DivestOS: long term device support with enhanced privacy and security

taragate · May 6, 2023, 6:41pm

No, it is not the battary. I tried with adb sideload but not consequent and with real knowlidge what I’m doing. But anyway now DivestOS runs normal BUT the update from 16.04,23 failed again but not with the mistake before. It just failed and I’m not udated yet.

And now I come back to my further question:
“Until now I am only used to Odin and TWRP for installing lineageOS.
So please, give me some explanations or links going further with ADB or Heimdall going further (now added). My platform is Linux / Ubuntu.”

SkewedZeppelin · May 6, 2023, 6:56pm

@taragate
do note that the latest update is always shown as an option to “update” to

if you try installing the latest update via the Updater while already running it you will get that “Update failed” notification afterwards, because it saw no change, which is expected if you already had it installed.

taragate · May 8, 2023, 4:08am

Right, the actual update (06.05.23) is fine now. Irritating, that this update still offers the “Installing”. In LineageOS you can erase the file. So I didn’t realize this behavour early enough.

Please, give me links of explanations “Heimdall” & ADB, Plattform Linux. Because you told me, TWRP doesn’t work anymore.

Thank you very much.

m999 · May 8, 2023, 7:59am

TWRP is not supported, that doesn’t necessarily mean it won’t work. But the Divest Recovery is recommended.
Please search the internet to learn to work with Heimdall.
The command for flashing the recovery is:
heimdall flash --RECOVERY <name-of-recovery.img>
Please be careful!

taragate · May 8, 2023, 8:34am

Thanks for the answer !!!

taragate · May 13, 2023, 8:27pm

“TWRP is not supported, that doesn’t necessarily mean it won’t work”.

In case it works with TWRP, is DivestOS still safe and secure and an unchanged ROM?

On [ROM] DivestOS 20.0 for mata | XDA Forums it means:

"DivestOS does not support the following:

Google Apps (OpenGAPPS)
DRM (Widevine)
alternative recoveries (TWRP)
root (Magisk)
runtime modification frameworks (Xposed or theme engines)"

OR: " It is not recommended to use TWRP with DivestOS, …"

So there must be a reason, why not ???

Thank you

SkewedZeppelin · May 13, 2023, 8:33pm

@taragate
TWRP is NOT supported: Faq - DivestOS Mobile

TWRP may work on select older devices
TWRP is actually recommended on a very small selection of devices on Motorola msm8916 series or apollo/thor due to limitations
TWRP will not work on file-based encryption devices due to the stronger encryption changes
TWRP prompts the user to install MALWARE: https://twrp.me/app/privacypolicy.pdf
- Location information (e. g. longitude / latitude)
- Usage information (e. g. transferred amount of data, call logs)
- App usage (e. g. of all installed apps, their usage time, duration, volume and location)
TWRP is often based on outdated and insecure kernel/device trees

Atrate · May 25, 2023, 10:18am

@SkewedZeppelin

I’ve successfully installed the latest DOS build on an LG G6 (H870). Everything except the camera seems to work. Even encryption works well. The camera not working seems to be an upstream problem, probably fixed in the next release or two.

SkewedZeppelin · June 1, 2023, 6:06pm

Kuketz did a writeup of DivestOS as part of their Android OS series:

fossys · June 2, 2023, 3:23pm

Xiaomi Mi A2 ‘jasmine_sprout’

divested-18.1-20230510-dos-jasmine_sprout-fastboot.zip
avb_pkmd-jasmine_sprout.bin

mia2-dos-brick

I was able to lock the bootloader again on my Mi A2 with DOS 18.1 like I did back in the CalxyOS days.

Mi A2 re-locked bootloader

Xiaomi Mi A2 + DOS 18.1 20230510

Relockable: Tested Working

SkewedZeppelin · June 2, 2023, 3:26pm

@fossys I think it is still permissive, I can maybe set it enforcing.

edit:
Verified boot is permissive: https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Enable_Verity.sh#L39

DivestOS is always SELinux enforcing.

fossys · June 4, 2023, 6:07am

Xiaomi Poco F1 (beryllium)

divested-20.0-20230505-dos-beryllium.zip
default Lineageos ‘aperture’ vers. 13 Camera-App

After opening, the entire system is blocked, shortly after which the system crashes and reboots.

The identical process is repeated with the GrapheneOS camera apps ‘Secure Camera’ vers. 62 and ‘Simple Camera’ vers. 5.6.3 from SimpleMobileTools.

Atrate · June 10, 2023, 5:48pm

@SkewedZeppelin After the latest update, the camera seems to finally work on the LG G6 (H870). I haven’t done any more rigorous tests, but seems like it’s daily-driver capable.

fossys · June 13, 2023, 6:18pm

Xiaomi Mi A2 ‘jasmine_sprout’ WITH relocked bootloader

Successful unproblematic OTA-Update: divested-18.1-20230609-dos-jasmine_sprout

Verification:

jasmine_sprout:/ $ getenforce
Enforcing

fossys · June 14, 2023, 8:06am

Google Pixel 4a 5G (bramble)

divested-20.0-20230505-dos-bramble-fastboot.zip
avb_pkmd-bramble.bin

Starting point:
freshly installed Google Pixel 13.0.0 firmware (TQ3A.230605.011, June 2023)

dos-bramble-divested-20.0-20230505

After DOS 20.0 installation:

a) google-pixel-4a5G (bramble) with divested-20.0-20230505-dos-bramble boots and can be set up.
b) $ fastboot flash avb_custom_key avb_pkmd-bramble.bin
c) fastboot Mode: Divice State: locked

d) Cant’t find valid operating system - The device will not start

e) $ fastboot flashing unlock
f) Fastboot Mode: Device State: unlocked
g) START > DOS 20.0 starts with unlocked bootlaoder

Summary: Relockable: NO, doesn’t work with my device.

SkewedZeppelin · June 14, 2023, 8:14am

20230505
June 2023

Having the system a month older than the firmware installed may actually cause issue.
Please test in a few days after I release 20.0 RC#2.

fossys · June 15, 2023, 9:08pm

Google Pixel 4a 5G (bramble)

Fastboot Mode: Device State: unlocked
Successful unproblematic OTA-Update: divested-20.0-20230505-dos-bramble TO ivested-20.0-20230614-dos-bramble

$ fastboot flash avb_custom_key avb_pkmd-bramble.bin
$ fastboot flashing lock

Fastboot Mode: Device State: locked

Verification:

bramble:/ $ getenforce
Enforcing

Summary:
Relockable: YES, my Google Pixel 4a 5G (bramble) with DOS 20.0 works with relocked bootloader.

Route56 · June 22, 2023, 6:43am

Nexus 5x (bullhead)
Hello everybody,
it is my 1. Post in this Forum, and my english is not so good…
I love this DivestOS because it give me the possibility to have an actual and stable Release on my old 5x.
But I have Problems to get the actual Version to start. (divested-15.1-20230618-dos-bullhead) flashing recovery and adb sideload the Image works as well, but when i try to start it stucks on the Google Logo. Where can I find the Version before, unfortunaly I deleted it and don’t know where to get it.
Thanks for your time, greetings

SkewedZeppelin · June 22, 2023, 3:23pm

@Route56
I test on bullhead before release, latest update works without issue for me, try flashing again.

The last version is here but I strongly recommend trying the latest again:

note old downloads may take a few tries, they are only on one of the two servers.

Route56 · June 22, 2023, 7:34pm

@SkewedZeppelin
ups, the link didn’t work…
…on my old FP2 it works perfect…!

PS: got it ! will try in the next day’s…