[ROM][redfin][A13] iodéOS = LineageOS 20 + MicroG + adblocker [04/04/2023]

Search This thread

vince31fr

Senior Member
Dec 18, 2016
1,145
1,237
Toulouse
iode_logo.png


Introduction

iodéOS is a privacy-focused operating system powered by LineageOS and based on the Android mobile platform. iodéOS aims at protecting the user's privacy with a built-in adblocker and by freeing the smartphone from snitches.

The objectives in the conception of this ROM are threefold:

  1. To keep the stability and security level of LineageOS, by minimizing the modifications made to the system. Apart the system modifications required by the adblocker, we mainly only added a few useful options commonly found in other custom ROMs, made some cosmetic changes, modified a few default settings to prevent data leaks to Google servers.
  2. To ease a quick adoption of this ROM by new users. We especially target users that are concerned by the protection of their privacy, but are not reluctant to still use inquisitive apps like Google ones. We thus included MicroG as well as a coherent set of default apps (all open source, with one exception), and simplified the initial setup of the system. Particularly, an initialization of MicroG has been made with GCM notifications allowed by default, a privacy-friendly network location provider (DéjàVu) pre-selected, as well as Nominatim Geocoder.
  3. To provide a new and powerful way of blocking ads, malwares, data leaks of all kinds to many intrusive servers. We are developing an analyzer, tightly integrated into the system, that captures all DNS requests and network traffic, as well as a user interface (the iodé app). Compared to some other well-known adblockers, this has the advantages of:
    • Avoiding to lock the VPN for that use. You can even use another adblocker that uses VPN technology alongside our blocker.
    • Being independent of the kind of DNS server used by the system or set by an independent app: classical DNS on UDP port 53 or any other one, DNS over TLS (DoT), DNS over HTTPS (DoH), ..., as we capture the DNS requests before they are transmitted to the system function that emits the DNS request. What we do not support, is DoH when it is natively built into applications, i.e. when an app communicates directly with a DoH server, without asking name resolution to the system. It would require to decrypt HTTPS packets between such an app and the DoH server, which may create a big security hole.
    • Precisely mapping DNS requests and network packets to the Android apps that emitted (or received) them.
    • Deciding which apps have a filtered network usage (by default, all apps), and which ones can communicate with blacklisted servers.
    Since its first versions, we added many features to the iodé blocker: several levels of protection, fine-grained control over the hosts that should be blocked or authorized, displaying statistics on a map to see the quantity of data exchanged to which countries, clearing statistics... We are actively developing the blocker, and new functionalities will be regularly added.

Features

Changes in LineageOS to prevent data leaks:

  • Default DNS server: Google's DNS replaced by Quad9's 'unblocked' servers in all parts of the system.
  • A-GPS: patches to avoid leaking personnal information like IMSI to supl server.
  • Captive portal login: connectivitycheck.gstatic.com replaced by captiveportal.kuketz.de for connectivity check.
  • Dialer: Google default option replaced by OpenStreetMap for phone number lookup.

Pre-installed apps:

We included many useful default apps, but our choice cannot suit everyone; so we added the possibility to remove them. It can be done at the end of the phone setup, or at any time by going to Parameters -> Apps & Notifications -> Preinstalled apps.

  • MicroG core apps: GmsCore, GsfProxy, FakeStore.
  • NLP backends for MicroG : DejaVuNLPBackend (default), MozillaNLPBackend, AppleNLPBackend, RadioCellsNLPBackend, Nominatim Geocoder.
  • App stores : FDroid (with F-Droid Privileged Extension) and Aurora Store.
  • Browser: our own fork of Firefox (with Qwant as default search engine, many other ones added, telemetry disabled, parts of telemetry code removed) instead of Lineage’s default browser Jelly.
  • SMS: QKSMS instead of Lineage's default SMS app.
  • Email: p≡p (Pretty Easy Privacy).
  • Camera: our own fork of Open Camera, with a few tweaks.
  • Maps/navigation: Magic Earth GPS & Navigation (the only one free but not open source).
  • Keyboard: OpenBoard instead of AOSP keyboard.
  • PDF: Pdf Viewer Plus.
  • Personnal notes: Carnet.
  • {Ad/Malware/Data leak}-blocker: iodé.
  • News: to keep users informed about our developments, as well as a FAQ.
  • Meteo: Geometric Weather.

Pre-included FDroid repository:

The apps that we tweak or develop (microG services, the browser based on Firefox, the News app, Open Camera ...) are available through a repository that we included in FDroid (check the "Apps for iodéOS" category). For this purpose and to avoid name conflicts of some apps, we also had to make a few changes in FDroid.

Useful options from other custom ROMs:
  • Smart charging (disables charging when a given level is reached, to protect battery health).
  • Fingerprint vibration toggle.

Installation Instructions

To download and flash our latest build, see https://gitlab.com/iode/ota.
You can also find here direct links to the latest builds.

Supported devices

Sources

Bug Reporting

You can post a message in this thread or (preferred) open an issue here.

Credits

LineageOS is a free, community built, aftermarket firmware distribution of android, which is designed to increase performance and reliability over stock android for your device.
All the source code for LineageOS is available in the LineageOS Github repo. If you would like to contribute to LineageOS, please visit their Wiki for more details.
This ROM would be nothing without the tremendous work made on MicroG, and all the other open source apps that we included. We are very grateful to their authors.


Contributors

Direct contributors:
@iodeOS, @vince31fr
Indirect contributors (too numerous to list): All the people that contributed to the device tree, to LineageOS, and to the included open source apps.

Sponsoring

You can help in the development of this ROM by paying us a coffee here: https://paypal.me/iodeOS.

Screenshots

iode_home1.png
iode_home2.png
iode_drawer.png
iode_preinstalled.png
blocker_home.png
blocker_report.png
blocker_stream.png
blocker_map.png
blocker_lists.png
blocker_blocked.png
blocker_block_host.png
blocker_details_host.png
 
Last edited:

vince31fr

Senior Member
Dec 18, 2016
1,145
1,237
Toulouse
Downloads :

iodéOS


  • 04/04/2023 (build 20230401):
    • Blocker: improved use of blocking lists (sub-domains blocking)
    • FDroid: fixes an issue on apps update
    • LineageOS synchronized with March security patch included
    • All apps updated
  • 07/02/2023 (build 20230206):
    • Upgrade to iodéOS 4.0 based on Android 13 / LineageOS 20
    • Blocker:
      • Improved blocking settings. You can now choose 'Standard' blocking (ads, trackers, malwares, etc) or 'Reinforced' blocking (same objective but more extensive), and then select additional categories.
      • The 'Porn' category has been extended to a wider 'Sensitive content' one, that also includes fake news, gambling, drugs, piracy, torrent..., with mainly child protection in mind.
      • The 'Extreme' category has been removed, as it is now part of the reinforced blocking.
      • Improved blocking lists. We merge several acknowledged and up-to-date sources, and have diversified our sources to produce more complete lists. The standard list has however been reduced a bit, to avoid as much as possible interference with apps expected behavior.
    • Added a new network location provider: Local NLP Backend. It is an improved version of the DéjàVu NLP backend which was already available in iodéOS. Like DéjàVu, it builds a local database connecting localizations learned from other NLP backends and apps using GPS, and mobile antennas/Wifi; but also has an active mode (not preselected) that can trigger GPS requests. To configure it: Settings -> System -> microG -> Location modules
    • LineageOS synchronized with January security patch included
    • All apps updated
    • New devices support: Pixel 3, 6, 6a
  • 16/12/2022 (build 20221215):
    • Blocker: added multiple selection in settings / domain customization. Long-press on a domain, select several domains or all, apply actions (block all, authorize all...)
    • PdfViewerPlus: improved security by updating core libraries
    • Network settings: added a switch to disable connectivity check (and thus captive portal detection)
    • LineageOS synchronized with December security patch included
    • All apps updated
    • New devices support: Pixel 4 & 5, OnePlus 9 & 9 Pro
  • 10/12/2022 (build 20221210): initial publicly available build of iodéOS for Pixel 5.
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 7
    iode_logo.png


    Introduction

    iodéOS is a privacy-focused operating system powered by LineageOS and based on the Android mobile platform. iodéOS aims at protecting the user's privacy with a built-in adblocker and by freeing the smartphone from snitches.

    The objectives in the conception of this ROM are threefold:

    1. To keep the stability and security level of LineageOS, by minimizing the modifications made to the system. Apart the system modifications required by the adblocker, we mainly only added a few useful options commonly found in other custom ROMs, made some cosmetic changes, modified a few default settings to prevent data leaks to Google servers.
    2. To ease a quick adoption of this ROM by new users. We especially target users that are concerned by the protection of their privacy, but are not reluctant to still use inquisitive apps like Google ones. We thus included MicroG as well as a coherent set of default apps (all open source, with one exception), and simplified the initial setup of the system. Particularly, an initialization of MicroG has been made with GCM notifications allowed by default, a privacy-friendly network location provider (DéjàVu) pre-selected, as well as Nominatim Geocoder.
    3. To provide a new and powerful way of blocking ads, malwares, data leaks of all kinds to many intrusive servers. We are developing an analyzer, tightly integrated into the system, that captures all DNS requests and network traffic, as well as a user interface (the iodé app). Compared to some other well-known adblockers, this has the advantages of:
      • Avoiding to lock the VPN for that use. You can even use another adblocker that uses VPN technology alongside our blocker.
      • Being independent of the kind of DNS server used by the system or set by an independent app: classical DNS on UDP port 53 or any other one, DNS over TLS (DoT), DNS over HTTPS (DoH), ..., as we capture the DNS requests before they are transmitted to the system function that emits the DNS request. What we do not support, is DoH when it is natively built into applications, i.e. when an app communicates directly with a DoH server, without asking name resolution to the system. It would require to decrypt HTTPS packets between such an app and the DoH server, which may create a big security hole.
      • Precisely mapping DNS requests and network packets to the Android apps that emitted (or received) them.
      • Deciding which apps have a filtered network usage (by default, all apps), and which ones can communicate with blacklisted servers.
      Since its first versions, we added many features to the iodé blocker: several levels of protection, fine-grained control over the hosts that should be blocked or authorized, displaying statistics on a map to see the quantity of data exchanged to which countries, clearing statistics... We are actively developing the blocker, and new functionalities will be regularly added.

    Features

    Changes in LineageOS to prevent data leaks:

    • Default DNS server: Google's DNS replaced by Quad9's 'unblocked' servers in all parts of the system.
    • A-GPS: patches to avoid leaking personnal information like IMSI to supl server.
    • Captive portal login: connectivitycheck.gstatic.com replaced by captiveportal.kuketz.de for connectivity check.
    • Dialer: Google default option replaced by OpenStreetMap for phone number lookup.

    Pre-installed apps:

    We included many useful default apps, but our choice cannot suit everyone; so we added the possibility to remove them. It can be done at the end of the phone setup, or at any time by going to Parameters -> Apps & Notifications -> Preinstalled apps.

    • MicroG core apps: GmsCore, GsfProxy, FakeStore.
    • NLP backends for MicroG : DejaVuNLPBackend (default), MozillaNLPBackend, AppleNLPBackend, RadioCellsNLPBackend, Nominatim Geocoder.
    • App stores : FDroid (with F-Droid Privileged Extension) and Aurora Store.
    • Browser: our own fork of Firefox (with Qwant as default search engine, many other ones added, telemetry disabled, parts of telemetry code removed) instead of Lineage’s default browser Jelly.
    • SMS: QKSMS instead of Lineage's default SMS app.
    • Email: p≡p (Pretty Easy Privacy).
    • Camera: our own fork of Open Camera, with a few tweaks.
    • Maps/navigation: Magic Earth GPS & Navigation (the only one free but not open source).
    • Keyboard: OpenBoard instead of AOSP keyboard.
    • PDF: Pdf Viewer Plus.
    • Personnal notes: Carnet.
    • {Ad/Malware/Data leak}-blocker: iodé.
    • News: to keep users informed about our developments, as well as a FAQ.
    • Meteo: Geometric Weather.

    Pre-included FDroid repository:

    The apps that we tweak or develop (microG services, the browser based on Firefox, the News app, Open Camera ...) are available through a repository that we included in FDroid (check the "Apps for iodéOS" category). For this purpose and to avoid name conflicts of some apps, we also had to make a few changes in FDroid.

    Useful options from other custom ROMs:
    • Smart charging (disables charging when a given level is reached, to protect battery health).
    • Fingerprint vibration toggle.

    Installation Instructions

    To download and flash our latest build, see https://gitlab.com/iode/ota.
    You can also find here direct links to the latest builds.

    Supported devices

    Sources

    Bug Reporting

    You can post a message in this thread or (preferred) open an issue here.

    Credits

    LineageOS is a free, community built, aftermarket firmware distribution of android, which is designed to increase performance and reliability over stock android for your device.
    All the source code for LineageOS is available in the LineageOS Github repo. If you would like to contribute to LineageOS, please visit their Wiki for more details.
    This ROM would be nothing without the tremendous work made on MicroG, and all the other open source apps that we included. We are very grateful to their authors.


    Contributors

    Direct contributors:
    @iodeOS, @vince31fr
    Indirect contributors (too numerous to list): All the people that contributed to the device tree, to LineageOS, and to the included open source apps.

    Sponsoring

    You can help in the development of this ROM by paying us a coffee here: https://paypal.me/iodeOS.

    Screenshots

    iode_home1.png
    iode_home2.png
    iode_drawer.png
    iode_preinstalled.png
    blocker_home.png
    blocker_report.png
    blocker_stream.png
    blocker_map.png
    blocker_lists.png
    blocker_blocked.png
    blocker_block_host.png
    blocker_details_host.png
    6
    *** New Update : 04/04/2023 ***

    Available as OTA (see OP)
    5
    Downloads :

    iodéOS


    • 04/04/2023 (build 20230401):
      • Blocker: improved use of blocking lists (sub-domains blocking)
      • FDroid: fixes an issue on apps update
      • LineageOS synchronized with March security patch included
      • All apps updated
    • 07/02/2023 (build 20230206):
      • Upgrade to iodéOS 4.0 based on Android 13 / LineageOS 20
      • Blocker:
        • Improved blocking settings. You can now choose 'Standard' blocking (ads, trackers, malwares, etc) or 'Reinforced' blocking (same objective but more extensive), and then select additional categories.
        • The 'Porn' category has been extended to a wider 'Sensitive content' one, that also includes fake news, gambling, drugs, piracy, torrent..., with mainly child protection in mind.
        • The 'Extreme' category has been removed, as it is now part of the reinforced blocking.
        • Improved blocking lists. We merge several acknowledged and up-to-date sources, and have diversified our sources to produce more complete lists. The standard list has however been reduced a bit, to avoid as much as possible interference with apps expected behavior.
      • Added a new network location provider: Local NLP Backend. It is an improved version of the DéjàVu NLP backend which was already available in iodéOS. Like DéjàVu, it builds a local database connecting localizations learned from other NLP backends and apps using GPS, and mobile antennas/Wifi; but also has an active mode (not preselected) that can trigger GPS requests. To configure it: Settings -> System -> microG -> Location modules
      • LineageOS synchronized with January security patch included
      • All apps updated
      • New devices support: Pixel 3, 6, 6a
    • 16/12/2022 (build 20221215):
      • Blocker: added multiple selection in settings / domain customization. Long-press on a domain, select several domains or all, apply actions (block all, authorize all...)
      • PdfViewerPlus: improved security by updating core libraries
      • Network settings: added a switch to disable connectivity check (and thus captive portal detection)
      • LineageOS synchronized with December security patch included
      • All apps updated
      • New devices support: Pixel 4 & 5, OnePlus 9 & 9 Pro
    • 10/12/2022 (build 20221210): initial publicly available build of iodéOS for Pixel 5.
    5
    *** New Update : 07/02/2023 ***

    Upgrade to Android 13 /LineageOS 20

    Available as OTA (see OP)
    2
    *** New Update : 16/12/2022 ***

    Available as OTA (see OP)