First of all, thanks to @javad490, most of this is based on his thread: [Custom][ROM] For j1(2016) j120F Android 5.1.1.
I take no responsibility for any damage or data loss - proceed at your own risk.
Below you will find step-by-step instructions on how to do what's in the title of thread.
I've made backups at every step, which I can upload on request.
SM-J120FN CUSTOM SETUP (1.0-170620)
Probably also 100% compatible with SM-J120F.
0 - Initialize device
Install latest Smart Switch for desktop (2017-05-26 - 4.1.17054_16)
Initialize device & update (2017-03-14 - PDA:QC1 / CSCL1 / PHONE:QC1 (SEE))
1 - Flash TWRP Recovery
Install latest Odin3 (2017-05-06 - 3.12.7)
Flash compatible TWRP Recovery (2016-12-31 - 3.0.2-0)
⇒ Backup 1 (stock)
2 - Flash latest SuperSU (2017-05-27 - 2.82)
⇒ Backup 2 (sprsu)
3 - Flash Debloat & Tweak and configure (1.0-170619)
WARNING: This script removes 167 out of 202 packages and 286 files/directories, and installs a few essential apps (see details).
Please review the bloat list and/or the script so you don't remove anything you want to keep.
You can also have the script install apps of your choosing (just place them in the correct directory).
Before & After
Details:
⇒ Debloat & tweaks by javad490 (2017-05-27)
1 - Debloat (full list (.ods)) (2017-06-19)
Imporant sources:
Debloater and Deknox Patch (2017-03-08)
Remove GApps (2017-04-28)
2 - Tweaks (2017-06-16)
Custom boot animation and sound (2017-06-16)
Boot: SciFi Droid (2016-07-01)
Shutdown: Blue Cube Shutdown (2015-06-11)
more: here and here
Tweaks by javad490 (2017-05-27)
improve Camera quality (2016-12-26)
50 tweaks (2016-11-22)
SpeedUp Wifi-3G-Lte (2016-09-15)
3 - Install apps (1.0-170620)
BusyBox (2017-01-18 - 1.26.2)
This is only an installer app, install Busybox manually
F-Droid (2017-06-02 - 0.103.2)
IzzyOnDroid Repository: https://apt.izzysoft.de/fdroid/repo
Yalp Store (2017-06-14 - 0.17)
Ghost Commander (2017-06-18 - 1.54)
Requires Busybox for root functions
KISS Launcher (2017-05-12 - 2.30.2)
Tap the O in the search bar to get a list of all apps
AnySoftKeyboard (2017-06-16 - 1.8.844)
Manually run app and setup to enable
Disa (2017-05-24 - 0.9.9-317)
Manually run app and setup to enable SMS
Click to expand...
Click to collapse
⇒ Backup 3 (dbltw)
4 - Install Xposed
Flash compatible Xposed Framework (2016-07-09 - 0.86)
Install latest Xposed Installer (2016-10-31 - 3.11)
⇒ Backup 4 (xposd)
5 - Install microG Services
Install FakeGApps with Xposed Installer (2016-03-04 - 1.1)
Enable and reboot
Install microG with F-Droid
microG Services Core (2017-06-12 - 0.2.4-103-gd9e86d9)
microG Services Framework Proxy (2016-02-07 - 0.1.0)
FakeStore (2016-11-16 - 0.0.2) - be sure to install 0.0.2 from microG repo
microG DroidGuard Helper (2017-05-19 - 0.1.0-10-gf64bf69)
Nlp Backends:
NominatimNlpBackend (2017-05-22 - 1.2.2)
OpenBmapNlpBackend (2016-12-09 - 0.2.6)
LocalGsmNlpBackend (2016-12-01 - 1.4.9)
LocalWifiNlpBackend (2016-08-21 - 1.1.6)
MozillaNlpBackend (2016-04-08 - 1.3.2)
Configure and reboot
⇒ Backup 5 (mcrog)
6 - Flash App installer, configure apps and reboot (1.0-170620)
App path inside zip must be: /apps/data/app.package.name-1/base.apk or /apps/system/app.package.name/base.apk
WARNING: make sure to download the correct APK for your system. For J120FN this is armeabi-v7a.
This script cannot handle updates - only use it to install apps for the first time
⇒ Backup 6 (final)
Installed apps:
Apps installed with Debloat script (see 3)
DAVdroid (1.6.1-ose)
Nextcloud (1.4.3)
oandbackup (0.2.12.1)
K-9 Mail (5.206)
Open Camera (1.38.2)
Camera Roll (1.5.2 Beta)
Vanilla Music (1.0.53)
Document Viewer (2.7.9)
Document Viewer Font Pack (2.3)
LibreOffice Viewer (5.3.0.0.alpha1+/4136757)
AddressToGPS (1.32)
MAPS.ME (7.3.5-Google)
Clock+ (1.1.3)
Etar (1.0.12)
Nextcloud Notes (0.11.0)
OpenTasks (1.1.8.2)
Calculator (5.4)
Firefox (54.0)
HTTPS Everywhere
uBlock Origin
Wi‐Fi Privacy Police (2.2.4)
EzraZebra said:
3 - Flash Debloat & Tweak and configure (1.0-170619)
WARNING: This script removes 167 out of 202 packages and 286 files/directories, and installs a few essential apps (see details).
Please review the bloat list and/or the script so you don't remove anything you want to keep.
You can also have the script install apps of your choosing (just place them in the correct directory).
Before & After
Details:
⇒ Backup 3 (dbltw)
Click to expand...
Click to collapse
The link for "Debloat & Tweak" is down, could someone please provide me with a working link ?
FIRST THINGS FIRST, SERIOUSLY:Your warranty was void as soon as you unlocked your bootloader.
Although Kali Nethunter should be safe to use, I am not responsible for whatever happens to your device, router, or whatever networking infrastructure because of YOU misusing the available facilities of Kali.
Remember that while Kali can be absolutely safe, if you handle root access improperly, no one will help you.
Make sure you read all of the info here and have some basic knowledge about networking, kernels and Linux/Unix.
Even if you're able to find a vulnerability on a different host (often called victim) , don't misuse the advantage you have.
Report the issue to the device's owner and the OEM. Do not complain if the attacks aren't working. Security has been ramping up ever since the wikileaks incident and the Edward Snowden thing.
FEATURES:
Kali NetHunter Application
Home Screen - General information panel, network interfaces and HID device status.
Kali Chroot Manager - For managing chroot metapackage installations.
Check App Update - For checking Kali NetHunter Android App updates.
Kali Services - Start / stop various chrooted services. Enable or disable them at boot time.
Custom Commands - Add your own custom commands and functions to the launcher.
MAC Changer - Change your Wi-Fi MAC address (only on certain devices)
VNC Manager - Set up an instant VNC session with your Kali chroot.
HID Attacks - Various HID attacks, Teensy style.
DuckHunter HID - Rubber Ducky style HID attacks
BadUSB MITM Attack - Nuff said.
MANA Wireless Toolkit - Setup a malicious Access Point at the click of a button.
MITM Framework - Inject binary backdoors into downloaded executables on the fly.
NMap Scan - Quick Nmap scanner interface.
Metasploit Payload Generator - Generating Metasploit payloads on the fly.
Searchsploit - Easy searching for exploits in the Exploit-DB.
3rd Party Android Applications (WIP)
NetHunter Terminal Application
DriveDroid
USB Keyboard
Shodan
Router Keygen
cSploit
INSTALLATION
IMPORTANT NOTE: Kali NetHunter is NOT an Android ROM, but it is an overlay ( you have to flash it above android).
The builds currently provided are to be used on Nougat based custom ROMs ONLY. (which use the CM kernel)
Installing it on a ROM which uses the CM 12.1 kernel.
1. Make sure you are running the latest available build of the ROM you have installed.
2. Reboot to TWRP.
3. Make sure you backup Boot, System and Data partitions, just incase you want to remove Kali, you can restore it.
3. Wipe Cache and ART Cache (Formerly known as Dalvik Cache). Do NOT wipe your data partition.
4. Install the zip file.
5. Reboot to System.
POST INSTALLATION:
1. Open the NetHunter App and start the Kali Chroot Manager.
2. You might want to download the real packages which might be around 400-500 MB in size.
3. Set up Hacker Keyboard.
4. Configure Kali Services, such as SSH.
5. Set up custom commands.
6. Initialize the Exploit Database.
Screenshots:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Download:
GDrive
LTE????
Ming Kent said:
LTE????
Click to expand...
Click to collapse
what?
andrw.gldmn said:
FIRST THINGS FIRST, SERIOUSLY:Your warranty was void as soon as you unlocked your bootloader.
Although Kali Nethunter should be safe to use, I am not responsible for whatever happens to your device, router, or whatever networking infrastructure because of YOU misusing the available facilities of Kali.
Remember that while Kali can be absolutely safe, if you handle root access improperly, no one will help you.
Make sure you read all of the info here and have some basic knowledge about networking, kernels and Linux/Unix.
Even if you're able to find a vulnerability on a different host (often called victim) , don't misuse the advantage you have.
Report the issue to the device's owner and the OEM. Do not complain if the attacks aren't working. Security has been ramping up ever since the wikileaks incident and the Edward Snowden thing.
FEATURES:
Kali NetHunter Application
Home Screen - General information panel, network interfaces and HID device status.
Kali Chroot Manager - For managing chroot metapackage installations.
Check App Update - For checking Kali NetHunter Android App updates.
Kali Services - Start / stop various chrooted services. Enable or disable them at boot time.
Custom Commands - Add your own custom commands and functions to the launcher.
MAC Changer - Change your Wi-Fi MAC address (only on certain devices)
VNC Manager - Set up an instant VNC session with your Kali chroot.
HID Attacks - Various HID attacks, Teensy style.
DuckHunter HID - Rubber Ducky style HID attacks
BadUSB MITM Attack - Nuff said.
MANA Wireless Toolkit - Setup a malicious Access Point at the click of a button.
MITM Framework - Inject binary backdoors into downloaded executables on the fly.
NMap Scan - Quick Nmap scanner interface.
Metasploit Payload Generator - Generating Metasploit payloads on the fly.
Searchsploit - Easy searching for exploits in the Exploit-DB.
3rd Party Android Applications (WIP)
NetHunter Terminal Application
DriveDroid
USB Keyboard
Shodan
Router Keygen
cSploit
INSTALLATION
IMPORTANT NOTE: Kali NetHunter is NOT an Android ROM, but it is an overlay ( you have to flash it above android).
The builds currently provided are to be used on Nougat based custom ROMs ONLY. (which use the CM kernel)
Installing it on a ROM which uses the CM 12.1 kernel.
1. Make sure you are running the latest available build of the ROM you have installed.
2. Reboot to TWRP.
3. Make sure you backup Boot, System and Data partitions, just incase you want to remove Kali, you can restore it.
3. Wipe Cache and ART Cache (Formerly known as Dalvik Cache). Do NOT wipe your data partition.
4. Install the zip file.
5. Reboot to System.
POST INSTALLATION:
1. Open the NetHunter App and start the Kali Chroot Manager.
2. You might want to download the real packages which might be around 400-500 MB in size.
3. Set up Hacker Keyboard.
4. Configure Kali Services, such as SSH.
5. Set up custom commands.
6. Initialize the Exploit Database.
Screenshots:
View attachment 4218941View attachment 4218942View attachment 4218943
Download:
GDrive
Click to expand...
Click to collapse
Thank youu so much..
We need stuff like..
Tnks for your hardwork.. :*
---------- Post added at 04:31 AM ---------- Previous post was at 04:30 AM ----------
Ming Kent said:
LTE????
Click to expand...
Click to collapse
Noe LTE screen shot from other phone..???
andrw.gldmn said:
FIRST THINGS FIRST, SERIOUSLY:Your warranty was void as soon as you unlocked your bootloader.
Although Kali Nethunter should be safe to use, I am not responsible for whatever happens to your device, router, or whatever networking infrastructure because of YOU misusing the available facilities of Kali.
Remember that while Kali can be absolutely safe, if you handle root access improperly, no one will help you.
Make sure you read all of the info here and have some basic knowledge about networking, kernels and Linux/Unix.
Even if you're able to find a vulnerability on a different host (often called victim) , don't misuse the advantage you have.
Report the issue to the device's owner and the OEM. Do not complain if the attacks aren't working. Security has been ramping up ever since the wikileaks incident and the Edward Snowden thing.
FEATURES:
Kali NetHunter Application
Home Screen - General information panel, network interfaces and HID device status.
Kali Chroot Manager - For managing chroot metapackage installations.
Check App Update - For checking Kali NetHunter Android App updates.
Kali Services - Start / stop various chrooted services. Enable or disable them at boot time.
Custom Commands - Add your own custom commands and functions to the launcher.
MAC Changer - Change your Wi-Fi MAC address (only on certain devices)
VNC Manager - Set up an instant VNC session with your Kali chroot.
HID Attacks - Various HID attacks, Teensy style.
DuckHunter HID - Rubber Ducky style HID attacks
BadUSB MITM Attack - Nuff said.
MANA Wireless Toolkit - Setup a malicious Access Point at the click of a button.
MITM Framework - Inject binary backdoors into downloaded executables on the fly.
NMap Scan - Quick Nmap scanner interface.
Metasploit Payload Generator - Generating Metasploit payloads on the fly.
Searchsploit - Easy searching for exploits in the Exploit-DB.
3rd Party Android Applications (WIP)
NetHunter Terminal Application
DriveDroid
USB Keyboard
Shodan
Router Keygen
cSploit
INSTALLATION
IMPORTANT NOTE: Kali NetHunter is NOT an Android ROM, but it is an overlay ( you have to flash it above android).
The builds currently provided are to be used on Nougat based custom ROMs ONLY. (which use the CM kernel)
Installing it on a ROM which uses the CM 12.1 kernel.
1. Make sure you are running the latest available build of the ROM you have installed.
2. Reboot to TWRP.
3. Make sure you backup Boot, System and Data partitions, just incase you want to remove Kali, you can restore it.
3. Wipe Cache and ART Cache (Formerly known as Dalvik Cache). Do NOT wipe your data partition.
4. Install the zip file.
5. Reboot to System.
POST INSTALLATION:
1. Open the NetHunter App and start the Kali Chroot Manager.
2. You might want to download the real packages which might be around 400-500 MB in size.
3. Set up Hacker Keyboard.
4. Configure Kali Services, such as SSH.
5. Set up custom commands.
6. Initialize the Exploit Database.
Screenshots:
View attachment 4218941View attachment 4218942View attachment 4218943
Download:
GDrive
Click to expand...
Click to collapse
Where is the file?? Not found on the link pls update the link
This thread is deprecated - please refer to its LineageOS 18.1 successor thread
This thread is dedicated to provide hardened Lineage-OS 17.1 builds with microG included for the OnePlus 3/3T with current security patches.
It is the successor of my Lineage 16.0 thread.
It may be worth to also look there, if you are looking for information.
Features of this ROM
Download here
Pre-installed microG and F-Droid like LineageOS for microG project (own fork)
Pre-installed AuroraStore
OTA Support
eSpeakTTS engine
Bromite as default browser
Additional security hardening features listed below
Cloudflare as default DNS (instead of Google)
Privacy-preferred default settings
Optional blocking of Facebook- and Google-Tracking (Settings - Network & Internet)
Optional disable captive portal detection or choose from various providers (default is GrapheneOS and not Google; Settings - Network & Internet)
Firewall UI (under Trust)
Increased max. password length of 64
No submission of IMSI/phone number to Google when GPS is in use
Default hosts file with many blocked ad/tracking sites
Privacy-enhanced Bromite SystemWebView
Extra control of sensor access for additionally installed user apps (Special access under app permissions)
Kernel kept up to date with ASB patches and Google kernel/common 'android-3.18' branch
Debloated from Oneplus blobs for Alipay, WeChatpay, Soter and IFAA
Hardened bionic lib and constified JNI method tables
Current release levels
Security string: 2021-10-05
AOSP tag: 10.0.0_r41
Bromite System Webview: M93
Source-code and build instructions
Kernel: https://github.com/lin17-microg/android_kernel_oneplus_msm8996/tree/lin-17.1-mse3
Build manifest: https://github.com/lin17-microg/local_manifests/tree/lin-17.1-microG
Installation Instructions
YOU ARE RESPONSIBLE SOLELY YOURSELF FOR ANY ACTIONS YOU DO WITH YOUR DEVICE !!!
Please note - I won't explain any single aspect (e.g. how to install 'fastboot' on your PC or troubleshoot USB connectivity issues under Windows). Search the net and consult the search engine of your choice or look here in XDA, there is plenty of information available.
Pre-Requisites
If you come from OxygenOS Stock ROM, make sure to update to the latest offered software version (if not, no issue).
Have fastboot and adb installed on your PC and make sure, you can connect via USB to your device in fastboot mode and via adb
An unlocked bootloader (see e.g. LineageOS install instructions)
OxygenOS 9.0.6 firmware, which is needed for LineageOS 17.1 - see next section
Download the most current .ZIP file of the ROM and place it to your phone's internal memory
OxygenOS 9.0.6 Firmware
If you come from my LineageOS 16.0 build - or any Android 9 or 10 based ROM, you most probably have already the proper firmware.
And yes, LineageOS 17.1 is Android 10, but the latest firmware for this device has been published by Oneplus for Android 9.
How to find out about your current firmware, if you use a Custom ROM:
Connect as root via adb to your phone and enter the command adb shell cat /system/vendor/firmware_mnt/verinfo | grep Time_Stamp
If the result is "Time_Stamp": "2019-11-04 21:25:29", you are on the latest firmware, if the date/time is earlier, you need to update the firmware. THIS THREAD has got more information for you.
If you come from an Oreo (Android 8.x) Custom ROM, READ THE OP OF THIS THREAD CAREFULLY !
I can't explain it better and I am not going to repeat or summarize this. It really is in your interest to carefully read it - you have been notified and warned. Please also pay attention to the last section named "Alipay, WeChatpay, Soter and IFAA" - I strongly recommend to use the debloated firmware.
Install TWRP recovery
If you come from stock ROM and have just unlocked your boot loader, this is the next thing to do. I recommend to use the TWRP recovery for the OnePlus 3/3T. The following instructions are based on TWRP.
To install TWRP, download the twrp-x.x.x-x-oneplus3.img file (Note: replace "x.x.x-x" in the following instructions with the respective values from the real file name) to your PC, connect the phone via USB to your PC, get it into 'fastboot mode' and enter the following command on your PC:
Code:
fastboot flash recovery twrp-x.x.x-x-oneplus3.img
Afterwards, directly boot into 'recovery mode' (enter fastboot reboot on your PC and hold Power and vol.down) - DO NOT boot into the phone's Android system after having flashed TWRP! Once TWRP has been launched, you may decide to reboot your phone and install the ROM at any time later. But the first boot after flashing TWRP must be TWRP in recovery mode.
Advanced Wipe
ONLY perform the steps described here, if you come from Stock ROM or a different Custom ROM!
Boot into recovery mode. In TWRP, choose "Wipe", "Advanced" and specify "Dalvik", "System", "Cache" and "Data" to be wiped. Make sure NOT to wipe "Internal memory". Swipe to confirm the deletion and get back into the main menu.
DO NOT flash Gapps!
This ROM comes with pre-installed microG. So don't attempt to flash Gapps.
Install ROM
In the TWRP main menu, choose "Install". A file manager appears to let you navigate to your internal memory (path /sdcard). Choose the .ZIP file of our ROM and swipe to flash.
If you update from a previous version of my ROM, including my LineageOS 16.0 build, you don't need to perform a wipe. If you come from a different ROM (or stock firmware), make sure that you have performed the Wipe steps above.
When finished flashing, return to the main menu, choose "Reboot" and then "System", which will cause your phone to boot into Lineage OS 17.1 - be patient, the first boot after flashing a new ROM takes quite long!
Dealing with signed builds
Please note, that this builds is signed with an own key. When you come from a different build, you cannot directly "dirty-flash" this build. You have to perform a "clean flash" (recommended), or - you do this on your own risk - you may try the below steps.
This happens at your own risk - make a backup with TWRP before!
Download and extract the file migration.sh from this archive
This file helps you to migrate from a build signed with the publicly available test keys (i.e. all builds around, which do not state that they are signed). If you come from another signed build (e.g. official LineageOS), you have to adapt the file accordingly (see below links).
boot into TWRP
push the migration.sh file to the directory /data/local on your device and mount the /system partition in TWRP (you can do so using the dedicated TWRP's menu entry)
launch the built-in terminal in TWRP, cd into /data/local, make migration.sh executable (chmod +x) and execute the command ./migration.sh official
(In case you receive an error, try sh ./migration.sh official instead)
flash the ROM .zip
wipe Cache and Dalvik/ART Cache
reboot system
More background information and the "theory behind" can be found in the LineageOS wiki and AOSP reference.
Bug reports:
If you have a problem, please create a post with these informations:
Original Kernel shipped with this rom:
Build Date:
And try to get log as described here
Please note that I can't and won't support issues with builds using a different kernel or Xposed.
In regards to microG, I will try my best to help when it is related to this ROM (I use it myself), but any questions of the type "the YXZ-app can't do <some sort of fancy xyz Google functionality> properly" are better asked in the respective microG forums.
Credits
AOSP project
LineageOS project
microG project
Graphene OS project
csagan5 (Bromite)
WhyOrean (Aurora)
nvertigo67 (for the modded 9.x firmware and for collaboration)
Change log
2021-10-14 - FINAL
ASB Security string 2021-10-05
Bromite System Webview and Browser updated to 93.0.4577.83
Kernel upstreamed (note: tag equals last months tag)
2021-09-12
ASB Security string 2021-09-05
Kernel upstreamed to tag ASB-2021-09-05_3.18
microG microG 0.2.22.212658-2
2021-08-08
ASB Security string 2021-08-05
Kernel upstreamed to tag ASB-2021-08-05_3.18
Bromite System Webview and Browser updated to 92.0.4515.134
F-Droid updated to 1.13
Fix in WiFi randomization
2021-07-10
ASB Security string 2021-07-05
Kernel upstreamed to tag ASB-2021-07-05_3.18
Bromite System Webview and Browser updated to 91.0.4472.146
microG 0.2.21.212158-2
AuroraStore 4.0.7
2021-06-13
ASB Security string 2021-06-05
Kernel upstreamed to tag ASB-2021-06-05_3.18
Kernel WLAN driver (qcacld-2.0) patched to include mitigations against "Frag" vuln.
Bromite System Webview and Browser updated to 91.0.4472.102
microG 0.2.19211515-9
2021-05-09
ASB Security string 2021-05-01
Kernel upstreamed to tag ASB-2021-05-05_3.18
Bromite System Webview and Browser updated to 90.0.4430.204
microG upstreamed (no version change)
Update: AuroraServices 1.1.1
2021-04-10
ASB Security string 2021-04-01
Kernel upstreamed to tag ASB-2021-04-05_3.18
Bromite System Webview and Browser updated to 90.0.4430.59
F-Droid updated to 1.12
Update: AuroraStore 4.0.4 with AuroraServices 1.1.0
2021-03-08
Security string 2021-03-05
Kernel upstreamed to tag ASB-2021-03-05_3.18
Bromite System webview updated to 88.0.4324.207
Bromite Browser updated to 88.0.4324.207
F-Droid 1.11
microG 0.2.18.204714
2021-02-04
Security string 2021-02-05
Kernel upstreamed to tag ASB-2021-02-05_3.18
Bromite System webview updated to 88.0.4324.141
Bromite Browser updated to 88.0.4324.141
F-Droid 1.10-alpha-234
microG 0.2.17.204714-5
2021-01-15 - Initial build
Pre-installed microG (0.2.16.204713-10) and F-Droid like the LineageOS for microG project (own fork)
Pre-installed AuroraStore
Bromite as default browser (87.0.4280.106)
eSpeak TTS engine (FOSS TTS solution)
Additional security hardening features listed below:
Cloudflare as default DNS (instead of Google)
Privacy-preferred default settings
Optional blocking of Facebook- and Google-Tracking (Settings - Network & Internet)
Optional disable captive portal detection or choose from various providers (default is GrapheneOS and not Google; Settings - Network & Internet)
Firewall UI (under Trust)
Increased max. password length of 64
No submission of IMSI/phone number to Google when GPS is in use
Default hosts file with many blocked ad/tracking sites
Privacy-enhanced Bromite SystemWebView (87.0.4280.131)
Extra control of sensor access for additionally installed user apps (Special access under app permissions)
Constified JNI method tables and hardened bionic lib
Security Hardening Features - Details
1. Pre-installed microG and F-Droid
same as the LineageOS for microG project
2. Pre-installed AuroraStore
works w/o having to enable the "unknown sources feature"
3. Extra control of sensor access for additionally installed user apps
Special access under app permissions
4. Cloudflare (instead of Google) default DNS
Cloudflare DNS has a better privacy policy than Google Public DNS and has DNS-over-TLS and DNS-over-HTTPS. In the deafult DNS settings (as fallback) and network diagnostics, the Cloudflare DNS adresses 1.1.1.1 and 1.0.0.1 are specified as defaults (instead of Google's 8.8.8.8 and 8.8.4.4)
5. Privacy-preferred default settings
When newly installed, the below settings are defaulted, different from standard LineageOS 17.1 (all settings can be changed at any time later):
Anonymous LineageOS statistics disabled (proposal during Setup)
The standard browsing app does not get the location runtime permission automatically assigned
Sensitive information is hidden on the lock screen
Camera app: Location tagging disabled by default
Further, when a lock screen protection is set (PIN, pattern, password), the Nfc, Hotspot and airplane mode tiles require authentication and cannot be set without
6. Optional blocking of Facebook- and Google-Tracking
Settings => Network & Internet (scroll down)
When activated, all outgoing connection attempts to Facebook servers will be suppressed.
Same applies to Google, but certain apps on an internal exception list will still be able to connect (AuroraStore, microG, or e.g. NewPipe, if installed)
7. Optional disable captive portal detection and to select Captive portal server URL provider
Settings => Network & Internet (scroll down)
When deactivated, the system will not ping a specific Google server any longer when establishing a WiFi connection to determine, whether a captive portal is being used. Further, the captive portal URL provider can be set (default is GrapheneOS and not Google; Settings - Network & Internet)
8. No submission of IMSI or phone number to Google when GPS is in use
GPS also works fine, if no SIM card is present, so there obviously is no benefit for the phone holder (different from other involved parties ) to provide this data . . .
9. Default hosts file with many blocked ad/tracking sites
The system's hosts file redirects a comprehensive list of URLs known to be adware, tracking, etc. to 127.0.0.1 (ipv4) and ::1 (ipv6)
10. Privacy-enhanced Bromite SystemWebView
Instead of the default Chromium System Webview component, the Bromite SystemWebView is used offering more privacy, more ad blocking and less Google tracking.
11. Bromite as shipped Browser
A chromium based browser with many privacy features.
12. Firewall UI
Settings => Privacy - Firewall
Lists all apps and allows to restrict Internet access per app in regards to WiFi, mobile network or VPN
This per-app feature is a standard feature in LineageOS, but the UI to show all apps is an Extra (taken from a topic in LineageOS's Gerrit - it may, or may not, become part of the official LineageOS one day)
13. Maximum password length increased to 64
Thanks a lot!! Will flash and report tomorrow!!
Hello!
Does this ROM allow to lock a bootloader?
Clean flashed this morning. So far so good!
zhenev said:
Hello!
Does this ROM allow to lock a bootloader?
Click to expand...
Click to collapse
I would like to refer you to the below post from the 16.0 predecessor thread:
[CLOSED] EOL [ROM][Unofficial][9.0.0][microG][signed]hardened LineageOS 16.0 for Oneplus 3/3T
Thread is discontinued: Please visit the my LineageOS 17.1 successor thread This thread is dedicated to provide hardened Lineage-OS 16.0 builds with microG included for the OnePlus 3/3T with current security patches. It is the successor of my...
forum.xda-developers.com
Installed this ROM today, clean.
My observations so far:
USB doesn't work. When I plug it in, it sounds and it charges, but it is not connected to my computer. The 'USB mode' options in settings are all greyed out. No obvious messages in logcat.
In TWRP it works fine, so it clearly is a ROM issue.
(Possible related?) Termux crashes with a OutOfBoundsError
Thanks for your effort keeping this ROM alive.
WM-Sef said:
Installed this ROM today, clean.
My observations so far:
USB doesn't work. When I plug it in, it sounds and it charges, but it is not connected to my computer. The 'USB mode' options in settings are all greyed out. No obvious messages in logcat.
In TWRP it works fine, so it clearly is a ROM issue.
(Possible related?) Termux crashes with a OutOfBoundsError
Thanks for your effort keeping this ROM alive.
Click to expand...
Click to collapse
What phone and firmware? Works like a charm for me on OP3 and OOS 9.0.6 firmware.
WM-Sef said:
Installed this ROM today, clean.
My observations so far:
USB doesn't work. When I plug it in, it sounds and it charges, but it is not connected to my computer. The 'USB mode' options in settings are all greyed out. No obvious messages in logcat.
In TWRP it works fine, so it clearly is a ROM issue.
(Possible related?) Termux crashes with a OutOfBoundsError
Thanks for your effort keeping this ROM alive.
Click to expand...
Click to collapse
USB works fine on my own device. As suggested by @Anghirrim - what firmware are you on?
MSe1969 said:
USB works fine on my own device. As suggested by @Anghirrim - what firmware are you on?
Click to expand...
Click to collapse
How do I check for the firmware version? It's not under Settings -> Build Number, only the Android Version.
Solved the problem by switching the default USB action to 'MTP'. After that, it suddenly started working.
Still no clue about the Termux issue.
WM-Sef said:
How do I check for the firmware version? It's not under Settings -> Build Number, only the Android Version.
Click to expand...
Click to collapse
The OP of this OP3(T) firmware thread indicates to look at the file /system/vendor/firmware_mnt/verinfo/ver_info.txt
WM-Sef said:
Still no clue about the Termux issue.
Click to expand...
Click to collapse
Their docu indicates issues with Android 10.
WM-Sef said:
USB doesn't work. When I plug it in, it sounds and it charges, but it is not connected to my computer. The 'USB mode' options in settings are all greyed out. No obvious messages in logcat.
Click to expand...
Click to collapse
I had the same issue but just enabling USB-Debugging from the developer options fixed it. I was a bit surprised too and that shouldn't be normal I guess.
SenseSei said:
I had the same issue but just enabling USB-Debugging from the developer options fixed it. I was a bit surprised too and that shouldn't be normal I guess.
Click to expand...
Click to collapse
As indicated before, I do not experience such an issue with my own device, so I can't reproduce this issue.
This is actually fascinating, thank you!
How is the exact steps to install? I'm coming from another rom.. Please help.
1) Advanced Wipe >> flash fw >> flash rom
or
2) Flash fw >> Advanced wipe >> flash rom
Confused after see this thread and fw installation's thread linked above.
vkey.ptr said:
How is the exact steps to install? I'm coming from another rom.. Please help.
1) Advanced Wipe >> flash fw >> flash rom
or
2) Flash fw >> Advanced wipe >> flash rom
Confused after see this thread and fw installation's thread linked above.
Click to expand...
Click to collapse
The above order does not matter, as the firmware is flashed to different partitions than those to be wiped.
EDIT:
If you have already 9.0.6 firmware, there is no need to flash it again.
this is just what I need for my old OP3. Running a degoogled 6T as daily and still need occasional apps that do not work w/o google. flashing without hesitation and reporting back.
EDIT: a question. can I flash twrp right back after flashing the rom? I know im giving up over the air updates, but im fine with that.
I am on LineageOS 17.1 for microG, unlocked bootloader, rooted with Magisk, 9.0.6 official firmware, but I would love to try this ROM.
Few questions, please:
- can I install modded firmware, because this sounds good: "The modem firmware contains some alipay* and soter* files used for Alipay and WeChatpay. Since these are suspect to be a privacy hazard, I've modified NON-HALOS.bin to not contain any of these files any more"
- this ROM can be rooted with Magisk 20.4 or newer?
- do I have to do "clean install", and finally
- is wiping internal sd card (pics, videos etc.) obligatory?
Thanks in advance