[ROM] DivestOS 14.1 for maguro/toro/toroplus

Search This thread

SkewedZeppelin

Senior Member
Mar 19, 2021
74
86
divested.dev
featureGraphic.png

DivestOS is a more private and more secure aftermarket system.

Galaxy Nexus Notes:
- GPS works on these builds!
- I wouldn't be surprised if there are radio issues on toro/toroplus.

Features:
- strong focus on FOSS
- various system hardening
- various privacy enhancements
- automated removal of unnecessary proprietary blobs
- automated kernel hardening and CVE patching
- ability to relock bootloader on supported devices
- verified boot on supported devices
- no root support
- SELinux always enforcing
- encrypted by default
- monthly updates
- OTA delta updates
- OTA updates over Tor (optional)
- F-Droid included

Extra Features (not installed by default):
- Mull, our hardened fork of Fenix
- Hypatia, our real-time malware scanner
- Extirpater, our free space eraser

Links:
- Website: https://divestos.org
- Onion: http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion
- Downloads: https://divestos.org/index.php?page=devices&base=LineageOS#device-maguro
- Changelogs: https://divestos.org/index.php?page=news
- Project History: https://divestos.org/index.php?page=history
- Known Issues: https://divestos.org/index.php?page=broken#maguro
- Screenshots: https://divestos.org/index.php?page=screenshots
- About + Credits + Notices: https://divestos.org/index.php?page=about
- Source Code: https://github.com/divested-mobile or https://gitlab.com/divested-mobile
- XMPP Chat Room: xmpp:[email protected]

Device Specific Links
- Device Tree: https://github.com/Galaxy-Nexus/android_device_samsung_tuna, https://github.com/Galaxy-Nexus/android_device_samsung_maguro, https://github.com/LineageOS/android_device_samsung_toro, https://github.com/LineageOS/android_device_samsung_toroplus
- Kernel: https://github.com/Galaxy-Nexus/android_kernel_samsung_tuna
- Kernel CVE Patches Applied: https://github.com/Divested-Mobile/...1/CVE_Patchers/android_kernel_samsung_tuna.sh

Other Bits:
- Good and bad feedback is welcomed. Else how can we improve?
- If you find a bug, please report it below or via GitHub/GitLab.
- Testing/Translations/Code contributions are gratefully appreciated.

Important Notes for New Users:
- Please make a backup of your device and copy it to another computer.
- You must wipe before installing this ROM.
- This ROM has userdata encrypted by default
- You are intended to relock your bootloader with this ROM (if your device is marked supported for that).

DivestOS does *not* support the following:
- Google Apps (OpenGAPPS)
- DRM (Widevine)
- alternative recoveries (TWRP)
- root (Magisk)
- runtime modification frameworks (Xposed or theme engines)

All downloads are GPG signed with the following key:
Code:
#B874 4D67 F9F1 E14E 145D FD8E 7F62 7E92 0F31 6994
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEXupIxBYJKwYBBAHaRw8BAQdAC1RiTvrqJaAQ4FIHsxX+gzEgdT4mspISS+p0
y847Nge0SERpdmVzdE9TIFJlbGVhc2UgU2lnbmluZyAoMjAyMCAjMSkgPHN1cHBv
cnQrcmVsZWFzZXNpZ25pbmdAZGl2ZXN0b3Mub3JnPoiQBBMWCAA4FiEEuHRNZ/nx
4U4UXf2Of2J+kg8xaZQFAl7qSMQCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA
CgkQf2J+kg8xaZR1BgEAwwLVVsG7kbp8M3GTV987XpVl5cZeTtDc/g+66briCHUB
APiuH/dk8eRnhFnq4Up2/j7uD/8FtSvxPbHiz6t1MdgB
=VzP2
-----END PGP PUBLIC KEY BLOCK-----
 
Last edited:

[email protected]

Senior Member
Jun 5, 2012
64
26
Thank you for updating this old device. I want to use Anydesk app in this rom to control it remotely. but in remote PC or phone it shows a message: "Connected! Waiting for image"
 

SkewedZeppelin

Senior Member
Mar 19, 2021
74
86
divested.dev
Thank you for updating this old device. I want to use Anydesk app in this rom to control it remotely. but in remote PC or phone it shows a message: "Connected! Waiting for image"

Likely will not work on DivestOS:

AnyDesk/TeamViewer accomplishes that by having “add-on” apps. Each app requests the INJECT_EVENTS permission.
However INJECT_EVENTS has a protectionLevel of signature meaning only apps signed with the releasekey of the system image can request it. If you take a look some of the add-on apps you’ll see that they are actually signed by each manufacturer.
jarsigner -verify -verbose -certs x.apk
Seems they managed to get a ton of manufacturers to sign their helper apps.

I have no intent on signing any proprietary software with my signing keys to grant such permissions.
 

entux

Member
May 21, 2012
34
3
Thank you for supporting old devices like mine. Sadly this one (as well as all the other AOSP variants) I've tried fail to provide a working camera.

"Camera is not available".

I'm not sure you are familiar with zeelogs unofficial 7.1.2 build: https://zeelogkang.blogspot.com/2017/05/lineageos-141-unofficial-712-gnex-tuna.html + https://github.com/zeelog

This is the only rom so far that manages to give me a consistently working and responsive device. Everything (but GPS) just works. Sadly he's since moved on to other devices and is no longer updating it and thus we no longer get any security updates.

I've tried to build that rom myself with the plan to backport security fixes but so far I've failed even building a stable version.

Any advice/help/ideas?
 

SkewedZeppelin

Senior Member
Mar 19, 2021
74
86
divested.dev
Thank you for supporting old devices like mine. Sadly this one (as well as all the other AOSP variants) I've tried fail to provide a working camera.

"Camera is not available".

Camera does work on this.
I think you might need to update your firmware maybe?
Try flashing the bootloader and radio partition again from here: https://developers.google.com/android/images#yakju

If that doesn't fix it, please upload a logcat:
adb logcat -b all -d | grep -i -e dlopen -e audit
at the minimum
 
  • Like
Reactions: entux

entux

Member
May 21, 2012
34
3
So I am not entirely sure what "fixed" it. Either a combination of things or one specific thing of the following:
  • Update Firmware
  • Cleared cache and rebooted
  • Added location permissions
Not sure when the issue will arise again but it seems to work for now.
 

EirikrHinnRauthi

Senior Member
Hey there!! I super appreciate you building this; holy moly. That being said -- are you.... "backporting" things back to LineageOS 14.1 somethow?

The reason I ask is I want to run Android 7.x with the FDroid and Aurora app stores... but also have Magisk for things like force-enabling VoLTE on Sprint as well as messing around with the HSPAP settings on the i9250... and as far as I can tell yours is the ONLY OS that has these.

I know this is a dumb question because the whole point of your OS is for it to be secure. That being said, I'd like to run it on one device and have an insecure second. Or be able to use Magisk. Or something.

IDK I'm rambling. But you rock and are awesome.

DivestOS based on Oreo time? (JKJKJK)
 

Top Liked Posts