DivestOS: long term device support with enhanced privacy and security

proprietary blobs removed

There are still hundreds to thousands of proprietary blobs depending on device that are not removed

I’m not sure if I’m happy with Etar Calendar

What is wrong with it? Can you suggest a better one?

do not understand why eSpeak is preinstalled

So that out of the box there is text-to-speech combined with the TalkBack service for those with vision impairments, and additionally to be used by apps that need TTS such as GPS navigation apps.
I recommend RHVoice if it supports your language, but I can’t bundle that one out of the box because it requires database download before use.

UnifiedNlp

Will not work.
The standalone app hasn’t been updated since 2017.
Also in general potentially has issues where it will leak your location to apps without location permission as noted on the microG wiki: “Does not honor AppOps!”

UnifiedNlp/GPS Apps

UnifiedNlp is a network location provider and has ZERO impact on GPS (fine grained location provider), please read the website: Faq - DivestOS Mobile

LTE icon can not be changed to 4G

Why would you want this? 4G is a marketing term by the carriers, LTE is the real name.

Cast to Android/Lineage TV,

Won’t work, read the website: Functionality Tables - DivestOS Mobile

Ok, but there is no maps app preinstalled?
integration of “PIM-Package

These are things you should install yourself.
Organic Maps and OSMAnd are recommended: Recommended Apps - DivestOS Mobile
FairEmail used to be included and OpenTasks is still recommended, but users wanted fewer apps by default.

SPAM filter for SMS, Calls, E-Mails, Messengers;

Way out of scope of an OS

use of WhatsApp (without contact access or even better isolation).

GrapheneOS plans to offer scoped contact access as a feature in the future, in the meantime use a work profile via Shelter

Any thoughts on Insular vs Shelter?

@Licaon_Kter
They both get the job done well, users should try both and pick which they prefer.
I just prefer Shelter more myself, no particular reason.

Thanks for your long answer, the will to understand and explain.

I’m sorry. It was about Etar Calendar Widget not being themable. Since I use Dark Mode/Black background theme, the white/turquise Calendar widget looked odd. I have now found out that in the general settings the colors can be customized and apply also to the widget. Not sure if the widget supports also transparent background (would only matter if I use a background pic, prefer plain black bg).
So this Calendar might be better then the Standard LineageOS one, thanks.

For Map-Apps (without need to access internet) GPS only is fine. However I have used some mainly local Apps which access online databases and might require location access to even function (even if address search is an option), where I would like to not give fine grained GPS access but prefer an approximate location like given by cell tower triangulation. Not sure if this option or “blurry GPS coordinates” can be spoofed in another way.

For LineageOS TV (without GApps/microG) I found a proprietary App which works with limits, however the sending Smartphone had Stock ROM+GApps, so not sure if only on the receiving end Play Services can be avoided.

I understand the commodity for those with vision impairments, but I think unlocking the phone and flashing the custom ROM might also be done by some supporter as initial step. My question regarding map, was because I taught Licaon_Kter gave an example of a preinstalled App that works specifically well with eSpeak. Generally I agree only a subset of Apps used by maybe 75% of users should be preinstalled. As long as uninstall is possible, I’m ok with anything. Except maybe for PIM-Sync-Functions (Calendar, Contacts, etc.) I would say Google should include the broad standards by default in AOSP, but as we know they have other interests.

I think I understand the difficulty and as said expect this not from a soft fork but I also think this could be viewed similarly to Blocker hosts file at least for Calls+SMS. Not sure if any Third Party FOSS is even available and would like to avoid installing the proprietary/commercial Apps.

The problem I had with that approach is that combined with the fact that “everyone” has WA and most will not install another Non-BigTech/Secure messenger, a huge part of using a messenger is sending and receiving media (Pics, Audio, Video) and Docs (PDF, etc.) and AFAIK easy storage sharing was not possible between Shelter profiles using “File Shuttle”. I might look that up for updates or straight try it again.
Using the https://wa.me/Cellnr Link in a personal WA group is a good enough workaround for me, so that I do not desire giving WA Contact access. I’m more worried about the Metadata WA is collecting including the effective contacts I’m messaging (frequency, etc.).

LTE<->4G icon, Down/Upload traffic, …

Yep, just minor things. If available in settings I did customize that (needs less space also). Circle battery with percent inside is available Here most providers talk about 2G, 3G (was mostly switched off in 2022), 4G and 5G. LTE is not used much.

Thanks again for the interest

I comment this as generally, not related any rom specifically & at same time to all of them… But I really hope there would be soon mimic3 available for android at f-droid. Unfortunately can’t code myself, but…

I just can’t stand to listen espeak more than couple of seconds when using Finnish as language. So using navigation either as voiceless or only for some critical parts of route with voice / “noice”…

GrapheneOS plans

Never trust GrapheneOS.

According to official web, 15.1 builds are still being maintained and updated for some devices, right?
Could you simply backport this security patch to the common 15.1 branch, 'cos it hasn’t fixed yet only for 15.1 for some unknown reason?

@Danko Why do you think I don’t already include that patch?

Please see these links:

• Patch Counts - DivestOS Mobile
• Patch Levels - DivestOS Mobile
• https://divestos.org/misc/a-dates.txt
• News - DivestOS Mobile
• Scripts/LineageOS-15.1/Patch.sh · master · DivestOS Mobile / DivestOS-Build · GitLab

What would be the point of monthly updates if I wasn’t pulling in ASB patches and kernel CVEs to all branches?

No doubt you update your builds, but I’m speaking exactly of the official LOS 15.1 branch, seems like it’s sort of abandoned now (considering even old 14.1 received those patch).
So I thought, if you’re still updating your 15.1 branch, it would be great to update common LOS branch too with all missing patches, since it’s used for some unofficial builds and projects like LineageOS for microG.

@Danko I’ve asked LineageOS team many times over the years for an account on their Gerrit (without a Google account) to no avail.

Anyone else is welcome to take the patches in my repo per the license for their builds.

I read about MVT (Mobile Verification Toolkit) GitHub - mvt-project/mvt: MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
Rather then scan for such compromising trough serious spyware I would be interested in a HowTo of Hardening DivestOS further against such attacks - I think at divestos.org there is nothing regarding this topic?

I just wish to say: thank you very much for your awesome work

The FSF recently graciously granted me the award of “Outstanding New Free Software Contributor”:
https://www.fsf.org/news/free-software-awards-winners-announced-eli-zaretskii-tad-skewedzeppelin-gnu-jami

congratulations. You have earned it.

Unfortunately, there are far too few open source solutions and developers in the mobile and TV sector.

Thank you very much for your work. Keep it up.

Hallo,

I started using DivestOS on my Galaxy S5 / klte (divested-18.1-20230122-dos-klte.zip).

The Samsung started, everything seemed to be fine. Than I put on the current update, wanted to start again and it doesn’t work anymore. It starts and shuts itselfs down right away.

What happened, what can I do?

Thank you

How did you install the update?

Originally I changed to DivestOS via TWRP. It was no problem, cause I ereased deeply.

The update I used the normal function of the Updater.

Thanks

@taragate

so it is just stuck at the Samsung logo?
I’d suggest you boot to the recovery and adb sideload the latest image again.
TWRP is not supported, use the DivestOS recovery.
Don’t wipe.
It should boot.

I test on klte before every release and have no issues on my end.

No, the Samsung goes sometimes further. For a very short moment I can see my start-screen and than it shuts down, sometimes two or even three times one after another. But it is not a loop, afterwards it stays turned off.

“I’d suggest you boot to the recovery and adb sideload the latest image again.” That means, not taking the zip-file but the image-file (divested-18.1-20230122-dos-klte-recovery.img) instead?

Until now I am only used to Odin and TWRP for installing lineageOS.
So please, give me some explanations going further. My platform is Linux / Ubuntu.

Thank you very much !!!

@taragate

No, the Samsung goes sometimes further. For a very short moment I can see my start-screen and than it shuts down, sometimes two or even three times one after another.

That sounds like your battery is just low, leave it on the charger.