Is there a way I can install an open source phone OS on my old Android phones to keep them patched? I'm not prepared to keep buying new phones just because manufacturers only provide intermittent updates for a year or two.
> I'm not prepared to keep buying new phones just because manufacturers only provide intermittent updates for a year or two.
You could just ... buy an iPhone and get timely security updates for years.
EDIT: Downvote if you want, but if iOS 11 contains this security fix exclusively and not iOS 10, then an iPhone 5s bought on 20 September 2013 is going to get this fix. If Apple release an iOS 10 update and you bought an iPhone 5 on 21 September 2012 you're covered too.
Even for a more modern smartphone. I don't want to lose access to my 32bit apps by migrating to iOS 11. So I hope a patch for iOS 10 will be made available.
Not the OP, but I just lost access to FlightTrack which was an awesome flight search and status monitoring app that could even pull your itinerary from TripIt.
In principle yes (if it is not against the app store guidelines). But if submitted as an app, it cannot use JIT compiling for security reasons. This will make the speed of JavaScript execution very non-competitive to WebKit.
Apps should be self-contained in their bundles, and may
not read or write data outside the designated container
area, nor may they download, install, or execute code,
including other apps.
So your can't ship a JS interpreter either, even without a JIT.
And section 2.5.6:
Apps that browse the web must use the appropriate WebKit
framework and WebKit Javascript.
So you just can't have a web browser not using the built-in WebKit, period.
As far as I can tell, you can install a web rendering engine that is not the built-in WebKit, as long as you only use it for HTML/JS that come with your app. At that point the JIT caveat applies.
You can ship a JS interpreter, it just can’t download code from the internet and run it (yes this makes shipping a browser in the App Store impossible).
But regardless, with your own device, you can run whatever code you want on it.
Having switched to an iPhone recently it does bother me that you can't download iOS updates via 4G. When this gets fixed I need to turn on wifi first (or install iTunes).
LineageOS has a moderately large selection of supported phones for a custom ROM and it has weekly updates. My two and a half year old Moto E has the October 5th security patches for Android.
Look through the list yourself, but at least on my device, most of those kernel security issues aren't really of significant impact as apps don't have access to the APIs needed to trigger them and they're not remotely exploitable.
Unfortunately, Google has given app developers a quite powerful tool to disable the use of their apps on non-official OS images, in the form of SafetyNet. So even if you can install an open source version of Android expect a bunch of stuff to no longer work afterwards.
Magisk (/system/less root) currently passes the SafetyNet checks and it, and it's MagiskManager App, are both FL/OSS and hosted on github [0] as well as pre-built images linked from XDA [1].
I'm using it successfully with LineageOS 14.1 (Android 7.1.2).
Not really - ultimately they're root, Google SafetyNet isn't, it has to run at the application level. Meaning Magisk will always win until remote attestation is enforced. There hasn't been a breaking update since July if I recall correctly and the Magisk developer had it patched in about a day.
SafetyNet doesn't actually detect custom ROMs, a stock LineageOS will pass it on most devices at least.
It attempts to detect root or modifications to the ROM by malicious software.
Certain newer devices have secure boot attestation that may cause SafetyNet to fail unless spoofed to be a different device which does not have such attestation.
No. It only cares about unlocked bootloaders on devices that shipped with Android 7 because a requirement of shipping with that was hardware support facilitating dm_verity, which is essentially a check that the bootloader wasn't tampered with. Without the necessary hardware there's simply no way to perform this check in anything resembling a reliable fashion.
Also, neither root not an unlocked bootloader is required to make "proper backups". Some data actually can't be backed up, and for some data there is no point in making a backup. If the goal is to be able to restore the system to a specific, known state, a bit-for-bit image backup of the entire filesystem is just one way to accomplish the task.
> No. It only cares about unlocked bootloaders on devices that shipped with Android 7 because a requirement of shipping with that was hardware support facilitating dm_verity, which is essentially a check that the bootloader wasn't tampered with. Without the necessary hardware there's simply no way to perform this check in anything resembling a reliable fashion.
So in other words "yes, that is a requirement that will eventually be on all android phones"? Am I misunderstanding something? Older phones being an exception does me little good going forward.
> Also, neither root not an unlocked bootloader is required to make "proper backups". Some data actually can't be backed up, and for some data there is no point in making a backup. If the goal is to be able to restore the system to a specific, known state, a bit-for-bit image backup of the entire filesystem is just one way to accomplish the task.
The last time I tried adb backup and restore, it was a mess. Multiple apps like Skype had no data. And authenticator explicitly opts out of being backed up.
Titanium backup, on the other hand, works perfectly.
Ideally I would just have a rooted phone, but then safetynet complains, and I can't even use Netflix and pokemon. As an alternative I could accept an unrooted but unlocked phone, and root it only when making and/or restoring backups. But having neither is a big hassle.
> So in other words "yes, that is a requirement that will eventually be on all android phones"? Am I misunderstanding something? Older phones being an exception does me little good going forward.
To date it means that it's very possible to bypass any protections put on this though - I believe this may even be possible without spoofing the device in this way, but in any case, Magisk works on any device available today.
SafetyNet is not about "official" status, it's about security checks.
I'm actually persuaded that I don't need terminal root access on a device (except for system debugging), but rather a firmware signed with my own release keys, and apps that need privileged access baked in.
I'm using https://lineageos.org/ (previously known as CyanogenMod) on most of my older Devices. I think this is as close to an open source OS as you can get right now.
Depends on the phone. I'm using a ~ 4 year old phone with LineageOS. I also have a Russian phone whose userland source code was never released, and no open source ROM exists; this phone is swimming in vulnerabilities and languishing in Android 6.
Anyone got any suggestions for options?