Having trouble with wireguard here. Haven't gone in depth yet but it seems to be very spotty. Browser works sometimes but other apps won't.
If I turn it off everything runs well. Gone the ProtonVPN (which is OpenVPN based) way and it generally works.
Have not had this problem on my other phones or on this phone with the official LineageOS.
Actually using your Rom and I really love it. THX.
Just a few questions:
The captive Portal change to kuketz is nice, but I had some trouble to connect to train-hotspots, a user interface to change this back to google would be useful.
I heavily using wireguard, it is in your rom a little bit laggy, why? Edit: I set DNS from Automatic to None and it is now faster.
Btw. If you are focused on privacy, a kernel support for wireguard would be really a game changer because no other custom rom on XA2 has a kernel with wireguard support. And it underlines the privacy aspect.
1. Lineage official support is based on stock, not sodp. As we are based on Lineage, this is clearly the best choice.Nice work!
But I have a few questions.
1. Why didn't you use the SODP device tree and BLOBs? The BLOBs have advantages like support for RAW, but unfortunately don't support treble.
2. Why is this is based on LineageOS? AOSP is more secure than LineageOS is.
3. Why do you include a browser? Fennec F-Droid is slower with security patches and the user will probably forget to update the browser.
iodéOS is not a security focused OS: it is a privacy focused OS. Of course the two aspects are related. What we want to avoid, is to weaken the security of the base OS, that's why we limit modifications, carefully review the one we make, include a very limited set of features from other custom roms, ...
You report here what a developer of GrapheneOS says: is he the more objective to make a comparison between its own OS and Lineage ?...From my limited understanding I think they weaken selinux policies. They don't have proper rollback protection. (I don't think aosp has that if you have an unlocked bootloader). They merge a lot of "questionable" stuff from codeauroara. They add attack surface.
I have seen on the official LOS github repo that one person remove all the sepolicy files from a device tree with a note that they are going to create their own (sepolicy).
Source : https://www.reddit.com/r/Copperhead..._anyone_technically_explain_why_lineageos_as/ the reply by DanielMicay a developer of GrapheneOs (used to be copperhead)
Patches are available here (https://github.com/microg/android_packages_apps_GmsCore/tree/master/patches). For Q, the P patch needs to be a bit adapted (some files have been moved elsewhere in the file tree).
We answered here and here.