I wish that LineageOS could accept the "signature spoofing" patch that is needed for microg (possibly with a toggle switch that would be "off" by default), so that we could avoid the need for the less-frequently-updated https://lineage.microg.org/ and properly install apps from Play Store without the Google Service Framework (that essentially give root access to Google on your smartphone).
(and actually I also wish they could implement the shims developed by https://grapheneos.org/usage#sandboxed-google-play in order to sandbox the google play services, so that the user could choose between approach 1 (microg with signature spoofing) and approach 2 (sandboxed GSF) on any smartphone supported by LineageOS (grapheneos only supports Pixel phones due to their ability to relock the bootloader))
I believe the reason Lineage doesn't do this (along with things like SafetyNet spoofing/passing) is to stay on the right side of Google et al. This way there's never a threat of a legal shutdown à la Vanced. If Lineage was backed by big foundations/folks with deep pockets that could change.
I have no idea why GrapheneOS takes this risk, but am grateful to them nevertheless for the code.
I'd like to edit this comment but unfortunately it's probably too late to edit - it appears I was at least partially mistaken. LOS declined to integrate MicroG because of security concerns from spoofing signatures, as per the Wikipedia article of MicroG (https://en.wikipedia.org/wiki/MicroG)
Having the sandboxed Google Play services would be wonderful. I'm currently using LineageOS with microG and Aurora store, but quite a lot of apps do not properly run with microG. Having some kind of fallback alternative in a second user or even better a work profile would be great.
I have a Oneplus 5T (dumpling) and get much less frequent updates (which puzzles me : I though they would have an automated build system i.e. that all supported devices would have exactly the same updates at the same time...)
You can’t install paid apps and your google account can be terminated at any point for using Aurora store. So it’s out of the question for a lot of people
I'd also love to see them forking CalyxOS' Datura firewall:
https://calyxos.org/docs/tech/datura-details/
It's so much handier when you don't have to navigate through each app's settings.
I just switched to LineageOS 18 w/ MicroG and oh my lord is this stuff still complicated. I'm fairly familiar with this stuff and yet still it took me many hours to set everything up correctly. To be clear, this is not the fault of LineageOS, this is simply the state of the FOSS Android environment and the fact that Google has no interest in supporting this setup whatsoever, to put it mildly. Not only is it complicated, it also seems to change pretty much every year.
First the question is how to transfer all your application data, for which there still seems to be no surefire way. I settled on "Neo Backup", which mostly worked fine, except for Signal (of course...), and the darned Microsoft Authenticator.
So first unlock the bootloader (good luck), then you need to find the correct TWRP for your phone (and careful with 32/64 bit) and flash it via fastboot.
Then I flashed LineageOS, which worked fine. Luckily I found an image which already had the signature spoofing patch included, so I didn't have to worry about that. How do you get root? SuperSU? XPosed? Magisk? OK it seems everybody's using Magisk nowadays. OK, flashing worked fine, but now, how do you get MicroG on it? If you look at the MicroG homepage, you might think you can just install it with F-Droid, and you actually can, but many things won't work (like FCM notifications). It needs to be a system app. I tried using the F-Droid Priviliged Extension, flashed it via TWRP, which seemed to work fine but actually wasn't installed and not working at all. Now what? There's a multitude of information in forums what to do. Some say to flash NanoDroid, but the last release was in January 2021, it seems it's not updated anymore? I settled on the "MicroG installer revived" Magisk module, which worked fine (btw, there's no curated Magisk module repo anymore, you have to search the web and hope you find something that's not malicious).
Of course my banking apps refuse to run because "U ROOTED UR PHONE", I search for Magisk Hide, it doesn't exist anymore, now you need to configure a "Zygisk deny list", whatever that is. Then I also need to hide the Magisk app, my banking works now thank you very much. FCM notifications also work after I uninstall and reinstall my apps which need it...
To be clear: I'm eternally grateful to all the developers who make this possible in their spare time. This is not their fault.
I've been through much the several journey several times, each separated by enough time that I have forgotten all the little details.
I eventually found out about LineageOS for MicroG [1] which is a variant of LOS with MicroG bundled which cuts out most of the fooling around, removes the need to root my phone and works with both banking apps that I've tried.
After hesitation, I opted to go full on the "privacy above all" path - out of curiosity if it was possible and bearable.
So no root, no GFS or substitute at all. Only tracer free apps (except my bank) and using browsers.
I use a set of privacy add-ons (canvas fingerprinting etc) for wandering on the web and the "WebApps" app to isolate the web sites I use regularly and where I need to log into my account.
Then the TrackerControl app lets me allow or block connections per app and by destination.
Of course, this choice implies to renounce certain services without a web version, but I'm happy with the tradeoff (less time spent procrastining by consuming social networks content).
It's a bit annoying at first but I paid $80 for this secondhand phone (including a good new battery). Within weeks I didn't notice anymore that speed difference with a native web app.
That difference of speed exists, of course, but I'm fine with the whole tradeoff.
Not being at all a security expert, I did my best - following advice found on the net.
How far is my privacy better protected though? I can't really know - that's my only true frustration. I see very few ads and they look poorly targeted.
Well, sorry for the long post, this was just to mention another possible path: no GSF or substitute at all, no root.
If you're going to that level you should also consider your phone always compromised and unsuitable for running a banking app. Humans got by without them for a long time.
I really like LineageOS, but this is partly on them as well. They are the most popular ROM and they do very little to make this situation easier. With this situation I do not mean the install itself - actually there they do a lot, the documentation for officially supported devices is really good (and you often do not need TWRP anymore, the lineage recovery is cleaner). But I mean everything else you mention: Rooting, Play services/MicroG, fighting against the security theater. They even officially ban talking about this and other impending topics of doom like VoLTE on their subreddit.
I do like what the project achieved, but I don't understand in the slightest what they are thinking. If I were to speculate, to me it feels like a leftover from their failed attempt to make this a business to ban everything some corporate partner might dislike. But what purpose would that serve for the project now? Just baffling.
Just flash ‘LineageOS for MicroG’[1]—it already has F-Droid extension & obviously microG. Recovery images are provided right alongside, though of course you can use TWRP if you prefer but you don’t have to. IDK why you need root, but most people don’t need it. Push works just fine with microG alone, you just have to enable it in settings. Also LineageOS has an integrated backup solution now.
As far as the rooting-related problems go, there's very little reason to root an Android phone today (unlike, say, 6-8 years ago). Most of the things you used to need root for now have a working API (like VPNs).
Magisk Hide was replaced with "Zygisk DenyList". Which is fine, my main complaint is that you cannot guess from the name that it is doing essentially the same thing. The reasons for that can be read here:
I'll add to the list: Advanced Charge Controller, and the ACCA GUI app for it.
This provides fine-grained control over battery charging if the kernel/device have the required features. The user can set limits on current, voltage, and percentage, as well as pause charging when the battery gets too hot. These settings can be saved into profiles selectable with a tap or on a schedule.
Limiting charge speed/capacity can significantly extend the service life of the battery.
It's nice to see that Lineage OS is still a prominent alternative OS. Back when I couldn't afford new smartphones, it would allow me to keep years old devices on relatively new software (these were the CyanogenMod days). Using it opened my eyes to tinkering and the possibility of a de-googled digital life. It's a shame that due to the ongoing 3G shutdown, people won't be able to keep old devices working.
> I won't buy a phone that I can't run LineageOS on. MicroG.
I won't buy one that doesn't have an aux port. Do you know any lineage-supporting modern phones that have an aux port (and an SD slot, ideally!) by chance?
You can still use old devices with WiFi. If you need phone service you can configure a VoIP provider. You lose the cell network but it's still a phone. Some would even say you'd regain privacy this way.
I have tried this in the past with Google Voice. It's just too inconvenient to not be able to make calls when I'm not near a wifi. I've learned that's the #1 feature I value in a phone.
> Back when I couldn't afford new smartphones, it would allow me to keep years old devices on relatively new software
I hope you're not implying LOS is only useful for old devices.
LOS supports many relatively new devices, including many flagship phones. It also arguably offers much better experience than the default bloatware-ridden OEM OSes, which is the reason I check which currently sold devices are supported before buying a new phone.
> Our very popular privacy oriented built-in firewall, restricted networking mode, and per app data isolation features were all rewritten to account for AOSP’s new restricted networking mode and BPF. Additionally, data restriction and network isolation features were merged into a single implementation. Combined, this means that one of our largest pain points each bringup should now be easier to forward port in future revisions!
I'm so glad to hear this. Every other custom ROM's Android 12 version had to remove the "disable internet access per app" feature.
Lineage took its time to rebase to Android 12, but they did it without removing important features like this.
Is that build based on Android 12 ? If so I might be wrong about no custom ROMS adding that feature back in. Maybe grapheneOS and some other ROMS made their own patches to fix it.
I installed LineageOS on my old Samsung Galaxy S3 back in the day. It's currently only used as a fancy alarm clock, I got an app that requires me to solve math problems to disable alarm.
Just yesterday I was wondering if it was still supported by LineageOS, and I see that it is not. What are the chances that a new version will work on this "ancient" device?
And even if I do, would it be safe enough to use or does the hardware have serious, unfixable flaws?
Got me thinking about the obsolescence of our modern gadgets.
Since the S3 Neo is still supported, I don't see why the S3 wouldn't be. As far as safety, at a bare minimum it would only be as unsafe as the stock rom, though having newer patches to the kernel / android does mitigate a lot of vulnerabilities
The Galaxy S3 and the Galaxy S3 Neo are entirely different devices from a software engineering perspective. The device name is not a reliable indicator for this.
Depends what you want to use the phone for. If there's no network access intended, then obsolete software doesn't matter as much as the device has a much lower attack surface.
LineageOS has reached some serious stability milestones IMHO. It's also so much easier to customise and get where I want it to be than any other custom Android ROM I've tried. Most of the bugs have been worked out by this point it feels like. Anyone looking for a new daily driver OS should give Lineage a try. I love it.
Agreed. I've been running nightlies for years now, and it's very rare for something user-facing to break. This probably depends on how well the device is supported, but I've had very few minor issues on my OnePlus device.
Kudos to the LineageOS teams and all contributors! You make Android usable. Which reminds me I should definitely donate.
On most Android devices, you can flash a new recovery image on with fastboot. You can not do this with Samsung devices, Samsung has its own proprietary methodology of flashing recovery images called Odin. Samsung is a supported LineageOS vendor, but Samsung devices have an extra step to even flash the device with a pre-built ROM.
Readit News
(and actually I also wish they could implement the shims developed by https://grapheneos.org/usage#sandboxed-google-play in order to sandbox the google play services, so that the user could choose between approach 1 (microg with signature spoofing) and approach 2 (sandboxed GSF) on any smartphone supported by LineageOS (grapheneos only supports Pixel phones due to their ability to relock the bootloader))
I have no idea why GrapheneOS takes this risk, but am grateful to them nevertheless for the code.
But I agree with your sentiment.
First the question is how to transfer all your application data, for which there still seems to be no surefire way. I settled on "Neo Backup", which mostly worked fine, except for Signal (of course...), and the darned Microsoft Authenticator.
So first unlock the bootloader (good luck), then you need to find the correct TWRP for your phone (and careful with 32/64 bit) and flash it via fastboot.
Then I flashed LineageOS, which worked fine. Luckily I found an image which already had the signature spoofing patch included, so I didn't have to worry about that. How do you get root? SuperSU? XPosed? Magisk? OK it seems everybody's using Magisk nowadays. OK, flashing worked fine, but now, how do you get MicroG on it? If you look at the MicroG homepage, you might think you can just install it with F-Droid, and you actually can, but many things won't work (like FCM notifications). It needs to be a system app. I tried using the F-Droid Priviliged Extension, flashed it via TWRP, which seemed to work fine but actually wasn't installed and not working at all. Now what? There's a multitude of information in forums what to do. Some say to flash NanoDroid, but the last release was in January 2021, it seems it's not updated anymore? I settled on the "MicroG installer revived" Magisk module, which worked fine (btw, there's no curated Magisk module repo anymore, you have to search the web and hope you find something that's not malicious).
Of course my banking apps refuse to run because "U ROOTED UR PHONE", I search for Magisk Hide, it doesn't exist anymore, now you need to configure a "Zygisk deny list", whatever that is. Then I also need to hide the Magisk app, my banking works now thank you very much. FCM notifications also work after I uninstall and reinstall my apps which need it...
To be clear: I'm eternally grateful to all the developers who make this possible in their spare time. This is not their fault.
I eventually found out about LineageOS for MicroG [1] which is a variant of LOS with MicroG bundled which cuts out most of the fooling around, removes the need to root my phone and works with both banking apps that I've tried.
[1] https://lineage.microg.org/
So no root, no GFS or substitute at all. Only tracer free apps (except my bank) and using browsers.
I use a set of privacy add-ons (canvas fingerprinting etc) for wandering on the web and the "WebApps" app to isolate the web sites I use regularly and where I need to log into my account.
Then the TrackerControl app lets me allow or block connections per app and by destination.
Of course, this choice implies to renounce certain services without a web version, but I'm happy with the tradeoff (less time spent procrastining by consuming social networks content).
It's a bit annoying at first but I paid $80 for this secondhand phone (including a good new battery). Within weeks I didn't notice anymore that speed difference with a native web app.
That difference of speed exists, of course, but I'm fine with the whole tradeoff.
Not being at all a security expert, I did my best - following advice found on the net.
How far is my privacy better protected though? I can't really know - that's my only true frustration. I see very few ads and they look poorly targeted.
Well, sorry for the long post, this was just to mention another possible path: no GSF or substitute at all, no root.
I do like what the project achieved, but I don't understand in the slightest what they are thinking. If I were to speculate, to me it feels like a leftover from their failed attempt to make this a business to ban everything some corporate partner might dislike. But what purpose would that serve for the project now? Just baffling.
https://lineage.microg.org/ really seems to be the way to go, as mentioned in the other comment.
[1] https://lineage.microg.org/
I'm shocked and upset to hear that the Magisk repo and Magic hide are dead :(
https://topjohnwu.medium.com/state-of-magisk-2021-fe29fdaee4...
This provides fine-grained control over battery charging if the kernel/device have the required features. The user can set limits on current, voltage, and percentage, as well as pause charging when the battery gets too hot. These settings can be saved into profiles selectable with a tap or on a schedule.
Limiting charge speed/capacity can significantly extend the service life of the battery.
Deleted Comment
Life is too short to struggle and play games with the spyware that ships on phones by default nowadays. Better to be able to blow it all away.
I won't buy one that doesn't have an aux port. Do you know any lineage-supporting modern phones that have an aux port (and an SD slot, ideally!) by chance?
I hope you're not implying LOS is only useful for old devices.
LOS supports many relatively new devices, including many flagship phones. It also arguably offers much better experience than the default bloatware-ridden OEM OSes, which is the reason I check which currently sold devices are supported before buying a new phone.
I'm so glad to hear this. Every other custom ROM's Android 12 version had to remove the "disable internet access per app" feature.
Lineage took its time to rebase to Android 12, but they did it without removing important features like this.
Just yesterday I was wondering if it was still supported by LineageOS, and I see that it is not. What are the chances that a new version will work on this "ancient" device?
And even if I do, would it be safe enough to use or does the hardware have serious, unfixable flaws?
Got me thinking about the obsolescence of our modern gadgets.
https://forum.xda-developers.com/t/rom-unofficial-11-0-i9305...
https://forum.xda-developers.com/t/rom-unofficial-12-0l-i930...
However, "random reboots" doesn't sound great for a daily driver...
But just look around in the forum, sometimes there's a good alternative, it doesn't have to be Lineage.
Kudos to the LineageOS teams and all contributors! You make Android usable. Which reminds me I should definitely donate.
Does anyone here have experience in porting AOSP/LineageOS to an unsupported device? Any suggested materials and resources?
I have the spare time to give it a go on getting it for my Samsung model, but no idea where to start.