Divested Computing Group aka SkewedZeppelin aka Tad is uncompromising with DivestOS: not unthinkable ‘Google Play services’ or ‘microG’.
All CustomROM I’ve tried, with the exception of /e/OS, are ‘vanilla’ releases that can be retrofitted with microG (NanoDroid - Nanolx or MinMicroG Project - ‘Standard’ or ‘NoGoolag Edition’).
Be careful with that: if you install microG later and the custom ROM has no signature spoofing enable (by default is like that in AOSP, most roms and LineageOS included) microG won’t work at all.
This is why I asked specifically for roms with it, which care about that thing which must be enabled at build time.
This is the reason why the project LineageOS4microG exists in a first place.
@EchedeyLR, my statements aren’t based on theoretical assumptions but on practical experience. DivestOS, like LineageOS, is intentionally not compatible with microG in its original version. Those who need microG use compatible alternatives in forms of forks and derivatives. There are some very well functioning ROMs for a variety of devices. I’ll leave it at that. The thread ‘DivestOS: long term device support with enhanced privacy and security’ is primarily about DivestOS.That’s what we should be talking about in the first place.
Stock Android with ‘Google Play Services’ represent the biggest evil of all for me. Google Play Services, a bundle of proprietary background services and APIs for Android devices, is Google’s monitoring bug (spy buggy). Google Play Services have been known for years to transmit personal data from users or Android devices to Google. A study of The School of Computer Science and Statistics, Trinity College Dublin, The University of Dublin, reveals data theft. This study reveals how invasive this data transfer is. Current versions of Google Play Services send the following information to Google every 20 minutes: IP address, device IMEI, hardware serial number, SIM card serial number, handset phone number, the WiFi MAC address and user email address, app user statistics. This basically affects all Android users who have Google Play Services installed on their device.
LineageOS in combination with MindTheGapps, Open GApps, etc. is also affected. LineageOS Wiki writes: »Google apps are the proprietary Google-branded applications that come pre-installed with most Android devices, such as the Play Store, Gmail, Maps, etc. Due to licensing restrictions, these apps cannot come pre-installed with LineageOS and must be installed separately. The Google apps are not required to boot or run LineageOS, however many users find them beneficial to take full advantage of the Android ecosystem.«
These apps have been packaged by developers independent of LineageOS, and download links have been provided for your convenience only. […] The Google apps packages are not supported in any way by LineageOS.
DivestOS and GrapheneOS are strictly against “Google apps or services”. CalyxOS and iodéOS let you choose whether to enable microG or not during the initial setup. Other CustomROM, such as Havoc-OS or CarbonOS, let the user choose whether to work without ‘services’, with Google services or microG services. All ROM philosophies are a good thing and have their justification, so there is plenty of choice for responsible users. However, those who need ‘services’ have the choice between permanent data theft or a so-called “a basic security function”.
Does DivestOS use microg? I checked the init script and thankfully I found out that upon compiling you can change the setting in that file how you want to set up microg. By default it’s set up to use nlp gps. Is there a way to remove this gps module? I can easily run OsmAnd maps on Resurrection Remix without microg and nlp. Or is it necessary to make gps work?
Thanks for the clarification! I love when I get a choice when building a custom ROM to let me choose what features I want or don’t want. MicroG is a very good project and it works for a lot of people, but for me I have found apps that don’t depend on Google play services and there’s no reason for microG. @SkewedZeppelin keep up the good work. Giving users choice is what makes me use FOSS projects.
I believe one of the UnifiedNLP is included in DivestOS by default.
Dejavu
I believe this has to be installed by the user. It would be interesting to devise tests to see how much faster sync is, with or without, but it depends on so many variables…
Users are free to install more backends, they’ll work just fine.
The Apple backend is probably violating some license if I included it.
I had thought DejaVu was going to replace both of @n76’s providers, but it seems now that Local GSM backend is a maintained fork.
The openbmap one is available too
but I don’t like processing too much on the phone. ie. downloading large databases and filtering them…
hence why I made my own backend long ago: MergedWiFiNLP. It has a phone component, the provider, and a desktop component, that processes the big databases and can reuse the output.
Lastly these backends do not help GPS sync faster, they just provide applications an alternate and quick source of location.
eg.
your weather app
the system suntimes calculation for automatic night mode
Google Apps
I still do not plan on supporting microG, or Google Apps, or sandboxed Google Apps.
You are free to enable microG support at compile time, or attempt to install a gapps package onto DivestOS.
Again, this post has no relation with what I posted.
You didn’t understand, you should probably ask before assuming, the risk here is the signatures spoofing patch, that hacks signatures and opens an attack surface.
It’s evident that the only thing you are interested in is making sneaky spam.
It seems like they should, or could, especially “In older hardware where satellite search is slower, a cold start may take more than the full 12.5 minutes” Time to first fix - Wikipedia And I could’ve sworn my TTFFs were longer right after fresh ROM install, and shorter after using Dejavu for a while.
My takeaway is that, under this constraint, neither 3rd-party prebuilts nor post-installed 3p apps will be granted spoofing permission. No “attack surface”, since nothing other than items which have been signed by the OS builder’s key will be granted the permission.