Blog log
Last update : 16/9/2024
Archive Blog Logs :
16/9/2024
Another A11 interlude chapter - this time with my own Poco F1. Finally had enough free time for it... though I didn't expect to somewhat regret it unlike the X3P...
- Preparing for A11
- Download LineageOS A11 (or whatever A11 ROM you want) & Reignz' TWRP 3.7.0-A9 (non-system_ext). I tried flashing ZeusOS with its recommended TWRP (Reignz' 3.6.0-A9) I am stuck in a circle of not able to encrypt > forced to format data until I changed recovery.
- Boot to recovery (at this time, I was still on Reignz' TWRP 3.7.0-A12-V2)
- Format data (Wipe > Format Data) & reboot recovery. Though since Reignz' TWRP 3.7.0-A12-V2 has issues formatting data I wiped Android Secure before formatting data.
- Wipe system, vendor, & system_ext in TWRP. This'll result in TWRP alerting you with no OS alerts when rebooting, but this won't matter as we will soon install something.
- Replace the F1's recovery with the aforementioned Reignz' TWRP 3.7.0-A9 & reboot to recovery. Since I was on Reignz' TWRP 3.7.0-A12 I simply used it to flash TWRP 3.7.0-A9 .img to recovery. Of course, nothing prevents you from using fastboot to replace recovery - you could also check fastboot getvar anti for any reason you can think of.
- Flashing A11
- Since we're in recovery & wiped everything that needs to be wiped, we can just straight up flash LineageOS (or whatever A11 ROM you want). Since Xiaomi stopped supporting the F1 by A10, we don't even need to flash xiaomi.eu at all.
- Reboot to system.
...wait that's it?! Yes, that's it, unless you've flashed ZeusOS with the maintainer's recommended TWRP 3.6.0-A9 - in which case you will be stuck not being able to encrypt (and reach the system because ZeusOS demands factory reset), and thus had to try out Reignz' TWRP 3.7.0-A9. Had that not worked, this interlude wouldn't even exist.
- Setting up the device for pocketbox operations
I previously wanted to use ZeusOS but then I didn't liked it, then I thought about going for crDroid... until I remembered its not that good in A11 (who thought putting network permission & per-app data restriction together without properly integrating each other was a good idea?), so there you go - that's why I chose LineageOS for this one.
- Concluding thoughts on this interlude
Unlike the X3P, A11 on the F1 (for now) isn't as good (mostly thanks to ArrowOS A11 being absent). crDroid has the most features, but suffers from combining network permission (which also causes issues in apps that depends on it) & per-app data restriction (in addition to LineageOS' arbitrary volume limiter). ZeusOS has slightly less features but with an unclear permission issue. And LineageOS only suffered from that 40% arbitrary volume limiter. If I don't mind the UI issues of A12L (and either the potential application of anti-user APIs, or A12L crDroid's microG issues) I might as well stay in crDroid A12L - at least the arbitrary limiter there was a tiny bit more generous.
17/9/2024 Update : Cutting out A10 commentary. Nusantara SiXtY N9 (A10) by NotDheeraj06 sucks - un-encrypted storage, no invert navbar, & SELinux switcher in a ROM with inbuilt KernelSU. Sure, I may be able to play with KernelSU without being tied to either a potentially insecure version of KernelSU or an Android build I can no longer accept, but now I have an interface that demands me to retune my muscle memory coupled with a fully loaded footgun about to send my F1's security to the grave that was already dug up by a storage that anyone can access indirectly.
12/10/2024 Update : Tried out Lethal Kernel & it somehow borked the F1's system. Switched back to A12L crDroid & tested out Helios Kernel with KSU (which was primarily made for Evo-X), which at least worked instead of forcing me to clean flash again.
On an unrelated note, one of Ed's teammate (who put goodoldtuner as his SF tag, fittingly) got a new SourceForge page containing some ROMs for my devices. Granted, I'm not a fan of SourceForge, but as long as I have something I can really go back to I don't mind submitting stuff there. 21/9/2024 Update : Referring to it as 2GAS. 5/10/2024 Update : Demands cookie in addition to JS & XHR for both 1st-party & challenges.cloudflare.com, if hit by "verifying..." page.
24/7/2024
Welp, it's been a while since I bothered to actually fill this up (usual stuff), so I won't be cutting the 2024 blog log in 2 like the previous years. Here's to another semester for this blog log page I suppose?
By the way, Bob's back from his latest worktrip with a "new" Thinkpad - A475. It (the A475) has a repeatable issue on the trackpad, which refuses to work (as if the trackpad was not plugged in) in Linux after a battery change (both internal & external). A rather ironic workaround we discovered to "re-enable" said trackpad would be to start up any Windows instance - even its installation wizard is enough to somehow make the trackpad run in Linux again.
26/2/2024
Another Lukas-centered blogpost (little did I know reconnecting with him eventually made us close friends) - this time he got a X3P (with preinstalled crDroid A12L (a.k.a. pre-unlocked bootloader, which is kinda rare in secondhand market but nice since we don't have to deal with Xiaomi's increasingly frivolous bootloader protocol) & a busted charging port's motherboard connector) that assaulted his wallet twice - once on obtaining the device & another on replacing the charging port's motherboard connector (which was fixed by the overpriced mall-based phone service center). And who else would be helping him (and be the fall guy in case it bricks) with setting up A11 on that device other than me (who just so happened to tag along for a certain short rest-of-the-week vacation)? With that, here's how everything went :
- Preparing for A11
- Download ArrowOS A11 (8/9/2024 late update : I now use the 26/9/2022 build from mega.nz), xiaomi.eu 12.5.9.0; and put them in external storage. I should also mention that I also downloaded crDroid A11 for the X3P, if only to extract its DocumentsUI to replace ArrowOS' DocumentsUI (which defaults to Downloads without any way to mitigate it aside from literally replacing it).
- Boot the X3P to fastboot, in order to replace stock recovery with
Nebrassy's unofficial TWRP 3.6.2_12 (3/7/2022) official TWRP 3.6.2_11-0 (more on this later) & check out fastboot getvar anti results (which results in 2, for what it's worth).
6/7/2024 Update : Tried out fastboot getvar anti on Lukas' X3N, with the same result (2). It didn't get in his way of flashing xiaomi.eu 12.5.8.0 & A11 ArrowOS (20/9/2022).
- Flashing A11
Personal notes : Before I used official 3.6.2-11 (which I should have done from the start), I used Nebrassy's unofficial 3.6.2-12 to flash xiaomi.eu 12.5.9.0 & ArrowOS - it was a mistake. After booting to ArrowOS (not on first boot) from TWRP 3.6.2-12, the launcher kept crashing for whatever reason, basically making the system unusable. Use the correct recovery for the correct Android build people!
- Boot to TWRP (either with fastboot boot recovery (if you already flashed recovery) or whatever imaginable means, but at this step I'm still in fastboot so I used the former). Also make sure external storage can be accessed by device.
- Format data (Wipe > Format Data) & reboot recovery.
- Flash xiaomi.eu & ArrowOS. When I started flashing this, I wasn't sure that it would even boot (thanks to Xiaomi's arbitrary anti-rollback bullshit), but...
- Reboot to system. Dalvik & cache can also be optionally wiped beforehand. Fortunately for me, the device still boots (otherwise there goes my X3P). But then, since I used unofficial 3.6.2_12 first, I had to re-do everything again with official 3.6.2_11 (this time also booting to xiaomi.eu once before commiting to ArrowOS).
- Setting up the device for pocketbox operations (of course, TWRP needs rw access)
Oh yeah - speaking of the aforementioned rest-of-the-week vacation (which takes place in 7-11/2/2024), it was a short trip to Bali, complete with the requisite(?) ride on a banana-shaped boat. I was able to personally confirm Neocities being blocked there (not sure about the other parts of Indonesia) - it simply didn't load (it probably might've been a force-redirect to some "censorship" site but for whatever reason it didn't load for me - thank all that is holy FGO isn't blocked there) there without virtually "changing" network locations (to wherever not named Indonesia) - just DNS wasn't enough. But still - nice break from work, all in all.
17/1/2024
Mandatory blog log cleanup to start up 2024. Also, I gave up on commentating on TAJ's "guides" so here are its important bits :
- Testing out & commenting on TheAnonymouseJoker's privacy guides; starting from the phone guide (a.k.a. how I tried to summarize & understand the phone guide amongst the fortress of texts & words) :
- Sign out of everything but instant messengers, or factory reset for a cleaner start. No mention of whether you're meant to log back to stuff, but whatever - not the worst issue there.
- Use ADB (and Universal Android Debloater; which seems to be not maintained beyond 2022) to debloat phone. No mentions of changing default connections whatsoever, so captive portal & ntp servers are expected to remain at default (Go-ogle's servers?).
8/7/2024 Update : Regarding UAD's lack of maintainership since 2022; the biggest issue I can find would be the increasingly obsolete inbuilt manufacturer debloat lists, which might leave some unwanted bloat to go free. Or one of the apps in the debloat list got hardcoded in one update to break the system when disabled, wasting more of your time as you now have to reset your device. However, this won't be much of an issue when you use the next-generation UAD fork (which is maintained).
- Install various F-Droid apps, including official F-Droid client (which could be used to install the various F-Droid apps considering it's the only one linked in the guide). Of course, this requires connecting to internet, so Go-ogle (and/or whatever captive portal provider on whatever stock ROM you're using, not to mention whatever inbuilt spyware the stock ROM might've had & wasn't disabled by UAD and/or its continuation fork) might know a thing or 2 about you connecting to internet.
- Set up AppOpsX, even though it doesn't work reliably beyond A9 / Pie...?
- Set up NetGuard, making sure it's covered by Android's VPN lockdown feature. Alternatively, for "advanced users", set up InviZible in main profile while relegating NetGuard for second profile where your un-private apps will be (of course, making sure both are covered by VPN lockdown). Also copy (the bloated & deprecated) Energized Ultimate hosts for blocklist.
- Set up Private Lock just in case the device gets snatched. Also painstakingly cut up stuff to cover camera for phone... and laptop? Wait, I thought this is a phone guide, why am I seeing a section for laptop here (especially since TAJ has a separate computing guide)?
- Add Exodus Privacy entries to blocklist (for "intermediate" users).
- Set up second profile via Shelter & move all your un-private apps there, along with NetGuard if you're an "advanced user". One user profile's enough for me - more & shit gets far too cumbersome IMO (in fact, using another device is less cumbersome for me, compared to partitioning stuff accross multiple profiles on one device).
- Read up on phone brands? Yeah... I can see that on its own place, not so much in a privacy guide. In fact, I'll comment on them directly below.
- On phone brands from the phone guide :
- First off - TAJ's weird bias. Anti-US - ignoring everything about Google's phones in lieu of vilifying Google to all hell and calling anything touched by NSA bad (for example, NSA-certified Samsung Knox). His pro-CCP bias is all over the place as well, devotedly defending Huawei in 5 paragraphs & a bunch of links while rightfully bashing Nokia for having Chinese telemetry & Xiaomi for incognito mode tracking & Shelter issues; as well as not properly putting any reason behind BBK's (OnePlus, Oppo, Vivo, Realme) Tier 2 placement.
15/2/2024 Update : For the record, I don't see Google as a good phone company - their hardware is garbage (soldered USB-C port since Pixel 5 (though the Pixel 9 family seems to revert this behavior?), under-screen fingerprint scanner since Pixel 6 (though there's a webapp-only calibration tool as opposed to most who doesn't provide any, but still - I loathe these under-screen scanners), screen-first repair procedures (though the Pixel 3, 4 (and their XL counterparts), 7a, & the 9 series are the only ones to kinda buck this trend by starting repair procedures from the back & making screen replacement its own procedure), & no amenities like headphone jack & microSD) except for maybe camera (to be honest I don't use my phone cameras that often) & Titan chip (we know about OpenTitan, but what we don't know is whether OpenTitan's codes completely matches the inbuilt Titan chips' codes, or if Pixels' Titan chip doesn't do anything that makes it as bad as Intel ME); and their upstream quality leaves a lot to be desired (especially with recent issues on Pixels & newer annual Android versions being increasingly shitty - not to mention whatever issues the latest patches brings). But still - at this point, Google's one of the few who'd readily provide easy bootloader unlocks (whereas ASUS nuked theirs (and are actively preventing any future bootloader unlocks, while also lying about bringing it back in 2023) and Xiaomi's made their bootloader unlocks too convoluted & frivolous); in addition to allowing relockable bootloaders on custom ROMs (I've heard some ≤A11-vendored OnePlus phones being able to relock bootloader on some custom ROMs; but other than that I've yet to see any other brand fully supporting it).
- Combining several brands into one, such as "OnePlus, Oppo, Vivo" & "Asus, Sony, Motorola". This makes commenting on those brands one by one difficult without losing track of the original article. Oppo & vivo (with OnePlus & realme ) share a lot in common with each other (due to their shared BBK background), but Asus, Sony, Motorola, & OnePlus (with Oppo & vivo, at least back when OnePlus actively played as an "enthusiast" brand for them "tech"tubers) doesn't really have a lot in common with each other AFAIK.
- No reviews for Honor, despite being allegedly separate from Huawei.
- Nokia being branded as "AVOID" due to bootloader unlocking, customer support, and "updation" schedule (this one should've been "update schedule", but then again non-native English speaker so let's get this one out before grammar nazi does it). Not the wisest option, because :
- Bootloader unlocking shouldn't matter in the guide. Like, at all. And this came from someone who demands unlockable bootloaders and would have otherwise agreed that this is a good reason to brand Nokia as "AVOID" (and in Tier 3 instead of Tier 2).
- As for customer support & update schedule, while I can't say much since I generally never interact with the former & don't really give a shit on the latter; these would have made good points for this guide & might even create a new brand tier. Also, for customer support, there's so much variables for this one for any research to produce reliable results (maybe agent A is good at his/her CS work but you get either agent B (some complete noob and/or first-day freshman), agent C (Black Hat from xkcd?! God save us all...), or agent D (our ideal agent A, but too dispassionate to take care of us as he/she had to deal with several mewlings sharing 1-2 brain cells just 5 minutes ago; all before we get passed along to him/her) - or even get tossed around between various bots before you get to either of those aforementioned agents).
- Previous (3.0) rendition marked Nokia as "Potential issues, can be mitigated" in Tier 1. Even if I were TAJ at that time (which I'm not, for better or worse); I shouldn't put Nokia up there just because they "can be mitigated"; especially if some of those "can be mitigated" brands are in Tier 2. 4.0 somewhat fixes this by moving Nokia down where it "belongs", but still.
- Reviewing the brands on TAJ's biases are too complex for me (especially since I literally don't give 2 fucks on most brands except for when they're doing something unacceptable with the bootloader protocol - ASUS & Xiaomi immediately came to mind), so I call this one the point where I just call it quits.
- On the "definitive" computing guide (more textwall yaaaaay....keels over to floor in apathy after reading those) :
- Using dark mode only after evening? Whatever I guess... but I'd rather never use light mode at all (unless I have no choice but to do so).
- Linux (on flavour recommendations) section's a bit weird, recommending Ubuntu GNOME. I mean, there's Artix (which comes in various versions & non-systemd init systems, from just minimal installation to a variety of desktop environments; though the latter comes with quite the bloat). As for GNOME... lightweight GTK desktop environments like LXDE & XFCE exist. Claiming KDE is 15% more bloated than GNOME, XFCE, LXDE, & other DEs... yeah right. Like GNOME (which had slightly less similar resource use compared to KDE) & either LXDE / XFCE had similar resource usage. I'll just link IT Vision's desktop environment findings (archive.org).
- Windows AME... sure, if you don't mind being forced off the admin account's privs (something I don't take to kindly, but then again I have the Windows firewall block stuff I deem not needing internet access... including games). By the way, I'd rather research AME in a way it allows me admin access & not reject all internet access with "big" hosts (between ≥2MB & ≤4.5MB - though ideally ≥15MB... if only)... but then again I'm going to have to say "good luck" to myself. I mean, it's Windows - if only Microsoft were not spearheading it...
- As for the "definitive"... let's just say these guides are probably some old stuff a r/privacy reject would copy & paste.
Conclusion? Way too obvious - TAJ seems to be a r/privacy reject with some highly questionable tips (21/2/2024 Update : Apparently TAJ used to be in DigDeeper's chatroom & is also the latter's good friend, which sounds odd considering the difference of content quality both produce). Sure, some of what he spoke might hold a point, but I'd rather vomit over a shrapnel of scallion infecting my food (or chives, leek, onion, & shallot; but somehow not garlic) than even get anywhere near his "guide" ever again. And with that out of the way... I'm going to get my mohs picks - some big city bridges are snapping today.
8/7/2024 Update : TAJ has abandoned lemmy.ml in favor of going back to reddit and took down the guides on the former. And Redlib isn't playing nice with Pale Moon, so I'm forced to use old.reddit.com link for future reddit links.
Main Page