I’ve started trying to un-google (de-google?) my FP4, and while I have made some progress - I’ve done a factory reset, disabled everything I could from google and am working through installing apps via other app-stores (mostly Obtanium) -, when trying to verify certain app’s signatures I went down the rabbit-hole* of:
Should I use a non-goole OS? Is it worth the hassle?
If so, which one?
(At this point my brain is already feeling a bit overloaded, otherwise I’d probably keep doing deep-dives into each different OS)
Thoughts?
Whatever you decide to do, if you install another os
please don’t lock your bootloader.
First run the command
fastboot flashing get_unlock_ability
If the outcome is 0 you will brick your phone when you lock the bootloader.
Yes the get unlock ability is important and should be 1, because if something goes wrong and its 0 you have a useless brick that can only be fixed by Fairphone directly therefore at first
That doesn’t seem to be the same issue though. The issue I’m talking about is the ability to unlock your bootloader. The issue that you and the CM are both talking about is the rollback protection.
Now there’s apparently a bug in certain Qualcomm bootloaders (according to the CalyxOS devs) which affects the Fairphone as well that leads to the rollback never being reset. So on any devices (not only Fairphones) affected by that the only way is forward.
While it seems that the bug I’m talking about is that if you lock the bootloader in some cases, you’re screwed. Regardless of the patch level.
And regardless, it’s a bug that Fairphone is completely ignoring surprise surprise.
Dont think so. Any example? When the first cases occurred the forum didnt understand and didnt discuss/ask the security patch level dates. I only remeber cases when older security patch level dates were flashed and the bootloader locked.
And the issue causing bricks seem to be
Another topic explaining it
571/1500
translated with deepl
[quote=“hirnsushi, post:16, topic:95258”]
The problem is not so much that the value is reset, that is even deliberately intended. After installing the factory images, OEM unlocking should be set to off, as in the delivery state, this is part of the Android security model.
The problematic part is that the rollback index is not reset, which is what ultimately leads to the brick.
Normally a new installation should practically start from scratch, but the FP4 bootloader does not forget the previous security patch level.
Yeah that’s one way of putting it. If it’s really just down to the patch level then I suppose it could be worth trying DivestOS or something. Probably not a gamble I’m willing to take until the Pixel 10 Pro has launched as that’s probably going to be my next phone.
If you don’t boot into Android userland after installation and check get_unlock_ability right before locking it’s really not that much of a gamble. Even with an unbootable system / mismatched security patch level you can unlock the bootloader at that point and try something else.
Without knowing the current SPL I’d always point towards ROMs that get updated to the newest one as fast as possible, Calyx and Divest are certainly great choices.
There are certainly other ways to mess up an installation that will render the phone unbootable (Magisk comes to mind, messing with partitions, etc.) and if get_unlock_ability was reset e.g. by booting into the system that would result in a brick.
But as @yvmuell rightly pointed out this still comes down to SPL most of the time. It’s just that we initially thought (or me at least anyway) that the reset is the bug, which no one at Fairphone bothered to clear up for months (and still havent). Combined with the fact that the factory images provided by FP at that time were frequently at least one version behind that lead to people bricking their phones. Some even got told by support to flash those…
Anyways, SPL not getting reset is the bug, get_unlock_ability getting reset on first boot is a “feature”.
FP still could make this safer for people by adding a note about get_unlock_ability in the tutorial, setting the install script to not reboot automatically, or provide a proper installer that checks for that and guides people through the process.
But I’ve said that several times before and apparently that’s too much to ask
+1 for DivestOS!
IMHO it is a great overall experience
Very big plus for me: the developer is very helpful and usually directly available through XMPP. So if you have questions/problems with your install, “first source” help is near.
Also check this article series:
(I am on FP3, no clue how well the FP4 build is working)