Hello XDA-Developers.
Some of my friends in the phone/wireless communications business (including a PhD) tell me that custom ROMs are unsafe and there could be written in the code spyware such as keyloggers that can steal your data and do other things of the sort in the background. Cyanogenmod (and AOKP maybe) seem to be pretty safe, and I am running it on my i897, but the Legend is not supported anymore and the latest official ROM I can get is Gingerbread on CM7, which is very slow and seems to have issues. However, I have found these UNOFFICIAL Cyanogenmod/AOKP ROMS made by others:
http://forum.xda-developers.com/showthread.php?t=2353659
http://forum.xda-developers.com/showthread.php?t=2222597
http://forum.xda-developers.com/showthread.php?t=1905588
http://forum.xda-developers.com/showthread.php?t=1562595
2.2 ROM
http://forum.xda-developers.com/showthread.php?t=866849
Note: Don't know if this matters, but all the ROMs save the last were not made by Recognised Developers.
These ROMs (I haven't tried some of them yet) run very smoothly on the Legend and are almost as good as a daily driver.
So can I trust these ROMs because they are based on CM/AOKP but are unofficial, or is the security compromised as it was unofficially done by a member? I would like answers from a technical point of view, not speculation such as 'devs usually have no intent', etc. Don't get me wrong, I may be paranoid, but I truly appreciate the amazing work that devs here are doing, but the possibility of security issues, especially with Linux and open source, is of my concern.
Related
I had hear about cyanogenmod earlier and even tried to install it once when I was a rank noob without much luck. In my recent explorations of kernels and cifs I found myself at the cm site. It seemed pretty organized and I thought it might be interesting to have another go at it. I followed the instructions and installed it and it worked flawlessly. I restored my apps from Titanium backup and I'm up and running. I did some research in our forum and that, combined with some of my own observations, makes me wonder about the relationship between CM and some of the other roms like Vegan Ginger (which I really like) I get the impression that some or even all of our roms here are derivatives of CM that have been tweaked further by our devs. Is this correct? What is the difference between Vegan Ginger for example and CM7? I'm really puzzled because the kernels and the basic look and feel seem very similar. Someone even remarked that all of our roms are derivatives of CM. I'd be interested to know some of the background and the pedigrees of the various roms and their relationship with CM.
Cyanogenmod is one of the more known and talented group of Android ROM developers, developing for many devices and being a large team of dedicated coders, artist, etc...
They have taken the stock AOSP code and have modified, enhanced and added features far beyond the stock code. Most ROMs you see that have these additions are because they are forked from Cyanogenmod's github and then edited to look like their own (different graphic images, different text wording, etc..).
CyanogenMod was also one of the only ROM devs that I know of that got a Cease & Desist letter from Google early on and created the separated config of installing the rom.zip and Gapps.zip (Rom image and Google Apps).
As for how Vegan-Ginger relates...
Project Moving to Gingerbread
January 12, 2011 14 Comments
Just a quick update for everyone so you know where we stand at this point. Because of all the issues I have had trying to reverse engineer fixes into VEGAn, we have decided to move away from the actual VEGA system image. We have decided to move the project to a MODIFIED CyanogenMod 7 (aka Gingerbread) ROM with “inspiration from VEGA”. This will allow us to not only fix issues more easily but our work would also directly benefit the CM7 camp as well. This would give also give everyone the choice of a completely stock gingerbread like ROM as well.
THERE IS NO ETA AS OF YET FOR A RELEASE. When there is one…. you all will be the first to know! Exciting Times Ahead.
-GoJimi
Extreme GingerNerd
Click to expand...
Click to collapse
Just one caveat: I have done searches (read: multiple).
How in the world does CyanogenMod get to all of the supported devices? All of a sudden once CM9 is released, for phones/tablets moving from CM7 to 9, does it go out to all devices or what? Does it need to get ported from the source for each and every individual device? In general, how is CM updated and how does it get out to the officially supported phones/tablets?
Cyanogenmod ROMs do indeed have to be ported to each individual device and maintained. Once a device receives official support from the Cyanogenmod team, daily changes made to the AOSP source code (tweaks and bugfixes by the various contributing devs) are automatically compiled by a "buildbot" and released at the end of each day (thus these builds are called "nightlies"). These nightly updates are then made available for download through the Cyanogenmod website and through ROM Manager. Once code updates reach a certain plateau, a "final release"-worthy balance of features and stability, the build is released separately as a "stable" build (such as CM7.1), though you can still download it from the website or from ROM Manager just as with the nightlies. CM9 will eventually receive the same treatment and be released in the form of nightlies and stable builds.
Further (highly recommended) reading can be found here: http://www.cyanogenmod.com/blog/the-current-and-future-state-of-cyanogenmod-nightlies
Has anyone seen John Connor?
so the nightlies don't have to be ported, but every major revision does?
hugabu said:
so the nightlies don't have to be ported, but every major revision does?
Click to expand...
Click to collapse
No.
"Porting" is just a word used for the process of making the rom work on any certain device.
So to answer your question, once the work of porting CM to the certain device is done, that port is used as the base for both the stable and nightly builds.
Look at the analogy of when a new phone comes out, case manufacturers create a mold to use to make their cases fit the certain phone, and that mold is used to make all kinds of cases. Same concept
I'm not understanding how kernels and ROMs connect. Can someone give me some extra insight?
[Hardware] <-- Unique to every phone
--
[Kernel] <--- Tells the OS how to talk to the hardware
--
[ROM] <--- Slightly confused. Is the OS in the Read only Memory, or has this term changed its "street" meaning?
I understand that most ROMs (e.g. CM7 and CM9) include both the kernel and the ROM, but can you flash these separately too?
I have a 1.5 year old thunderbolt that's rooted, and has CM7 which is based on gingerbread. I believe HTC has also released the kernel as open source, which is probably the reason I have CM7
Anyway, I guess what I'm looking for is an answer/guide/forum that explains why I can't install newer versions of android onto the already working/open source kernel I'm already running. Is it accurate to view the kernel as all the phone's drivers, or just the CPU driver? If that statement is true, why can't I load ICS or Jelly Bean onto my already existing set of drivers?
I'm thinking about starting a Wiki on this if 1) it doesn't already exist, and 2) I can wrap my brain around it enough to share with others!
Thanks to anyone with a response!
shadowrelic said:
I'm not understanding how kernels and ROMs connect. Can someone give me some extra insight?
[Hardware] <-- Unique to every phone
--
[Kernel] <--- Tells the OS how to talk to the hardware
--
[ROM] <--- Slightly confused. Is the OS in the Read only Memory, or has this term changed its "street" meaning?
I understand that most ROMs (e.g. CM7 and CM9) include both the kernel and the ROM, but can you flash these separately too?
I have a 1.5 year old thunderbolt that's rooted, and has CM7 which is based on gingerbread. I believe HTC has also released the kernel as open source, which is probably the reason I have CM7
Anyway, I guess what I'm looking for is an answer/guide/forum that explains why I can't install newer versions of android onto the already working/open source kernel I'm already running. Is it accurate to view the kernel as all the phone's drivers, or just the CPU driver? If that statement is true, why can't I load ICS or Jelly Bean onto my already existing set of drivers?
I'm thinking about starting a Wiki on this if 1) it doesn't already exist, and 2) I can wrap my brain around it enough to share with others!
Thanks to anyone with a response!
Click to expand...
Click to collapse
You are correct about the ROM, but ROMs also include the kernel (if it didn't, or no kernel was flashed separately, the device would not boot). Yes, other kernels can be flashed on your existing ROM, but it's not necessarily going to be compatible.
Sort of, but there's a lot more than that. See here and here. Later versions of Android will require newer drivers,etc. which the existing kernel won't provide (they'll be outdated). Back porting and additional coding is theoretically possible, but insanely difficult (many times). Even after this some things may still not work.
Thanks for the insight, I was able to get a lot deeper into this with those links. For anyone else wandering down a similar path, you might as well stop now! Here are a few links:
http://forum.xda-developers.com/showthread.php?t=1039217&page=2#17
http://www.cs.uwc.ac.za/~mmotlhabi/avmk.pdf
http://www.iteachandroid.com/2012/01/what-is-firmware-rom-and-firmware.html
So, if anyone else is still listening, I do have two more questions:
Do any phones have truly open source drivers? (a.k.a. higher probability of allowing old hardware to work with new android OS)
Is there any way to determine which phones will be supported by the custom-ROM community early on? I know the Nexus line doesn't have vendor modified code, is that the direction which would have the highest probability to stay at top of the Custom ROM curve without upgrading devices every year?
Thanks again for any insight! I hope I'm posting this in a Newb-Friendly forum!
shadowrelic said:
Thanks for the insight, I was able to get a lot deeper into this with those links. For anyone else wandering down a similar path, you might as well stop now! Here are a few links:
http://forum.xda-developers.com/showthread.php?t=1039217&page=2#17
http://www.cs.uwc.ac.za/~mmotlhabi/avmk.pdf
http://www.iteachandroid.com/2012/01/what-is-firmware-rom-and-firmware.html
So, if anyone else is still listening, I do have two more questions:
Do any phones have truly open source drivers? (a.k.a. higher probability of allowing old hardware to work with new android OS)
Is there any way to determine which phones will be supported by the custom-ROM community early on? I know the Nexus line doesn't have vendor modified code, is that the direction which would have the highest probability to stay at top of the Custom ROM curve without upgrading devices every year?
Thanks again for any insight! I hope I'm posting this in a Newb-Friendly forum!
Click to expand...
Click to collapse
For both your questions, the Nexus-line devices would be the way to go. They usually have everything working on new Android versions the soonest, and Google always releases their code, etc.
Hi
i can use linux kernel (zimage) to update android kernel if yes ,how ?
thnx
palmbeach05 said:
CM dropped official support due to kernel stability issues. I remember we were discussing ROMs. 7.2 was, according to CM, the last stable version. Due to all the changes when everything became 4.0, the kernel became unstable on our device. Our devs have created a kernel that is stable enough for daily use, but not stable enough for an official CM. You do have CM9, 10, 10.1, 10.2, and 11 that are stable. CM12 needs work before being recommended for daily use.
Sent from my ATRIX HD using XDA Free mobile app
Click to expand...
Click to collapse
Thanks for the information, glad to see that i can still get support for this device. :good:
I'm trying to get general information for the last 2 days, reading especially the Q&A and development sections in the forum . If i understood correct;
* There's a new kernel being developed named as [KERNEL] [3.1.10] as you mentioned in your post. This new kernel seems nearly perfect, it just has these 3 downsides regarding the given information on its own topic:
1) HDMI [post-poned] (Nvm, I don't need it)
2) Fingerprint ROM Libs+Framework [work in progress] (Nvm, I don't need it)
3) Flash [work in progress] (Camera flash? It would be nice, but still not mandatory for me)
So i thought i could try the newest unofficial CM releases based on this new kernel. I checked the most-used ones in the development section for CM11, CM10.1, CM10, CM9. But i learned a very disappointing thing in the posts. If it's true, although bluetooth is operable for data transfer, it is NOT working for voice, meaning that i won't be able to use it in my car. :crying:
Other negatives are not that important, but GSM calls over bluetooth is very necessary for me. Because it's a security issue, as most of all need to use our phones while driving! So i regrettably had to eliminate the CM Roms which use this new kernel for now!
I need a Rom that is stable enough and has a wide hardware support such as necessarily:
1) Calls over bluetooth
2) GPS
3) Wi-fi tethering (USB tethering is not important)
Plus; android version must be new enough to support some of the applications. I found out that i need at least CM10 (Android v4.1) for the applications that i need to install.
At the end i can summarize my choices as follows:
* CM7.2 based Roms: All of them seem very stable, but some of my applications doesn't work on Android 2.3, so negative.
* CM9 based Roms: New kernel or not, Android v4.0 is old for a few of my applications. So, negative.
* CM10 based Roms: "CM10 (JellyBean) for Atrix" from @epinter seems very appropriate for me. It doesn't use the new kernel and Android v4.1 is sufficient (recent enough) for my applications. POSITIVE
* CM10.1 based Roms: "CM 10.1(Android 4.2) for Atrix" from @epinter could be very good, but it uses the new kernel. So, negative.
* CM11 based Roms: "CM 11 ( Android 4.4.4 ) for Atrix (BigPart)" from @Zn7mkUKzN1r8aCIV would be perfect, but i think it also uses new kernel, as it's indicated that ".BT phone call" is NOT working. So, negative.
* CM12 based Roms: I saw the "Mokee For Atrix 4g (Android L 5.0.2) (preview)", but as you see, it's not an option for me yet. So, negative.
If i didn't misunderstood what i've read till now, the most appropriate Rom seems;
"CM10 (JellyBean) for Atrix, By epinter" for me.
Link: http://forum.xda-developers.com/showthread.php?t=1781970
I think it would be better for me to continue on its own Q&A thread, I don't want to ruin this CM7.2 thread anymore.
Please share your opinions, i really need your advises.
EDIT: Oopss, basic kernel on CM10 seems lacking HW acceleration. So, i can't play NFS Most Wanted, Dead Space, Max Payne etc. games properly, right? What about navigation apps like iGo, Sygic, etc?
EDIT: This post was originally in the "CM7 Q&A" section and moved here as a seperate thread. My aim is not to find the "Best Rom ever" etc., i just seek for a Rom that's similar to the current awesome CM7, which fits my needs. I think i could find the best title for this post.
Hi! I have the Nexus5X and even though there are a lot of ROMs for the 5X, I don't really like any of them, so I was wondering how I would go about creating my own ROM. To start this off, I want this ROM to be a viable option for 5X users, a "legit" ROM, and I do not want to use a kitchen.
I do have previous Android building experience. Since I can do that, I want to know a couple specific things about making a ROM suitable for daily use.
First of all, how do I include the latest security updates from Google?
Secondly, how do I get OTA updates for my ROM(like AICP has an AICP OTA app)?
Thirdly, how do I know which revision to sync (r1, r2, r13) etc.
Fourth, are there any other things that I need to keep in mind when building this ROM and making it like other ROMs in the sense of stability, professionality etc (I can't really explain it, just that it's not simply someone adding random features)
Thanks