Related
I'm very new to android dev, not new to dev in general, though.
I hear ROMs being talked about quite frequently, not sure if I'll get into it, can't seem to find an address of the specific issue:
- What is a ROM?
In the sense, is it the entire OS? Is it the OS + UI? Does it include local apps & contact storage? Like, obviously apps and contacts wouldn't be read-only, but typically ROM means PROM (or some variation (EPROM/EEPROM/FROM, whatever), so I take it with a grain of salt.
From what I gather it's the entire OS + UI, and that's all? But I'm not sure.
Also, is there ways to replace specific parts of the ROM? Ie. Say I want to make modifications to the thread scheduler but I don't want it to touch some of the reliant modules..is it possible to just drop in a new scheduler by overwriting part of the binary image? Or are these things whole-sale?
Reason simply being is I don't like the idea of some random ass ROM that somebody cooked up with god knows how much OS exp controlling everything, as it's a binary it's not like you can crack it open and diff it or anything...or there's no official forks or branches to look at, y'know? Do people just "trust" all these ROM modders/creators?
Sorry for the over-abundance of questions :-X
Oh my god it's already on page 7...bump...?
Take a look at cyanogen mod. It comes with the source which you can fork if you'd like.
Sent from my HTC Desire
ROM - its the entire visible OS that you tend to interact on your phone + the kernel (shipping just the ROM would be useless). Its pretty much every software that you need to get your work done on the phone. You may chose to install additional's but thats just accessorizing your phone. Its called ROM since once you install the OS image over the phone, the region of sd-card is generally marked read-only & you are not expected to make changes to it (concisely /system partition & also /data where the OS can do write operations but again, there are exceptions to this rule too in custom ROMs).
As for Custom ROMS, they are generally forked of the AOSP except for the little nuances the rom maker's add to them (mostly those changes are in form of theme, few apps here & there, icons, wallpapers). I think your question is more specific to custom kernel instead because thats the entity which help/harm your device.
For that, I would suggest you to pick a particular custom release (such as Netarchy, popular for Nexus S)
& read over their change-logs. The kernel devs generally do a great job of maintaining those logs precisely. The initial fork of their kernel too comes from AOSP to which they add specific features such
as ext4 fix a.k.a Turboboost, Voodoo color & sound enhancement, BLN & odd.
Hope I have allayed some of your fears regarding customs software.
Thanks.
Yeah, I just get nervous installing an OS/Kernel blindly.
Changing themes would be nice, and I'd like the ability to do so without dropping in a ROM that can potentially have changes made to the Kernel. I don't like the fact that the ROM encompasses EVERYTHING, therefore it's coupled to the fact that you need a different ROM regardless of what you change.
It should be modular enough that you can modify themes without flashing an entire OS onto it.
Also, what's the chances that if a ROM install fails, you can re-load it (ie. what are the chances of you bricking your phone)? I don't have time for that.
Next to none if you make a nandroid, which is a backup.
Sent from my myTouch 4G using XDA App
rockstarar said:
Next to none if you make a nandroid, which is a backup.
Sent from my myTouch 4G using XDA App
Click to expand...
Click to collapse
It says that only works for the G1.
I completely forgot to ask, apps should stay, right?
I mean they're all in user land, shouldn't have anything to do with the ROM nor actual OS....right? (probably wrong... )
Edit: Important: The newer V4 version of LeSec may no longer be usable for non-Chinese speakers. See this post #17 here, also to discuss alternatives
For all you Lenovo users out there,
I wanted to (re-)introduce this application. Because I have the impression that many Lenovo phone users rather quicly move on to migrated ROM's from for example APKHOT/Smileyvvv/Etotalk etc, where this app is cooked out.
You may want to reconsider going back to it, if it will still work on your phone with whatever ROM you have. It is really a very useful utility:
Firstly, it is a virusscanner. Not sure how useful a virusscanner is on Android, and as I want to avoid that discussion in this thread, that is the last I say about it.
It is also anti-spam. You can black- or whitelist SMS and Calls. See screenshots for an impression. Very useful.
Anti-theft is there. Send SMS upon SIM change, or remotely instruct the phone to send location or self-destruct. I suspect, but did not try, the SMS instruction is stored in /system, so a data-wipe will not undo this. But a good hacker will fully flash, so it only protects against noob thieves, like all anti-theft apps.
But those are common functions, readily availible in other apps. But now for the interesting feature:
It has a firewall. If that is the correct name. Or an app-wall. An permission-wall? You know those apps that you download that for some reason want permission to send SMS? Why does it need that? Or why does it want to read my contacts?
Well, you can per-app decide to block a permission. This app does not need to read my contacts. That app does not need to send SMS. And it will show you if an app tried to anyway. How cool is that?
Guest- and Childmode. Hide some apps. After all, we do not want junior to see daddies tripple-X rated apps. Or the wife. Which is why you can also hide certain contact's and call-history entries (wink, wink). It may also apply to banking apps and your bookie, though that is a bit more boring. Oh, and in Child mode the radio turns of as we want to protect junior from radiation...
Some of you that use Etotalk or APKHOT ROMS may have noticed the notification area buttons to these last two that were dead because this app was missing.
We could of course worry about whether this app in itself is not a spy, reporting everything you do to the Chinese government. But you may not be aware that this is true for *any* Chinese clone you buy. Typically those clonemakers do not release the kernel or framework source, so such a spy would be in there, not in a de-installable app. And if you are really worried about it, make sure you get a phone where you can install CyanogenMod compiled from source.
Personally, I doubt either Lenovo or China is interested in me, and if they do it means they have a Infinitesimals bigger datastore to clog their machinery before they find something on people like Liu Xiaobo or Tenzin Gyatso, which is actually a good thing. But I suspect the app is simply without such sinister intentions.
Anyway, attached is the version I got from my phone. From a Lenovo A750 ICS 4.0.3 S306. But I suspect it works with any phone that uses the Lenovo Framework, so any Lenovo ICS phone that has a not too heavily modded ROM. It did also work on the ICS 4.0.3 Lenovo P700 ROW S113 (Rest Of World edition) edition.
I provide update.zip installers for MT6575 and MT6577 (because I know their partition table). It probably also works on Lenovo Framework phones based on MT6573/MT7513 or even MSM7227/MSM7527, maybe even GB ones. But then you need to take the two *.apk files from inside the zip file, and copy them manually into /system/app, as the update.zip installer will not work for that.
But do try, and please report back if it does or does not work on your phone/rom. There is also an uninstall package. Oh, and you are messing with /system, so as always, at your own risk, ensure you can always flash back a working ROM or have a Nandroid backup before you experiment.
Your zip didn't work on my A789, which is using the apkhot based rom available on forum.china-iphone.ru. After extracting the apk files, copying to /system/app and manually setting permissions, it's working like a charm.
Thanks, I really missed it. On the most recent cooked roms, I miss many things available on the Lenovo official ones, like the fm transmitter, or the butterfly-like widget on the default home screen. Some cookers tend to leave out any non standard apps without even taking some time to know what they do. Not all Chinese apps are rubbish or impossible to understand, and Lenovo is a serious company.
Ok, here you have the FM radio and transmitter of the A789, but it probably does not work, as it is Odex'ed.
And I uploaded seperate installers for MT6575 and MT6577
Also, on your APKHOT, please confirm it actually blocks permissions and blacklists SMS. I am not sure how much the APKHOT deviates from the Lenovo Framework, so merely being able to install and configure may be too soon to tell.
PS: why not try my factory-cleaned A789 ROM? It comes with all those apps by default, and I now have 3 positive feedback.
Come to think of it, why did I take this security app from A750, when A789 is newer....
Edit: Because they are both the same version. In fact the LeSec has not changed since Dec 2010, according to the internal dex binary.
I have tested call blocking and it works, but it isn't so important, since call blocking is a built in feature of the Mediatek framework. You can block calls from any contact you have on your Google account just out of the box, and it works great. I've tested older phones which used older Mediatek chipsets and that feature has been part of the Mediatek framework since MT6573.
The FM transmitter won't work that way, since it is odexed. But it doesn't work deodexed, either. I've just got a deodexed version of the app, thanks to a friend from another forum, and it doesn't work very well. It works, but I had to stick the phone to the antenna on my radio in order to hear something. People I've talked to say that the transmitter works great on the stock Lenovo roms, so maybe it's just some incompatibility with the apkhot roms.
The only reason I'm not using your rom (which I have downloaded) is that I wanted to setup the phone in Spanish, and the rom I'm currently using is the only one I've found which contains that language. Just a quick question: is there any noticable performance increase on the s227 based roms? If so, I don't care using the phone in English, since I just want the most feature rich rom.
Thinking it twice, I've remembered another reason. One of the things I like most about the apkhot rom I'm using is that the external sdcard is mounted on /sdcard and not /mnt/sdcard2, which avoids problems with many apps. I tried one of the newest apkhot roms, based on s227, and none of the tricks to exchange /sdcard and /mnt/sdcard2 worked with it.
I'll reply to that in the A789 thread, as we seem to deviate from the security app.
cybermaus said:
Edit: Because they are both the same version. In fact the LeSec has not changed since Dec 2010, according to the internal dex binary.
Click to expand...
Click to collapse
I remember there was an update of that app on my A750 with your ROM. Now with apkhot I installed that package posted above and I have the older / original version. But there is no update offered...
That was probably on the S148 Gingerbread ROM. That one has an older version. I know, because I messed up trying to install it, as I had that older GB version and the new ICS one both in my Titanium backup. Also, the Dec 2010 date is probably false, I just got OTA ROW_S114, and it too had all files timestamed to Dec 2010. But I am certain the LeSec from S306 and S227 are the same, the binary compared identical. Official version is V3.5.1.3.5.2.0041 and the update button tells me there is no newer.
Every so often it does update the virus/blacklist signatures, but that is not the app itself. Current virus signature 2012.09.14 Current harasment (blacklist) 2012.07.11
But if you find a newer one, please do let me know.
I've been trying LeSec further and it works, but I found a problem I wasn't able to fix, so, until I found a solution, I've freezed it with Titanium Backup. The problem is that I'm using Go SMS Pro, instead of the default messaging app, since I need to write SMS in Spanish and the default app doesn't support Spanish characters like accents, etc. Go SMS Pro works, but every time I send an SMS, LeSec thinks an unauthorized app is trying to send an SMS in the background, and shows a popup to let you decide whether to allow it or not. I haven't found a way to disable that, and it's a bit annoying having to click two buttons everytime I want to send a message.
Its probably a silly question, but you did go into LeSec->ChargeShield-SMS and ensure that your app was allowed to send SMS in background?
Probably for reasons of 'likely form of attack' the SMS apps are (unlike other permissions) by default in a 'Warning' setting, but if the warning does not come to the foreground on your phone, it may simply not work.
Also, rather than freezing LeSec completely, you could go into ChargeShield, and simply turn of the ChargeShield.
cybermaus said:
That was probably on the S148 Gingerbread ROM. That one has an older version. I know, because I messed up trying to install it, as I had that older GB version and the new ICS one both in my Titanium backup. Also, the Dec 2010 date is probably false, I just got OTA ROW_S114, and it too had all files timestamed to Dec 2010. But I am certain the LeSec from S306 and S227 are the same, the binary compared identical. Official version is V3.5.1.3.5.2.0041 and the update button tells me there is no newer.
Click to expand...
Click to collapse
No, I used the S148 just some days and updated to your S306 V1.2 and simply stayed there, because it works very well. After some time it offered me an update and the user interface changed a bit with that update. The way how you set privacy on app level and so on. The update button itsself never worked for me either.
Sadly, backup never worked on that rom. I found that out as I wanted to try apkhot. To be honest, I didn't try on apkhot, yet.
A few minutes ago, I was offered a 4.1.4 version and installed it. Now it's purely chinese
Maybe I have to reboot the phone for english...
From the design it is a version newer than the version I wrote about...
leFloyd said:
A few minutes ago, I was offered a 4.1.4 version and installed it. Now it's purely chinese
Maybe I have to reboot the phone for english...
From the design it is a version newer than the version I wrote about...
Click to expand...
Click to collapse
Well, before you put the old one back, safe this one for me will ya.
cybermaus said:
Well, before you put the old one back, safe this one for me will ya.
Click to expand...
Click to collapse
I don't want the old one back - I want this one to be english
How do I save it? Any idea where it has downloaded it's update? This was done within the app...
Well, it would have simply replaced the two apk's in the /system/app folder.
So look for:
LenovoSafeCenter.apk
LenovoSageWidget.apk
or something similar, it could have changed its name, or added a 3rd component.
Got the files?
Sent from my Lenovo A750 using xda app-developers app
Well, it seems that Lenove Security (LeSec for short, and LenovoSafeCenter officially) is becoming less usuable. As mentioned above, it is fully Chinese, no Engrish anywere.
I had a look at the new V4 of it, even decompiled it. Not only 100% Chinese, but is hardcoded in the app, there are no resource xml files that we could translate. A big pity.
Also, there is one app (Waze, a social car navigation app) that in the latest version is incompatible with LeSec. Though it is at this moment the only incompatibility I ran into, it is also a pity.
That may mean we need to find an alternative:
For now, these two has shown up:
LBE : Somehow, I think LBE is actually the company that makes Lenovo LeSec. Or at least, there logo is shown in the about menu of LeSec as part of the "in cooperation with" mentions. Maybe the reason why the free LeSec is limiting itself?
Anyway, I am trying out LBE at the moment, to see how it works.
pDroid : pDroid looks promising. Specifically, they are promising ICS support, but right now, only GB, so one to keep an eye on, but not availible to us just yet.
Permissions Denied : A Paid app. But if it works well, it may be worth it. Not looked at it yet.
So, LBE seems to work well. It does not have the hiding of apps for 'child mode' and 'privacy mode'. Nor does it have the 'anti-theft' or 'virus-scan' but it does the permissions thing well.
I tested, it nicely prompted/blocked permissions. And to be honest, using a slight more clear interface. If it is permissions, which was indeed what I was after, LBE seems to do the job. I also like I can block internet use separate for 3G and Wireless. Very useful.
One problem though: Waze is failing in the same way as with LeSec. Even if I make it a 'trusted' app. It seems the latest version of Waze simply does not like to be looked at too closely.
anti theft
I cannot input number In anti theft . for ex if I write +35989xxxxx I need two more digits but it does not allow it. If I write in national format 0899.... I have to write more digits than the phone number has. Any solution?
As mentioned, while I started enthusiastic about LeSec, it is now focussing too much on China alone. Not as good internationally.
Try using one of the other anti-theft solutions.
Hi everyone,
can you recommend me some custom Android ROMs with focus on better security? Or isolate of dependence on Google?
Both of them together will be the best.
My phone is Samsung Galaxy S2.
Many thanks
dj.houba said:
Hi everyone,
can you recommend me some custom Android ROMs with focus on better security? Or isolate of dependence on Google?
Both of them together will be the best.
My phone is Samsung Galaxy S2.
Many thanks
Click to expand...
Click to collapse
Cyanogen or GingerBread are some good ROMS for good security, as I know.
D-J Mutant said:
Cyanogen or GingerBread are some good ROMS for good security, as I know.
Click to expand...
Click to collapse
Thanks, yes, I know about Cyanogen.
Oh you mean GingerBread from Google? This is exactly what I don't want. I want to separate from Google, coz we all know about NSA case. So I thought, there will be some developers, who will try to build some custom ROM and try to eliminate "Big brother" and focus mainly on security.
Omnirom is supposed to be security and privacy consious.
Sent from my Nexus 7 using XDA Premium 4 mobile app
Well I'd suggest the cyanogenmod, but without the google apps. They're optional.
In the nexus 4 section there is an aokp that is patched so built in Google analytics are gone. There is a patch that can be applied to other ROMs.
Custom roms, including Cyanogenmod, have a history of BAD security. Many rom developers end up introducing new vulnerabilities. In the past, some hardened Android builds existed, but I know of no current hardened roms.
I personally would stay away from custom roms, and stick to as close to AOSP as possible, signed with your own private keys. (and no Omnirom, AOKP, Cyanogenmod are NOT AOSP in any way shape or form.)
jcase said:
Custom roms, including Cyanogenmod, have a history of BAD security. Many rom developers end up introducing new vulnerabilities. In the past, some hardened Android builds existed, but I know of no current hardened roms.
I personally would stay away from custom roms, and stick to as close to AOSP as possible, signed with your own private keys. (and no Omnirom, AOKP, Cyanogenmod are NOT AOSP in any way shape or form.)
Click to expand...
Click to collapse
Is that so , see from what u saying ,,, the ASOP is better then the other build rite
Sent From GT i9300
jcase said:
Custom roms, including Cyanogenmod, have a history of BAD security. Many rom developers end up introducing new vulnerabilities. In the past, some hardened Android builds existed, but I know of no current hardened roms.
I personally would stay away from custom roms, and stick to as close to AOSP as possible, signed with your own private keys. (and no Omnirom, AOKP, Cyanogenmod are NOT AOSP in any way shape or form.)
Click to expand...
Click to collapse
How do you get your own private key and what does that do? Sorry, I have never heard of this, so I'm sure others are probably also wondering.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Thanks
Thanks, I was trying different ROMs, finally I chose PAC-MAN ROM without Google apps
Hello !
does it mean that any modded stock rom with GApps will be insecure ?
Thx
just youtube some galaxy s2 roms you'll find reviews on some good roms
JamieFL said:
How do you get your own private key and what does that do? Sorry, I have never heard of this, so I'm sure others are probably also wondering.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
http://www.kandroid.org/online-pdk/guide/release_keys.html
something like this
I think you can skip "make dist" part, just do a regular build as you would normally (CyanogenMod ==> brunch your_device
you can fine the need file under "out/target/product/hammerhead/obj/PACKAGING/target_files_intermediates/cm_hammerhead-target_files-")
for Cyanogenmod Nexus 5 for ex (hammerhead )
source build/envsetup.sh
brunch hammerhead
and you'll fine the target_files zip under
out/target/product/hammerhead/obj/PACKAGING/target_files_intermediates/
that the one you need to feed to build/tools/releasetools/sign_target_files_apks
There are some really exciting Android security projects out there... For instance, one awesome function a-la-Truecrypt involves full disk encryption with plausible deniability. You are able to give out a first-layer passphrase if you are coerced - yet a truly private volume remains secure and disguised within the apparent unused portion of the storage disk.
Yet it's unlikely that any of this is relevant to you, otherwise you wouldn't be asking this sort of thing. When it comes to security leaks, try to barricade off the paths of least resistance from the ground up. For instance, even all of that wouldn't do much good if you had forensic evidence of your phone config on your computer, a lockscreen that could be bypassed, a phone seized whilst still turned with encryptions keys remaining in RAM, etc. Also keep in mind all of the data you are sending out in the clear via your cloud storage, SMS/IM, WiFi, etc.
So in the end, just pick a ROM that runs smoothly and you enjoy. Whatever you end up deciding, make absolutely certain to:
- encrypt with strong passphrase (then use cryptfs app to create a shorter lock screen key)
- disable USB debugging
---------- Post added at 06:06 AM ---------- Previous post was at 05:32 AM ----------
JamieFL said:
How do you get your own private key and what does that do? Sorry, I have never heard of this, so I'm sure others are probably also wondering.
Sent from my Nexus 5 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
This probably isn't exactly spot on, but here's a rough sysnopsis... When a ROM is built from source, the creator "signs" their creation (i.e. the ROM and the apps within). This way you can be sure that you're indeed getting an official ROM built by AOKP (or whomever) and not by some malicious 3rd party. Likewise, the Android OS uses signatures to ID which files are legitimate and given permission to run (i.e. official updates). However, there have been incidents with custom ROMs when this functionality has been exploited. This could allow an otherwise innocuous seeming app to deploy hidden malware and cloak itself as a legitimate app, gaining full rights to the phone.
A self-built ROM with your own private key is presumably safer against such an attack. I don't think most people would need to be concerned about this, but still something to keep in mind. Unfortunately jcase is spot on about custom ROMs almost always creating or exposing more vulnerabilities than stock. For instance, features like ADB or USB-OTG are often enabled by default. If that wasn't bad enough, in the event that your phone is ever lost/stolen/seized, having a custom recovery installed is pretty much handing over your identity with a bow wrapped on top. It makes it easy for anyone to bypass PIN/password/face/gesture-lock or dump off the entire disk image. Not to mention analysis can reveal your account passwords, WiFi keys, SMS, phone records, photos. Most of these vulnerabilities can be safeguarded against with careful consideration, but you certainly won't get there by default.
dj.houba said:
Thanks, yes, I know about Cyanogen.
Oh you mean GingerBread from Google? This is exactly what I don't want. I want to separate from Google, coz we all know about NSA case. So I thought, there will be some developers, who will try to build some custom ROM and try to eliminate "Big brother" and focus mainly on security.
Click to expand...
Click to collapse
The only way to eliminate the ability of a nation-state interfering in your data would be to not generate any. If they're watching you, then stopping them from watching you isn't going to be possible. So it's better to ensure that when they watch you appear innocent.
Granted, I'm not saying you shouldn't take any precautions. But to truly get away from their snooping you're probably better of without a phone.
fadedout said:
There are some really exciting Android security projects out there... For instance, one awesome function a-la-Truecrypt involves full disk encryption with plausible deniability. You are able to give out a first-layer passphrase if you are coerced - yet a truly private volume remains secure and disguised within the apparent unused portion of the storage disk.
Yet it's unlikely that any of this is relevant to you, otherwise you wouldn't be asking this sort of thing. When it comes to security leaks, try to barricade off the paths of least resistance from the ground up. For instance, even all of that wouldn't do much good if you had forensic evidence of your phone config on your computer, a lockscreen that could be bypassed, a phone seized whilst still turned with encryptions keys remaining in RAM, etc. Also keep in mind all of the data you are sending out in the clear via your cloud storage, SMS/IM, WiFi, etc.
So in the end, just pick a ROM that runs smoothly and you enjoy. Whatever you end up deciding, make absolutely certain to:
- encrypt with strong passphrase (then use cryptfs app to create a shorter lock screen key)
- disable USB debugging
---------- Post added at 06:06 AM ---------- Previous post was at 05:32 AM ----------
Click to expand...
Click to collapse
:good: Excellent advice.
I still wonder if AOSP or any of the bigger custom ROMs without Gapps is truly Google free. I have been browsing the forums for a while on that question but cant really find a good answer. Google free meaning: it doesn't communicate in any way on any moment with Google.
Anyone who can verify that? Has there ever been a XDA'er who researched this? For some it seems an assumption and some think since Android is developed by Google they surely try to analyze even AOSP roms or derivatives.
Liberr said:
I still wonder if AOSP or any of the bigger custom ROMs without Gapps is truly Google free. I have been browsing the forums for a while on that question but cant really find a good answer. Google free meaning: it doesn't communicate in any way on any moment with Google.
Anyone who can verify that? Has there ever been a XDA'er who researched this? For some it seems an assumption and some think since Android is developed by Google they surely try to analyze even AOSP roms or derivatives.
Click to expand...
Click to collapse
It only sends version statistics to Google, and there's a build.prop setting that allegedly disables it (ro.config.nocheckin=1) -- haven't tried it because I'd rather show my pride in Gingerbread
smartymcfly said:
There is a patch that can be applied to other ROMs.
Click to expand...
Click to collapse
What and where is this patch?
I would think you could block all of Google's ip address's in your host file on any rom also.
You could edit the host file before flashing it.
Given the age of this phone, I simply wanted to ask a question on the last, best ROM that brings this phone to the most recent Android version, and provides security fixes? The newest ROM I can find is the Carbon ROM: http://forum.xda-developers.com/myt...ent/rom-carbonrom-mt4gs-april-8-2015-t3077527 based on 4.4.4, and is newer than the Virtuous ROM I have been using on this phone (4.0.3), as I believe that one of the most recent ROMS that supported TMobile wifi calling (although I'm now on Google FI). I don't use this phone as a daily driver, but I do try to keep it updated, and available as a spare.
ebrandsberg said:
Given the age of this phone, I simply wanted to ask a question on the last, best ROM that brings this phone to the most recent Android version, and provides security fixes? The newest ROM I can find is the Carbon ROM: http://forum.xda-developers.com/myt...ent/rom-carbonrom-mt4gs-april-8-2015-t3077527 based on 4.4.4, and is newer than the Virtuous ROM I have been using on this phone (4.0.3), as I believe that one of the most recent ROMS that supported TMobile wifi calling (although I'm now on Google FI). I don't use this phone as a daily driver, but I do try to keep it updated, and available as a spare.
Click to expand...
Click to collapse
Even under the circumstances (lack of activity on the Doubleshot forum - RIP), the question remains very subjective. I still keep my Doubleshot/"media player" up-to-date as much I can, and post the new builds, but it seems I am the only one here that is doing that. So the questions intent (instead of army of one) reads to me as the best over time. Still, it depends on what your needs are.
If you need the latest security patches, there seems to be only one choice. If you need maximum functionality of the device, you would be locked into stock or stock-based (e.g. MikTouch), if you don't care about either but want a balance of performance and features, then there are a myriad of ROM's out there still (TBalden's CM10.1 still leaves a special spot in my heart).
Mind you, the latest available still is not infallible. There are currently two vulnerabilities that can act as a vector for QuadRooter, and one of them may not be fixed (I patched the file as per the guidelines, but it is still picking up on that vulnerability) without having to upgrade the kernel (I attempted a build with a 3.4 kernel, and I'm running into includes/undeclared problems I don't know how to fix). If you use only the Play Store (that is, only verified apps), it's not a problem, but I wanted to share the latest detail at any rate.
I'm having an issue with my bank's mobile app, because it's trying to test for the presence of a fingerprint reader using FingerprintManager.isHardwareDetected() but my phone (OnePlus One) doesn't have one. On LineageOS 14.1 (Android 7.1.2) this was fine, because there was still a FingerprintManager registered as a system service, so that method was still usable and returned false. On LineageOS 15.1 (Android 8.1.0), it seems like because there is no fingerprint reader, the system FingerprintManager is never registered, so trying to call the method belonging to it results in a NullPointerException and the app crashes.
https://issuetracker.google.com/issues/36720301 describes the issue existing on upstream AOSP on a Pixel C tablet (which obviously has no fingerprint reader) so does this suggest that it's an intentional change in behaviour and not necessarily a bug in LineageOS and that it'll have to be fixed by all app developers that use fingerprints rather than a fix to the OS? I've already tried to feed this back to the bank, but since they don't support rooted phones and custom ROMs, if this is a LineageOS issue then I doubt they will fix it...
https://imgur.com/a/GziEpbj
I am a noobie when it comes to custom ROMs and Android. So if more experienced readers say don't do it, listen to them and not to me.
A) Since your phone is rooted, is there a way to sideload a patch that hard codes a "no fingerprint reader" response when the device is queried?
B) Can you sideload a compatible version of Fingerprint Manager and register it?
C) If Fingerprint Manager is already present is there a means of registering it?
I have some experience dealing with banks. Have you explained that your phone's OEM ROM developer Cyanogen has gone out of business. You have no option but to use custom ROMs if you want to stay current with Android development and security updates. Sometimes all it takes is providing the germaine information to a decision maker to obtain optimal results.
Sent from my OnePlus 5 using XDA Labs
Pack Leader said:
I am a noobie when it comes to custom ROMs and Android. So if more experienced readers say don't do it, listen to them and not to me.
A) Since your phone is rooted, is there a way to sideload a patch that hard codes a "no fingerprint reader" response when the device is queried?
B) Can you sideload a compatible version of Fingerprint Manager and register it?
C) If Fingerprint Manager is already present is there a means of registering it?
I have some experience dealing with banks. Have you explained that your phone's OEM ROM developer Cyanogen has gone out of business. You have no option but to use custom ROMs if you want to stay current with Android development and security updates. Sometimes all it takes is providing the germaine information to a decision maker to obtain optimal results.
Sent from my OnePlus 5 using XDA Labs
Click to expand...
Click to collapse
A) my phone isn't rooted - I've actively avoided it because I want to use it as an everyday phone for banking and stuff without messing about with Magisk and the like. I don't do anything on it that needs root, and LineageOS ships without root as standard so I've never bothered.
B) It's not really a thing you load, it's part of the OS - I would imagine there's a way of writing a "mock" fingerprint service but I'm far from any kind of developer, let alone Android hardware specific, so it's beyond me
C) This seems the most likely fix, but like I said, it's way beyond my expertise. Building LineageOS, just fine - there are fairly idiot-proof instructions that were easy to follow, but I wouldn't know where to start in modifying it
I did send a tweet to the bank (they have no proper channels for feedback on their apps) and sent them a link to an AOSP bug of the same error happening on stock Android on a Google Pixel C (which is a tablet with no fingerprint reader) which contained a potential solution (checking for the system reporting that it has fingerprint capability, rather than just blindly relying on the FingerprintManager being present) but all they said was "thanks, we'll pass it on to the appropriate team". So who knows whether they get the problem and are interested in working around it - if it's an issue with AOSP and therefore all 8.1 devices without fingerprints, I might get lucky, otherwise I'm sure a fix won't be forthcoming