LineageOS April Fool’s 2018 – Lost Trust?

Android user’s with LineageOS 14.1 ROM’s recently received an over the air (OTA) update. As dutiful users trusting their ROM providers, knowing that security is important, the vast majority of users accepted the update.

What they got was this:

IMG_20180405_113240012

When a user clicks on that, it takes the user to this web page. At least it did after April 1st. I can’t say if it impacts all versions of LineageOS or just a few.  I’m not sure if anyone knows exactly how many are impacted, but the latest info I saw was that there are more than a million users of LineageOS ROMs.

As you read down the page, you realize that this embedded link was from LineageOS as an April Fool’s joke, even though my OTA update prompt occurred on the 5th, a little late as jokes go. And it included a fictional story about Lineage starting their own digital currency.

I’m okay with a decent joke once in a while. Haha on me.

But when I attempt to get rid of the alert, no joy. It’s not a simple ‘swipe it away.’ I’m stuck with this thing.

If a user further examines their phone, there is a ROM based app called ‘Wallet’. Open it and it prompts a user for a Login and password. I wasn’t about to log into it. There is no way to uninstall the app, because it’s part of the ROM.

You have to read the web site under the second bullet for LineaGenuine (both 15.1 and 14.1) for a means of correcting this prank. And, yes, I can confirm the TWRP command line option from the site works.

Most of the user reactions on Reddit are irritated, negative or downright flaming. The LineageOS insider that did respond didn’t indicate they would not prank users in the future. I read it as passive acknowledgment and maybe they’ll think about listening to users.

So, if you really really really like LineageOS (yes, that’s a lot of really), expect to have some kind of April Fools prank occur that could involve more than a simple pop up. It’s likely to be a pain to get rid of. In this case, it may have sent you into a paranoid tizzy.

But, let’s talk about what ROM’s are in the first place. They are customized Android operating systems built for each piece of hardware. Android for phone from manufacturer A won’t work on manufacturer phone B. It requires development effort to make Android run on any given phone. And for each upgrade in Android, that development effort has to occur again. Not every manufacturer cares, because you would be less inclined to buy a new phone every year if it’s kept current.

Custom ROM’s frequently exist to allow old hardware to still be functional. Or allows more user control. Why replace a great phone, when a custom ROM will work great and make it current. Those are just a few reasons ‘why use a custom ROM’.

They are generally created with an open development model, by volunteers putting together the packages, sometimes with no or little financial incentive, for each piece of hardware. With no financial incentive, it means they have no one to really answer to and nothing that prevents them from doing whatever they want (like pranking users).  I’m sure some ROM teams look at it seriously and others as just a hobby or learning experience, so they want their fun. But that doesn’t guarantee the integrity of their work or their personal character.

Basically, if you’re knowledgeable enough to go through the process of loading a custom ROM you’re subject to whatever those developers decide to do. And if you don’t like it, some of them feel you should take your toys and play somewhere else.

I can see why some people would stop using LineageOS.

Why?

The idea that in this age of security conscientiousness when ROM developers go this far to ‘prank’ a large segment of their user community, that can be interpreted that they don’t value the end users trust.

And yes, the ROM Developers may know it’s not a big deal or an exposure themselves. But many of the users would say this crosses a fine line between having fun and threatening something that many value very seriously.

It can lead a person to think, “in what other ways will they mess with me? Data collection? Call and location tracking? Contextual details? User ID and password skimming? Banking and financials?” We know it’s feasible, especially with the Facebook issues that were made public.

As for me, LineageOS does make a decent ROM. But there are a lot of options out there. Then again, “Android One” may be the answer. But that’s another story.

OnePlus One – Still like it

It was a recent day on a cool brisk evening. I was out with our ten year old walking the dog after dark and, as he sometimes does, he started asking me about the stars because they were out brightly that night. So I whip out the phone and downloaded Sky Map hoping to show the relative position of the far off planets in our constellation, but it was a flop. Apparently I didn’t have a built in compass.

Then I was at a runners event with nothing but my cell phone after a run and there were stands with merchandise I wanted to buy. No plastic, no cash, no purchase. I realized I didn’t have a built in NFC chip on my phone.

And the light bulb went off, I have a phone with those features sitting in a box at home.  Continue reading “OnePlus One – Still like it”

OnePlus One – Is it for you?

I’ve had the OnePlus One phone since spring of 2015. It was touted as a “flagship killer”.

I bought this phone because it hit a tolerable price point of $350 when I bought it (I like to steer clear of phones that are $500 or more). With a 64GB of ram and a powerhouse processor it seemed like an awesome phone.

After receiving the phone it became clear that this was going to be a different user experience. First off, who ever owns this phone has to be patient enough to do their homework and willing to load new system roms (phone operating system). But that’s also what prevents this from being a true flagship killer.

Why? When the OPO came out Cyanogenmod was the rom provider. Shortly afterward, there was some sort of falling out between Cyanogenmod (CM) developers and OnePlus. There were a lot of delays with rolling out updates to address performance issues, primarily battery life. The user community believed they were supposed to receive rom updates via ‘push’, meaning no manual effort. Around that time Android Lollipop came out and then there were extra updates due to security weaknesses.  To add further fog to the landscape OnePlus developed it’s own rom called OxygenOS, but didn’t include the OPO in that.

So to actually enjoy the phone you had to be okay with cruising the forums for the latest OS updates and be willing to wade through the mountains of personal user rhetoric to get those nuggets of real information and hope that you had enough to make the right decision for yourself.

Why did I choose the phone? Because of my experience with CM on my Nexus 7 I felt familiar with CM and loading OS’es.

Have I been happy with my phone? For the most part. I make it about 18 hours on a charge and would have liked more. I can’t honestly say whether the batteries are under engineered or the CM versions I’ve used have just not taken care of performance well enough.

I do enjoy pouring through the information and making the phone do what I want. And it’s definitely the most powerful and largest phone I’ve ever owned.

Do I think this phone is still relevant? Yes. Just check the specs and you can see that it still performs with the best of them and the price point is very attractive.

Would I recommend this phone? Only with significant caveats and user awareness. If you like to get your geek on, have patience and are willing to learn, go for it.