CalyxOS releases on hold for 4 to 6 months

I think it’s plenty gloomy still.

The lead developer and the founder both leave in the span of a week or two. Their Telegram group is now filled with spam because the founder was the one and only moderator and he never assigned another mod, and he did so without writing a word for a project that he spent 15 years on.

Maybe it’s my paranoid nature, but something is weird about all this. It almost seems like the founder left and the lead developer joined him in that. Them replacing the signing key is also awfully convenient, since to my understanding the founder is the only one that had access to it in the first place. So why would they need to replace it, unless they don’t trust the one and only guy that had it?

For the tinfoilers, AXPOS is looking more and more enticing. They are working on Android 15 for the FP3/4 as we speak.

It’s good and common business practice to change the passwords, locks and keys when important people leave.

Maybe so, but forcing your entire userbase to be without updates for SIX MONTHS and then they have to reinstall the entire OS to get updates again… that shattered my trust in them probably forever. All because the founder left for… let’s call it vague reasons.

Also, my understanding is that the signing key can actually be replaced on existing devices, but they choose not to do it. They don’t even mention why.

It’s weird, and from what I’ve seen I’m far from the first person to see this as a red flag.

https://www.reddit.com/r/CalyxOS/comments/1mg6jdj/okay_nobody_is_asking_so_i_will_what_is_happening/

https://www.reddit.com/r/CalyxOS/comments/1myqcje/is_calyx_safe_rn/

https://www.reddit.com/r/CalyxOS/comments/1mnsvvw/reason_for_why_they_left_calyx/

https://www.reddit.com/r/CalyxOS/comments/1mirfk7/update_to_our_community_letter/

In Satan’s glorious name, say something about why you left Nick!

I tried the Iode OS on my FP5. Unfortunately Curve pay isn’t available. If it was and worked it would be a good option.

Curve is a normal App why isnt it available with IodeOS?

No idea. Says “unavailable for your device”. Perhaps it asks for certain device security features?

The app doesn’t even show in the search results in Aurora store. So it’s filtered out. You can only find it via their website and then it shows the app but says not compatible.

And it was available for you with CalyxOS?

calyx gitlab activity seems optimistic to me. The documentation and preparation for hsm based key handling and release signing looks thorough. They’ll be back

ps: as to your question why they do not rotate the avb key: they can’t unless having prepared for this scenario. So tmw looked into it for the future with mixed results in the ota department. Let’s see - Explore AVB chained partition delegation, to better protect the main AVB key (#3419) · Issues · CalyxOS / calyxos · GitLab

Not ran CalyxOS for years. I tried it before GrapheneOS, assumed NFC payments was something I would just need to do without. Did use Garmin pay for a while.

So I guess its rather a regional or whatever cause that you cannot use Curve and not because of IodeOS (beside the fact that its rather off-topic here I would say)

Can you set the device in the spoof manager in your aurora store to something other than the fairphone? For some reason there are a lot of apps that get the “not available for your device” error for fairphone. My theory is it has something to do with the api version, so choose something with a lower one. It worked for some apps for me on calyxOs

Edit: I can move this to private messages if it is too off topic