Plunge into the open source Android ecosystem

    Disclaimer that the post does not call for radical forms of fanaticism

    Каждый выбирает свой "уровень погружения". Вам не обязательно следовать каждому пункту из этого поста. Моя цель — показать, насколько хорошо развита экосистема на данный момент и чего вы можете и не можете от неё получить. Делайте выводы самостоятельно. Хотите — меняйте прошивку полностью и переходите на microg. Хотите — просто поставьте на свой телефон f-droid прямо рядом с gplay. Хотите — не делайте ничего.


    Let's talk about the ecosystem of free open source apps on Android. Let's try to install MicroG - a free implementation of Google services on Android. Let's see how and why to live with all this.


    Some reasons why you should think about it


    Google play far no cake


    You don’t need to go far, in neighboring posts you can find many examples of how developers are kicked out of Google Play for one reason or another, forcing them to communicate with bots without the possibility of a real appeal. Some types of applications are now fundamentally impossible to distribute (for example, ad blockers, and in principle, applications bypass any restrictions ).


    As a paranoid person, I don’t like the fact that an outsider has almost complete access to my device. Google can at least remove any application from my phone at any time and collect arbitrary data from it. Moreover, google play service is a huge (standard delivery - 600MB, minimum - 95MB) amount of constantly updated code, part of which works with system privileges. For comparison, the MicroG distribution can weigh only 4MB.


    Low quality of applications in google play, dominance of advertising, telemetry, spyware, vulnerabilities


    I, of course, had not had a very high opinion about the average android application before, but I was seriously surprised by my new phone from a single Chinese manufacturer. After the purchase, I had to go with stock firmware for three days due to unlock restrictions (here it is - one more reason not to trust companies to their devices). I honestly do not understand why it is used and why it is loved. I constantly (several times per hour) received incomprehensible notifications (give permission, update me, advertise). Something is constantly updated. The stock browser at one moment simply stopped working.


    power usage


    It comes from the previous thesis. If applications do not load ads, do not send statistics and do not monitor you, they consume less electricity. The same applies to gapps: often, they are the main consumer of electricity. Yes, Google has been seriously working on power consumption lately. However, first, not everyone has the opportunity to use the current version of Android. Secondly, even in these conditions, replacing gapps with a simpler and minimalist solution will allow you to extend battery life even more.


    Second life to old devices without a lot of RAM and / or disk space?


    Also a logical continuation of the previous moments. Has it happened to you that on the budget device after the next update of gapps there is no place left for any applications or user data? Even if there are still enough free resources on your not-so-fresh device, getting rid of gapps will help refresh it.


    A few pitfalls with which to do nothing


    • Not all software has open source analogues. Sometimes they are fundamentally impossible (the same banking applications). Sometimes habits are too hard to change. My personal approach is to try to use an open analog and then, if he is not satisfied, switch to a closed one.
    • Do nothing with the fact that you may have to "red-eye." However, since my first post on this topic, everything has changed a lot for the better.
    • Everything can break, and you will not receive your push-notification with a one-time password to conduct a banking operation, which needs to be done, but right now (alas, I had this). Although, recently, the pushes break only because of the RKN.
    • Some proprietary software may not work. Or break from the update at the most inopportune moment. For example, I used Yandex.Taxi on the old phone for a very long time without any problems, but when installed on a new one, it turned out that the application crashes on the login.
    • A radical FSF-fanatic will not work. Any open source firmware even contains a huge number of proprietary blobs and components. Nothing to do with it. So we will focus on switching to opensource components where possible.

    Little materiel


    • What is gapps?

    Google Play Services, gapps, Google Play . They include both basic services required for push notifications, geolocation, synchronization of various data with Google and the rest of the user software that uses all of this (for example, Gmail).



    A type of notification that works through a third-party server. Allows you to significantly save battery, because the device can fall asleep completely and wake up at short intervals, checking only one network connection for new events.


    • Unlocking the bootloader?

    By default, Android devices come with a locked bootloader. Usually, this procedure is required to be able to install any other firmware. Unlocking the bootloader usually not only makes it possible to modify the system partitions, but also disables the verification of the kernel signature at boot time.


    • root

    Superuser rights In the same way, by default they are usually not available and you need to get them one way or another. Either by installing the firmware (for lineageos there is addon-su ), or by magisk. Usually, the instructions offer to put a proprietary SuperSU purchased by the Chinese (we will not listen to them and put an open source magisk ). In severe cases, sometimes you have to use exploits (like KingRoot).


    • recovery

    Allows you to install the firmware and their modifications in the form of zip-archives. This is usually TWRP , also an open source project.



    In addition to providing root, it has a built-in module for hiding this root itself from some applications (useful for bank clients) and a large number of third-party modules. In the context of this post for us will be the most useful module for installing Xposed.



    If Magisk provides modules for modifying the base system, then xposed provides modules for modifying and patching on the fly of Android itself. In the context of this post will be useful module FakeGapps. I recommend to put it through Magisk, and for a specific API version (corresponding to your android version). Unfortunately, usually firmware support is one version of android behind.



    Catalog of open source software for Android. You can use both the official repository and third-party.



    The flagship of the opensource-firmware. Former Cyanogenmod.


    What devices will it work on?


    Conventionally, all devices can be divided into the following classes (in descending order of convenience):


    • Devices with official lineageos support . The presence of an official port is usually not only a guarantee of more or less normal operation, but also the presence of many other firmware for this device. Naturally, it is better to check the information (and the presence of firmware, and possible surprises) at w3bsit3-dns.com / xda before purchasing. Unfortunately, you will not see absolutely new devices there.
    • Devices with unofficial lineageos / other firmware ports. Usually, a little worse, but you can still live.
    • Devices without third-party firmware, but with root. It is more difficult to get rid of bloatware and gapps (however, with NanoDroid this can now be done automatically). There are no guarantees that you have removed all malicious applications from the manufacturer.

    When choosing a device, you also need to look at:


    • Actually covering firmware. A good community around the phone usually provides stronger guarantees for a firmware upgrade than a typical manufacturer.
    • Some manufacturers limit the ability to unlock the bootloader.
      • For example, xiaomi has a delay of several days to weeks from linking the phone to the account until the first unlock.
      • Huawei recently, in principle, stopped issuing unlock codes (it didn’t understand much, at least for several devices). Fu on them, but for a few dollars you can still buy an unlock code on the side.

    Microg


    MicroG is an open source implementation of gapps. Provides push notifications, api geolocation in applications using this. List of supported api .


    For the work requires the functionality of a fake signature in the firmware. Installation methods, roughly corresponding to the gradations of devices above:


    You can install LineageOS for MicroG and get almost everything listed out of the box. The easiest and most convenient way of all, I recommend using it, if your device is on the list of supported .


    You can install MicroG manually on any firmware that is not bundled with gapps (almost any non-stock firmware). However, the firmware requires support for signature substitution (Signature Spoofing).


    • See instructions . In a rather large list of firmwares, this functionality is out of the box, you just need to put MicroG on top.
    • The rest of the firmware will have to patch one way or another.
      • The most convenient way is a module for XPosed FakeGapps. Does not require modification of the system itself.
      • Ways with system modification. I do not recommend, because In my case, this led to performance problems, but I cannot say whether this is a rule or an exception. Must be repeated after each update.
        • Ways of patching on the phone itself (nanodroid-patcher) take a lot of time (recompiling a fairly bold system file), but they are the second most convenient. I have this led to performance problems, I do not recommend.
        • Ways of patching with the participation of the computer. Even less convenient, but at the same time fast, because reassembly occurs on the PC. Requires a phone to connect to a PC.

    I did not plan to describe the full instructions, but the experience of the previous post shows what will have.


    The installation process depends on the method. About installation using NanoDroid just below, here is a manual procedure :


    • Remove gapps if there are any. For example, using the / d / gapps application
    • Install the necessary apk. From the microg or NanoLx repository .
      • GmsCore.apk ("MicroG Services core" from repository). On Android 7 and higher, this application needs to be made systemic (using the application or the magisk systemize module ) if you want to use backend location searches.
      • GmsProxy.apk ("MicroG Services Framework proxy" from repository)
      • One of the implementations of PlayStore (this is required)
        • FakeStore stub application . The stub in the settings must be given access to fake signatures. The last time I had any problems with this, so you can do it adb shell pm grant com.android.vending android.permission.FAKE_PACKAGE_SIGNATUREwith a PC or just pm grant com.android.vending android.permission.FAKE_PACKAGE_SIGNATUREwith a phone.
        • Re-signed Google Play Store. Yes it is possible! But such an apk provides only the NanoLX repository.
      • Location backends if needed. For example, MozillaNlpBackend. Allows the phone to quickly determine your location without GPS.

    After installation and reboot, you need to go into the microg settings and go through the checklist, give all the necessary permissions. I needed to dial on Android 9 *#*#2432546#*#*, without this registration of push-notifications was not made. You can test your work using the Push notifications tester.


    NanoLX NanoDroid


    Perhaps the easiest and most convenient way to install MicroG. In addition to the basic features (removing gapps and installing microg) has some nice features:


    • Remove standard applications and replace them with opensource counterparts. It is convenient when you have a phone on a conditional MTK with a heavily littered stock firmware.
    • Installing Fdroid, YalpStore / AuroraStore with system rights
    • Possible installation of patched Google Play compatible with microG.

    Just install a few of the following files :


    • NanoDroid: the main installer. Installs everything.
    • NanoDroid-setupwizard: graphical setup of the main installer. Allows you to choose which components will be installed and what actions will be performed. Works only on devices with arm / arm64.
    • NanoDroid-BromiteWebView: replaces the system WebView with BromiteWebView with built-in ad blocking.
    • NanoDroid-OsmAnd: installs OsmAnd +.
    • NanoDroid-microg: installs only microG.
    • NanoDroid-fdroid: installs only FDroid and an extension that allows you to install and update applications in the background.
    • NanoDroid-patcher: includes support for Signature Spoofing (see above).
    • NanoDroid-uninstaller: uninstall previously installed.

    Installing apps from google play


    As noted above, there are several ways to solve a problem.


    • You can install the patched version of the original Google Play and live as usual. Everything should work, including micropayments in applications.
    • Aurora Store . Beautiful, beautiful, fast application. Maybe a lot (from the basic need - installation, update free applications). While in beta, and has some problems with downloading via an anonymous account (use your non-anonymous or bypass Yalp Store , this is almost the same, but without a nice interface and with even more modest system requirements (still supported by Android 2+)
    • PlayMaker allows you to deploy an f-droid repository with google play applications you need on your server. Manage downloadable applications via the web interface. It has obvious limitations, but is very convenient if you rarely install new applications and only need a way to update them conveniently.
    • W3bsit3-dns.com app & game : Crazy app, however, providing quick access to update your apps. It can be useful because on w3bsit3-dns.com not only the original versions are usually laid out, but also modified ones (for example, with remote advertising). Personally, I do not approve, but I know that they use it.
    • APKPure Third Party Mirror Google Play. It was not noticed for repacking applications (signatures coincide with the original ones), but there are no guarantees that this will continue in the future.

    Very small initial set of high-quality opensource applications


    • K-9 Mail is an email client.
    • Bromite - Chromium fork with built-in ad blocking and several features to improve privacy. Unfortunately, their fdroid repository is partially blocked in Russia , which somewhat adds a headache.
    • DAVx⁵ - synchronize contacts and calendar with your owncloud / nextcloud server.
    • GadgetBridge - support for smart bracelets and watches. And even the smart vibrator Vibratissimo.
    • NewPipe is a minimalist client for YouTube. Able to play video in the background as music, upload files.
    • KDE Connect - various possibilities for integrating a device on Android with a desktop under KDE (and not only!). Allows you to synchronize notifications, view and transfer files, as well as emulate the touchpad and keyboard.

    Update: a post has just appeared with a broader view of applications.


    Instead of conclusions


    Personally, the transition to MicroG, F-Droid and AuroraStore gave me the Android I had always dreamed of. With convenient applications, not stuffed with advertising and telemetry, allowing me not to share my data with Google, but with working push notifications, they allowed us to stop dreaming about the unattainable (changing the mobile OS to Sailfish / ubuntu phone / etc, where everything is equal for full work has to use a layer to support Android applications) and start living.


    I hope this instruction will help you understand whether you need it in principle and successfully repeat this result.


    Also popular now: