Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2024-09-09 02:51:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
a5f58a49cc
privacyguides.org/_data/operating-systems/android/3_divestos.yml
Daniel Gray 0c718dd8ce
Fix CVE link in DivestOS card (#496)
2021-12-24 15:11:13 +10:30

30 lines
2.7 KiB
YAML
Raw Blame History

title: DivestOS
type: Recommendation
logo: /assets/img/android/divestos.svg
description: |
<strong>DivestOS</strong> is a <a href="https://en.wikipedia.org/wiki/Fork_(software_development)#Forking_of_free_and_open-source_software">soft-fork</a> of <a href="https://lineageos.org/">LineageOS</a>.
DivestOS inherits many <a href="https://divestos.org/index.php?page=devices&base=LineageOS">supported devices</a> from LineageOS. It has signed builds, making it possible to have <a href="https://source.android.com/security/verifiedboot">verified boot</a> on some non-Pixel devices.
DivestOS has automated kernel vulnerability (<a href="https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures">CVE</a>) <a href="https://gitlab.com/divested-mobile/cve_checker">patching</a>, fewer proprietary blobs, a custom <a href="https://divested.dev/index.php?page=dnsbl">hosts</a> file, along with bundled <a href="https://www.f-droid.org">F-Droid</a> as the app store. It also includes <a href="https://github.com/microg/UnifiedNlp">UnifedNlp</a> for network location and some hardening with <a href="https://gitlab.com/divested-mobile/mulch">Mulch Webview</a>. DivestOS also includes kernel patches from GrapheneOS and enables security features in <a href="https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Scripts/Common/Functions.sh#L698">defconfig</a>.
DivestOS also inherits LineageOS's <a href="https://reddit.com/comments/c4a6f7">iptables</a> network access feature. You can deny network access to an individual application by pressing and holding on the app's icon (App info → Data and Network → Uncheck "Network Access").
DivestOS 16.0 and 17.1 has GrapheneOS's <a href="https://github.com/GrapheneOS/hardened_malloc">hardened memory allocator</a>. There are plans to port this to DivestOS 18.1.
<h4>Notes</h4>
DivestOS firmware update <a href="https://gitlab.com/divested-mobile/firmware-empty/-/blob/master/STATUS">status</a> varies across the devices it supports. For Pixel phones, we still recommend using GrapheneOS or CalyxOS. For other supported devices, DivestOS is a good alternative.
Like CalyxOS's firewall, the network access toggle can also leak in <a href="https://gitlab.com/LineageOS/issues/android/-/issues/3228">some</a> situations.
Not all of the supported devices have <a href="https://source.android.com/security/verifiedboot">verified boot</a> and some perform it better than others.
website: 'https://divestos.org'
website_tor: 'http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion'
privacy_policy: 'https://divestos.org/index.php?page=privacy_policy'
downloads:
- icon: fab fa-github
url: 'https://github.com/divested-mobile'
- icon: fab fa-gitlab
url: 'https://gitlab.com/divested-mobile'
Reference in New Issue View Git Blame Copy Permalink