I used the latest Qualcomm leaked ROM and had numerous problems, mainly stutter in delays in opening apps/videos etc.
But my work apps and banking apps don't work with cyanogen(currently on this) so is there a ROM that is built from Qualcomm or built in the same way so any of the security keys or whatnot allow banking apps and my work ones.
I'm assuming its within the coding, or somewhere that cant or won't be changed for cyanogen, so has anyone else built one that will work for me?
Related
Hi all
We use a few rugged android devices at work as glorified GPS and mapping units. They work great however today I found out that our main data collection service is updating their android application to use TLSv1.2. From my research it looks like all android devices beyond API level 16 (Jellybean) CAN support TLSv1.2, however it is not turned on by default (whatever that means) before API level 20/21 (KitKat wearable/Lollipop). We have devices running 4.1.1, 4.2.1 and 4.4.4.
There is literally zero chance of getting these devices upgraded to Lollipop. They are made by Getac and Aspera - both small companies. Anyone that uses rugged devices knows that you trade in your access to updates and custom roms etc when you opt for one. They are too much of a niche product to attract developers and the manufactures just want a stable device, not the latest and greatest. They also generally run lower end specifications, so updating to newer OS is not always desired. We have a Getac z710 (http://us.getac.com/tablets/Z710/features.html), one Aspera R5 (http://asperamobile.com/products/aspera-r5/) and three Aspera R6s (http://asperamobile.com/products/aspera-r6/). I am not even sure if they have root solutions available for them...
So does anyone out there with a kind heart and some knowledge want to help see if there is anything that can be done on my end to turn on support for TLSv1.2? Here is some stuff I found so far, but most of it seems like it needs to be done on the server side, not client side.
http://stackoverflow.com/questions/24357863/making-sslengine-use-tlsv1-2-on-android-4-4-2
http://www.jordanrejaud.com/android/2015/09/19/android-tls-ssl-engine.html
None of these devices are rooted, so everything needs to be done via adb, or i need a root solution...
bump...
Did you ever find a solution for this? I'm trying looking into this myself but haven't found anything that would modify it for the whole OS, only something that would require modifying the source code for an app.
I have the same problem/question:
GetBackersBH said:
Did you ever find a solution for this? I'm trying looking into this myself but haven't found anything that would modify it for the whole OS, only something that would require modifying the source code for an app.
Click to expand...
Click to collapse
Is there a known solution that would modify the whole OS, not just an app through a code? I would need TLS 1.2 permanently enabled on Android 4.4.2 KitKat. The phone is rooted, BTW.
Hi everyone,
We are conducting a survey on the current usage of custom ROMs and user interests and I'd like as many users as possible to answer the very few questions: https://bit.ly/2gM1Ntv (survey is closed now)
Why all this?
We believe that the current custom ROM world and choice is not very nice. We basically have a single large player and a few smaller ones providing official builds and then there are many "homemade" ROMs of doubtful trust. Newbies that care about privacy and free software are scared of homemade ROMs, don't like CM and usually have a device not officially supported by the smaller ROMs. We are thus discussing if we should start a whole new ROM (maybe robbing some hardware code from CM) or contribute to an existing one. Our focus is on security and privacy and some of our ideas might be hard to achieve inside the currently existing ROMs.
We don't want to re-invent the wheel if it's not necessary, a ROM that nobody wants to use is just a waste of time.
To know if our ideas of a custom ROM are supported by the community, we need to know what you think about custom ROMs and our ideas on it.
If you want to discuss this further or want to give your opinion on this publicly, fill this thread up with whatever you want. We don't bite.
Thank you for your time,
Marvin
Personally I would like a ROM based on CyanogenMod (since I like 90% of the ROM) with:
- microG included
- Integrated XPrivacy (but rewritten inside the ROM without Xposed)
- Ability to hide root to specific apps on-the-fly without restart (with the code included inside the ROM impossible to detect)
- Ability to simulate other phones to specific apps on-the-fly without restart
- ARMv7 to ARMv6 software emulation for apps that support only ARMv7 on ARMv6 phones (probably slow but better than anything, ARMv7 to x86 emulation already exist)
ale5000 said:
Personally I would like a ROM based on CyanogenMod (since I like 90% of the ROM) with:
Click to expand...
Click to collapse
Problem with CM base is that it is partly proprietary (contains some google libraries). Read about freecyngn for details.
ale5000 said:
microG included
Click to expand...
Click to collapse
Plan is a sort of "setup wizard" that allows to install microG and of course the required patches as part of the ROM.
ale5000 said:
Integrated XPrivacy (but rewritten inside the ROM without Xposed)
Click to expand...
Click to collapse
Three-state deny/spoof/allow is already on our wishlist as well as extending the permission model to be more fine-grained.
ale5000 said:
Ability to hide root to specific apps on-the-fly without restart (with the code included inside the ROM impossible to detect)
Click to expand...
Click to collapse
The idea is to have a root system that works the opposite to what some su hiding tools do: the su binary is only available to certain apps the user preselected. This will also hide it to apps that should not see it. This way we can't have a nice "grant root permissions" dialog, but these are insecure nonetheless.
ale5000 said:
Ability to simulate other phones to specific apps on-the-fly without restart
Click to expand...
Click to collapse
What exactly do you want to simulate. The device name as returned by Build.MODEL? Note that it is technically impossible to simulate a whole other device in a way that can't be recognized
ale5000 said:
ARMv7 to ARMv6 software emulation for apps that support only ARMv7 on ARMv6 phones (probably slow but better than anything, ARMv7 to x86 emulation already exist)
Click to expand...
Click to collapse
Which device is still ARMv6 nowadays? joke aside, the x86 emulation was developed by Intel (so that their processor can compete on the smartphone market), a similar software is very unlikely to be written for armv6. It might be possible to use user-mode qemu to run armv7 libraries on armv6, but this will be terribly slow and for most apps the reason to use native code is that it should be faster than Java code, which will not be the case with such an emulation approach...
MaR-V-iN said:
The idea is to have a root system that works the opposite to what some su hiding tools do: the su binary is only available to certain apps the user preselected. This will also hide it to apps that should not see it. This way we can't have a nice "grant root permissions" dialog, but these are insecure nonetheless..
Click to expand...
Click to collapse
Although it is more secure it will kill user-friendliness and it will probably cause compatibility problems with old apps.
I sometime use also apps no longer updated and it wouldn't be nice to not be able to use them.
I think it would be better to support both modes and allow user to choose.
MaR-V-iN said:
What exactly do you want to simulate. The device name as returned by Build.MODEL? Note that it is technically impossible to simulate a whole other device in a way that can't be recognized
Click to expand...
Click to collapse
My intent is just to run apps that do run only on specific phones without change the app itself, I don't think they use a type of detection hard to bypass but I don't really know.
MaR-V-iN said:
Which device is still ARMv6 nowadays? joke aside, the x86 emulation was developed by Intel (so that their processor can compete on the smartphone market), a similar software is very unlikely to be written for armv6. It might be possible to use user-mode qemu to run armv7 libraries on armv6, but this will be terribly slow and for most apps the reason to use native code is that it should be faster than Java code, which will not be the case with such an emulation approach...
Click to expand...
Click to collapse
I know that it will be really slow but it still would be better than an app that crash at startup.
PS: Also it would be nice to have compatibility with cSploit.
ale5000 said:
Although it is more secure it will kill user-friendliness and it will probably cause compatibility problems with old apps.
I sometime use also apps no longer updated and it wouldn't be nice to not be able to use them.
I think it would be better to support both modes and allow user to choose.
Click to expand...
Click to collapse
For apps this will look as if you don't have root if you did not grant permission in advance through the system settings. The applications should not break because of this (but maybe just show you a message). Yes, it will be less user-friendly, but opening a critical hole in the security system should be nothing that is user-friendly. You usually do not have a lot of apps that require root access and to activate those manually in the system settings is not a huge problem. We would like to add features to the ROM like app data backup so that you need even less.
Well, for a normal user yes, but a normal user do not usually install a custom ROM.
I personally use a lot of apps that require root access.
Although it is probably not so easy I think it is possible to implement a dialog with tapjacking protection that ask if allow or deny root access.
ale5000 said:
Well, for a normal user yes, but a normal user do not usually install a custom ROM.
I personally use a lot of apps that require root access.
Although it is probably not so easy I think it is possible to implement a dialog with tapjacking protection that ask if allow or deny root access.
Click to expand...
Click to collapse
Even with all tapjacking techniques that are possible in Android (which would include a certain delay for the root usage confirmation to be tap-able), you can still use invoke keystrokes. This would allow a privilege escalation. When talking about security, don't argue with "I know what I do", it's not about you knowing what you do, it's about attackers knowing it as well.
The only effective way to protect against any type of tapjacking/input injection is to put everything completely aside (e.g. in the settings app) and protect it by requiring the user to enter his/her lockscreen key (or use fingerprint) before being able to change anything. While the ask about permission approach might be good enough for classic permissions (contacts/calender), it is not a good idea for something like root access, because it requires extreme caution.
Can you list the apps that require root which you are using? This would help a lot in finding out how important the root feature really is.
I mainly use my phone for apps, usual call/txt and 1 game that I'm playing. The feature that I will miss is probably the Magnification.
I saw LineAge OS 17.1 on the other thread, but I'm not sure if I will pull the trigger. That means I have to do alot of backups etc.
Have you guys upgraded yours and what's your experience so far?
Hi
I recently upgraded to Lineage OS - there's an unofficial build by @derf elot which I have been using as my daily driver for 6 months or so. Works really well on all fronts EXCEPT for apps that require any kind of verified device security and Safety Net.
Because you have to unlock the bootloader, your chances of passing SN are slim to none (I could not get it to work on a G8343) so you can kiss apps that require Google Play verification goodbye (Banking apps, Netflix, a few Authenticator apps, etc.)
If you can do without those apps, then I have no issues running LOS.
Hello! Thanks for replying to my question.
Did you notice a significant performance increase? I mainly use it for apps and 1 games anyway.
And does LineAge has Magnification too on Accessibility?
First off, I hope I'm posting this in the correct area
This may be a fantasy, but I will state my idea, and if you know any way of making it a reality, OR if it already exists, I would really appreciate your advice & help!
The idea is basically a super lightweight custom ROM that would work (be able to be flashed on) on a lot of different devices. (multiple android phones & tablets)
Preferably, I want it to run on the most stable version of Android
No play store, only a predetermined set of apps to be installed along with the ROM
No stock browser or any native apps that have a browser built-in
Basically, there are a few applications for this product, 2 that come to mind.
The most obvious, Kid friendly - I know about the parental controls available, I want something 'bulletproof'.
To ensure productivity and reduce distractions among employees.
I would also want a browser that is whitelist-based that can have the whitelist updated remotely, every time the browser connects to the internet, (either on startup of the app or in the background) it would check the whitelist and update itself with the new definitions. Ideally, I would want a Chrome-based browser with a built-in adblocker.
I know the lines are blurred from custom ROM to custom apps. I hope I'm not dreaming of a unicorn
(The native apps preferred would be The Camera, Messages and phone apps)
I think what you looking for is "Kids Space" from oxygenOs and colorOs 13. Now even I'm looking for the same for older oneplus devices.
You had any luck with it?
Whilst I understand that there are no hard and fast rules when it comes to software development, and that the cost ultimately comes down to the scope of the project. It would however be nice to figure out as to how much it normally costs for a fully customised version of Android OS that can be used professionally. This customised ROM of Android would then need to be flashed to a device.
I understand that I have a choice of either reusing an existing ROM, or starting with AOSP. In both cases, I would need to customise that, and then package it along with the OEM vendor's kernel and drivers.
I know that there will be a lot of work involved, and also understand that I need to get a professional onboard. I don't however know / understand as to how much something like this will cost.
The plan would be to create a ROM that would be fairly similar to how the firmware on the Switch operates. In this way, the ROM must have the following features:
be devoid of all bloatware so as to increase performance of the hardware and to also allow apps to load and run faster.
tangentially... the ROM must "feel" native to the device, and allow developers to maximise performance of the device by creating and running apps that run as if they've been "written to the metal".
has a variation of the Google Play Store from which apps can be bought and downloaded from.
ROM is linked to host website.
has DRM and copy-protection features implemented where the OS checks for the authenticity of the device it's running on, and the authenticity of the app where only apps sold via the store will be able to run on the customised ROM of the Android OS. This would also probably mean that the apps would need to be authenticated by the server on a regular basis, otherwise there would be an online ban.
allows for Android apps and exports from gaming engines such as Unity, GameMaker, Unreal to be made available and to run on the device - with DRM / Copy Protection features.
development of all necessary API.
not allow the device to be easily hackable / rooted, or even be customisable by casual users.
acts as a launcher for (gaming) apps, and minimises / stops all other processes from running in the background.
I just don't know how much something like the above would cost...
How many hours would it take to create a ROM based on the above specification, and assuming that the developer charged $30 per hour, what sort of budget should I be looking at?
A stock ROM is the adaptation of the telephone's working framework that accompanies your telephone when you get it.
A custom ROM is a completely independent adaptation of the OS, including the piece (which makes everything run), applications, administrations, and so on - all you require to work the gadget, with the exception of it's redone by somebody here and there.
So what does the "altered" part mean? Since Android is open source, engineers are allowed to take stock ROMs, adjust them, strip them of trash, streamline them, add things, and essentially do whatever their creative mind and abilities permit.