divested-mobile / divestos-website Goto Github PK

An RSS feed would help me (and possibly other people) to keep updated with the latest news about DivestOS.

I am suggesting an RSS feed, but an Atom feed is fine too. Any feed format is good as well as the format is well supported by most RSS feed readers.

F-Droid on Android shows an error message concerning both official DivestOS repos: "{DivestOS F-Droid repo link}: Chain validation failed → Chain validation failed. All other repos didn't create errors."

The error message appears when:

• Checking for updates on the F-Droid Android app with any of the official DivestOS repos added.
• Adding any of the official DivestOS repos on the the F-Droid Android app.

Chromium version 118.0.5993.80 includes 1 security fix
https://chromereleases.googleblog.com/2023/10/chrome-for-android-update_17.html
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_17.html

Chromium version 111.0.5563.58 includes 41 security fixes instead of 40, and none of them are of critical severity
https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html

The date of version 94.0.4606.85 for /e/OS is mistyped as "20221/12/06"

oneplus 7 pro update divested19.1-20221115. start up: screen touch failure, cannot enter the system. This did not happen in previous updates

One of the reasons for using a privacy nightmare like Spotify is the listen along feature called Jam. However it does not work on DivestOS anymore with the new versions of Spotify, The last version it worked was 8.8.78.587

Everything else works as is, I thought this version information could be noted on the functionality_tables page for those who are in the same situation as me.

Also I don’t think the problem is caused by the hosts list.

hi i saw on your page https://divestos.org/pages/messengers that Session messenger not support E2EE uses PFS,

on they site i found information that they ise E2EE uses PFS.
excerpt from the documentation at the link: https://arxiv.org/pdf/2002.04609.pdf



If Session use same protocol as Signal, and signal support PFS, then Session support to?! :) please correct table it it's outdated or wrong infromation. thanks, best regards.

Hello,

I have two questions regarding the markup used in the FAQ:

1. Why are some models struck through in the recommendation section? I own such a device (OnePlus 7 Pro = guacamole) and I'm looking into DivestOS.

   • Aren't those models recommended all? If so, why?
   • Or where they once recommended and are not any longer? And if so, again: what are the reasons for the removed recommendation?

2. Similar: what does the asterisk(*) mean that is attached to some models (this applies also to section CFI kernels, whatever "CFI" means)?

There most probably exist some restrictions or specific things to be considered, but that star as footnote resp. reference is not resolved…

It would be great to have an explanation or a legend for the various markup used, as mentioned especially for the asterisk and crossed out parts.

Thanks for such improvement and better understandability!

Oh, and I just saw: also on the download page the asterisk is used (for the "Relockable" information) without its meaning being given.

https://www.divestos.org fails to load. It seems the GET request is blocked. Transfer value of NS_ERROR_CONNECTION_REFUSED.

In this line is set that Threema isn't Open Source. This is since 22. December the mobile Application of Threema is Open Source:

https://github.com/threema-ch/threema-android

The Server is still properitary and can't hosted self.

https://github.com/Divested-Mobile/divestos-website/blob/ac438f3e1499ec010504148707380a824ebcb130/pages/messengers.html#L254

https://divestos.org/pages/messengers

Conversations app (1st in the list) is already in f-droid
https://f-droid.org/packages/eu.siacs.conversations/

Change F-Droid: No to F-Droid: Yes

Ciao Tad,
we don't know each other directly but, for better or worse, I am continuing carl's work on bromite.
I would kindly ask you, with reference to https://divestos.org/pages/browsers and with a view to improving the browser, on what basis do you define "Basic" the Fingerprinting protection in bromite? could you point out what you think is missing?
thank you in advance!

Is this page generated by a script?

if no: May I add LineagOS? (I have a Pixel 3 and save the update date anyway - knowing that it is only "nightly" and not RC)

if yes: I would like to see LineageOS and maybe iodéOS added.

Following the instructions on stubs/build.html:

$ dnf install zlib-devel.{x86_64,i686}
Last metadata expiration check: 0:03:13 ago on Tue Apr 30 01:13:42 2024.
No match for argument: zlib-devel.x86_64
No match for argument: zlib-devel.i686
Error: Unable to find a match: zlib-devel.x86_64 zlib-devel.i686

Hi!

Not sure if I'm posting this in the right repository and I don't know if you accept non-international apps for the tested apps table, but I'm going to leave that in case anyone finds it useful anyway. :)

The app name is "Papara" (com.mobillium.papara), it is a proprietary wallet/payment app which widely used in Turkey by teenagers. I was using their app since when I was on OnePlus's stock ROM (with root), but after I switch to DivestOS, I lost access to Papara because it didn't let me signing in by giving a generic message, which is used by them to tell that "device is not secured" saying "Please use a secure connection such as home network, install the app from official sources and disable your VPN if available [...]". I assume Papara checks for SafetyNet, because of course the device was not passing SafetyNet. Even if they have web version, their mobile app is the only way to use some features and to login in their web app, it sends an OTP from their mobile app which obviously I couldn't use. SMS option is only available after waiting a minute, which is not ideal to wait a minute for each time that I want to use the app.

Then I tried installing Huawei AppGallery and downloading their app from there, since I thought they removed some Google dependencies for Huawei devices that don't come with Google Play Services built-in. But strangely, the app complained about device/connection being not secured again.

Later I found that Papara actually checks if a device can connect to SafetyNet and passes it (even if it is installed from AppGallery) by simply disabling SafetyNet support on MicroG to see what the app will tell. And it finally let me in! I guess the app finally assumed that I don't have Google Play Services installed after it couldn't connect to SafetyNet API.

TL;DR: "Papara" (proprietary wallet/payment app in Turkey) works if it can't connect to SafetyNet API on DivestOS. So it needs to be explicitly disabled on MicroG, or make the device pass SafetyNet (which how I was doing when I was on stock ROM + Magisk). I didn't test if it also works when MicroG is not installed completely.

Thanks for making DivestOS by the way!

Hi!

Thank you very much for this very exciting project.

The device info and install links on https://divestos.org/index.php?page=devices&base=LineageOS are broken for some devices, for example Fairphone 2, Yandex Phone, Pixel 3.

A very minor thing, obviously, but I thought I'd let you know.

It reads on /stubs/build.html:

#Add the vendor blobs!
##You must find these repos yourself. Extracting them is NOT correct.

I'm not sure what these "repos" are. If the blobs aren't extracted from the device then where do they come from?

I just like to report that Apple Music works fully as expected under DivestOS. You could remove the probably from the website :)

I found these (to be officialy discontinued), but theres probably more:
https://github.com/vishesh/sealnote
https://github.com/FredJul/Flym
https://github.com/Etuldan/spaRSS

Since Bromite is dead, it would be nice if you could add Cromite to the OS History section.

PS: Thanks for the tables!

Would great if you could include IRC messengers like apps listed here: https://search.f-droid.org/?q=irc

Is it down? Because i see on https://www.isitdownrightnow.com/divestos.org.html it's down

The post-install currently reads:

Is this still accurate if 5G is available as well? If the network offers:

• LTE Only,
• 5G,
• LTE,
• 3G

for instance, which one should be preferred?

See here WangDaYeeeeee/GeometricWeather#492

I found the following phrasing very confusing:

I thought that I needed to look in the bootloader if 'A/B Sync' was not striked out. This could be easily remedied by using a phrasing such as

If 'A/B Sync' (copy-partitions.zip) is available on your "Device Downloads" page and NOT striked out: …

I read in https://divestos.org/index.php?page=browsers that Firefox Klar is a WebView-based bowser. However in https://support.mozilla.org/en-US/kb/geckoview-firefox-focus I read that version 7 switched to GeckoView. Shouldn't you update the page?
The page would be more useful to me if it explicited what version of the browsers it applies to.
Also, as a non-native speaker, I don't understand the value "Eh". Does it mean "partially"?
In the Tor Browser/Private? cell, is "Sure" safer or not than "Yes"?
In "WebView-based browsers", there are several marked with *. I guess it means "with an up to date WebView provider" but it is not explicit.
It would also be better if you could link the cells to some page with a deeper explanation.

I used your recommendations for what to install in my new phone, but I am not totaly sure I understand everything.

Thanks for your work.

mirror of https://gitlab.com/divested-mobile/divestos-website/-/issues/10

According to the article:

While WebView browsers utilize the Chromium WebView, they cannot offer any per-site process isolation.
Using any WebView-based browser is largely not recommended as they are inherently limited due to the WebView merely being a widget for adding web content to an app and are not intended to create a full browser experience.

I'm a Privacy Browser user & according to one of his blog posts, one can enable the following Webview DevTools flags & achieve the same level of site isolation. Not just that, the other security enhancements such as:

• site-per-process
• WebViewXRequestedWithHeaderControl
• PartitionedCookies
• ThirdPartyStoragePartitioning

Although these are experimental flags, they work without any issues (at least for me).
I hope you mention these enhancements in the webview browsing section in your blog post https://divestos.org/pages/browsers#webview

Sir

divestos.org site is not opening now.
Frequently this is happening for last 2-3 months.

There is also difficulties to update checking and installation of Mull, Mulch through FF-updater and Drid-ify.

Please look after the matter kindly.

Regards.