[guardian-dev] migration to CopperheadOS

Greg Troxel gdt at ir.bbn.com
Tue Jun 28 12:11:33 EDT 2016 

I see that there is some joint Guardian/CopperheadOS/F-droid notion,
which makes sense.  I don't see any lists for CopperheadOS, although I
have seen some tweets about making CopperheadOS more accessible to those
wanting to get involved in development, but I'm finding it a little hard
to follow as a user.  So I am sending comments here.  Much of this is
really a request to add answers in the docs.

* device support

I think it's unfortunate that the Nexus 7 (2013) is not supported.  I
realize there are perhaps technical reasons and definitely there is
limited effort available, but it seems like there are a lot of them out
there.  I bought one to use for testing before upgrading my phone; this
made it more comfortable to move from Google-provided ROMs to
CyanogenMod.  (Perhaps I just need to get used to buying new hardware
every few years even though the old hardware is ok; I realize that's an
issue far bigger than CopperheadOS.)

The Nexus 5 is marked deprecated at
  https://copperhead.co/android/docs/install
but it doesn't say why.  I tend to use old computers, so the Nexus 5
seems fairly recent to me.

It might be nice to give advice about buying a phone specifically to run
Open source/hardened AOSP; it seems like 5X or 6P is the right answer,
with 6P costing more and likely to last a year more than the 5X before
being desupported.

* AOSP base

At

  https://copperhead.co/android/docs/technical_overview

it is not clear which versions of AOSP are in use, and what the plan is
for the future.  I realize I may not understand AOSP versioning as well
as I should, but it would be good to aim things at someone who is a
CyanogenMod user, at most.

I think the situation is that CopperheadOS is based on Android
6/Marshmallow. But the mr/dr split is unclear to me.

* stable/development branches

I see there is a stable branch and development branches (separately for
dr/mr).  There's the notion that the OS is basically stable except for
obscure features, but presumably that applies to the stable branch.
Does that imply that installing it on a phone (e.g. Nexus 5) and
expecting to actually use the phone normally is a sane idea?

Can one move from stable to development and back without a full
reinstall (and data wipe)?

* future

Are there plans for when 7/N is released?  Will 7 be declared stable and
6 be desupported at the same time, or two versions, or?

* Google services vs open-source code

CyanogenMod comes without Google's location service and without google
play services.  What about CopperheadOS?  Can one install them
separately?  Is there some fused location service, or should one install
unifiednlp like one does on CyanogenMod?

* root, XPrivacy

Is one able to grant root to apps like in CyanogenMod?

Can one run XPrivacy?

* app compatibility

Does pretty much everything in f-droid work as well as it works on
cyanogenmod?

* privacy

The focus seems to be mostly about exploit mitigation, but also privacy
(mac randomization, geotagging defaults).  Has there been an effort to
remove all code that exfiltrates data in terms of phoning home (other
than CopperheadOS update servers)?  Or, is it at least stated that any
data being sent without explicit user request is a bug?

In particular, what about AGPS loading?  I have heard that on some
systems that sends location and a unique ID.

* camera geotagging

It's nice not to ask people to turn it on, but arguably that's most
important in the phones of people not running ParanoidOS :-)

It would be nice to be able to safely use geotagging.  Basically I would
like to geotag at limited times, especially when taking tourist-type
photos in public places.  So I wonder if there is an easy toggle and
visual indication in the camera, and some sort of enable that would time
out after 1h or so, so that when you've forgotten it is on it will be
off again.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 180 bytes
Desc: not available
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20160628/02a4a9c1/attachment.sig>

More information about the guardian-dev mailing list