Allow users to install GmsCore somehow

[Kiwi]

It can be done by building yourself and adding patches that omnirom used to add signature spoofing but this is not ideal. Would be really nice to be able to use apps like Signal etc. that require it but are useful.

[christoph-buente]

I think it's a duplicate to this one #186

[christoph-buente]

I think it's a duplicate to this one #186

[Kiwi]

Not really. GmsCore includes a version of UNLP and encompasses more than location services.

[Kiwi]

Not really. GmsCore includes a version of UNLP and encompasses more than location services.

[christoph-buente]

Alright, good to know. Thx.

[christoph-buente]

Alright, good to know. Thx.

[n1m1]

If I can give an humble opinion as simple final user, I'd say that implementing GmsCore would be great. I guess that the target of CopperheadOS (at least of this stage of the project) is made of security conscious people, like activists, journalist, researchers and (more in general) people working in critical information scenarios (I am excluding hackers from the list since, as @Kiwi rightly said, skilled people can build their own version of Copperhead and mod it as they like)

In my personal experience (and may be I am wrong), an app like Signal has became a standard for this kind of people: I am wondering if the impossibility of resorting to it (or at least, the impossibility to resort to encrypted phone calls, since the web socket version is perfectly working) could represent a barrier for the adoption of CopperheadOS in the mid-term (again, it is just a doubt and may be I am wrong).

In my personal case, the only solution I have found was that of installing Whatsapp for e2e calls: I am not happy about it (since WA is closed source) but, for me, it was better than installing GAPPS.

Nevertheless, I do understand that adding more code to Copperhead, means undertake a more complex security audit process, which in turn requires a huge amount of resources (time, money, knowledge) ... and in the case these were missing (which would be perfectly reasonable since Copperhead is a small firm), the possibility of introducing vulnerabilities in the ROM would certainly improve (which would be a nonsense considered the Copperhead's mission).

Finally, please do not take my post as a criticism! It is not. I just wanted to share a little chunk of personal experience with the developers and all the other guys interested in this wonderful OS.

Thanks for your kind attention.

[n1m1]

If I can give an humble opinion as simple final user, I'd say that implementing GmsCore would be great. I guess that the target of CopperheadOS (at least of this stage of the project) is made of security conscious people, like activists, journalist, researchers and (more in general) people working in critical information scenarios (I am excluding hackers from the list since, as @Kiwi rightly said, skilled people can build their own version of Copperhead and mod it as they like)

In my personal experience (and may be I am wrong), an app like Signal has became a standard for this kind of people: I am wondering if the impossibility of resorting to it (or at least, the impossibility to resort to encrypted phone calls, since the web socket version is perfectly working) could represent a barrier for the adoption of CopperheadOS in the mid-term (again, it is just a doubt and may be I am wrong).

In my personal case, the only solution I have found was that of installing Whatsapp for e2e calls: I am not happy about it (since WA is closed source) but, for me, it was better than installing GAPPS.

Nevertheless, I do understand that adding more code to Copperhead, means undertake a more complex security audit process, which in turn requires a huge amount of resources (time, money, knowledge) ... and in the case these were missing (which would be perfectly reasonable since Copperhead is a small firm), the possibility of introducing vulnerabilities in the ROM would certainly improve (which would be a nonsense considered the Copperhead's mission).

Finally, please do not take my post as a criticism! It is not. I just wanted to share a little chunk of personal experience with the developers and all the other guys interested in this wonderful OS.

Thanks for your kind attention.

[laserstrike]

Here is the link to the necessary patch:

https://github.com/microg/android_packages_apps_GmsCore/blob/master/patches/android_frameworks_base-M.patch

Please consider.

[laserstrike]

Here is the link to the necessary patch:

https://github.com/microg/android_packages_apps_GmsCore/blob/master/patches/android_frameworks_base-M.patch

Please consider.

[thestinger]

There's no way that patch is going to be included.

[thestinger]

There's no way that patch is going to be included.

[thestinger]

The target_files zip is now published, which is the most that we're going to do to support either a closed or open-source implementation of Play Services. It's not going to be bundled into the main releases, and making a whole separate channel of builds is unrealistic unless someone wants to fund it. Hacks are not going to be added to support this stuff, especially when they have a negative security impact.

[thestinger]

The target_files zip is now published, which is the most that we're going to do to support either a closed or open-source implementation of Play Services. It's not going to be bundled into the main releases, and making a whole separate channel of builds is unrealistic unless someone wants to fund it. Hacks are not going to be added to support this stuff, especially when they have a negative security impact.

[laserstrike]

Ah. Ok, thanks.

[laserstrike]

Ah. Ok, thanks.

[spacekitteh]

I might investigate this issue further and see what needs to be done to support microG in the most principled manner possible. The biggest, most obvious issue is to modify that patch to allow only microG to spoof permissions.

[spacekitteh]

I might investigate this issue further and see what needs to be done to support microG in the most principled manner possible. The biggest, most obvious issue is to modify that patch to allow only microG to spoof permissions.