FP4 - very privacy-friendly custom ROM iodéOS

Now connected to the power

8 hours SoT

Fantastic !!!

2 Likes

I was able to root iodéOS with a few tricks.
I had to extract the boot image using TWRP.
You can do that yourself (shown below) or download this patched boot image I created:

iode-2.3-20220123-FP4-UNOFFICIAL-rooted-boot.img
(Should work for future releases too)

Extract boot image with TWRP and patch it yourself

You have to use TWRP because iodéOS recovery doesn’t allow adb shell.
If you boot TWRP via fastboot boot twrp.img it gets stuck.
For some reason, you have to install it.

  1. Install iodéOS and unlock bootloader
  2. Enter bootloader: adb reboot bootloader
  3. Get current slot: fastboot getvar current-slot
  4. Install TWRP:
    fastboot flash recovery twrp-3.6.0_FP4-UNOFFICIAL-20211216.img
  5. Enter TWRP: fastboot reboot recovery
  6. “Mount” → “Disable MTP”
  7. Extract boot image (replace [slot] with current slot):
adb shell dd if=/dev/block/bootdevice/by-name/boot_[slot] of=/system/boot.img
adb pull /system/boot.img
  1. Reboot and copy boot.img to sdcard: adb push boot.img /sdcard
  2. Patch boot.img with Magisk app
  3. Transfer / adb pull that patched boot.img to your PC
  4. Follow root guide

Root

  1. Unlock bootloader (will reset your phone)
  2. Reboot to bootloader: adb reboot bootloader
  3. Boot patched boot image:
    fastboot boot patched_boot.img
  4. Open the Magisk app
  5. Cancel “Requires Additional Setup”
  6. Choose “Install” → “Direct Install” and “Reboot”
  7. Your phone is now rooted, you can’t lock the bootloader again
6 Likes

Third Beta startet today.

so far a very stable, clean and fast custom ROM

1 Like

I’m gonna wait for the stable release, looking forward to trying it out.

image

3 Likes

iodeOS has the same problem as /e though: forcing you to use microg instead of allowing you to choose what you want

Incorrect!
Can be completely deinstalled via app chooser

Really? Isn’t it integrated into the OS like it is with /e?

Yes it is, but with iodè you have, instead of /e/OS, the possibility to deinstall all pre-installed apps, including system apps.
There’s an extra option under settings/apps/Preinstalled apps

2 Likes

Does that mean you can get gapps working properly? I wanted to give microg a try but a ton of stuff depends on play services and didn’t work on /e (even DRM protected content like Netflix or Prime Video)

Yes but considering Gapps can’t be flashed AFTER first boot, it basically means you can only choose between microG or nothing, not really much of a choice.

Consequently, no :frowning:

2 Likes

I moved the Iode discussion from LOS to Iode

3 Likes

https://iode.tech/en/iodeos-en/
https://iode.tech/en/news/spot-where-your-data-goes-on-a-map/

2 Likes

Just as a short heads up in case that’s relevant for someone: iodéOS is not open source yet (see https://iode.tech/en/#slides, section " Why iodé?")

3 Likes

Just to make it easy :slight_smile:
iode

3 Likes

I must admit I’ve never heard of iode. What are peoples feelings about how trustworthy it is? If, for example, i installed a password manager on the phone, how likely is it that my passwords could be read and sent somewhere?

That depends on your definition of trustworthy. They have been around for some time. I don’t know anything about the people involved, but they have a open forum, so you can ask them.

For me personally, the big showstopper is shipping proprietary applications. Not only their iodé solution (like mentioned before), but also Magic Earth (like /e/ as well). They do let you remove every app, that’s a plus, but for me this is a matter of principle. If you had the choice to make it open source and didn’t, I won’t trust you.

But that’s just me, others arrive at other conclusions and are obviously quite happy with it.

If (and only if) you copy your passwords to the clipboard, consider your passwords unsafe, the Android you’re running doesn’t matter at that point. Otherwise you should be reasonably safe regardless.

6 Likes

thanks for the reply. It’s one of the reasons i want to get a phone that is officially supported by lineageos, rather than one where somebody creates unofficial linageos roms.

The same applies to Lineage as well, just because they are bigger doesn’t mean they are inherently more trustworthy. There’s still a person creating your ROM without any meaningful oversight. Official doesn’t mean what you think it does…
During the CyanogenMod days they shipped a lot of crappy stuff with their ROMs.

And binary blobs will be on any of your phones anyway…

2 Likes

The binary blobs don’t bother me that much. If $PHONE_MANUFACTURER stole passwords from the phones they sold they’d get in real trouble. It’s different when it’s one developer in some far away country :confused: