It includes various security fixes on top of 4.4.4 - but most likely not all. Major security hole detectors are green now (VTS, Bluebox, Zimperium).
NOTE: PHONES CAN BE LIFE SAVERS. DON'T RELY ON THIS PHONE AS YOUR SOLE COMMUNICATION MEANS. I HAVE NOT TESTED EMERGENCY CALLS, NOR CAN I GUARANTEE THAT THIS PHONE WILL WORK IF YOU ARE IN DANGER. CARRY ANOTHER PHONE WITH YOU. DON'T GO FOR A 3 DAY HIKE ONLY WITH THIS PHONE!
Without much ado...
- Flash the recovery from here: https://basketbuild.com/filedl/devs?...k/recovery.img
- Boot into recovery and flash the rom, eg. with adb sideload. Download here: https://basketbuild.com/filedl/devs?...4-CH-0.9.7.zip MD5sum: 9140c93ff8f2b8327fdd330d2448c16f
- I guess you also want to flash some KK gapps that can be found somewhere (e.g http://opengapps.org/?api=4.4&variant=nano)
- You might also lose your IMEI like me? Don't PANIC! The IMEI's are noted on your FP. Remove the battery and write down the numbers. Then once you have booted the phone, follow this simple tutorial to fix this: https://www.facebook.com/fXDAdev/posts/448292925303711
- IMEI loss when flashing from stock FP1. No clue why this happens. Are we somehow overriding some NVRAM?
- CTS is complaining about some issues. https://christianhoffmann.info/2015....testResult.xml
- As this is a merge of 4.4.4 into the MTK stuff, watch out for more bugs than the previous release. Not merged: the new 4.4.4 dialer screen (we stick with 4.4.2 dialer as the modifications are too heavy), chromium does not support wml anymore (who cares?).
- You most likely need to wipe to install this when coming from the previous KK version to 4.4.4. Email app e.g. seems to crash without.
- Playstore version of Google Authenticator does not work (see https://github.com/google/google-aut...android/pull/4). Use the OSS version https://github.com/google/google-aut...droid/releases - this is not specific to FP1 but seems an MTK issue.
- A dirty update (without wipe) from 0.8 on an encrypted device seems to reboot once during the "Android is upgrading" dialog
- Sometimes the lower part of the homescreen launcher seems to lose transparency.
Changelog fp1-kk444-CH-0.9.7 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 1-MAY-2016 (https://source.android.com/security/...016-05-01.html)
- Kernel CVEs including the mediatek wifi ones from https://source.android.com/security/...016-03-18.html, CVE-2016-2549, CVE-2016-2847, CVE-2016-2547, CVE-2016-2546, CVE-2016-2545, CVE-2016-2384
Changelog fp1-kk444-CH-0.9.6 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 2-APR-2016 (https://source.android.com/security/...016-04-02.html)
- Kernel CVEs including the one from https://source.android.com/security/...016-03-18.html, CVE-2015-7550, CVE-2016-0774, CVE-2016-0821, CVE-2016-0723.
Changelog fp1-kk444-CH-0.9.5 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 1-MAR-2016 (https://source.android.com/security/...016-03-01.html)
(incl. the kernel fixes that Google only publishes for Google One / Sprout - ported to MT6589)
Changelog fp1-kk444-CH-0.9.4 (you might want to check if there are new gapps here as you need to flash them again at same time: http://opengapps.org/):
- Android Security Updates from Google bulletin 1-FEB-2016 (http://source.android.com/security/b...016-02-01.html)
- Kernel CVE CVE-2015-8785
- Android Security Updates from Google bulletin 1-JAN-2015 (http://source.android.com/security/b...016-01-01.html)
- Some kernel CVEs (CVE2015-8543, CVE2015-8575, CVE2015-7509)
- Attempt to fix German's E-PLUS on O2 roaming
- Fix that you can now call funny numbers like *143# without phone application crash
- Fix to be able to add contacts to SIM card
- several kernel CVEs (CVE-2015-5697, CVE-2015-8539, CVE-2015-8215, and a few more without CVE yet)
- the december 1st security advisory bulletin skia issue introduced in 0.9.0 - aka as the dilbert bug - is fixed now
- android security bulletin https://source.android.com/security/...015-12-01.html
- also update gapps if you install them: http://opengapps.org/?api=4.4&variant=nano
- google location providers are used now, which should enable network location provider (in case you installed google apps).
- National roaming should be fixed (at least as good as CM). If you still have issue with national roaming, send me your mmc/mmn data.
- Use original FP1 lens parameters for fm50af lens - does this improve the auto/manual focus issues that some people reported compared to stock FP jellybean?
- Attempt to fix the problem where sometimes the scrollbar and recents screen stopped working and screen locked despite having higher screen timeouts.
- Full CTS result: https://christianhoffmann.info/2015....testResult.xml
- SELinux enforcing
- Camera app now shows all resolutions
- adb now requires acceptance of adb key
- ro.adb.secure set
- browser default pages revisited (removed wrong thumbnail).
- removed MTK root CAs that are not in AOSP
- fixed remaining security false-positives in VTS and Bluebox Trustable - all green now
- USB default setting should be MTP now
- More CVE fixes (e.g CVE-2015-3845). VTS and Bluebox Trustable are almost green. For some reasons they still think "Stagefright" is not fixed. Zimperium nevertheless shows all stagefright OK. Edit: found out why. It's false positive as MTK reports errors in MPEG4Extractor differently than stock.
- Netflix issue fixed with new blob from E3
- Some CTS issues fixed
- More security fixes CVE-2014-7911
- Upgraded to 4.4.4_r2.0.1: Yay! That was an insane amount of work. The following "shortcuts" were taken:
-- Chromium sources taken from AOSP - MTK added wml but it was too much work to merge this back in
-- Email app sources taken from aosp - MTK customized something there esp. exchange sync, is that really giving someone problems?
-- Dialer app taken from MTK without 4.4.4 updates - that stuff is too heavily customized also for dual sim, and 4.4.4 revamped the UI, so this was just too much work for now.
- Latest security fixes up to November 2015. Security fixes also for wpa_supplicant_8 (thanks to Michael Bestas for collecting them for CM)
- Kernel sec fixes
- FP1 power profile xml (does this actually change anything)
As usual some credits:
- @Santhosh M : for some advice on the modem/baseband
- @keesj and fairphone for ___providing___ me a fairphone that replaced my own broken one (never figured out why it doesn't boot anymore)
- @CyanogenMod and koush for superuser stuff that I kanged into the MTK stock
- @CyanogenMod for the stagefright fixes
Let me know if
- it works also on older FP1 (without U).
- you have problems with your IMEI, too
- if you find other major issues
- if you think I am missing some security updates
- i had some issues getting the "phone" part of it work. Somehow it started working - not sure what it was. If you don't get the phone (call, etc.) to work, check your IMEIs first.