I am opening a thread for discussing general questions regarding Fairphone OS - I hope this is fine with the moderators.
One thing that is not yet clear to me results from the following statement at code.fairphone.com:
Unfortunately, the license of these “unique features” is not mentioned here. Also, it’s not clear how to exclude these components when issuing a build in case someone opts to prefer a more “pure” android experience without the “unique features”.
Perfectly fine. I just moved it from the “FP2 Android 5.1” category to the general “Software” category because I think the FP2 category is just for the preinstalled OS.
I’d like to know that too.
If you want to exclude the FP flavor you could just download the blobs and AOSP right?
I wanted to investigate the license question (initially posted here) and I found a few interesting things:
some of the files in the directories of the fairphone apps (e.g. packages/apps/FairphoneLauncher3) contain the typical AOSP Copyright notice, some contain a Fairphone Copyright notice using the Apache 2 License and quite many do not contain a copyright notice at all. Most (if not all) commits have been issued by the folks from kwamecorp.
the directory also contains (dated) logs of JVM crashes from running under a MacOS X environment.
Great! Do you have experience building ROMs? I don’t, up to now, but thought this might be the right time to have a look… Wanted to play with cherry-picking, there an emulator based test might be helpful. Especially as I don’t have the FP2 in my hands yet, und probably won’t until January. Thus I might have some time to learn
Well, actually I have only experience compiling ROMs and making some small modifications. I also made some attempts for porting ROMs to yet unsupported device, but haven’t been very successful with this. The Android build system is pretty complicated, and many of the custom ROM vendors tweak it further so it’s not easy to get into that. That’s why I actually prefer ‘pure’ AOSP-style ROMs as they are easier to update and to port to newer Android versions.
Until now, not many vendors allow you to rebuild AOSP (or they just allow you on selected devices) so I’m happy to see that FP is one of the few exceptions here.
Will we get access to the “Stock”-ROM image for the FP2, so that if flashing another OS (Sailfish, Open Source, …) that you don’t like you can reflash it to the original state?
iklaus: I assume you can pull a backup of the system (and eventually userdata) partition before flashing something else after you’ve unlocked the bootloader. So should be “reversible” at least this way.
And I didn’t make any new attempts over christmas - maybe someone else was successful with running the emulator already?
Well, you will get partly some permission management with updating to Android 6. Staying on Lollipop, it should be possible to install e.g. XPrivacy. Personally, I would also prefer OmniROM, but this would require porting it to the FP2 first - should be doable, but would require some time.
And all these alternative OSes sound really fine, but if you look at it in more detail you will notice that usually they lack many features Android has and some “must have” apps / widgets you might gotten used to are missing. For instance, afaik both FirefoxOS and Sailfish do not support encryption of the internal userdata partition (yet).
Actually, many people seem to think that Google is evil and thus AOSP is a privacy threat as well. But AOSP is completely open source and has only one or two unwanted behaviours (like sending a DNS request to Google every time you enable your data connection) which you can tweak (code-wise). So as long as you don’t install the Google Apps I don’t see any big privacy threats from using AOSP or AOSP-based ROMs.
No, probably I was to tense in my answer. I’m still in with Android, AOSP based, no problem. Probably, when it’s becoming available soon enough and my FP2 is not yet in full steam, I might have a look at Sailfish OS, just to have it experienced. But no encryption is bad, that would speak against Sailfish.
If you have to compile your own OS (that is, anybody who will provide “us” with an alternative android version, as I lack the time right now to dive into it), you probably could cherry pick AppOps into AOSP as well. I do have “must have” android apps, also paid for, so my path is quite clear But not every app I have should be able to access my location. Sometimes none of their business…
And XPrivacy needs XPosed, if I’m not mistaken, which often is a bunch of problems of its own…
Still, my FP2 is some weeks away, I guess, ca 4500+ or so, maybe there are some more experienced tinkerers in line before me
Klaus
This sort of “basic” protection is what imho Android 6 already gives you out of the box. If you want to have much more fine-grained control about this, XPrivacy might suit you better.
Personally, I don’t use any apps which require more permissions than I can accept to give them - except for open source apps, where I have some trust that they will use the permissions only for the claimed purposes.
Anyways, I assume (haven’t checked yet) that Fairphone Open Source OS as well as Fairphone OS also does these DNS lookups via Google, so this is probably the first thing you might want to change.
But not every app I have should be able to access my location. Sometimes none of their business…