data exchanged to which countries, clearing statistics... We are actively developing the blocker, and new functionalities will be regularly added.
Features
Changes in LineageOS to prevent data leaks:
Default DNS server: Google's DNS replaced by Quad9's 'unblocked' servers in all parts of the system.
A-GPS: patches to avoid leaking personnal information like IMSI to supl server.
Captive portal login: connectivitycheck.gstatic.com replaced by captiveportal.kuketz.de for connectivity check.
Dialer: Google default option replaced by OpenStreetMap for phone number lookup.
Pre-installed apps:
We included many useful default apps, but our choice cannot suit everyone; so we added the possibility to remove them. It can be done at the end of the phone setup, or at any time by going to Parameters -> Apps & Notifications -> Preinstalled apps.
MicroG core apps: GmsCore, GsfProxy, FakeStore.
NLP backends for MicroG : DejaVuNLPBackend (default), MozillaNLPBackend, AppleNLPBackend, RadioCellsNLPBackend, Nominatim Geocoder.
App stores : FDroid (with F-Droid Privileged Extension) and Aurora Store.
Browser: our own fork of Firefox (with Qwant as default search engine, many other ones added, telemetry disabled, parts of telemetry code removed) instead of Lineage’s default browser Jelly.
SMS: QKSMS instead of Lineage's default SMS app.
Email: p≡p (Pretty Easy Privacy).
Camera: our own fork of Open Camera, with a few tweaks.
Maps/navigation: Magic Earth GPS & Navigation (the only one free but not open source).
Keyboard: OpenBoard instead of AOSP keyboard.
PDF: Pdf Viewer Plus.
Personnal notes: Carnet.
{Ad/Malware/Data leak}-blocker: iodé.
News: to keep users informed about our developments, as well as a FAQ.
Meteo: Geometric Weather.
Pre-included FDroid repository:
The apps that we tweak or develop (microG services, the browser based on Firefox, the News app, Open Camera ...) are available through a repository that we included in FDroid (check the "Apps for iodéOS" category). For this purpose and to avoid name conflicts of some apps, we also had to make a few changes in FDroid.
Useful options from other custom ROMs:
Smart charging (disables charging when a given level is reached, to protect battery health).
Fingerprint vibration toggle.
Swipe down to clear all in recent apps (Android 10 only).
Installation Instructions
To download and flash our latest build, see https://gitlab.com/iode/ota.
You can also find here direct links to the latest builds.
Supported devices
Fairphone FP3/FP3+
Fairphone FP4
Google Pixel 3
Google Pixel 4
Google Pixel 5
Google Pixel 6
Google Pixel 6a
OnePlus 9
OnePlus 9 Pro
Samsung Galaxy A5/A7 2017 (a5j17lte/a7j17lte)
Samsung Galaxy S9/S9+ (starlte/star2lte)
Samsung Galaxy Note 9 (crownlte)
Samsung S10e/S10/S10+ (beyond{0,1,2}lte)
Samsung Note 10 (d1)
Samsung Note 10+ (d2s)
Sony Xperia XA2 (pioneer)
Sony Xperia XZ1 (poplar)
Sony Xperia XZ2 (akari)
Sony Xperia XZ3 (akatsuki)
Xiaomi Mi9 (cepheus)
Teracube 2e
Xiaomi Mi 10T 5G / Mi 10T Pro 5G
Xiaomi Mi 10 Lite 5G
Sources
iodéOS: https://gitlab.com/iode/os
LineageOS: https://github.com/lineageos
device tree:
https://gitlab.com/iode/os/public/devices/sony/device_sony_akari
https://gitlab.com/iode/os/public/devices/sony/device_sony_tama-common
kernel: https://github.com/LineageOS/android_kernel_sony_sdm845
Bug Reporting
You can post a message in this thread or (preferred) open an issue here.
Credits
LineageOS is a free, community built, aftermarket firmware distribution of android, which is designed to increase performance and reliability over stock android for your device.
All the source code for LineageOS is available in the LineageOS Github repo. If you would like to contribute to LineageOS, please visit their Wiki for more details.
This ROM would be nothing without the tremendous work made on MicroG, and all the other open source apps that we included. We are very grateful to their authors.
Contributors
Direct contributors: @iodeOS, @vince31fr
Indirect contributors (too numerous to list): All the people that contributed to the device tree, to LineageOS, and to the included open source apps.
Sponsoring
You can help in the development of this ROM by paying us a coffee here: https://paypal.me/iodeOS.
Screenshots
Downloads : iodéOS
04/04/2023 (build 20230401):
Installation procedure: move to a fastboot script (read instructions: https://gitlab.com/iode/ota)
Blocker: improved use of blocking lists (sub-domains blocking)
FDroid: fixes an issue on apps update
LineageOS synchronized with March security patch included
All apps updated
07/02/2023 (build 20230131):
Upgrade to iodéOS 4.0 based on Android 13 / LineageOS 20
Blocker:
Improved blocking settings. You can now choose 'Standard' blocking (ads, trackers, malwares, etc) or 'Reinforced' blocking (same objective but more extensive), and then select additional categories.
The 'Porn' category has been extended to a wider 'Sensitive content' one, that also includes fake news, gambling, drugs, piracy, torrent..., with mainly child protection in mind.
The 'Extreme' category has been removed, as it is now part of the reinforced blocking.
Improved blocking lists. We merge several acknowledged and up-to-date sources, and have diversified our sources to produce more complete lists. The standard list has however been reduced a bit, to avoid as much as possible interference with apps expected behavior.
Added a new network location provider: Local NLP Backend. It is an improved version of the DéjàVu NLP backend which was already available in iodéOS. Like DéjàVu, it builds a local database connecting localizations learned from other NLP backends and apps using GPS, and mobile antennas/Wifi; but also has an active mode (not preselected) that can trigger GPS requests. To configure it: Settings -> System -> microG -> Location modules
LineageOS synchronized with January security patch included
All apps updated
New devices support: Pixel 3, 6, 6a
16/12/2022 (build 20221215):
Blocker: added multiple selection in settings / domain customization. Long-press on a domain, select several domains or all, apply actions (block all, authorize all...)
PdfViewerPlus: improved security by updating core libraries
Network settings: added a switch to disable connectivity check (and thus captive portal detection)
LineageOS synchronized with December security patch included
All apps updated
New devices support: Pixel 4 & 5, OnePlus 9 & 9 Pro
24/11/2022 (build 20221121):
Improvements in the blocker user interface (iodé app)
LineageOS synced with September security patch included
All apps updated
17/10/2022 (build 20221014):
Blocker:
Network blockings following their type (Wifi, mobile data, VPN) added
Default blockings definition for new apps
Personnalized recipients management improved
iodé's app access restrictions by password added
Search filters added in report and map
Display theme selection
Automatic and 'real-time' refresh of the whole app
Performance and fluidity improvements of the app
LineageOS synced with September security patch included
All apps updated
27/07/2022 (build 20220726):
Upgrade to iodéOS 3.1 based on Android 12 / LineageOS 19.1
SafetyNet certification activated: allows many apps, notably banking ones, to fully work
Setup wizard: the push notifications configuration page now also activates SafetyNet (fine-grained control in Settings->System->microG)
OpenCamera: the 'Use alternative flash method' in photo settings is no more necessary and can be disabled, allowing flash optimization
News app: German translations
LineageOS synced with July security patch included
All apps updated
21/07/2022 (build 20220530):
Setup Wizard: new page to configure push notifications through microG
Lockscreen settings: switch added to disable fingerprint unlock when screen is off
Improved German translations
Bug fixes and improvements
LineageOS synced with May security patch included
All apps updated
02/05/2022 (build 20220408):
News app reworked
Setup Wizard: new iodé introduction
iodé blocker: pull to refresh replaced by automatic refresh in report tab
Teracube 2e 2022 batch released, video playback in browser and video recording fixed
Music app : playlist crash fixed
Open Camera : crash when tapping thumbnail of a newly recorded video fixed, photos and videos now editable
LineageOS synced with March security patch
All apps updated
03/02/2022 (build 20220126):
New iodé blocker map feature
Build mode changed to 'user' (i.e. release) mode): more apps work out-of-the-box and more secure device, but more restrictive recovery
Camera app changed to Open Camera
Wireguard kernel module included
Dark bootanimation
January security patch
Preinstalled apps updated
Beware: Play store Magisk module broken
18/11/2021 (build 20211108):
LineageOS updated (November security patch)
Preinstalled apps updated
Iodé blocker: hosts can now be customized, either globally or by app
10/09/2021 (build 20210828):
LineageOS updated (August security patch)
Preinstalled apps updated
Backup app included: Seedvault
microG now uninstallable: Settings -> Apps & notifications -> Preinstalled apps
New default accent color (clear blue from iodé logo)
03/08/2021 (build 20210729):
Upgrade to Android 11 / LineageOS 18.1
Preinstalled apps UI reworked with the introduction of categories.
Dark theme in the iodé blocker UI (next improvement will be hosts customization).
p≡p (https://f-droid.org/fr/packages/security.pEp/) is now the defaut email client, and replaces lineageOS client which is no longer maintained.
Preinstalled apps updated to their latest version.
LineageOS updated (July security patch).
28/05/2021 (build 20210525):
Different protection levels in iodé's blocker added: in addition to the default standard blocklist, we added three lists (socials, porn, extreme) that can be activated globally or on a per-app basis (more information in the FAQ).
Geometric Weather app added.
Preinstalled apps selection at setup wizard added.
Preinstalled apps including microG updated to their latest version.
LineageOS updated (May security patch).
07/03/2021 (build 20210306):
Blocker UI improved: performance at startup, statistics display (with sortable columns), DNS stream
Preinstalled apps management (uninstall / reinstall) menu added (Settings -> Apps & Notifications -> Preinstalled apps)
Latest lineageOS sources synced
Default apps updated
22/01/2021 (build 20210119):
LineageOS sources synced
Prebuilt apps updated
Activated Camera APIv2 in Snap
Force auto-update of apps in FDroid to keep in sync with iodé apps. It can be disabled.
02/12/2020 (build 20201127):
LineageOS sources synced
Prebuilt apps updated
New default wallpaper
Firefox browser renamed as iodé Browser and logo changed due to trademark restrictions
The iodé blocker can now be correctly coupled with a VPN
17/11/2020 (build 20201113):
Qwant replaced by a customized version Firefox, actually 83.1.0-rc1: Qwant or DDG as default search engine, alternate search engines added, telemetry disabled
iodé app (blocker): app switches replaced by shields around app icons, aggregated apps view in report, historical data deletion for each period by long press on an app line in report, black list updated
LineageOS sources synced
Prebuilt apps updated
Added a iodé category in FDroid, to quickly distribute the apps we customize. We had to fork FDroid for this purpose.
30/09/2020 (build 20200925):
Synced LineageOS sources and device tree
microG updated to v0.2.12.203315 plus commits up to 25/09 (in-app maps now mostly working through Mapbox)
Prebuilt apps updated to their latest version
Welcome to "News": an app to keep users informed of latest iodé developments, as well a a FAQ.
05/08/2020 (build 20200805):
Synced LineageOS sources and device tree
microG updated to v0.2.11.202414 plus commits up to 05/08
AppleNLP backend working again
Prebuilt apps updated to their latest version
25/07/2020 (build 20200725): first publicly available build for akari.
Downloads : add-ons
phonesky-magisk.zip : Magisk module for NanoDroid patched Play Store, for those who really need to get access to their paid apps that don't work with microG. This module can be generally be deactivated when you have installed and ran once the paid apps.
NB : you may have to wait a couple of hours after activating the module for being able to install paid apps.
phonesky-magiskV2.zip : compatibility for the upcoming iodéOS 2.0 based on Android 11. It can ben installed on iodéOS 1.x based on Android 10 too.
IMPORTANT : install this module or deactivate the previous one before installing iodéOS 2.0, or you'll be caught in a bootloop.
is a support for xz2c / dual planned?
shajk-00 said:
is a support for xz2c / dual planned?
Click to expand...
Click to collapse
Not yet, we don't own this device.
Thanks for your work!
hostme said:
Thanks for your work!
Click to expand...
Click to collapse
You're welcome!
There will be a new release in a couple of days that will embed the new release of microG. Stay tuned!
### NEW UPDATE : 05/08/2020 ###
Also available as an OTA update.
Quick changelog:
Synced LineageOS sources and device tree
microG updated to v0.2.11.202414 plus commits up to 05/08
AppleNLP backend working again
Prebuilt apps updated to their latest version
Lemme guess, you work for Vodafone. No sane person would switch to ISP/Telco operated service for security/privacy unless you have insider info that it is indeed private/secure, or you have something to gain from it, aka selling user information. If its the former, that's great, if its the latter, please disclose so and remove any references that you "aim" to be secure and private.
hotcakes_shinku said:
Lemme guess, you work for Vodafone. No sane person would switch to ISP/Telco operated service for security/privacy unless you have insider info that it is indeed private/secure, or you have something to gain from it, aka selling user information. If its the former, that's great, if its the latter, please disclose so and remove any references that you "aim" to be secure and private.
Click to expand...
Click to collapse
Two options: disable AGPS, or at least switch from Google to another provider. We are not alone in the world to make such a choice: see https://www.reddit.com/r/privacy/comments/cldrym/how_to_degoogle_lineageos_in_2019/
*** New update: 30/09/2020 ***
Download here (OTA available)
We are looking for beta testers volunteers!
Hi everyone.
As you may know, before officially deploying each update on all iodé smartphones, our team spends a few days testing that the update functions as expected.
We are thus looking for volunteers to help us testing our updates. The principle is very simple: as a beta tester, your will receive a notification to install each update a few days before the official one. You will only need to install it and report to our team possible anomalies on the use of your smartphone. If you encounter nothing wrong, then just enjoy the update before everyone ?.
If you'd like to become beta tester, feel free to join our 'iodé Beta Testers' Telegram app group.
Thank you and keep your data safe with iodé!
/// New update: 17/11/2020 \\\
Available as OTA (see OP for direct link and changelog)
### New update: 02/12/2020 ###
Available as OTA (see OP for direct link and changelog)
vince31fr said:
Not yet, we don't own this device.
Click to expand...
Click to collapse
Truly really excited to get this going on xz2c. Hope it gets live soon. Have spent the past many days getting the lineageOS4microG going. iodeos seems like the next big step in terms of evolution!
But just to ask anyway...
Do you think flashing Xz2 on Xz2c is likely going to be a problem?
=== New Update : 22/01/2021 ===
Available as OTA (see OP)
- Front camera doesnt work, crashes
- When i use phonesky-magisk.zip, the playstore shows me i have to pay my paided apps again?
- Can i install twrp on the phone?
Thats the only problems i have, overall a very good ROM
Hobbala said:
- Front camera doesnt work, crashes
- When i use phonesky-magisk.zip, the playstore shows me i have to pay my paided apps again?
- Can i install twrp on the phone?
Thats the only problems i have, overall a very good ROM
Click to expand...
Click to collapse
Front camera works perfectly on a clean install. Maybe you installed a magisk module which conflicts with the system ?...
Yes, you can install twrp.
About phonesky-magisk: I don't have problems with it on another phone. Maybe someone could tell if it works on XZ2 ?
vince31fr said:
Front camera works perfectly on a clean install. Maybe you installed a magisk module which conflicts with the system ?...
Yes, you can install twrp.
About phonesky-magisk: I don't have problems with it on another phone. Maybe someone could tell if it works on XZ2 ?
Click to expand...
Click to collapse
I deactivated all magisk modules, restarted the phone, but nothing has changed ... maybe I try again from scratch tomorrow or i just use the "open camera" app, there the front camera works.
How do I install twrp? twrp-3.4.0-0-akari.img no longer works, as soon as iode is installed.
Hobbala said:
I deactivated all magisk modules, restarted the phone, but nothing has changed ... maybe I try again from scratch tomorrow or i just use the "open camera" app, there the front camera works.
How do I install twrp? twrp-3.4.0-0-akari.img no longer works, as soon as iode is installed.
Click to expand...
Click to collapse
About twrp : yes, it is overwritten after iodé installation. You can reinstall it after iodé's installation.
About camera : try also after a factory reset, without installing anything.
About phonesky : it works, after waiting long enough after activating the module (several hours, maybe 10 or more, it depends...).
vince31fr said:
About twrp : yes, it is overwritten after iodé installation. You can reinstall it after iodé's installation.
About camera : try also after a factory reset, without installing anything.
About phonesky : it works, after waiting long enough after activating the module (several hours, maybe 10 or more, it depends...).
Click to expand...
Click to collapse
About twrp: after iode was installed, i couldnt „fastboot boot twrp.img“ cause it was stuck at fastboot, but its working / installed now
About camera: tried a factory reset, wiped the phone, installed the stock ROM again and used the cam at once after iode was installed, but still same problem
About phonesky: Yes ur right, i waited and its working now THX
Related
Moderator Announcement: THREAD CLOSED on request of OP. If you're interested in the hardened LOS for the OnePlus 3 or 3T please follow this thread in the cross-device section in future: https://forum.xda-developers.com/oneplus-3/oneplus-3--3t-cross-device-development/rom-hardened-lineageos-16-0-oneplus-3t-t4034869
This thread is dedicated to provide hardened Lineage-OS 15.1 builds with microG included for the OnePlus 3/3T with current security patches.
This thread is discontinued, please visit the LineageOS 16.0 successor thread
Features of this ROM
Download here
Pre-installed microG and F-Droid same as the LineageOS for microG project
Pre-installed AuroraStore
[*]Pre-Installed pre-release of microG DroidGuard helper to have a working SafetyNet attestation (see comments below!)
Adapted LockClock app without wake-locks (fix of frozen weather widget after boot)
OTA Support
Additional security hardening features listed below
Access to /proc/net blocked for user apps
Bundled netmonitor app to allow network monitoring
Enhanced Privacy Guard: Switches for motion sensors, other sensors and certain background activities
Cloudflare as default DNS (instead of Google)
Privacy-preferred default settings
Optional blocking of Facebook- and Google-Tracking
Optional disabling of captive portal detection
Option to define own DNS
No submission of IMSI/phone number to Google/Sony when GPS is in use
Default hosts file with many blocked ad/tracking sites
Privacy-enhanced Bromite SystemWebView
Option to deny new USB connections
Additional restrictions for secondary users
Increased password length
Kernel kept up to date with ASB patches and Google kernel/common 'android-3.18' branch
Current release levels
Security string: 2020-01-05
AOSP tag: 8.1.0_r52
Bromite System Webview: M79
Source-code and build instructions
Kernel: https://github.com/lin15-microG/android_kernel_oneplus_msm8996/tree/lin-15.1-microG
Build manifest: https://github.com/lin15-microG/local_manifests/tree/lin-15.1-microG
Installation Instructions
YOU ARE RESPONSIBLE SOLELY YOURSELF FOR ANY ACTIONS YOU DO WITH YOUR DEVICE !!!
Please note - I won't explain any single aspect (e.g. how to install 'fastboot' on your PC or troubleshoot USB connectivity issues under Windows). Search the net and consult the search engine of your choice or look here in XDA, there is plenty of information available.
Pre-Requisites
Have fastboot and adb installed on your PC and make sure, you can connect via USB to your device in fastboot mode and via adb
Download the most current .ZIP file of the ROM and place it to your phone's internal memory
An unlocked bootloader (see e.g. LineageOS install instructions)
You need at least OxygenOS 5.0 firmware, otherwise you'll get error 7 when installing the zip. (Recommended 5.0.8 - DO NOT use 9.x firmware)
Install TWRP recovery
If you come from stock ROM and have just unlocked your boot loader, this is the next thing to do. I recommend to use the TWRP recovery for the OnePlus 3/3T. The following instructions are based on TWRP.
IMPORTANT NOTE - The official TWRP 3.2.3-1 is broken - DO NOT USE!
Please use the TWRP link in the official LineageOS install instructions instead.
To install TWRP, download the twrp-x.x.x-x-oneplus3.img file (Note: replace "x.x.x-x" in the following instructions with the respective values from the real file name) to your PC, connect the phone via USB to your PC, get it into 'fastboot mode' and enter the following command on your PC:
Code:
fastboot flash recovery twrp-x.x.x-x-oneplus3.img
Afterwards, directly boot into 'recovery mode' (enter fastboot reboot on your PC and hold Power and vol.down) - DO NOT boot into the phone's Android system after having flashed TWRP! Once TWRP has been launched, you may decide to reboot your phone and install the ROM at any time later. But the first boot after flashing TWRP must be TWRP in recovery mode.
Advanced Wipe
ONLY perform the steps described here, if you come from Stock ROM or a different Custom ROM!
Boot into recovery mode. In TWRP, choose "Wipe", "Advanced" and spefify "Dalvik", "System", "Cache" and "Data" to be wiped. Make sure NOT to wipe "Internal memory". Swipe to confirm the deletion and get back into the main menu.
DO NOT flash Gapps!
This ROM comes with pre-installed microG. So don't attempt to flash Gapps.
Install ROM
In the TWRP main menu, choose "Install". A file manager appears to let you navigate to your internal memory (path /sdcard). Choose the .ZIP file of our ROM and swipe to flash.
If you update from a previous version of our ROM, you don't need to perform a wipe. If you come from a different ROM (or stock firmware), make sure that you have performed the Wipe steps above.
When finished flashing, return to the main menu, choose "Reboot" and then "System", which will cause your phone to boot into our Lineage OS 15.1 - be patient, the first boot after flashing a new ROM takes quite long!
Dealing with signed builds
Please note, that this builds is signed with an own key. When you come from a different build, you cannot directly "dirty-flash" this build. You have to perform a "clean flash" (recommended), or - you do this on your own risk - you may try the below steps.
This happens at your own risk - make a backup with TWRP before!
Download and extract the file migration.sh from this archive
This file helps you to migrate from a build signed with the publicly available test keys (i.e. all builds around, which do not state that they are signed). If you come from another signed build (e.g. official LineageOS), you have to adapt the file accordingly (see below links).
boot into TWRP
push the migration.sh file to the directory /data/local on your device and mount the /system partition in TWRP (you can do so using the dedicated TWRP's menu entry)
launch the built-in terminal in TWRP, cd into /data/local, make migration.sh executable (chmod +x) and execute the command ./migration.sh official
(In case you receive an error, try sh ./migration.sh official instead)
flash the ROM .zip
wipe Cache and Dalvik/ART Cache
reboot system
More background information and the "theory behind" can be found in the LineageOS wiki and AOSP reference.
SafetyNet:
Google SafetyNet is a device certification system, ensuring that the device is properly secured and compatible with Android CTS. Some applications use SafetyNet for security reasons, to enforce DRM or as a prerequisite for tamper-protection. General information about SafetyNet can be found here or e.g. see LineageOS' statement about SN.
If you don't need SafetyNet (i.e. you don't use apps requiring it), I recommend to switch off SafetyNet in microG settings and in addition, go to Settings - apps, make system processes visible and disable the app 'microG DroidGuard Helper'
In that case, you can safely skip the below information. (If you access the play store with Yalp coming with this build, apps, which the original playstore app would hide because of failed SafetyNet, such as e.g. Netflix, are still listed, so you don't need SafetyNet for that specific purpose)
If you need SafetyNet, because you use an app requiring SafetyNet attestation to pass, switch SafetyNet on in microG settings and make sure the a.m. DroidGuard Helper app is active. Further, please consider below important information.
The typical use-case, for which SafetyNet has been developped and is e.g. used by Google, is e.g. "Google Pay".
Although it seems not to be the intention of Google to make SafetyNet part of "ordinary, average" apps - unfortunately - a certain tendency can be observed that more and more apps make use of it. Especially nosy and privacy intrusive apps seem to start using SafetyNet against Custom ROMs, because Custom ROMs usually allow to at least restrict uncontrolled data collection.
microG GmsCore contains a free implementation of SafetyNet, but the official server requires SafetyNet requests to be signed using the proprietary DroidGuard system. A sandboxed version of DroidGuard has been added to this microG build as a prebuilt “DroidGuard Helper” app to run the Google code in an isolated environment. The chosen approach in my build is proposed and discussed within the microG project, but not yet officially implemented by microG.
As of March 11th 2019, the microG build passes the SafetyNet attestation, when installed w/o root or Xposed.
So, if you need SafetyNet and you also need root, Magisk would be the way to go.
To avoid confusion: Magisk can hide itself from being detected by SafetyNet and thus help to pass SN, if the device would pass SN without having Magisk installed. Nothing more.
Currently not working, hence not bundled
There are apps available on the Play store to show, whether SafetyNet attestation is passed, for example 'SafetyNet Test' (org.freeandroidtools.safetynettest)
IMPORTANT
I cannot and I will not give any assurance that SafetyNet attestation is passed by this build!
The SafetyNet code, which is dynamically downloaded from Google servers and executed on the device as part of the defined functionality, is regularly maintained and further developped by Google. Although it currently works, it could stop working in the future, until the microG team finds again a solution.
(Interesting enough: Remote code execution is normally considered a severe vulnerability, but hey, it's Google and we all "trust" them 100%, don't we? - At least I, besides others, exactly for that reason, do not use Gapps!)
Further, I for my part refuse to use apps requiring SafetyNet, but that is of course everybody's own decision.
Bug reports:
If you have a problem, please create a post with these informations:
Original Kernel shipped with this rom:
Build Date:
And try to get log as described here
Please note that I can't and won't support issues with builds using a different kernel or Xposed.
In regards to microG, I will try my best to help when it is related to this ROM (I use it myself), but any questions of the type "the YXZ-app can't do <some sort of fancy xyz Google functionality> properly" are better asked in the respective microG forums.
Credits
AOSP project
LineageOS project
microG project
CopperheadOS project
csagan5 (Bromite)
Yeriomin (Yalp)
XDA:DevDB Information
[ROM][Unofficial][8.1.0][microG][signed]hardened LineageOS 15.1 for Oneplus 3T, ROM for the OnePlus 3T
Contributors
MSe1969
Source Code: https://github.com/lin15-microG/local_manifests/tree/lin-15.1-microG
ROM OS Version: 8.x Oreo
ROM Kernel: Linux 3.x
Based On: LineageOS
Version Information
Status: Stable
Stable Release Date: 2020-01-13
Created 2019-01-21
Last Updated 2020-04-30
Change Log
February 7th, 2020
Announcement to discontinue the LineageOS 15.1 builds - Please visit my LineageOS 16.0 thread, which continues with LineageOS 16.0 builds
January 14th, 2020
ASB Security string 2020-01-05
Bromite Webview on 79.0.3945.107
AuroraStore updated to 3.1.7
AuroraServices updated to 1.0.5
December 7th, 2019
ASB Security string 2019-12-05
Bromite Webview on 78.0.3904.119
AuroraStore updated to 3.1.5
November 10th, 2019
ASB Security string 2019-11-05
Bromite Webview on 78.0.3904.72
Updated microG GMS core 0.2.9.x
October 13th, 2019
ASB Security string 2019-10-06
AuroraStore updated to 3.1.3
Bromite Webview on 77.0.3865.104
September 10th, 2019
ASB Security string 2019-09-05
AuroraServices updated to 1.0.4
August 11th, 2019
ASB Security string 2019-08-05
Bromite Webview on 76.0.3809.100
Aurorastore 3.0.9 with AuroraServices install method
Updated microG GMS core 0.2.8.x
OTA Support
July 4th, 2019
ASB Security string 2019-07-05
Bromite Webview on 75.0.3770.109
June 12th, 2019
ASB Security string 2019-06-05
Kernel upstreamed to 3.18.140
Bromite Webview on 75.0.3770.86
Replaced Yalpstore with Aurorastore
Removed RemoteDroidGuard
Updated F-Droid & priv. extension
Updated microG GMS core 0.2.7.x
May 9th, 2019
ASB Security string 2019-05-05
SystemWebView: Bromite updated to 74.0.3729.106
Kernel: Upstreamed to 3.18.139
Backport of 'Deny new USB' feature
Option to set own DNS
Additional options for secondary users
Increased password length
April 8th, 2019
ASB Security string 2019-04-05
SystemWebView: Bromite updated to 73.0.3683.97
Kernel: Upstreamed to 3.18.138
Control switch in dev. settings for hosts file update
March 11th, 2019
ASB Security string 2019-03-05
SystemWebView: M73-Bromite (includes CVE-2019-5786)
Kernel: Upstreamed to 3.18.136
February 19th, 2019 - 2nd interim release
New upstreamed kernel (3.18.134) from here (yet w/o CAF tag LA.UM.6.5.r1-10600-8x96.0)
February 13th, 2019 - interim release
Reverted Kernel fixes, which seem to have caused crashes after wiping cache&dalvik
Prebuilt microG DroidGuard helper app to pass SafetyNet attestation
February 9th, 2019
ASB Security string 2019-02-05
SystemWebView: M72-Bromite
Kernel: CAF tag LA.UM.6.5.r1-10600-8x96.0
January 21st, 2019
Initial load
ASB Security string 2019-01-05
AOSP tag android-8.1.0_r52
SystemWebView: M71-Bromite
Initial feature list:
Pre-installed microG and F-Droid same as the LineageOS for microG project
Pre-installed YalpStore (Version 0.45)
Access to /proc/net blocked for user apps
Bundled netmonitor app to allow network monitoring
Enhanced Privacy Guard: Switches for motion sensors, other sensors and certain background activities
Cloudflare as default DNS (instead of Google)
Privacy-preferred default settings
Optional blocking of Facebook- and Google-Tracking
Optional disable captive portal detection
No submission of IMSI/IMEI to Google/Sony when GPS is in use
Default hosts file with many blocked ad/tracking sites
Privacy-enhanced Bromite SystemWebView
Security Hardening Features - Details
1. Pre-installed microG and F-Droid
same as the LineageOS for microG project
2. Pre-installed AuroraStore
works w/o having to enable the "unknown sources feature"
3. Restrict access to /proc/net for user apps
An adapted SELinux policy prevents user apps from accessing the /proc/net pseudo file system, which can be misused to monitor and track the phone's internet traffic. For technical backgrounds, see here. For the legitimate use case of the smart phone owner him/herself monitoring the network traffic to see, what the installed apps do, the app Privacy-Friendly Network Monitor has been bundled.
4. Enhanced Privacy Guard - Sensor permission switches and background control
An own sensor template to control access to motion sensors ('ask' mode) and all other sensors (allowed by default, but can be restricted) has been implemented into the Privacy Guard. Further, the following background activities can be restricted in Privacy guard:
Background Clipboad access (forbidden by default, can be allowed per app)
Background Location access (allowed by default, if location access as such is allowed, can be forbidden per app)
Background Audio recording (allowed by default, if microphone access as such is allowed, can be forbidden per app)
5. Cloudflare (instead of Google) default DNS
Cloudflare DNS has a better privacy policy than Google Public DNS and has DNS-over-TLS and DNS-over-HTTPS. In the deafult DNS settings (as fallback) and network diagnostics, the Cloudflare DNS adresses 1.1.1.1 and 1.0.0.1 are specified as defaults (instead of Google's 8.8.8.8 and 8.8.4.4)
6. Privacy-preferred default settings
When newly installed, the below settings are defaulted, different from standard LineageOS 15.1 (all settings can be changed at any time later):
Privacy Guard is enabled on install (proposal during Setup)
Anonymous LineageOS statistics disabled (proposal during Setup)
The standard browsing app does not get the location runtime permission automatically assigned
Sensitive information is hidden on the lock screen
Camera app: Location tagging disabled by default
Apps having the PACKAGE_USAGE_STATS permission appear by default as "not allowed" under Settings => Security & privacy => Apps with usage access (instead of opting out here, the user needs to explicitly opt-in in order to have the app collecting this data)
Further, when a lock screen protection is set (PIN, pattern, password), the Nfc, Hotspot and airplane mode tiles require authentication and cannot be set without
7. Optional blocking of Facebook- and Google-Tracking
Until April 2019 build: Settings => Network & Internet => Data usage => Menu => "Apply iptables block script"
Starting with May 2019 build: Settings => Network & Internet (scroll down)
When activated, all outgoing connection attempts to Facebook servers will be suppressed.
Same applies to Google, but certain apps on an internal exception list will still be able to connect (Yalpstore, microG, or e.g. NewPipe, if installed)
8. Optional disable captive portal detection
Until April 2019 build: Settings => Network & Internet => Data usage => Menu => "Disable Captive Portal"
Starting with May 2019 build: Settings => Network & Internet (scroll down)
When activated, the system will not ping a specific Google server any longer when establishing a WiFi connection to determine, whether a captive portal is being used.
9. No submission of IMSI or phone number to Google/Sony when GPS is in use
GPS also works fine, if no SIM card is present, so there obviously is no benefit for the phone holder (different from other involved parties ) to provide this data . . .
10. Default hosts file with many blocked ad/tracking sites
The system's hosts file redirects a comprehensive list of URLs known to be adware, tracking, etc. to 127.0.0.1 (ipv4) and ::1 (ipv6)
11. Privacy-enhanced Bromite SystemWebView
Instead of the default Chromium System Webview component, the Bromite SystemWebView is used offering more privacy, more ad blocking and less Google tracking.
12. Deny new USB option
Settings => Security & Privacy
Control, what happens, if a USB device is connected to the device: Allow, allow when unlocked or block.
13. Option to define an own DNS
Settings => Network & Internet (scroll down)
You can optionally define an own DNS, which is used instead of the default DNS of the ISP (uses iptables)
Note: If your ISP intercepts DNS queries to enforce their own ISP - e.g. to enforce surveillance/censorship - this option won't work . . .
14. Maximum password length increased to 64
15. Additional restriction options for secondary users
- Disallow app installation option
- Disallow audio recording option
Further tips & tricks
Root
The ROM does not come with root baked in. A couple of features in this ROM even reduces the usual need for root.
Nevertheless, if you need/want to grant root permissions to some of your apps, the most popular options are:
Official LineageOS su addon (use 'addonsu-15.1-arm64-signed.zip')
Magisk (please search XDA on your own)
SuperSU
Note that I cannot and will not support any issues related to Magisk and/or SuperSU
Weather Widget
LineageOS does currently not offer Weather provider apps for LineageOS 15.1 for download (only for LineageOS 14.1)
I have built an APK for OpenWeatherMap for download from the LineageOS sources here, which works well with LineageOS 15.1
microG initial configuration after 1st install
After the first installation of this ROM, you need to setup microG.
Please read the instructions given on the LineageOS for microG site, section "Post Install - UnifiedNlp"
Firmware
You need at least OxygenOS 5.0 firmware, latest firmware recommended. Firmware updates (or downgrades, if needed) as flashable ZIP can be obtained e.g. here or here.
Do not confuse OnePlus 3 and OnePLus 3T firmware or you will brick your device!
Oooh thanks. I'll be having that!
Do you expect to release the 9.0 version when LOS 16 for 3T is ready?
sysak said:
Oooh thanks. I'll be having that!
Do you expect to release the 9.0 version when LOS 16 for 3T is ready?
Click to expand...
Click to collapse
Eventually yes - but not immediately, as I need some time to investigate to port the features.
MSe1969 said:
Eventually yes - but not immediately, as I need some time to investigate to port the features.
Click to expand...
Click to collapse
Maybe you can work together with nvertigo67, he has a rock solid los16 build. In the past, he has also promoted Android without Google Apps.
His thread: https://forum.xda-developers.com/on...oss-device-development/rom-nlos-16-0-t3879405
phoberus said:
Maybe you can work together with nvertigo67, he has a rock solid los16 build. In the past, he has also promoted Android without Google Apps.
His thread: https://forum.xda-developers.com/on...oss-device-development/rom-nlos-16-0-t3879405
Click to expand...
Click to collapse
Thanks for the information. I am aware of his thread and also his very knowledgeable feedbacks in the 'official' OP3T thread and I think I'll definitely try to get in touch with him.
For the time being however, I would like to concentrate on the "stable" LineageOS 15.1 (building also for the 'amami' device from same sources) to be used as a daily driver rather than bringing up a device for a new android version (I am actually not that good in this area). So I am somehow a little bit more "conservative"
this is something new ?
I'm new to this so my question is google playstore included??
and how is the gaming performance
Playstore not included
vip57 said:
this is something new
I'm new to this so my question is google playstore included??
and how is the gaming performance
Click to expand...
Click to collapse
Google play store is not included, but it had Pre installed yalp store. About gaming performance I can't comment because I don't play games.
Incase you are Intrested more info regarding micro g can be found here. https://microg.org/
Can you provide some additional information on how each step was done?
I'm specifically curious about the changes to Privacy Guard, changing the default DNS, and not submitting IMEI/IMSI/phone number on GPS requests
Thank you!
MXIIA said:
Can you provide some additional information on how each step was done?
I'm specifically curious about the changes to Privacy Guard, changing the default DNS, and not submitting IMEI/IMSI/phone number on GPS requests
Thank you!
Click to expand...
Click to collapse
The source code is linked in the OP (the link leads to the local build manifest) - you will find the commits for the features you've asked for always in the 'lin-15.1-microG' branch of my frameworks/base fork, for the sensors in PG additionally in frameworks/native and to make the PG switches visible, obviously packages/apps/Settings, always the 'lin-15.1-microG' branch.
Location services doesn't seem to be working and trying to access the location settings just fc the settings app.
Ahki767 said:
Location services doesn't seem to be working and trying to access the location settings just fc the settings app.
Click to expand...
Click to collapse
I am using this build myself w/o issues. Do you have a log?
One general advice: After 1st install, you should enter the microG settings and perform the setup as described in the link "LineageOS for microG" in OP. (I'll add a line telling this to the installation instructions)
EDIT: In short, click on 'unified NLP' and configure the location providers. Afterwards go to 'Self test' and click on each "unchecked" item and follow the instructions.
Huge thanks for the extra effort you gave to this. I was so excited when I week ago found this thread and yesterday got my Oneplus 3T and installed this.
Few questions: When I activate Iptables block script it breaks Spotify. I know spotify tries to connect graph.facebook.com so is this the cause? And can I edit iptables script somehow? I am quite newb with this stuff. Or maybe just disable script and edit Hosts file to add graph.facebook.com (its not there)? Though I would like to use this script.
eightfiveseven said:
Huge thanks for the extra effort you gave to this. I was so excited when I week ago found this thread and yesterday got my Oneplus 3T and installed this.
Few questions: When I activate Iptables block script it breaks Spotify. I know spotify tries to connect graph.facebook.com so is this the cause? And can I edit iptables script somehow? I am quite newb with this stuff. Or maybe just disable script and edit Hosts file to add graph.facebook.com (its not there)? Though I would like to use this script.
Click to expand...
Click to collapse
graph.facebook.com is FB's track&spy server, so unless you use an "original" FB product like their spy app or one of their messengers, there is no reason to allow any connection to FB. (OK, some people also allow their Login services spying on them...)
The reason, why Spotify breaks, is that Spotify is hosted on Google servers. I may think about adding the Spotify app to the exception list for Google (from its permissions however, this app seems also quite invasive, so not sure yet) This would mean that this app would still send tracking data to the Google trackers Ads, Crashlytics and DoubleClick and others (Spotify uses 9 trackers, according to Exodus, which is a lot!)
Yes, you can edit the script, but for this you need a root shell (e.g. via adb) - the script file is /system/bin/z_iptables and you would need to add the line com.spotify.music into the list under list_apps()
Regards, M.
MSe1969 said:
graph.facebook.com is FB's track&spy server, so unless you use an "original" FB product like their spy app or one of their messengers, there is no reason to allow any connection to FB. (OK, some people also allow their Login services spying on them...)
The reason, why Spotify breaks, is that Spotify is hosted on Google servers. I may think about adding the Spotify app to the exception list for Google (from its permissions however, this app seems also quite invasive, so not sure yet) This would mean that this app would still send tracking data to the Google trackers Ads, Crashlytics and DoubleClick and others (Spotify uses 9 trackers, according to Exodus, which is a lot!)
Yes, you can edit the script, but for this you need a root shell (e.g. via adb) - the script file is /system/bin/z_iptables and you would need to add the line com.spotify.music into the list under list_apps()
Regards, M.
Click to expand...
Click to collapse
Thanks for the info! I edited z_iptables to bypass Spotify and now its working. I also added graph.facebook.com to hosts file and to the z_iptables (graph.facebook.com IP is 31.13.71.1 and it was missing from iptables) and now its blocked (dont know which one is blocking it). Btw what does the number after IP mean? Example 31.13.24.0/21
But I still get some calling to settings.crashlytics.com, app.adjust.com and clients3.google.com according to my Pi-hole (which are blocked in it).
Might have to add them too.
Though my adb pull command for the Hosts file stopped working... (freezes in 14%) Any ideas why? This is first time I am doing anything like this so I'm bit nervous.
eightfiveseven said:
Thanks for the info! I edited z_iptables to bypass Spotify and now its working. I also added graph.facebook.com to hosts file and to the z_iptables (graph.facebook.com IP is 31.13.71.1 and it was missing from iptables) and now its blocked (dont know which one is blocking it). Btw what does the number after IP mean? Example 31.13.24.0/21
But I still get some calling to settings.crashlytics.com, app.adjust.com and clients3.google.com according to my Pi-hole (which are blocked in it).
Might have to add them too.
Though my adb pull command for the Hosts file stopped working... (freezes in 14%) Any ideas why? This is first time I am doing anything like this so I'm bit nervous.
Click to expand...
Click to collapse
Be careful!
The "/21" in 31.12.24.0/21 means range 31.12.24.0 . . . 31.12.31.255 and the also specified blocking entry 31.13.64.0/18 means 31.13.64.0 . . . 31.13.127.255, which includes 31.13.71.1 - further explanation of the subnets can be found e.g. here
Therefore, if you could still reach graph.facebook.com resolving to 31.13.71.1, the iptables config may not be effective at all (the calls to adjust and goole indicate so)! Please open a browser on your device and simply enter 'facebook.com' as address - if you are redirected to FB for logon, the firewall-blocking is inactive - in that case, please try to deactivate and reactivate the iptables block script and try again. If it persists, open an adb root shell, cd to /system/bin and execute the command ./z_iptables set and watch out for error messages.
MSe1969 said:
Be careful!
The "/21" in 31.12.24.0/21 means range 31.12.24.0 . . . 31.12.31.255 and the also specified blocking entry 31.13.64.0/18 means 31.13.64.0 . . . 31.13.127.255, which includes 31.13.71.1 - further explanation of the subnets can be found e.g.
Therefore, if you could still reach graph.facebook.com resolving to 31.13.71.1, the iptables config may not be effective at all (the calls to adjust and goole indicate so)! Please open a browser on your device and simply enter 'facebook.com' as address - if you are redirected to FB for logon, the firewall-blocking is inactive - in that case, please try to deactivate and reactivate the iptables block script and try again. If it persists, open an adb root shell, cd to /system/bin and execute the command ./z_iptables set and watch out for error messages.
Click to expand...
Click to collapse
Yes you were correct. Script was inactive but after I removed the IP I added the script started working again. Thanks again!
Hi,
Thank you for your work! I just have two questions: do you spread updates via normal OTA or do we have to go to this thread to check for updates? I will definitely root it too with Magisk, would I need to redo this after every update?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Introduction
iodéOS is a privacy-focused operating system powered by LineageOS and based on the Android mobile platform. iodéOS aims at protecting the user's privacy with a built-in adblocker and by freeing the smartphone from snitches.
The objectives in the conception of this ROM are threefold:
To keep the stability and security level of LineageOS, by minimizing the modifications made to the system. Apart the system modifications required by the adblocker, we mainly only added a few useful options commonly found in other custom ROMs, made some cosmetic changes, modified a few default settings to prevent data leaks to Google servers.
To ease a quick adoption of this ROM by new users. We especially target users that are concerned by the protection of their privacy, but are not reluctant to still use inquisitive apps like Google ones. We thus included MicroG as well as a coherent set of default apps, and simplified the initial setup of the system. Particularly, an initialization of MicroG has been made with GCM notifications allowed by default, a privacy-friendly network location provider (DéjàVu) pre-selected, as well as Nominatim Geocoder.
To provide a new and powerful way of blocking ads, malwares, data leaks of all kinds to many intrusive servers. We are developing an analyzer, tightly integrated into the system, that captures all DNS requests and network traffic, as well as a user interface (the iodé app). Compared to some other well-known adblockers, this has the advantages of:
Avoiding to lock the VPN for that use. You can even use another adblocker that uses VPN technology alongside our blocker.
Being independent of the kind of DNS server used by the system or set by an independent app: classical DNS on UDP port 53 or any other one, DNS over TLS (DoT), DNS over HTTPS (DoH), ..., as we capture the DNS requests before they are transmitted to the system function that emits the DNS request. What we do not support, is DoH when it is natively built into applications, i.e. when an app communicates directly with a DoH server, without asking name resolution to the system. It would require to decrypt HTTPS packets between such an app and the DoH server, which may create a big security hole.
Precisely mapping DNS requests and network packets to the Android apps that emitted (or received) them.
Deciding which apps have a filtered network usage (by default, all apps), and which ones can communicate with blacklisted servers.
Since its first versions, we added many features to the iodé blocker: several levels of protection, fine-grained control over the hosts that should be blocked or authorized, displaying statistics on a map to see the quantity of data exchanged to which countries, clearing statistics... We are actively developing the blocker, and new functionalities will be regularly added.
Features
Changes in LineageOS to prevent data leaks:
Default DNS server: Google's DNS replaced by Quad9's 'unblocked' servers in all parts of the system.
A-GPS: patches to avoid leaking personnal information like IMSI to supl server.
Captive portal login: connectivitycheck.gstatic.com replaced by captiveportal.kuketz.de for connectivity check.
Dialer: Google default option replaced by OpenStreetMap for phone number lookup.
Pre-installed apps:
We included many useful default apps, but our choice cannot suit everyone; so we added the possibility to remove them. It can be done at the end of the phone setup, or at any time by going to Parameters -> Apps & Notifications -> Preinstalled apps.
MicroG core apps: GmsCore, GsfProxy, FakeStore.
NLP backends for MicroG : DejaVuNLPBackend (default), MozillaNLPBackend, AppleNLPBackend, RadioCellsNLPBackend, Nominatim Geocoder.
App stores : FDroid (with F-Droid Privileged Extension) and Aurora Store.
Browser: our own fork of Firefox (with Qwant as default search engine, many other ones added, telemetry disabled, parts of telemetry code removed) instead of Lineage’s default browser Jelly.
SMS: QKSMS instead of Lineage's default SMS app.
Email: p≡p (Pretty Easy Privacy).
Camera: our own fork of Open Camera, with a few tweaks.
Maps/navigation: Magic Earth GPS & Navigation (the only one free but not open source).
Keyboard: OpenBoard instead of AOSP keyboard.
PDF: Pdf Viewer Plus.
Personnal notes: Carnet.
{Ad/Malware/Data leak}-blocker: iodé.
News: to keep users informed about our developments, as well as a FAQ.
Meteo: Geometric Weather.
Pre-included FDroid repository:
The apps that we tweak or develop (microG services, the browser based on Firefox, the News app, Open Camera ...) are available through a repository that we included in FDroid (check the "Apps for iodéOS" category). For this purpose and to avoid name conflicts of some apps, we also had to make a few changes in FDroid.
Useful options from other custom ROMs:
Smart charging (disables charging when a given level is reached, to protect battery health).
Fingerprint vibration toggle.
Swipe down to clear all in recent apps (Android 10 only).
Installation Instructions
To download and flash our latest build, see https://gitlab.com/iode/ota.
You can also find here direct links to the latest builds.
Supported devices
Fairphone FP3/FP3+
Fairphone FP4
Google Pixel 3
Google Pixel 4
Google Pixel 5
Google Pixel 6
Google Pixel 6a
OnePlus 9
OnePlus 9 Pro
Samsung Galaxy A5/A7 2017 (a5j17lte/a7j17lte)
Samsung Galaxy S9/S9+ (starlte/star2lte)
Samsung Galaxy Note 9 (crownlte)
Samsung S10e/S10/S10+ (beyond{0,1,2}lte)
Samsung Note 10 (d1)
Samsung Note 10+ (d2s)
Sony Xperia XA2 (pioneer)
Sony Xperia XZ1 (poplar)
Sony Xperia XZ2 (akari)
Sony Xperia XZ3 (akatsuki)
Xiaomi Mi9 (cepheus)
Teracube 2e
Xiaomi Mi 10T 5G / Mi 10T Pro 5G
Xiaomi Mi 10 Lite 5G
Sources
iodéOS: https://gitlab.com/iode/os
LineageOS: https://github.com/lineageos
device tree:
https://gitlab.com/iode/os/public/devices/fairphone/device_fairphone_FP3
kernel: https://github.com/LineageOS/android_kernel_fairphone_sdm632
Bug Reporting
You can post a message in this thread or (preferred) open an issue here.
Credits
LineageOS is a free, community built, aftermarket firmware distribution of android, which is designed to increase performance and reliability over stock android for your device.
All the source code for LineageOS is available in the LineageOS Github repo. If you would like to contribute to LineageOS, please visit their Wiki for more details.
This ROM would be nothing without the tremendous work made on MicroG, and all the other open source apps that we included. We are very grateful to their authors.
Contributors
Direct contributors: @iodeOS, @vince31fr
Indirect contributors (too numerous to list): All the people that contributed to the device tree, to LineageOS, and to the included open source apps.
Sponsoring
You can help in the development of this ROM by paying us a coffee here: https://paypal.me/iodeOS.
Screenshots
Downloads : iodéOS
04/04/2023 (build 20230401):
Upgrade to iodéOS 4.1 based on Android 13 / LineageOS 20
Installation procedure: move to a fastboot script (read instructions: https://gitlab.com/iode/ota)
Blocker: improved use of blocking lists (sub-domains blocking)
FDroid: fixes an issue on apps update
LineageOS synchronized with March security patch included
All apps updated
07/02/2023 (build 20230131):
Blocker:
Improved blocking settings. You can now choose 'Standard' blocking (ads, trackers, malwares, etc) or 'Reinforced' blocking (same objective but more extensive), and then select additional categories.
The 'Porn' category has been extended to a wider 'Sensitive content' one, that also includes fake news, gambling, drugs, piracy, torrent..., with mainly child protection in mind.
The 'Extreme' category has been removed, as it is now part of the reinforced blocking.
Improved blocking lists. We merge several acknowledged and up-to-date sources, and have diversified our sources to produce more complete lists. The standard list has however been reduced a bit, to avoid as much as possible interference with apps expected behavior.
Added a new network location provider: Local NLP Backend. It is an improved version of the DéjàVu NLP backend which was already available in iodéOS. Like DéjàVu, it builds a local database connecting localizations learned from other NLP backends and apps using GPS, and mobile antennas/Wifi; but also has an active mode (not preselected) that can trigger GPS requests. To configure it: Settings -> System -> microG -> Location modules
LineageOS synchronized with January security patch included
All apps updated
New devices support: Pixel 3, 6, 6a
16/12/2022 (build 20221215):
Blocker: added multiple selection in settings / domain customization. Long-press on a domain, select several domains or all, apply actions (block all, authorize all...)
PdfViewerPlus: improved security by updating core libraries
Network settings: added a switch to disable connectivity check (and thus captive portal detection)
LineageOS synchronized with December security patch included
All apps updated
New devices support: Pixel 4 & 5, OnePlus 9 & 9 Pro
24/11/2022 (build 20221124):
Improvements in the blocker user interface (iodé app)
LineageOS synced with September security patch included
All apps updated
17/10/2022 (build 20221014):
Blocker:
Network blockings following their type (Wifi, mobile data, VPN) added
Default blockings definition for new apps
Personnalized recipients management improved
iodé's app access restrictions by password added
Search filters added in report and map
Display theme selection
Automatic and 'real-time' refresh of the whole app
Performance and fluidity improvements of the app
LineageOS synced with September security patch included
All apps updated
27/07/2022 (build 20220726):
Upgrade to iodéOS 3.1 based on Android 12 / LineageOS 19.1
SafetyNet certification activated: allows many apps, notably banking ones, to fully work
Setup wizard: the push notifications configuration page now also activates SafetyNet (fine-grained control in Settings->System->microG)
OpenCamera: the 'Use alternative flash method' in photo settings is no more necessary and can be disabled, allowing flash optimization
News app: German translations
LineageOS synced with July security patch included
All apps updated
21/07/2022 (build 20220530):
Setup Wizard: new page to configure push notifications through microG
Lockscreen settings: switch added to disable fingerprint unlock when screen is off
Improved German translations
Bug fixes and improvements
LineageOS synced with May security patch included
All apps updated
02/05/2022 (build 20220411):
News app reworked
Setup Wizard: new iodé introduction
iodé blocker: pull to refresh replaced by automatic refresh in report tab
Teracube 2e 2022 batch released, video playback in browser and video recording fixed
Music app : playlist crash fixed
Open Camera : crash when tapping thumbnail of a newly recorded video fixed, photos and videos now editable
LineageOS synced with March security patch
All apps updated
03/02/2022 (build 20220127):
New iodé blocker map feature
Build mode changed to 'user' (i.e. release) mode): more apps work out-of-the-box and more secure device, but more restrictive recovery
Camera app changed to Open Camera
Wireguard kernel module included
Dark bootanimation
January security patch
Preinstalled apps updated
Beware: Play store Magisk module broken
18/11/2021 (build 20211108):
LineageOS updated (November security patch)
Preinstalled apps updated
Iodé blocker: hosts can now be customized, either globally or by app
10/09/2021 (build 20210828):
Upgrade to Android 11 / LineageOS 18.1
LineageOS updated (August security patch)
Preinstalled apps updated
Backup app included: Seedvault
microG now uninstallable: Settings -> Apps & notifications -> Preinstalled apps
New default accent color (clear blue from iodé logo)
03/08/2021 (build 20210729):
Preinstalled apps UI reworked with the introduction of categories.
Dark theme in the blocker UI (next improvement will be hosts customization).
p≡p (https://f-droid.org/fr/packages/security.pEp/) is now the defaut email client, and replaces lineageOS client which is no longer maintained.
Preinstalled apps updated to their latest version.
LineageOS updated (July security patch).
28/05/2021 (build 20210525):
Different protection levels in iodé's blocker added: in addition to the default standard blocklist, we added three lists (socials, porn, extreme) that can be activated globally or on a per-app basis (more information in the FAQ).
Geometric Weather app added.
Preinstalled apps selection at setup wizard added.
Preinstalled apps including microG updated to their latest version.
LineageOS updated (May security patch).
07/03/2021 (build 20210307): initial publicly available build of iodéOS for FP3/FP3+.
Downloads : add-ons
phonesky-magisk.zip : Magisk module for NanoDroid patched Play Store, for those who really need to get access to their paid apps that don't work with microG. This module can be generally be deactivated when you have installed and ran once the paid apps.
NB : you may have to wait a couple of hours after activating the module for being able to install paid apps.
phonesky-magiskV2.zip : compatibility for the upcoming iodéOS 2.x based on Android 11. It can ben installed on iodéOS 1.x based on Android 10 too.
IMPORTANT : install this module or deactivate the previous one before installing iodéOS 2.x, or you'll be caught in a bootloop.
Thanks a lot for your excellent work!
I just installed the Rom on my FP3+ and so far it runs smoothly. It looks and feels beautyful. I really appreciate your decision to select and install most needed apps so one can start at once with the experience. Of course I will install my favorite apps anyway (no google-stuff of course ;-D ) but I can do this whenever I feel like it and the phone runs fine anyway.
It seems that the fingerprint-sensor works better than with /e/ that I had installed before.
Thanks again and please keep that great project up. That you sell refurbished phones is a great job as well. I hope that many people go for that and safe very precious resources and help our planet by that as well.
I really enjoy this Rom!
karlito05 said:
Thanks a lot for your excellent work!
I just installed the Rom on my FP3+ and so far it runs smoothly. It looks and feels beautyful. I really appreciate your decision to select and install most needed apps so one can start at once with the experience. Of course I will install my favorite apps anyway (no google-stuff of course ;-D ) but I can do this whenever I feel like it and the phone runs fine anyway.
It seems that the fingerprint-sensor works better than with /e/ that I had installed before.
Thanks again and please keep that great project up. That you sell refurbished phones is a great job as well. I hope that many people go for that and safe very precious resources and help our planet by that as well.
I really enjoy this Rom!
Click to expand...
Click to collapse
Thanks for you enthusiastic comment ;-)
As the decision to include many basic apps does not suit everyone, we also recently included a simple way to uninstall or completely hide most preinstalled apps (Settings -> Apps & Notifications -> Preinstalled apps). This is not mentioned in the OP yet...
You are welcome ;-)
Now I found something that is not working: Screencast. There is a connection but TV shows nothing or a scrambled picture depending which app is on screen. The dongle is working with another phone. Sorry for bad quality of the pictures...
With /e/ it did not work at all, phone rebooted when trying to connect. Maybe its a problem of Android 10 and FP3? I did not try it with stockrom. And of course I can live without screencast but its a nice feature...
Still enjoying the wonderfully degoogled Rom, though
Something else I am missing (not complaining...):
NFC is not working long enough for the data exchange with my smart ID card. I read that "extended length" must be enabled in the firmware so packets of more than 500 Byte could be transfered for it to work. Could you please include that in the next build if possible?
Again many thanks for your great work! Have a nice weekend.
Our beta tester volunteers can now configure the blocking level of their iodé phones!
Feel free to join our Telegram app group (link in the news app) if you wish to become a beta tester.
~~~ New Update : 28/05/2021 ~~~
Available as OTA (see OP)
=== New Update : 03/08/2021 ===
Available as OTA (see OP)
Again many thanks for this great Rom. I am really happy I found it and that it is available for my FP3+.
Unfortunately, by trying to install the last update via the updater it seems I messed up the Slot A on which the updater installed the update. Luckily, Slot B with iode 1.2 is still working .
I tried to install the downloaded v1.3 via TWRP (temporary boot via fastboot) on Slot A - same result: Phone boots into recovery that tells me something went wrong and I could "Try again" or "Format data". The same happened when I tried to restore a complete backup of the working Slot B on Slot A with TWRP. That usually works...
Now I ran out of options. Do you have any suggestions what I could try next in order to repair SlotA? Or what could have been messed up in the first place?
+++ New Update : 10/09/2021 +++
iodéOS 2.1 : based on Android 11 / LineageOS 18.1
Available as OTA (see OP)
BEWARE: the play store magisk module given in the OP (unofficially supported) needs to be updated *before* updgrading to iodéOS 2.0 to avoid a bootloop. You can find the updated version in the OP.
*** New Update : 18/11/2021 ***
Available as OTA (see OP)
Hello, where can I find the source code of the "iodé" interface? (the {Ad/Malware/Data leak}-blocker)
Thanks.
*** New Update : 03/02/2022 ***
Available as OTA (see OP)
Beware: Play Store Magisk module broken
thanks for your work @vince31fr
are there any plans to integrate these vendor blobs?
https://review.lineageos.org/c/LineageOS/android_device_fairphone_FP3/+/322885/1
These blobs are integrated in the official LineageOS images, but not in other LineageOS releases such as LineageOS4microG
*** New Update : 02/05/2022 ***
Available as OTA (see OP)
Lowxorx said:
Hello, where can I find the source code of the "iodé" interface? (the {Ad/Malware/Data leak}-blocker)
Thanks.
Click to expand...
Click to collapse
Hey vince31fr, Did you read my message? I also tried to contact Iodé via the website to see if it was possible to build Iodé for my phone, I didn't get an answer
Je serais ravi d'avoir un os qui vient de chez nous sur mon téléphone
*** New Update : 21/07/2022 ***
Available as OTA (see OP)
(Annoucement a bit delayed)
Lowxorx said:
Hey vince31fr, Did you read my message? I also tried to contact Iodé via the website to see if it was possible to build Iodé for my phone, I didn't get an answer
Je serais ravi d'avoir un os qui vient de chez nous sur mon téléphone
Click to expand...
Click to collapse
We have not opened all our sources yet, but plan to do so in the coming months. Stay tuned!
*** New Update : 27/07/2022 ***
Upgrade to Android 12 /LineageOS 19.1
Available as OTA (see OP)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Introduction
iodéOS is a privacy-focused operating system powered by LineageOS and based on the Android mobile platform. iodéOS aims at protecting the user's privacy with a built-in adblocker and by freeing the smartphone from snitches.
The objectives in the conception of this ROM are threefold:
To keep the stability and security level of LineageOS, by minimizing the modifications made to the system. Apart the system modifications required by the adblocker, we mainly only added a few useful options commonly found in other custom ROMs, made some cosmetic changes, modified a few default settings to prevent data leaks to Google servers.
To ease a quick adoption of this ROM by new users. We especially target users that are concerned by the protection of their privacy, but are not reluctant to still use inquisitive apps like Google ones. We thus included MicroG as well as a coherent set of default apps, and simplified the initial setup of the system. Particularly, an initialization of MicroG has been made with GCM notifications allowed by default, a privacy-friendly network location provider (DéjàVu) pre-selected, as well as Nominatim Geocoder.
To provide a new and powerful way of blocking ads, malwares, data leaks of all kinds to many intrusive servers. We are developing an analyzer, tightly integrated into the system, that captures all DNS requests and network traffic, as well as a user interface (the iodé app). Compared to some other well-known adblockers, this has the advantages of:
Avoiding to lock the VPN for that use. You can even use another adblocker that uses VPN technology alongside our blocker.
Being independent of the kind of DNS server used by the system or set by an independent app: classical DNS on UDP port 53 or any other one, DNS over TLS (DoT), DNS over HTTPS (DoH), ..., as we capture the DNS requests before they are transmitted to the system function that emits the DNS request. What we do not support, is DoH when it is natively built into applications, i.e. when an app communicates directly with a DoH server, without asking name resolution to the system. It would require to decrypt HTTPS packets between such an app and the DoH server, which may create a big security hole.
Precisely mapping DNS requests and network packets to the Android apps that emitted (or received) them.
Deciding which apps have a filtered network usage (by default, all apps), and which ones can communicate with blacklisted servers.
Since its first versions, we added many features to the iodé blocker: several levels of protection, fine-grained control over the hosts that should be blocked or authorized, displaying statistics on a map to see the quantity of data exchanged to which countries, clearing statistics... We are actively developing the blocker, and new functionalities will be regularly added.
Features
Changes in LineageOS to prevent data leaks:
Default DNS server: Google's DNS replaced by Quad9's 'unblocked' servers in all parts of the system.
A-GPS: patches to avoid leaking personnal information like IMSI to supl server.
Captive portal login: connectivitycheck.gstatic.com replaced by captiveportal.kuketz.de for connectivity check.
Dialer: Google default option replaced by OpenStreetMap for phone number lookup.
Pre-installed apps:
We included many useful default apps, but our choice cannot suit everyone; so we added the possibility to remove them. It can be done at the end of the phone setup, or at any time by going to Parameters -> Apps & Notifications -> Preinstalled apps.
MicroG core apps: GmsCore, GsfProxy, FakeStore.
NLP backends for MicroG : DejaVuNLPBackend (default), MozillaNLPBackend, AppleNLPBackend, RadioCellsNLPBackend, Nominatim Geocoder.
App stores : FDroid (with F-Droid Privileged Extension) and Aurora Store.
Browser: our own fork of Firefox (with Qwant as default search engine, many other ones added, telemetry disabled, parts of telemetry code removed) instead of Lineage’s default browser Jelly.
SMS: QKSMS instead of Lineage's default SMS app.
Email: p≡p (Pretty Easy Privacy).
Camera: our own fork of Open Camera, with a few tweaks.
Maps/navigation: Magic Earth GPS & Navigation (the only one free but not open source).
Keyboard: OpenBoard instead of AOSP keyboard.
PDF: Pdf Viewer Plus.
Personnal notes: Carnet.
{Ad/Malware/Data leak}-blocker: iodé.
News: to keep users informed about our developments, as well as a FAQ.
Meteo: Geometric Weather.
Pre-included FDroid repository:
The apps that we tweak or develop (microG services, the browser based on Firefox, the News app, Open Camera ...) are available through a repository that we included in FDroid (check the "Apps for iodéOS" category). For this purpose and to avoid name conflicts of some apps, we also had to make a few changes in FDroid.
Useful options from other custom ROMs:
Smart charging (disables charging when a given level is reached, to protect battery health).
Fingerprint vibration toggle.
Swipe down to clear all in recent apps (Android 10 only).
Installation Instructions
To download and flash our latest build, see https://gitlab.com/iode/ota.
You can also find here direct links to the latest builds.
Supported devices
Fairphone FP3/FP3+
Fairphone FP4
Google Pixel 3
Google Pixel 4
Google Pixel 5
Google Pixel 6
Google Pixel 6a
OnePlus 9
OnePlus 9 Pro
Samsung Galaxy A5/A7 2017 (a5j17lte/a7j17lte)
Samsung Galaxy S9/S9+ (starlte/star2lte)
Samsung Galaxy Note 9 (crownlte)
Samsung S10e/S10/S10+ (beyond{0,1,2}lte)
Samsung Note 10 (d1)
Samsung Note 10+ (d2s)
Sony Xperia XA2 (pioneer)
Sony Xperia XZ1 (poplar)
Sony Xperia XZ2 (akari)
Sony Xperia XZ3 (akatsuki)
Xiaomi Mi9 (cepheus)
Teracube 2e
Xiaomi Mi 10T 5G / Mi 10T Pro 5G
Xiaomi Mi 10 Lite 5G
Sources
iodéOS: https://gitlab.com/iode/os
LineageOS: https://github.com/lineageos
device tree:
https://gitlab.com/iode/os/public/devices/samsung/device_samsung_beyond0lte
https://gitlab.com/iode/os/public/devices/samsung/device_samsung_beyond1lte
https://gitlab.com/iode/os/public/devices/samsung/device_samsung_beyond2lte
https://gitlab.com/iode/os/public/devices/samsung/device_samsung_exynos9820-common
kernel: https://github.com/LineageOS/android_kernel_samsung_exynos9820
Bug Reporting
You can post a message in this thread or (preferred) open an issue here.
Credits
LineageOS is a free, community built, aftermarket firmware distribution of android, which is designed to increase performance and reliability over stock android for your device.
All the source code for LineageOS is available in the LineageOS Github repo. If you would like to contribute to LineageOS, please visit their Wiki for more details.
This ROM would be nothing without the tremendous work made on MicroG, and all the other open source apps that we included. We are very grateful to their authors.
Contributors
Direct contributors: @iodeOS, @vince31fr
Indirect contributors (too numerous to list): All the people that contributed to the device tree, to LineageOS, and to the included open source apps.
Sponsoring
You can help in the development of this ROM by paying us a coffee here: https://paypal.me/iodeOS.
Screenshots
Downloads : iodéOS
04/04/2023 (build 20230401) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
Installation procedure: move to a fastboot script (read instructions: https://gitlab.com/iode/ota)
Blocker: improved use of blocking lists (sub-domains blocking)
FDroid: fixes an issue on apps update
LineageOS synchronized with March security patch included
All apps updated
07/02/2023 (build 20230131) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
Blocker:
Improved blocking settings. You can now choose 'Standard' blocking (ads, trackers, malwares, etc) or 'Reinforced' blocking (same objective but more extensive), and then select additional categories.
The 'Porn' category has been extended to a wider 'Sensitive content' one, that also includes fake news, gambling, drugs, piracy, torrent..., with mainly child protection in mind.
The 'Extreme' category has been removed, as it is now part of the reinforced blocking.
Improved blocking lists. We merge several acknowledged and up-to-date sources, and have diversified our sources to produce more complete lists. The standard list has however been reduced a bit, to avoid as much as possible interference with apps expected behavior.
Added a new network location provider: Local NLP Backend. It is an improved version of the DéjàVu NLP backend which was already available in iodéOS. Like DéjàVu, it builds a local database connecting localizations learned from other NLP backends and apps using GPS, and mobile antennas/Wifi; but also has an active mode (not preselected) that can trigger GPS requests. To configure it: Settings -> System -> microG -> Location modules
LineageOS synchronized with January security patch included
All apps updated
New devices support: Pixel 3, 6, 6a
20/12/2022 (build 20221220) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
Fixes smart charging issue
16/12/2022 (build 20221215) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
Blocker: added multiple selection in settings / domain customization. Long-press on a domain, select several domains or all, apply actions (block all, authorize all...)
PdfViewerPlus: improved security by updating core libraries
Network settings: added a switch to disable connectivity check (and thus captive portal detection)
LineageOS synchronized with December security patch included
All apps updated
New devices support: Pixel 4 & 5, OnePlus 9 & 9 Pro
24/11/2022 (build 20221121) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
Improvements in the blocker user interface (iodé app)
LineageOS synced with September security patch included
All apps updated
17/10/2022 (build 20221014) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
Blocker:
Network blockings following their type (Wifi, mobile data, VPN) added
Default blockings definition for new apps
Personnalized recipients management improved
iodé's app access restrictions by password added
Search filters added in report and map
Display theme selection
Automatic and 'real-time' refresh of the whole app
Performance and fluidity improvements of the app
LineageOS synced with September security patch included
All apps updated
27/07/2021 (build 20220726) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
SafetyNet certification activated: allows many apps, notably banking ones, to fully work
Setup wizard: the push notifications configuration page now also activates SafetyNet (fine-grained control in Settings->System->microG)
OpenCamera: the 'Use alternative flash method' in photo settings is no more necessary and can be disabled, allowing flash optimization
News app: German translations
LineageOS synced with July security patch included
All apps updated
21/07/2021 (build 20220530) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
Upgrade to Android 12 / Lineage 19.1
Setup Wizard: new page to configure push notifications through microG
Lockscreen settings: switch added to disable fingerprint unlock when screen is off
Improved German translations
Bug fixes and improvements
LineageOS synced with May security patch included
All apps updated
02/05/2021 (build 20220205) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
News app reworked
Setup Wizard: new iodé introduction
iodé blocker: pull to refresh replaced by automatic refresh in report tab
Teracube 2e 2022 batch released, video playback in browser and video recording fixed
Music app : playlist crash fixed
Open Camera : crash when tapping thumbnail of a newly recorded video fixed, photos and videos now editable
LineageOS synced with March security patch
All apps updated
03/02/2022 (build 20220126) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
New iodé blocker map feature
Build mode changed to 'user' (i.e. release) mode): more apps work out-of-the-box and more secure device, but more restrictive recovery
Camera app changed to Open Camera
Wireguard kernel module included
Dark bootanimation
January security patch
Preinstalled apps updated
Beware: Play store Magisk module broken
18/11/2021 (build 20211108) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
LineageOS updated (November security patch)
Preinstalled apps updated
Iodé blocker: hosts can now be customized, either globally or by app
10/09/2021 (build 20210905) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte):
LineageOS updated (August security patch)
Preinstalled apps updated
Backup app included: Seedvault
microG now uninstallable: Settings -> Apps & notifications -> Preinstalled apps
New default accent color (clear blue from iodé logo)
13/08/2021 (build 20210811) for S10e (beyond0lte), S10 (beyond1lte) and S10+ (beyond2lte): first publicly available builds.
Downloads : add-ons
phonesky-magiskV2.zip : Magisk module for NanoDroid patched Play Store, for those who really need to get access to their paid apps that don't work with microG. This module can be generally be deactivated when you have installed and ran once the paid apps.
NB : you may have to wait a couple of hours after activating the module for being able to install paid apps.
Man, you are legend! Will i be able to download banking app or government app since i kinda need it for covid checkin in my country?
Some covid apps do not require play services so generally work. Exposure notifications have been implemented in microG, so many apps that require play services work as well.
About banking apps: some work out of the box, some work with magisk hide, some cannot work...
You need to try by yourself, or ask about particular apps in older XDA iodé forums.
vince31fr said:
Some covid apps do not require play services so generally work. Exposure notifications have been implemented in microG, so many apps that require play services work as well.
About banking apps: some work out of the box, some work with magisk hide, some cannot work...
You need to try by yourself, or ask about particular apps in older XDA iodé forums.
Click to expand...
Click to collapse
The rom is beautiful and everything is working fine. However there the bluetooth call quality is really bad. I hope it will get fixexd soon
How it's RAM management? Is it good for day to day usage and extreme gaming purpose???
Iam using S10+
gouthamram said:
How it's RAM management? Is it good for day to day usage and extreme gaming purpose???
Iam using S10+
Click to expand...
Click to collapse
If you are fine with using micro G instead of Google than I would say this rom is really good for day to day usage. I only played some light games so can't say anything about extreme gaming though
gouthamram said:
How it's RAM management? Is it good for day to day usage and extreme gaming purpose???
Iam using S10+
Click to expand...
Click to collapse
ok here is my take on this rom after 3 days (I guess). Flashing the rom takes a while and it encrypts the data by default even tho I had no such forced problem with other ones. if it's not encrypted and you flash it, it bootloops until you format data partition. The default setup this rom offers is good enough to use for average users. MicroG and stuff the authors put are well thought and stable. I like how they chose things like openBoard or iode browser (Firefox fork) over lineage ones because these are certainly better. Privacy wise so-called iode app has ad-blocker which is nice if the user can't set up his own. But not having (at least) google contacts sync threw me off than any other minor problems, so I managed to install it. next problem occurred when I tried to play Apex Legends Mobile beta, apparently MicroG can't show google's "login as tester" message or whatever that pop-up screen is. only solution was to replace MicroG with Gapps. The game itself went good, same as other aosp roms, better than stock roms, but in cost of battery temperature. it overheats pretty easily in outside of gaming as well. it could be my exynos s10e fault, who knows. Magisk installed fine with just flashing the zip. and the last thing TWRP can't ask for the password nor decrypt data partition folders, showing dozens of red warnings. Internal storage (media/0) is mountable and can be used tho.
edit: oh, due to not flashing multidisabler after formatting data it got encrypted, nothing to do with the rom I suppose. Still, good rom for those can live without google dependent apps and situations.
wdevil12 said:
ok here is my take on this rom after 3 days (I guess). Flashing the rom takes a while and it encrypts the data by default even tho I had no such forced problem with other ones. if it's not encrypted and you flash it, it bootloops until you format data partition. The default setup this rom offers is good enough to use for average users. MicroG and stuff the authors put are well thought and stable. I like how they chose things like openBoard or iode browser (Firefox fork) over lineage ones because these are certainly better. Privacy wise so-called iode app has ad-blocker which is nice if the user can't set up his own. But not having (at least) google contacts sync threw me off than any other minor problems, so I managed to install it. next problem occurred when I tried to play Apex Legends Mobile beta, apparently MicroG can't show google's "login as tester" message or whatever that pop-up screen is. only solution was to replace MicroG with Gapps. The game itself went good, same as other aosp roms, better than stock roms, but in cost of battery temperature. it overheats pretty easily in outside of gaming as well. it could be my exynos s10e fault, who knows. Magisk installed fine with just flashing the zip. and the last thing TWRP can't ask for the password nor decrypt data partition folders, showing dozens of red warnings. Internal storage (media/0) is mountable and can be used tho.
edit: oh, due to not flashing multidisabler after formatting data it got encrypted, nothing to do with the rom I suppose. Still, good rom for those can live without google dependent apps and situations.
Click to expand...
Click to collapse
Talk about TWRP showing a dozens of red warnings, do you have a solution for that? I wanted to flash some thing else not lineage base but i can't with those red warnings
Seigul said:
Talk about TWRP showing a dozens of red warnings, do you have a solution for that? I wanted to flash some thing else not lineage base but i can't with those red warnings
Click to expand...
Click to collapse
FYI, iodé is based on LOS as well..
Keule-Tm said:
FYI, iodé is based on LOS as well..
Click to expand...
Click to collapse
Yeah i know that. After i used LOSS and Iode, i'm unable to wipe data and flash any rom not LOSS based
Is there any way to use google RCS chat in google messages or restore whatsapp backups on this ROM.
I'm aware using these apps compromises my privacy, but i need them to communicate with family and friends.
Quinquadrate said:
Is there any way to use google RCS chat in google messages or restore whatsapp backups on this ROM.
I'm aware using these apps compromises my privacy, but i need them to communicate with family and friends.
Click to expand...
Click to collapse
I managed to finally restore my WhatsApp messages. If you have a spare device handy it helps, I'll assume in my instructions that you do and this device has WhatsApp with all your data on.
On the spare device:
Open WhatsApp -> Settings -> Chats -> Chat Backup
Make sure "Back up to Google Drive" is set to "Never"
Then click "Back Up"
This will then save a local backup to the root of your device (well the main user folder)
Navigate to your root/user folder and compress the WhatsApp folder. It should contain 3 folders within it: Backups, Databases, Media.
Download Airdroid (or something similar, but this worked best for me) and start a web session.
On the new device with iodé:
Go to the Local IP Address displayed in Airdroid (or equivalent)
Download the .zip file you created.
Unzip this file into the root/user folder that you found it on the spare device.
DOUBLE CHECK: That the folder structure is the same as on the spare device:
Root/User
WhatsApp
Backups
Databases
Media
Install WhatsApp from the Aurora Store (or whereever you prefer)
You should then be prompted to "Restore Backup" after the SMS/Phone verification in the process.
Hope this helps!
p.s. Use Signal rather than WhatsApp if you're interested in even more privacy. The hard part is getting others to use it.
Seigul said:
Yeah i know that. After i used LOSS and Iode, i'm unable to wipe data and flash any rom not LOSS based
Click to expand...
Click to collapse
Did you try to reflash twrp?
Keule-Tm said:
Did you try to reflash twrp?
Click to expand...
Click to collapse
Yeah. I tried formating and a whole bunch of "permission denied" showed up. After that i reboot twrp and no errors showed when i tried formating again. However the internal storage still the same. It's kinda weird when i had notification about no OS installed but i can't install anything except LOS
Seigul said:
Yeah i know that. After i used LOSS and Iode, i'm unable to wipe data and flash any rom not LOSS based
Click to expand...
Click to collapse
I had to format data again and flash multidisabler (to disable encryption) then flash other roms. I'm currently on BlastUI 3.35 (FUF3), just make sure to flash latest bl+modem zip before flashing stock based ones, if that's what u r referring by not being able to flash others.
Privacy related ROMs are always welcomed. Thank you! Will try it soon.
Great Rom, I am using it since 2 hours.
One important note:
Your installation guide has some mistakes(at least for unlocked phones )
iode / ota · GitLab
GitLab.com
gitlab.com
You do not tell which recovery should be used. Also that you need the recovery image and the file vbmeta .img.
The TWRP xda page instructions for Heimdall Linux helped me:
[RECOVERY][OFFICIAL][3.6.1-x] TWRP for Galaxy S10/e/+/5G Exynos
Official TWRP 3.6.1-* For Galaxy S10/e/+/5G Only for exynos variants - G970F / G973F / G975F / G977B (Europe - Global, Single/Dual-SIM), G970N / G973N / G975N / G977N (South Korea) Disclaimer I am not responsible for bricked devices, dead SD...
forum.xda-developers.com
mx82 said:
Great Rom, I am using it since 2 hours.
One important note:
Your installation guide has some mistakes(at least for unlocked phones )
iode / ota · GitLab
GitLab.com
gitlab.com
You do not tell which recovery should be used. Also that you need the recovery image and the file vbmeta .img.
The TWRP xda page instructions for Heimdall Linux helped me:
[RECOVERY][OFFICIAL][3.6.1-x] TWRP for Galaxy S10/e/+/5G Exynos
Official TWRP 3.6.1-* For Galaxy S10/e/+/5G Only for exynos variants - G970F / G973F / G975F / G977B (Europe - Global, Single/Dual-SIM), G970N / G973N / G975N / G977N (South Korea) Disclaimer I am not responsible for bricked devices, dead SD...
forum.xda-developers.com
Click to expand...
Click to collapse
This is what worked for me.
1. Flash Lineageos Recovery and vbmeta in Odin. Recovery found here: https://download.lineageos.org/
2. Reboot to recovery
3. Enable ADB
4. Sideload iode OS
5. Reboot
This will preserve encryption.
mx82 said:
Great Rom, I am using it since 2 hours.
One important note:
Your installation guide has some mistakes(at least for unlocked phones )
iode / ota · GitLab
GitLab.com
gitlab.com
You do not tell which recovery should be used. Also that you need the recovery image and the file vbmeta .img.
The TWRP xda page instructions for Heimdall Linux helped me:
[RECOVERY][OFFICIAL][3.6.1-x] TWRP for Galaxy S10/e/+/5G Exynos
Official TWRP 3.6.1-* For Galaxy S10/e/+/5G Only for exynos variants - G970F / G973F / G975F / G977B (Europe - Global, Single/Dual-SIM), G970N / G973N / G975N / G977N (South Korea) Disclaimer I am not responsible for bricked devices, dead SD...
forum.xda-developers.com
Click to expand...
Click to collapse
Just a quick heads up - TWRP will break stuff just like on my lineage, lineage recovery should be added to installation instructions instead.
Manually flashing a disabled vbmeta image also isn't needed unless AVB was disabled in this build.
This thread is deprecated, please look at its successor thread.
This thread is dedicated to provide hardened Lineage-OS 18.1 builds with microG included for the OnePlus 7T Pro (hotdog) with current security patches.
You can consider this thread as the successor of my respective LineageOS 17.1 thread.
Features of this ROMDownload here
Pre-installed microG like LineageOS for microG project (own fork)
Pre-installed AuroraStore, AuroraDroid and AuroraServices
OTA Support
eSpeakTTS engine
Bromite as default browser
Additional security hardening features listed below:
Cloudflare as default DNS (instead of Google)
Privacy-preferred default settings
Optional blocking of Facebook- and Google-Tracking (Settings - Network & Internet)
Optional disable captive portal detection or choose from various providers (default is GrapheneOS and not Google; Settings - Network & Internet)
Firewall UI (under Trust)
Increased max. password length of 64
No submission of IMSI/phone number to Google when GPS is in use
Default hosts file with many blocked ad/tracking sites
Privacy-enhanced Bromite SystemWebView
Extra control of sensor access for additionally installed user apps (Special access under app permissions)
Kernel kept up to date with ASB patches of Google kernel/common 'android-4.14-q-release' branch
Debloated from Oneplus blobs for Soter and IFAA
Hardened bionic lib and constified JNI method tables
Option to only use fingerprint unlock for apps and not for the device
Optional timeout for Bluetooth and WLAN connections
Per connection WiFi randomization option
Current release levelsSecurity string: 2023-01-01
AOSP tag: 11.0.0_r46
Bromite System Webview & Browser: M108
Source-code and build instructionsKernel: https://github.com/lin18-microg/android_kernel_oneplus_sm8150/tree/lin-18.1-mse2
Build manifest: https://github.com/lin18-microg/local_manifests/tree/lin-18.1-hmalloc
Installation Instructions
YOU ARE RESPONSIBLE SOLELY YOURSELF FOR ANY ACTIONS YOU DO WITH YOUR DEVICE !!!
Please note - I won't explain any single aspect (e.g. how to install 'fastboot' on your PC or troubleshoot USB connectivity issues under Windows). Search the net and consult the search engine of your choice or look here in XDA, there is plenty of information available.
Pre-Requisites
Have fastboot and adb installed on your PC and make sure, you can connect via USB to your device in fastboot mode and via adb
An unlocked bootloader (see e.g. LineageOS install instructions)
If you come from Stock ROM, make sure to upgrade your device to the latest offered software version
Know, how to boot into fastboot mode (with powered off device press [Power]+[Vol.down]+[Vol.up])
Please read carefully:I refer in general to the LineageOS install instructions, but there are some deviations!
It is recommended to really go through the instructions once, before doing anything. You have been warned.
Let's go!Install the dedicated Lineage recovery for this ROMFor the Oneplus 7T Pro (hotdog), there is currently no fully working official TWRP available! The offered official one can't decrypt the /data partition and I don't fully trust the rest.
Please download the specific Lineage revocery for this build. It has been built using this ROM's signing key, because the official Lineage recovery did not work either for me (the official Lineage recovery works with the official build, this one works for this specific build).
Unzip and flash this specific recovery with the below commands (your device must be in 'fastboot mode'):
Code:
fastboot flash recovery_a lineage-18.1-recovery-20210903.img
fastboot flash recovery_b lineage-18.1-recovery-20210903.img
Reboot now into recovery from fastboot (follow the menu options) - DO NOT boot into your OS yet.
If you come from Stock ROM, synchronize the a/b partitionsIf you come from Stock ROM, sideload the "copy partitions" script referred and described in the LineageOS install instructions.
Please note, that you may get error messages stating
Partition product_b dd: /dev/block/dm-1: write error: No space left on device
Partition vendor_b dd: /dev/block/dm-2: write error: No space left on device
You can ignore those, as long as it is product or vendor.
Upgrade the firmwarePlease refer to the LineageOS documentation on upgrading the firmware
BTW, this thread contains a huge collection of OOS images.
Install the ROMContinue as described in the LineageOS installation instructions with formatting /data and sideloading the ROM ZIP (download link above).
It is normal, that you observe at 47% progress a longer break, followed by a step 1/2 and finally 2/2 before a success message appears.
Please note: Even if you come from my previous hardened LineageOS 17.1 ROM, you can't "dirty-flash" - the device encryption is not compatible. You must format the /data partition! Please keep in mind, that formatting the /data partition also wipes the shared internal memory - backup first!
DO NOT flash Gapps!
This ROM comes with pre-installed microG. So don't attempt to flash Gapps.
If Gapps is a 'must' for you, please use the official LineageOS build for this device.
Update Instructions
This ROM offers OTA updates through the Updater app. Therefore, normally, no further activities necessary.
You can however also manually update the ROM by sideloading a newer version of this ROM via recovery.
Frequently asked Questions
These questions come from various threads for my hardened microG ROMs. I have listed them here, because they also apply to this ROM and are hopefully helpful.
1. AuroraStore
I bundle AuroraStore with my build, but I am in no way associated with its development. The first place to look for support is the AuroraStore XDA thread and its excellent FAQ Section. Nevertheless, I would like to answer some frequently asked questions in conjunction to my ROM:
Q: AuroraStore offers an update to "Google play services" - I thought your ROM is "Google-free"?
A: The bundled microG application spoofs the existence of Google play services. This is a necessary part of microG's design. In AuroraStore, please add the Play Services to the ignore list. You won't be able to "update" them anyhow, but better do not even try to do so!
Q: I can't connect, Aurora claims "no network" - but I can normally use my browser and other apps to connect to the internet.
A: If the "iptables block script" of my ROM is active, try to deactivating and immediately after re-activating it.
If that does not help or you don't use the iptables block script of tis ROM, you may try to force-close the app or logoff/logon again. However, the Aurora support thread will be your primary point to look at!
2. Google/Facebook iptables blocking
Q: How does the Google/Facebook blocking work?
A: Via the 'iptables'/'ip6tables' functionality of the Linux layer of Android, the ip4/ip6 address range of Google and Facebook is blocked on a per app base (in fact, it is generally blocked, but some apps on an internal exception list are still allowed to connect). This means, that apps (or spyware components thereof) cannot send/receive data to/from Google/Facebook. Btw, certain connections to X-mode and Palantir are also blocked, but I am not sure, whether this is enough - any qualified information to improve this are very welcome!
Q: I like this Google/Facebook blocking approach, but my favourite <xyz> app needs to be able to connect to Google/Facebook. Can you please add this app to your exception list?
A: Please read this comprehensive information. In short: If you have a trustworthy FOSS project aiming at connecting to Google/Facebook via Webview as 'mobile browser' with (almost) no permissions or you have a tracker-free app to connect to a proprietary service, which simply is hosted on a Google webspace, I am happy to discuss this, but I will definitely not allow any "Playstore top ten genuine spyware app".
Q: Which apps are on your exception list?
A: see here
Q: But if Google is blocked for almost every app, can I still get push messages?
A: Yes, you can! Push messages are routed and controlled through the microG functionality, which stil can connect to Google.
3. etc/hosts ad blocking
Q: What is the etc/hosts ad-blocking and how does it work?
A: I deliver a monthly-updated /system/etc/hosts file from the AdAway app which lists a comprehensive selection of known ad/spyware addresses. Any attempt to connect to those sites is redirected to the local OS, so a positive connection is reported, but no content is transmitted. (See linked explanation).
Q: Which anti-tracker lists do you use?
A: The same defaulted by the AdAway app, plus in addition Microsoft's 'Hockey Stick' stuff.
4. Firewall UI
Q: What is the Firewall UI and how does it work?
A: Under Settings - Data privacy - Trust, you'll find a list of all installed apps (optionally, you can also show the shipped system apps), which lets you control - per app - whether the app can connect via WiFi, Mobile data or VPN. In fact, you can in any LineageOS individually control this in the app details (Settings), this option simply gives you a comprehensive view for all apps.
Q: How do I use it? What are the typical use-cases:
A: It of course depends on your specific requirement, but below some very typical use-cases:
a. Disallow internet access completely (uncheck WiFi, mobile data and VPN)
This might be useful for an app, which does not need internet access to work, but uses internet access to e.g. nag you with ad-crap (some games on the play store, for example)
b. Make sure, that an app only uses WiFi (in order to avoid costs when using mobile data) - uncheck mobile data
c. Make sure, that an app only has internet, when connected via VPN - uncheck WiFi and mobile data
5. Privacy features / data privacy of this ROM
Q: Does this ROM protect my privacy by design/default?
A: First of all, you will never get any "auto-protection" without having to take care, what you do!
What this ROM provides to you in addition to an "official" LineageOS:
This ROM comes with microG, to avoid the necessity of having to flash the Google apps, with the "mother of all spyware" called Google Play services. So many apps with that dependency would still work, either fully, or with their core-functionality, but without "extra Google convenience" features.
You can optionally block Google/Facbebook connections, which can add a further protecion layer (see the specific FAQ section about that feature)
Many nasty ad-servers, which are embedded into shady apps or websites are blocked by default
Some hardening measures known from the GrapheneOS project have been added
HOWEVER - just some examples, how you can easily screw up any privacy gain (this list is by far not even near to comprehensive):
You still CAN install all kinds of shady apps and use privacy-ignoring services. If you e.g. install the genuine Facebook or Instagram app, the majority of your private data on your phone will be immediately uploaded to Facebook servers, as those apps even refuse to start, if you do not grant all the sensitive permissions! (Note: Yes, afterwards, when your data has already been stolen, you can revoke those permissions again. And yes, Whatsapp seems maybe 'slightly' better in this regard, but if you really believe, that WA isn't fully integrated into the FB ecosystem, you must be living on another planet).
If you use the Microsoft Outlook app to connect to any "non-Microsoft" e-mail provider, your logon credentials to that other mail provider are stored on Microsoft servers factually allowing Microsoft to steal your identity. Using Microsoft e-mail services or GMail discloses all your e-mails to automated scanning for "suspicious activities"; this has nothing to do with your phone, but outlines, how you can void even the most secure device by making use of privacy-ignoring services.
Making use of Genuine Google-apps with microG also isn't a good idea - make use of alternatives.
Any app, which you install on your device, could misuse its needed privileges! So try to stick to FOSS apps.
And last, but not least, if you are a 'dissident' or fear otherwise any targeted or comprehensive surveillance, this ROM isn't for you either...
Dealing with signed buildsPlease note, that this builds is signed with an own key. When you come from a different build, you cannot directly "dirty-flash" this build. You have to perform a "clean flash".
Bug reports:If you have a problem, please create a post with these informations:
Original Kernel shipped with this rom:
Build Date:
And try to get log as described here
Please note that I can't and won't support issues with builds using a different kernel or Xposed.
In regards to microG, I will try my best to help when it is related to this ROM (I use it myself), but any questions of the type "the YXZ-app can't do <some sort of fancy xyz Google functionality> properly" are better asked in the respective microG forums.
CreditsAOSP project
LineageOS project
microG project
Graphene OS project
csagan5 (Bromite)
WhyOrean (Aurora)
SkewedZeppelin (Kernel patches)
Change Log
January 2023 - FINAL build
Security string 2023-01-01
Bromite Browser and Webview updated to 108.0.5359.156
microG 0.2.26.223616-16
December 2022
Security string 2022-12-05
Bromite Browser and Webview updated to 108.0.5359.106
Some kernel patches
microG 0.2.26.223616-2
November 2022
Security string 2022-11-05
Bromite Browser and Webview updated to 106.0.5249.163
Some kernel patches
microG 0.2.25.223616-10
October 2022
Security string 2022-10-05
Bromite Browser and Webview updated to 105.0.5195.147
Some kernel patches
microG 0.2.24.223616-61
September 9th, 2022
Security string 2022-09-05
Bromite Browser and Webview updated to 104.0.5112.91
Kernel: Some patches and also hardening (GrpaheneOS patches)
microG 0.2.24.214816-30
Contacts app slightly 'de-Googled'
Updated vendor blobs from OOS 11.0.9.1 (vendor sec. string 2022-06-01)
August 6th, 2022
Security string 2022-08-05
Bromite Browser and Webview updated to 103.0.5060.140
Some kernel patches
July 12th, 2022
Security string 2022-07-05
Some kernel patches
June 14th, 2022
Security string 2022-06-05
Some kernel patches
Bromite Browser and Webview on 102.0.5005.96
microG updated to 0.2.24.214816-11
May 7th, 2022
Security string 2022-05-05
Some kernel patches
Bromite Browser and Webview on 101.0.4951.53
microG updated to 0.2.24.214816-10
Mozilla Location provider on 1.5.0
April 11th, 2022
Security string 2022-04-05
Some kernel patches
Bromite Browser and Webview on 100.0.4896.57
March 15th, 2022
Bromite Browser and Webview on 99.0.4844.58 (bugfix build)
March 11th, 2022
Security string 2022-03-05
Some kernel patches
Bromite Browser and Webview on 99.0.4844.55
microG 0.2.24.214816-2
AuroraStore 4.1.1
Janaury 20th, 2022
Security string 2022-01-05
Some kernel patches
A couple of patches and fixes from LineageOS
December 19th, 2021
Security string 2021-12-05
Bromite System Webview and Browser updated to 96.0.4664.54
microG 0.22.214516-21
November 16th, 2021
Security string 2021-11-05
Bromite System Webview and Browser updated to 94.0.4606.109
Recovery will not be overwritten any more when flashing
October 11th, 2021
Security string 2021-10-01
AOSP tag 11.0.0_r46
Bromite System Webview and Browser updated to 93.0.4577.83
September 17th, 2021
Initial build:
Security string 2021-09-05
AOSP tag 11.0.0_r43
Vendor blobs based on OOS 11.0.3.1
Pre-installed microG (0.2.22.212658-2) like LineageOS for microG project (own fork)
Pre-installed AuroraStore (4.0.7), AuroraDroid (1.0.8) and AuroraServices (1.1.1)
OTA Support
eSpeakTTS engine
Bromite (92.0.4515.134) as default browser
Additional security hardening features listed below:
Cloudflare as default DNS (instead of Google)
Privacy-preferred default settings
Optional blocking of Facebook- and Google-Tracking (Settings - Network & Internet)
Optional disable captive portal detection or choose from various providers (default is GrapheneOS and not Google; Settings - Network & Internet)
Firewall UI (under Trust)
Increased max. password length of 64
No submission of IMSI/phone number to Google when GPS is in use
Default hosts file with many blocked ad/tracking sites
Privacy-enhanced Bromite SystemWebView (92.0.4515.134)
Extra control of sensor access for additionally installed user apps (Special access under app permissions)
Kernel kept up to date with ASB patches of Google kernel/common 'android-4.14-q-release' branch
Debloated from Oneplus blobs for Soter and IFAA
Hardened bionic lib and constified JNI method tables
Option to only use fingerprint unlock for apps and not for the device
Optional timeout for Bluetooth and WLAN connections
Per connection WiFi randomization option
Security Hardening Features - Details
1. Pre-installed microG
same as the LineageOS for microG project
2. Pre-installed AuroraStore and AuroraDroid
works w/o having to enable the "unknown sources feature"
3. Extra control of sensor access for additionally installed user apps
Special access under app permissions
4. Cloudflare (instead of Google) default DNS
Cloudflare DNS has a better privacy policy than Google Public DNS and has DNS-over-TLS and DNS-over-HTTPS. In the deafult DNS settings (as fallback) and network diagnostics, the Cloudflare DNS adresses 1.1.1.1 and 1.0.0.1 are specified as defaults (instead of Google's 8.8.8.8 and 8.8.4.4)
5. Privacy-preferred default settings
When newly installed, the below settings are defaulted, different from standard LineageOS 17.1 (all settings can be changed at any time later - credits go to the GrapheneOS project):
Anonymous LineageOS statistics disabled (proposal during Setup)
The standard browsing app does not get the location runtime permission automatically assigned
Sensitive information is hidden on the lock screen
Camera app: Location tagging disabled by default
Further, when a lock screen protection is set (PIN, pattern, password), the Nfc, Hotspot and airplane mode tiles require authentication and cannot be set without
6. Optional blocking of Facebook- and Google-Tracking
Settings => Network & Internet (scroll down)
When activated, outgoing connection attempts to Facebook servers and to Google servers will be suppressed. Certain apps on an internal exception list will still be able to connect (e.g. AuroraStore, microG, or NewPipe, if installed)
7. Optional disable captive portal detection and to select Captive portal server URL provider
Settings => Network & Internet (scroll down)
When deactivated, the system will not ping a specific Google server any longer when establishing a WiFi connection to determine, whether a captive portal is being used. Further, the captive portal URL provider can be set (default is GrapheneOS and not Google; Settings - Network & Internet)
8. No submission of IMSI or phone number to Google when GPS is in use
GPS also works fine, if no SIM card is present, so there obviously is no benefit for the phone holder (different from other involved parties ) to provide this data . . .
9. Default hosts file with many blocked ad/tracking sites
The system's hosts file redirects a comprehensive list of URLs known to be adware, tracking, etc. to 127.0.0.1 (ipv4) and ::1 (ipv6)
10. Privacy-enhanced Bromite SystemWebView
Instead of the default Chromium System Webview component, the Bromite SystemWebView is used offering more privacy, more ad blocking and less Google tracking.
11. Bromite as shipped Browser
A chromium based browser with many privacy features.
12. Firewall UI
Settings => Privacy - Firewall
Lists all apps and allows to restrict Internet access per app in regards to WiFi, mobile network or VPN
This per-app feature is a standard feature in LineageOS, but the UI to show all apps is an Extra (taken from a topic in LineageOS's Gerrit - it may, or may not, become part of the official LineageOS one day)
13. Maximum password length increased to 64
14. Debloated from Oneplus blobs for Soter and IFAA
Unnecessary privacy intrusive vendor blobs are not included in the build
15. Hardened bionic lib and constified JNI method tables
This has been taken over from GrapheneOS
16. Option to only use fingerprint unlock for apps and not for the device
An option in the fingerprint settings, also taken from GrapheneOS
17. Optional timeout for Bluetooth and WLAN connections
See respective settings, also a GrapheneOS feature
18. Per connection WiFi randomization option
A further GrapheneOS feature - improved randomization to make tracking more difficult.
Tips & tricks
Recovery Error 7 when installingIf you aim at installing this ROM for the 1st time (e.g. you come from Stock or other Custom ROM), please check this FAQ section in the LineageOS wiki.
Recovery Error 7 when updating this ROMIf OTA update fails, try manually sideloading (see OP).
If you see some error like ErrorCode::kInstallDeviceOpenError (7) then do the following:
In Recovery, switch to fastbootd (do not 'reboot to bootloader', really choose the fastboot option in recovery)
Connect your device via USB to your PC and run the following commands:
Code:
fastboot delete-logical-partition system_a
fastboot delete-logical-partition system_ext_a
fastboot delete-logical-partition product_a
fastboot delete-logical-partition vendor_a
fastboot delete-logical-partition odm_a
fastboot delete-logical-partition system_b
fastboot delete-logical-partition system_ext_b
fastboot delete-logical-partition product_b
fastboot delete-logical-partition vendor_b
fastboot delete-logical-partition odm_b
Return to recovery from fastbootd mode
Do 'adb sideload' again, it should work now
This got released like just now lmao. Have you experienced any bugs thus far? @MSe1969
madscenes said:
This got released like just now lmao. Have you experienced any bugs thus far? @MSe1969
Click to expand...
Click to collapse
No bugs so far.
As described in the OP, it is the successor of my 17.1 hardened LineageOS and I used it as my daily driver. (It took me a while to get rid of quite a few annoying bugs, while I was testing it and providing test builds in my 17.1 thread).
Hoping to see a working TWRP for this device some day...
Ok, After 2 Days of use, there are no Problems. All works like a charm.
Thank you very much!
Are there any issues related to running microG instead of Play Services? Or does everything pretty much work as intended?
L4WL13T said:
Are there any issues related to running microG instead of Play Services? Or does everything pretty much work as intended?
Click to expand...
Click to collapse
Not an easy "yes" answer - so let me give you two answers:
a. Official information sources:
microG Project
Implementation Status
Free implementation of Play Services. Contribute to microg/GmsCore development by creating an account on GitHub.
github.com
Especially the 2nd link shows you, what works, what partially works and what does not work.
b. My personal point of view
I consider the genuine play services as efficient spyware, which I personally do not want to use at all. microG cannot fully replace them (and does not aim at). As such, it does not make sense to continue using your G* account and all the genuine G* apps. So if you want to use the e.g. Gmail app to access your Gmail account, you're better off with the genuine G* spy services, as G* anyhow scans all your Gmail stuff for whatever purposes and you don't really gain back a lot of privacy by using microG instead of the G* spy services.
However - if you anyhow aim at getting away from G*, and you start focusing on the already available alternatives (and those do exist and are partly better), especially in the FOSS area, then I personally would highlight the below functionalities, where microG will provide a great value:
- Coarse location functionality with options to be anonymous (different from G* knowing at any time, where you are)
- Cloud messaging
- Exposure notifications (for Covid tracing apps)
- Most apps using Google dependencies and libraries, whose primary focus is not a deep G* integration mostly work flawlessly
The king is dead, long live the king!
Best ROM and reason to get this phone.
MSe1969 said:
Not an easy "yes" answer - so let me give you two answers:
a. Official information sources:
microG Project
Implementation Status
Free implementation of Play Services. Contribute to microg/GmsCore development by creating an account on GitHub.
github.com
Especially the 2nd link shows you, what works, what partially works and what does not work.
b. My personal point of view
I consider the genuine play services as efficient spyware, which I personally do not want to use at all. microG cannot fully replace them (and does not aim at). As such, it does not make sense to continue using your G* account and all the genuine G* apps. So if you want to use the e.g. Gmail app to access your Gmail account, you're better off with the genuine G* spy services, as G* anyhow scans all your Gmail stuff for whatever purposes and you don't really gain back a lot of privacy by using microG instead of the G* spy services.
However - if you anyhow aim at getting away from G*, and you start focusing on the already available alternatives (and those do exist and are partly better), especially in the FOSS area, then I personally would highlight the below functionalities, where microG will provide a great value:
- Coarse location functionality with options to be anonymous (different from G* knowing at any time, where you are)
- Cloud messaging
- Exposure notifications (for Covid tracing apps)
- Most apps using Google dependencies and libraries, whose primary focus is not a deep G* integration mostly work flawlessly
Click to expand...
Click to collapse
Thank you for your indepth response, it was really enlightening, the web page you linked made it a lot easier for me to understand.
One more question I have is what's the impact on battery life? Is it better? The same? Or worse?
Thank you!
L4WL13T said:
Thank you for your indepth response, it was really enlightening, the web page you linked made it a lot easier for me to understand.
One more question I have is what's the impact on battery life? Is it better? The same? Or worse?
Thank you!
Click to expand...
Click to collapse
I have been running it few days and battery seems to be fine and better then OxygenOS
L4WL13T said:
One more question I have is what's the impact on battery life? Is it better? The same? Or worse?
Click to expand...
Click to collapse
I'd say better. Depends of course on your specific setup, but not having Google play services is a solid starting point for better battery behavior and less data consumption.
What Camera app does it use?
iamaldrin08 said:
What Camera app does it use?
Click to expand...
Click to collapse
Snap, same as official LineageOS build f. hotdog device
Tempted to update to this new version, coming from your splendid 17.1 ROM
In order not to mess up the updating process I kindly ask the OP to clarify the following points (which may seem trivial for more tech-savy users than myself).
When starting the Oxygen-Updates App: is "Oneplus 7T Pro" (= Chinese Version?!) the correct device name? (that's what it says about my device in the "about the phone" section of your 17.1 ROM)
What 11.x OOS firmware version should I download via Oxygen-Updates? Latest regular one or latest beta?
When it comes to extracting the stock ROM via payload-dumper-go: is it save to download the most recent version of the payload-dumper-go-software (1.2.0-1) from the AUR (I'm running Manjaro Linux)?
What folder do I need to copy the extracted stock ROM to in order to execute the commands given here https://wiki.lineageos.org/devices/hotdog/fw_update in the LineageOS Wiki?
Thanks in advance for any help.
pa.trick said:
When starting the Oxygen-Updates App: is "Oneplus 7T Pro" (= Chinese Version?!) the correct device name? (that's what it says about my device in the "about the phone" section of your 17.1 ROM)
Click to expand...
Click to collapse
To be on the safe side, look at the model code on the backside of the device:
HD1910Chinese / HKHD1911IndianHD1913Europe
pa.trick said:
What 11.x OOS firmware version should I download via Oxygen-Updates? Latest regular one or latest beta?
Click to expand...
Click to collapse
Regular; it should be dated around July or August this year, depending on which version.
pa.trick said:
When it comes to extracting the stock ROM via payload-dumper-go: is it save to download the most recent version of the payload-dumper-go-software (1.2.0-1) from the AUR (I'm running Manjaro Linux)?
Click to expand...
Click to collapse
I have downloaded manually from the GH repo. Look at the version number.
pa.trick said:
What folder do I need to copy the extracted stock ROM to in order to execute the commands given here https://wiki.lineageos.org/devices/hotdog/fw_update in the LineageOS Wiki?
Click to expand...
Click to collapse
Does not matter, simply run fastboot from the same directory.
Has anybody had success installing Magisk? How did you do it?
I had LOS 18.1 for microG previously and I just flashed Magisk-v23.0.zip right after having installed that OS and that worked, but with this it doesn't.
EDIT: nvm I'm an idiot and forgot to reboot before installing. Can confirm ROM works with Magisk.
I'll be honest, I'm not yet ready to do the backup/restore/fail/fix dance but I intend to do it as soon as I can; thanks a lot for your work anyways !
If one of these days you come in the French Alps, just message me beforehand ! Beers are due.
This applicable on Oneplus 7T as well right or is the partition layout of Oneplus 7T different from that of Oneplus 7T pro?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Introduction
iodéOS is a privacy-focused operating system powered by LineageOS and based on the Android mobile platform. iodéOS aims at protecting the user's privacy with a built-in adblocker and by freeing the smartphone from snitches.
The objectives in the conception of this ROM are threefold:
To keep the stability and security level of LineageOS, by minimizing the modifications made to the system. Apart the system modifications required by the adblocker, we mainly only added a few useful options commonly found in other custom ROMs, made some cosmetic changes, modified a few default settings to prevent data leaks to Google servers.
To ease a quick adoption of this ROM by new users. We especially target users that are concerned by the protection of their privacy, but are not reluctant to still use inquisitive apps like Google ones. We thus included MicroG as well as a coherent set of default apps (all open source, with one exception), and simplified the initial setup of the system. Particularly, an initialization of MicroG has been made with GCM notifications allowed by default, a privacy-friendly network location provider (DéjàVu) pre-selected, as well as Nominatim Geocoder.
To provide a new and powerful way of blocking ads, malwares, data leaks of all kinds to many intrusive servers. We are developing an analyzer, tightly integrated into the system, that captures all DNS requests and network traffic, as well as a user interface (the iodé app). Compared to some other well-known adblockers, this has the advantages of:
Avoiding to lock the VPN for that use. You can even use another adblocker that uses VPN technology alongside our blocker.
Being independent of the kind of DNS server used by the system or set by an independent app: classical DNS on UDP port 53 or any other one, DNS over TLS (DoT), DNS over HTTPS (DoH), ..., as we capture the DNS requests before they are transmitted to the system function that emits the DNS request. What we do not support, is DoH when it is natively built into applications, i.e. when an app communicates directly with a DoH server, without asking name resolution to the system. It would require to decrypt HTTPS packets between such an app and the DoH server, which may create a big security hole.
Precisely mapping DNS requests and network packets to the Android apps that emitted (or received) them.
Deciding which apps have a filtered network usage (by default, all apps), and which ones can communicate with blacklisted servers.
Since its first versions, we added many features to the iodé blocker: several levels of protection, fine-grained control over the hosts that should be blocked or authorized, displaying statistics on a map to see the quantity of data exchanged to which countries, clearing statistics... We are actively developing the blocker, and new functionalities will be regularly added.
Features
Changes in LineageOS to prevent data leaks:
Default DNS server: Google's DNS replaced by Quad9's 'unblocked' servers in all parts of the system.
A-GPS: patches to avoid leaking personnal information like IMSI to supl server.
Captive portal login: connectivitycheck.gstatic.com replaced by captiveportal.kuketz.de for connectivity check.
Dialer: Google default option replaced by OpenStreetMap for phone number lookup.
Pre-installed apps:
We included many useful default apps, but our choice cannot suit everyone; so we added the possibility to remove them. It can be done at the end of the phone setup, or at any time by going to Parameters -> Apps & Notifications -> Preinstalled apps.
MicroG core apps: GmsCore, GsfProxy, FakeStore.
NLP backends for MicroG : DejaVuNLPBackend (default), MozillaNLPBackend, AppleNLPBackend, RadioCellsNLPBackend, Nominatim Geocoder.
App stores : FDroid (with F-Droid Privileged Extension) and Aurora Store.
Browser: our own fork of Firefox (with Qwant as default search engine, many other ones added, telemetry disabled, parts of telemetry code removed) instead of Lineage’s default browser Jelly.
SMS: QKSMS instead of Lineage's default SMS app.
Email: p≡p (Pretty Easy Privacy).
Camera: our own fork of Open Camera, with a few tweaks.
Maps/navigation: Magic Earth GPS & Navigation (the only one free but not open source).
Keyboard: OpenBoard instead of AOSP keyboard.
PDF: Pdf Viewer Plus.
Personnal notes: Carnet.
{Ad/Malware/Data leak}-blocker: iodé.
News: to keep users informed about our developments, as well as a FAQ.
Meteo: Geometric Weather.
Pre-included FDroid repository:
The apps that we tweak or develop (microG services, the browser based on Firefox, the News app, Open Camera ...) are available through a repository that we included in FDroid (check the "Apps for iodéOS" category). For this purpose and to avoid name conflicts of some apps, we also had to make a few changes in FDroid.
Useful options from other custom ROMs:
Smart charging (disables charging when a given level is reached, to protect battery health).
Fingerprint vibration toggle.
Installation Instructions
To download and flash our latest build, see https://gitlab.com/iode/ota.
You can also find here direct links to the latest builds.
Supported devices
Fairphone FP3/FP3+
Fairphone FP4
Google Pixel 3
Google Pixel 4
Google Pixel 5
Google Pixel 6
Google Pixel 6a
OnePlus 9
OnePlus 9 Pro
Samsung Galaxy A5/A7 2017 (a5j17lte/a7j17lte)
Samsung Galaxy S9/S9+ (starlte/star2lte)
Samsung Galaxy Note 9 (crownlte)
Samsung S10e/S10/S10+ (beyond{0,1,2}lte)
Samsung Note 10 (d1)
Samsung Note 10+ (d2s)
Sony Xperia XA2 (pioneer)
Sony Xperia XZ1 (poplar)
Sony Xperia XZ2 (akari)
Sony Xperia XZ3 (akatsuki)
Xiaomi Mi9 (cepheus)
Teracube 2e
Xiaomi Mi 10T 5G / Mi 10T Pro 5G
Xiaomi Mi 10 Lite 5G
Sources
iodéOS: https://gitlab.com/iode/os
LineageOS: https://github.com/lineageos
device tree: https://gitlab.com/iode/os/public/devices/oneplus/device_oneplus_lemonadep
https://gitlab.com/iode/os/public/devices/oneplus/device_oneplus_sm8350-common
kernel: http://github.com/LineageOS/android_kernel_oneplus_sm8350[/URL]
Bug Reporting
You can post a message in this thread or (preferred) open an issue here.
Credits
LineageOS is a free, community built, aftermarket firmware distribution of android, which is designed to increase performance and reliability over stock android for your device.
All the source code for LineageOS is available in the LineageOS Github repo. If you would like to contribute to LineageOS, please visit their Wiki for more details.
This ROM would be nothing without the tremendous work made on MicroG, and all the other open source apps that we included. We are very grateful to their authors.
Contributors
Direct contributors: @iodeOS, @vince31fr
Indirect contributors (too numerous to list): All the people that contributed to the device tree, to LineageOS, and to the included open source apps.
Sponsoring
You can help in the development of this ROM by paying us a coffee here: https://paypal.me/iodeOS.
Screenshots
Downloads :
iodéOS
04/04/2023 (build 20230401):
Installation procedure: move to a fastboot script (read instructions: https://gitlab.com/iode/ota)
Blocker: improved use of blocking lists (sub-domains blocking)
FDroid: fixes an issue on apps update
LineageOS synchronized with March security patch included
All apps updated
07/02/2023 (build 20230131):
Upgrade to iodéOS 4.0 based on Android 13 / LineageOS 20
Blocker:
Improved blocking settings. You can now choose 'Standard' blocking (ads, trackers, malwares, etc) or 'Reinforced' blocking (same objective but more extensive), and then select additional categories.
The 'Porn' category has been extended to a wider 'Sensitive content' one, that also includes fake news, gambling, drugs, piracy, torrent..., with mainly child protection in mind.
The 'Extreme' category has been removed, as it is now part of the reinforced blocking.
Improved blocking lists. We merge several acknowledged and up-to-date sources, and have diversified our sources to produce more complete lists. The standard list has however been reduced a bit, to avoid as much as possible interference with apps expected behavior.
Added a new network location provider: Local NLP Backend. It is an improved version of the DéjàVu NLP backend which was already available in iodéOS. Like DéjàVu, it builds a local database connecting localizations learned from other NLP backends and apps using GPS, and mobile antennas/Wifi; but also has an active mode (not preselected) that can trigger GPS requests. To configure it: Settings -> System -> microG -> Location modules
LineageOS synchronized with January security patch included
All apps updated
New devices support: Pixel 3, 6, 6a
16/12/2022 (build 20221215): initial publicly available build of iodéOS for OnePlus 9 Pro.
the concept of the rom is amazing, for me who am a fan and study cybersecurity I like it a lot, thanks for that, I had already tried the 'lineage for microg', and I will definitely try this rom, the dns analysis seems to me a great idea, so I can use protonvpn without ads or trackers without complications! thank you for that!
vince31fr said:
Downloads :
iodéOS
16/12/2022 (build 20221215): initial publicly available build of iodéOS for OnePlus 9 Pro.
Click to expand...
Click to collapse
In gitlab there are no specific instructions for the Oneplus 9 Pro, only for the Oneplus 9, and using the lemonadep files with the Oneplus 9 instructions the cell phone cannot start in recovery, it always goes back to the bootloader. I tried flashing the recovery image on the boot partition as well and it didn't work. This using firmware c.63, was on CrDroid earlier.
I flashed the 'dtbo', 'vendor_boot' and 'boot' files from the official lineage build '20221213' files, and reflashed the IODE rom images, but to no avail again.
EDIT:
I was able to install by flashing the rom using the lineage recovery 20221206, the recovery remained the lineage one after the flash.
All required files are here : https://github.com/iodeOS/ota/releases/tag/v3-lemonadep
We'll add instructions for op9 pro asap.
Super grateful for your work so far..
Please can you add Oneplus 8 / 8 pro rom variants
Thank you!
What are the flash instructions?
NameIsOptional said:
What are the flash instructions?
Click to expand...
Click to collapse
They are in post #1 of this thread.
I must have overlooked them. Thank you
pro: it's lineage 19.1, simple, clean, AOSP based rom with embedded microG (also push notifications working)
# appreciate the "preinstalled app" you can skip installing dialer, browser etc (if you have a favourite alternative not listed)
# iodé adblock allows applications and/or domain filter
# it's also compatible with custom kernel
cons: it's still A12L, very basic interface
for those users caring about privacy
@vince31fr : good job, thank you
Have you or anyone else checked if Android Auto works on this ROM? I'm on crDroid but cant get AA to work on it while running microG, seems it might not be doable on A13 with microG at the moment.
SomeDooD123 said:
Have you or anyone else checked if Android Auto works on this ROM? I'm on crDroid but cant get AA to work on it while running microG, seems it might not be doable on A13 with microG at the moment.
Click to expand...
Click to collapse
Not all Google apps are supposed to work without real google service, microG just implements minimal interfaces to be able to assert you ha google services installed even if not
Psk.It said:
Not all Google apps are supposed to work without real google service, microG just implements minimal interfaces to be able to assert you ha google services installed even if not
Click to expand...
Click to collapse
I understand, but it seems like it is possible. Seen some instruction that required a bit more manual work, and zip. Might give this magisk zip a shot if install this ROM this weekend. Will report back if I do in case someone else wants to know.
While I really enjoyed using pixel extended ROM, I had to remind myself why I bought this phone. To de-google. Took the plunge, installed this ROM and couldn't be happier with the results.
This ROM is exactly what I am looking for. I love my OnePlus 9 Pro hardware but want to move from OOS A11 and to a more secure ROM. I have traditionally run privacy oriented ROMs like Calyx and GrapheneOS on Pixels, but am much more pleased with the OnePlus 9 Pro hardware.
I see that you are currently using an A12 base. Will an OTA to an A13 base be available at some point?
Is Warp Charging working?
Also, I tried ProtonOS and had no Verizon 5G, which I rely upon in the USA. Has anyone had success with Verizon 5G?
Lastly, I am willing to pay a dev to remote into my system using TeamViewer for the first installation. If that's workable, I'll PayPal or Zelle you for your time.
Thank you for the great work!
Thermionics300b said:
Lastly, I am willing to pay a dev to remote into my system using TeamViewer for the first installation. If that's workable, I'll PayPal or Zelle you for your time.
Click to expand...
Click to collapse
installation is just a sequence.of actions to perform
- unlock bootloader
- udpate firmware
- install the rom (following lineageos instructions)
- in case of exception EDL tool will reset.your phone to stock
in any case, if you are interested in this project, you can also keep contact with their official channel, to be sure the one helping you knows better than me the iverall system.
regards
*** New Update : 07/02/2023 ***
Upgrade to Android 13 /LineageOS 20
Available as OTA (see OP)
vince31fr said:
*** New Update : 07/02/2023 ***
Upgrade to Android 13 /LineageOS 20
Available as OTA (see OP)
Click to expand...
Click to collapse
is it compatible with c63 firmware
or this build requires fxx one?
(currently LOS 20 supports c63)
direct download link
it looks like the dtbo, vendor_boot, and boot files aren't named correctly. there is no file named "vendor_boot".
also, what firmware do we need to be on to flash this successfully? I tried using C.63 and F.18, and both failed.
Kamigouki said:
it looks like the dtbo, vendor_boot, and boot files aren't named correctly. there is no file named "vendor_boot".
also, what firmware do we need to be on to flash this successfully? I tried using C.63 and F.18, and both failed.
Click to expand...
Click to collapse
I am on 63 and it works
you can get the initial partition by your-self using payload-dumper tool
or use older ones already available online
(dtbo, verdor_boot, boot needs to be older than the rom, otherwise sideload process fails with downgrade error, don't worry if that file are 1 or 2 months older, all partitions are updated during rom flashing process)