DivestOS: long term device support with enhanced privacy and security

49

@radical-dachshund
If you install DivestOS via TWRP, TWRP will not be replaced.
SD card likely doesn’t work due to LineageOS recovery being SELinux permissive in their builds and therefore broken when set enforcing in DivestOS.
Magisk/Xposed/root is not supported at all in DivestOS.

@anon46495926
The vendor firmware is indeed out of date, it is a giant security hole.
The deblobber helps a small bit, but the giant modem blob can’t be patched.
It cannot be reasonably fixed.
The only option to fix this is to get hardware with open source firmware from top-to-bottom.

As for the signatures, they verify just fine.
I’m not sure what is wrong with your shell.
You shouldn’t try to edit them like that.

@anupritaisno1
Patching CVEs is just that, a patch.
I don’t claim to make these devices “magically” secure.
This entire project is just a short-term patch to get more life out of these devices instead of throwing them in the garbage.
Do I really think running Linux 3.4 with Android 7 is secure? No, I do not, it is AWFUL. But if the alternative is running a unsigned ROM with easy root access (most XDA ROMs) or running latest stock 5.0 for the device then I’ll take whatever I can get.
Heck even running say mata with Linux 4.4.228 and Android 10 this is all still insecure because the modem hasn’t been updated in months, LineageOS doesn’t use patches from the Pixel bulletins, there is no way to get many updated Qualcomm blobs, and the blobs we do have can’t be realistically be trusted as they can be tampered with by many (that one GitHub org).

Every single way you look at this, it is beyond broken.
We know this, we just don’t want to accept it.
So what do we do? We patch as much as we can and ignore the rest, right?
Is that not what we do?

This project will not last long.
All of these projects are doomed.
We need truly free hardware.
But that will never happen.

1 Like
50

@SkewedZeppelin

to get more life out of these devices instead of throwing them in the garbage.

A worthy goal.

I’m not sure what is wrong with your shell.

Nothing but some age: gpg (GnuPG) 2.2.12

You shouldn’t try to edit them like that.

The first shaxxxsum files needed edits to make -c work, for the lazy, so why not try. :slight_smile:

This project will not last long.
All of these projects are doomed.
We need truly free hardware.
But that will never happen.

That sounds pessimistic, but it’s understandable. A number of efforts have intersecting goals, but they argue more than cooperate. Truly free hardware can happen. Never give up. :slight_smile:

51

The vendor firmware is indeed out of date, it is a giant security hole.
The deblobber helps a small bit, but the giant modem blob can’t be patched.
It cannot be reasonably fixed.

@SkewedZeppelin,

Who can take advantage of these flaws? Someone who knows these blobs inner workings AND can identify my device as a target on the network AND have a way to deliver an exploit? Sounds like a nation state or The Phone Company level?

But bottom line, Is there a benefit to continuing to test new DivestOS versions on shamu? I.e. will you be trying to eventually fix the “can you hear me now” issue? Or should I be content with good ole LineageOS such as it is? I’ve found my older phones are still working well enough (but slower, and much smaller displays).

52

Who can take advantage of these flaws?

Anyone with enough time or money.
It really depends on your specific threat model to determine if that is relevant to you.

DivestOS versions on shamu

I spent an hour yesterday looking into this and trying things.
It does appear to be related to libmotaudioutils.so like I originally suspected.
I checked the other libraries to make sure I don’t remove any other dependencies but I found nothing amiss.
See also:

I will look into getting my hands on a Nexus 6, but they are still holding their value a bit ($80).

53

i am going to be buying a new smartphone.
i just stumbeled onto divestos.
i would like to try it.
i looked in faq for recommended devices.
the recommended pixel devices including
the new 4 series are very minimalistic.
i would like say a 12g 256g oneplus 7 pro.
are devices in this range doable. I dont mean
currently supported necessarily.

comments suggestions?

snd, is there a proper divestos forum?

54

@steveb

If you are buying a new phone and have the budget, get a Pixel 3 or a 4 and put GrapheneOS on it.

DivestOS has more of a goal to provide support to older devices in order to increase their lifespan.

LineageOS has good support for OnePlus devices, I will look into adding them to DivestOS.

55

Samsung Galaxy S5 (klte)
I tried three 9-pie ROMs and three Recovery on the S5 (klte): LineageOS 16.0 - divested-16.0 - /e/OS e-0.9-pie as well as TWRP Recovery 3.3.1-0 / 3.4.0-0 and divested-16.0-recovery

Except for the DivestOS Mobile files TWRP’s and ROM’s could be installed and operated without complications.

I tried to install DivestOS Mobile Recovery with TWRP (.img) and after conversion with ODIN 3 (.img.tar). After an immediate reboot into the recovery no Divest Recovery started, but the S5 (klte) showed in the boot loop only for a moment the Samsung S5 logo but no Divest Recovery.

I tried to install the DivestOS Mobile ROM divested-16.0-20200724-dos-klte.zip with TWRP 3.3.1-0 and 3.4.0-0. In vain. The S5 (klte) showed the Samsung S5 logo but no DivestOS ROM in the boot loop only for a moment.

Yes, I read it (in red color) Broken. But this hint was already on the website since end of May 2020.

klte_broken

Now, two months later it was updated - with the identical error as mentioned here.

divested-16.0-20200510-dos-klte-recovery.img
divested-16.0-20200510-dos-klte.zip

divested-16.0-20200724-dos-klte-recovery.img
divested-16.0-20200724-dos-klte.zip

What is the point of a new DivestOS build if the old one, and a serious bug, hasn’t been fixed?

56

i plan on purchasing a larger phone
than any of the phones listed as
supported. 12gb ram 256 or 512gb
storage. Will that work?

57

@SkewedZeppelin

Pixel 3

When tempted by used Pixels, I remember supporting the used hardware market indirectly supports the new market. I want more devices with replaceable battery and sd card, so Pixels are out.

@steveb

12gb ram

At least that takes advantage of 64 bit OS capability, but seems excessive for a tracking device. :smiley:

58

@fossys
Can you test something for me?
Extract the boot.img from a recent LineageOS 16.0 for klte.
Flash DivestOS to your klte.
Then flash the LineageOS boot.img.

Tell me if that boots.
Thanks.

also of note, there are many different klte variants.
This one is only for the following as detailed on the LineageOS wiki:

SM-G900AZ
SM-G900F
SM-G900M
SM-G900R4
SM-G900R7
SM-G900T
SM-G900V
SM-G900W8
SM-S902L
59

did you send this to the right persion?

60

@fossys
When recently installing an incremental update on my device, while plugged in, it restarted (vendor logo) several times before eventually starting properly. After 2-3 restarts I unplugged it. I don’t recall seeing this during first install, but I also usually go for coffee during first boots. Maybe these are something to try - disconnect from power, and coffee. (no logcats saved)

61

I know that LineageOS and /e/OS do not support other models than this “klte”: G900AZ/F/M/R4/R7/T/V/W8 + S902L.

That’s my device informations:

 adb shell getprop ro.product.device
 klte
 adb shell getprop ro.product.model
 SM-G900F
 adb shell getprop ro.product.name
 lineage_klte

Yes, my SM-G900F “klte” boots now, but - divested-16.0-20200724-dos-klte-recovery is not working.

Divested-Recovery. I have tried six different variations of the installation. Starting point was TWRP 3.3.1-0.

  1. the file “divested-16.0-20200724-dos-klte-recovery.img” was installed via TWRP and immediately booted into the recovery again.

  2. ditto, - but battery removed, then tried to start the recovery by key combination.

  3. the file “divested-16.0-20200724-dos-klte-recovery.img” was installed via TWRP and immediately booted into the system.

  4. ditto, - - but battery removed, then tried to start the system by pressing the POWER key.

  5. odin 3 (with uncheck auto-reboot) flashed the converted file “divested-16.0-20200724-dos-klte-recovery.img.tar”, removed the battery, then started the “klte” into the recovery.

  6. the converted file “divested-16.0-20200724-dos-klte-recovery.img.tar” was flashed via Odin 3 (incl. auto-reboot), the battery was removed, and the “klte” rebooted into the system immediately.

1.-6. each time the identical result: Divested-Recovery was not installed. DivestOS Mobile did not start any more, i.e. in an endless boot loop the following order was displayed:

RECOVERY BOTTING… (blue font color)
Set Warranty Bit : recovery (yellow font color)
Samsung GALAXY S5 (white font color on black background)

3dos 1dos 2dos

With the installation of Divested-Recovery the DivestOS was paralyzed at the same time. As soon as I flashed TWRP 3.3.1-0.img.tar with Odin 3, no matter if with no battery removal, TWRP Rocovery started properly and also(!) DivestOS divested-16.0-20200510-dos-klte booted correctly.

The very first boot process showed a text based error message for less than two seconds in the lower left corner. It went too fast, on the other hand I was surprised and could only read: “A error has occurred … javascrpt”

This error message became fully visible twice more with the first homescreen. Again it went too fast to hold on to. But it must have been at least six to eight test lines. Any reproduction was not possible. I couldn’t take a picture until now. although I turned the S5 on and off several times.

62

Samsung Galaxy S7 SM-G930F (herolte)

divestos_herolte

DivestOS Mobile build divested-14.1-20200723-dos-herolte could not be tested with my SM-G930F

The DivestOS installed with TWRG 3.3.1-0 did not start, which means that the device booted and stopped immediately after the Samsung Galaxy S7 logo was visible. No boot loop, nothing. Just standstill.

I did not even try the DOS-herolte-recovery, nor do I remember my experiences with the S5 SM-G900F.

Hej @SkewedZeppelin,
since November 2019 Google has not released any security patches for Android 7.1.2. How do the latest Android security patches get into the build divested-14.1-20200723-dos-herolte?

63

FYI, I have 3 problems with the latest update/version on shamu. (1) When powered off for shutdown, it immediately powers back on (another reason for removable battery). (2) It takes 2 “boot cycles” (from Google logo to Pin entry screen) to start up. (3) People on calls still cannot “hear me now.” #1 freaks me out. :smiley:

64

Hello, Divest Computing Group representative!
I’m somewhat frilled to see the new custom ROM on the scene, whose authors reasonably recommend rather neat app collection (like, Loop Habit Tracker), refer to some advanced projects (like, GrapheneOS), and overall deliver an integral message (like, “choose your computing and networking environment wisely”).

Okay, here’s a humble request and a couple of user feedback messages:


SkewedZeppelin, can you, please recommend some simple Android smartphone to use as a daily driver, that is already used by any of the core development team.


And there’re some issues with

  • Samsung S3 i9300 and
  • Nexus 10 manta:


Samsung S3 recovery from
divested-14.1-20200723-dos-i9300-recovery.img
a) can’t mount data partition when formatting /data
b) can’t install the divested-14.1-20200723-dos-i9300.zip
as it complains that it “failed to map file” note,
although twrp 3.0.2 can do the trick.


Samsung S3 experience is the most fluid I’ve ever got with other S3 ROMs, though these browsers

  • Mull,
  • Tor Browser
  • Bromit
  • (Ungoogled) Chromium
  • Fennec
  • FOSS Browser

won’t work:
they’ll just crash after briefly loading a blank screen,
though

  • Privacy Browser
  • Lightning
  • GMaps WV

are working just fine.


As for the Nexus 10, the
divested-14.1-20200723-dos-manta.zip
can be installed and booted (tried via twrp),
though it persistently crashes at the greetings screen after a couple of seconds.

It’s not a big deal, if the problems are too tedious to correct, as I’ll just use some other ROMs, but nevertheless be glad if it can be helped.

Respectfully,
m1k.

65

@anon46495926

several times before eventually starting properly

That is concerning

takes 2 “boot cycles”

Can you clarify this? Like step by step.

When powered off for shutdown, it immediately powers back on

I’ve seen this with thor, I know it was likely related to the defconfig hardener but my thor broke last month.

@fossys

Yes, my SM-G900F “klte” boots now

I will make some testing kernels when I can that have different things disabled to see if we can narrow down what breaks boot.

Google has not released any security patches for Android 7.1.2

LineageOS team manually merges in applicable security patches to all of their branches from the Android Security Bulletin.
The limitations of this is that they cannot update vendor blobs and in most cases do not apply kernel patches.
They also do not implement patches from the Qualcomm Security Bulletin or the Google Pixel Security Bulletin.
So when possible it is best to have a device with a recent kernel and having the latest version of LineageOS (currently 17.1).
DivestOS partially migtigates the blobs by removing as many as possible and partially mitigates the kernel patches by patching many known CVEs. But it is only a patch.

@m1k

Divest Computing Group representative!

It is just me :wave::slightly_smiling_face:

refer to some advanced projects (like, GrapheneOS)

I wouldn’t be here if it wasn’t for Micay.

although twrp 3.0.2 can do the trick.

Did you ever use a partition resizer script?

they’ll just crash after briefly loading a blank screen

So no browsers work? That is very concerning. And strange, can you get a trace from logcat?

though it persistently crashes at the greetings screen after a couple of seconds.

I suspect there might be some selinux denial causing a service to crash.
I’ll have to make a testing build.

66

2 “boot cycles” (from Google logo to Pin entry screen) to start up.

clarify this? Like step by step.

Hit power button, select power off. Watch it shutdown. Wait a few seconds.
Google logo appears, DivestOS logo appears, Pin entry screen appears.
Enter pin.
Watch previous step repeat (G logo, D logo, pin screen).
Enter pin.
See normal/launcher screen.

67

Samsung Galaxy S7 SM-G930F (herolte)

@SkewedZeppelin,
you have marked the Samsung Galaxy S7 SM-G930F (herolte) as “broken” on their website.

DOS-Herolte_broken

It’s a pity that you don’t have more to say about it.

Well, today I started a second attempt, and - even if only with your trick³ - got my “herolte” to start. This time I was also able to document the error message “A error has occurred” in a screenshot.

dos_heolte_a-error-has-occurred
dos_heolte_a-error-has-occurred664×587 33 KB

³As boot.img, I used a lineage-14.1-20200725-UNOFFICIAL ROM with kernel version 3.18.14x by exodusnick, which in turn gets its source code from the highly regarded developer Ivan Meler.

68

Hello, Divest Group,

Only one lad(y) - whoa!

Impressed++

Although a bit scared and unsure of resizing partitions on an Android device (without a spare device on hand that is).

As for the i9300 logs, here they are:

Mull - i9300_mull.log.zip (26.0 KB)

Bromite - i9300_bromite.log.zip (9.9 KB)

(used pidcat to get logcat for a selected app)

Respectfully,
m1k