🆕 Software Suggestion | DivestOS #2041
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#2041
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Basic Information
Name: DivestOS
Category: Android Operating Systems
URL: https://divestos.org, https://github.com/divested-mobile, https://forum.f-droid.org/t/divestos-an-aftermarket-system/10105
Description
DivestOS is a soft fork of LineageOS. It aims to support both old and new devices. Standout features are automated kernel CVE patching, proprietary blob removal, delta OTA updates, signed releases, verified boot, and a realtime malware scanner.
Why I am making the suggestion
It brings to the tables features that no other ROM does.
eg. automated kernel CVE patching, automated proprietary blob removal, OTA delta updates with Tor support, etc.
My connection with the software
I am the author.
@SkewedZeppelin is it possible to relock the bootloader in the os after installation? Personally I think this is very important but lacking in most custom ROMS? I am very interested why this is not been implemented by Lineage-OS as from my understanding this improves the security of the device.
@ph00lt0
Yes, DivestOS properly signs builds allowing bootloader relocking on supported devices.
See:
https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L143
and
https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Copy_Keys.sh
Does it support autobuilds?
Autobuilds? Can you elaborate/clarify?
On Thu, 2020-09-10 at 04:37 -0700, ZarusMods wrote:
On original LineageOS with every commits for day, automatically building rom.
@ZarusMods
There are no nightlies.
Per the site:
Only when major update, user building it self
Oh thanks for clarifying
My connection: User/Tester. My Euro's worth:
If GrapheneOS is listed, then DivestOS should be listed too, at least under "Worth Mentioning" for older devices not supported by GrapheneOS.
Plus:
Neutral:
Minus:
some xda roms have the option to disable internet access for apps individually, natively through the android settings, without having to use any application like afwall. Is it possible to do this at DivestOS?
@fabianski7 yes, that is a standard LineageOS feature.
Screenshot
Sorry to interrupt... but I have a question. Does DivestOS ping a google owned address to check internet connectivity like Lineage, or has that been changed with your build? (If so that is another reason to prefer over lineage - at least for me)
@CactiChameleon9
Yes, DivestOS does not change the default connectivity check URLs.
There is good reason not to.
GrapheneOS has a detailed explanation about this here.
https://grapheneos.org/faq#default-connections
However DivestOS 14.1 and 15.1 do include a patch from @MSe1969 that allows easily disable the check from the Settings app.
And on 11.0, 16.0, and 17.1 you can disable the check via ADB.
See also
https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Misc/Features/CaptivePortalCheck.txt
and
https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Patches/LineageOS-16.0/android_frameworks_base/0005-Connectivity.patch
OK, thanks. The reasons given makes sense - anonymity is important. Thanks for the info on your decisions with that choice, and the related files. I really like the idea of using one at random - however I agree may be ethical/permission issues to doing so. Sorry for hijacking this issue a but I was intrigued. I may switch my phone over to your OS due to your clear consideration of privacy issues just shown now (and because of your fun reply on fdroid fourms to another similar project). Sorry and Thanks again.
@CactiChameleon9 late reply, but if you want to alter the ping domain you can fairly easy do so with some adb commands.
or disable it all together: