Blog log

Last update : 26/2/2024

Archive Blog Logs :

2020/1 | 2020/2 | 2021/1 | 2021/2 | 2022/1 | 2022/2 | 2023/1 | 2023/2

26/2/2024

Another Lukas-centered blogpost (little did I know reconnecting with him eventually made us close friends) - this time he got a X3P (with preinstalled crDroid A12L (a.k.a. pre-unlocked bootloader, which is kinda rare in secondhand market but nice since we don't have to deal with Xiaomi's frivolous bootloader protocol) & a busted charging port's motherboard connector) that assaulted his wallet twice - once on obtaining the device & another on replacing the charging port's motherboard connector (which was fixed by the overpriced mall-based phone service center). And who else would be helping him (and be the fall guy in case it bricks) with setting up A11 on that shitbox other than me (who just so happened to tag along for a certain short rest-of-the-week vacation)? With that, here's how everything went :

• Preparing for A11
• Download ArrowOS A11 (I used the 19/9/2022 build from SourceForge, but also linked the 26/9/2022 build (which is in mega.nz) despite the lack of any noticeable differences there), xiaomi.eu 12.5.9.0; and put them in external storage. I should also mention that I also downloaded crDroid A11 for the X3P, if only to extract its DocumentsUI to replace ArrowOS' DocumentsUI (which defaults to Downloads without any way to mitigate it aside from literally replacing it).
• Boot the X3P to fastboot, in order to replace stock recovery with Nebrassy's unofficial TWRP 3.6.2_12 (3/7/2022) official TWRP 3.6.2_11.0 (more on this later) & check out fastboot getvar anti results (which results in 2, for what it's worth).
• Flashing A11
Personal notes : Before I used official 3.6.2-11 (which I should have done from the start), I used Nebrassy's unofficial 3.6.2-12 to flash xiaomi.eu 12.5.9.0 & ArrowOS - it was a mistake. After booting to ArrowOS (not on first boot) from TWRP 3.6.2-12, the launcher kept crashing for whatever reason, basically making the system unusable. Use the correct recovery for the correct Android build people!


• Boot to TWRP (either with fastboot boot recovery (if you already flashed recovery) or whatever imaginable means, but at this step I'm still in fastboot so I used the former). Also make sure external storage can be accessed by device.
• Format data (Wipe > Format Data) & reboot recovery
• Flash xiaomi.eu & ArrowOS. When I started flashing this, I wasn't sure that it would even boot (thanks to Xiaomi's arbitrary anti-rollback bullshit), but...
• Reboot to system. Dalvik & cache can also be optionally wiped beforehand. Fortunately for me, the shitbox still boots (otherwise there goes my shitbox - I mean X3P). But then, since I used unofficial 3.6.2_12 first, I had to re-do everything again with official 3.6.2_11 (this time also booting to xiaomi.eu once before commiting to ArrowOS).
• Setting up the shitbox for pocketbox operations (of course, TWRP needs rw access)

Oh yeah - speaking of the aforementioned rest-of-the-week vacation (which takes place in 7-11/2/2024), it was a short trip to Bali, complete with the requisite(?) ride on a banana-shaped boat. I was able to personally confirm Neocities being blocked there (not sure about the other parts of Indonesia) - it simply didn't load (it probably might've been a force-redirect to some "censorship" site but for whatever reason it didn't load for me - thank all that is holy FGO isn't blocked there) there without virtually "changing" network locations (to wherever not named Indonesia) - just DNS wasn't enough. But still - nice break from work, all in all.

17/1/2024

Mandatory blog log cleanup to start up 2024. Also, I gave up on commentating on TAJ's "guides" so here are its important bits :

• On the phone guide (a.k.a. how I tried to summarize & understand the phone guide amongst the fortress of texts & words) :
• Sign out of everything but instant messengers, or factory reset for a cleaner start. No mention of whether you're meant to log back to stuff, but whatever - not the worst issue there.
• Use ADB (and some unmaintained software) to debloat phone. No mentions of changing default connections whatsoever, so captive portal & ntp servers are expected to remain at default (Go-ogle's servers?).
• Install various F-Droid apps, including official F-Droid client (which could be used to install the various F-Droid apps considering it's the only one linked in the guide). Of course, this requires connecting to internet, so Go-ogle (and/or whatever captive portal provider on whatever stock ROM you're using, not to mention whatever inbuilt spyware the stock ROM might've had & wasn't disabled by TAJ's mentioned debloating tool) might know a thing or 2 about you connecting to internet.
• Set up AppOpsX, even though it doesn't work reliably beyond Pie...?
• Set up NetGuard, making sure it's covered by Android's VPN lockdown feature. Alternatively, for "advanced users", set up InviZible in main profile while relegating NetGuard for second profile where your un-private apps will be (of course, making sure both are covered by VPN lockdown). Also copy (the bloated & deprecated) Energized Ultimate hosts for blocklist.
• Set up Private Lock just in case the device gets snatched. Also painstakingly cut up stuff to cover camera for phone... and laptop? Wait, I thought this is a phone guide, why am I seeing a section for laptop here (especially since TAJ has a computing guide)?
• Add Exodus Privacy entries to blocklist (for "intermediate" users)
• Set up second profile via Shelter & move all your un-private apps there, along with NetGuard if you're an "advanced user". More than one user profiles get cumbersome really quickly.
• Read up on phone brands? Yeah... I can see that on its own place, not so much in a privacy guide. In fact, I'll comment on them directly below.
• On phone brands from the phone guide :
• First off - TAJ's weird bias. Anti-US - ignoring everything about Google's phones in lieu of vilifying Google to all hell and calling anything touched by NSA bad (for example, NSA-certified Samsung Knox). His pro-CCP bias is all over the place as well, devotedly defending Huawei in 5 paragraphs & a bunch of links while rightfully bashing Nokia for having Chinese telemetry & Xiaomi for incognito mode tracking & Shelter issues; as well as not properly putting any reason behind BBK's (OnePlus, Oppo, Vivo, Realme) Tier 2 placement.
15/2/2024 Update : For the record, I don't see Google as a good phone company - their hardware is garbage (soldered USB-C port since Pixel 5, under-screen fingerprint scanner since Pixel 6 (though there's a webapp-only calibration tool as opposed to most who doesn't provide any, but still - I loathe these under-screen scanners), screen-first repair procedures (though the Pixel 3, 4 (and their XL counterparts), & 7a is the only one to kinda buck this trend by starting repair procedures from the back & making screen replacement its own procedure), & no amenities like headphone jack & microSD) except for maybe camera (to be honest I don't use my phone cameras that often) & Titan chip (we know about OpenTitan, but what we don't know is whether OpenTitan's codes completely matches the inbuilt Titan chips' codes); and their upstream quality leaves a lot to be desired (especially with recent issues on Pixels & newer annual Android versions being increasingly shitty - not to mention whatever issues the latest patches brings). But still - at this point, Google's one of the few who'd readily provide easy bootloader unlocks (whereas ASUS nuked theirs (and are actively preventing any future bootloader unlocks, while also lying about bringing it back in 2023) and Xiaomi's making their bootloader unlocks too convoluted & frivolous); in addition to allowing relockable bootloaders on custom ROMs (I've heard some ≤A11-vendored OnePlus phones being able to relock bootloader on some custom ROMs; but other than that I've yet to see any other brand fully supporting it).


• Combining several brands into one, such as "OnePlus, Oppo, Vivo" & "Asus, Sony, Motorola". This makes commenting on those brands one by one difficult without losing track of the original article. Oppo & vivo share a lot in common with each other (due to their shared BBK background), but Asus, Sony, Motorola, & OnePlus (with Oppo & vivo, at least back when OnePlus actively played as an "enthusiast" brand for them "tech"tubers) doesn't really have a lot in common with each other AFAIK.
• No reviews for Honor, despite being allegedly separate from Huawei.
• Nokia being branded as "AVOID" due to bootloader unlocking, customer support, and "updation" schedule (this one should've been "update schedule", but then again non-native English speaker so let's get this one out before grammar nazi does it). Not the wisest option, because :
• Bootloader unlocking shouldn't matter in the guide. Like, at all. And this came from someone who demands unlockable bootloaders and would have otherwise agreed that this is a good reason to brand Nokia as "AVOID" (and in Tier 3 instead of Tier 2).
• As for customer support & update schedule, while I can't say much since I generally never interact with the former & don't really give a shit on the latter; these would have made good points for this guide & might even create a new brand tier. Also, for customer support, there's so much variables for this one for any research to produce reliable results (maybe agent A is good at his/her CS work but you get either agent B (a complete noob), agent C (Black Hat from xkcd?), or agent D (our ideal agent A, but too dispassionate to take care of us as he/she had to deal with several mewlings sharing 1-2 brain cells before we get passed along to him/her) - or even get tossed around between various bots before you get to either of those aforementioned agents).
• Previous (3.0) rendition marked Nokia as "Potential issues, can be mitigated" in Tier 1.
• Reviewing the brands on TAJ's biases are too complex for me (especially since I literally don't give 2 fucks on most brands except for when they're doing something unacceptable with the bootloader protocol - ASUS & Xiaomi immediately came to mind), so I call this one the point where I just call it quits.
• On the "definitive" computing guide :
• Using dark mode only after evening? Whatever I guess... but I'd rather never use light mode at all (unless I have to).
• Linux (on flavour recommendations) section's a bit weird, recommending Ubuntu GNOME. I mean, there's Artix (which comes in various versions & non-systemd init systems, from just minimal installation to a variety of desktop environments). As for GNOME... lightweight GTK desktop environments like LXDE & XFCE exist. Claiming KDE is 15% more bloated than GNOME, XFCE, LXDE, & other DEs... yeah right. Like GNOME & either LXDE / XFCE had similar resource usage. I'll just link IT Vision's desktop environment findings.
• Windows AME... sure, if you don't mind being forced off the admin account's privs (something I don't take to kindly, but then again I have the Windows firewall block stuff I deem not needing internet access... including games). By the way, I'd rather research AME in a way it allows me admin access & not reject all internet access with "big" hosts (between ≥2MB & ≤4.5MB - though ideally ≥15MB... if only)... but then again I'm going to have to say "good luck" to myself.
• As for why the quotation marks were there... let's just say these guides are probably some old stuff a r/privacy reject would copy & paste.

Conclusion? Way too obvious - TAJ seems to be a r/privacy reject with some highly questionable tips (21/2/2024 Update : Apparently TAJ used to be in DigDeeper's chatroom & is also the latter's good friend, which sounds odd considering the difference of content quality both produce). Sure, some of what he spoke might hold a point, but I'd rather vomit over a shrapnel of scallion than even get anywhere near his "guide" ever again. And with that out of the way... I'm going to get my mohs picks - some big city bridges are snapping today.

Main Page