I've found the cause for delays in clock alarms.
I removed access to NTP servers in September-October, and apparently, when the phone is in deep sleep, it doesn't get updated over carrier's network, but it does through NTP servers. Once the phone is unlocked, the time is updated, but it is too late for alarm purposes. I did a test build with time updated through Cloudflare ntp servers, and there are no more delays. So, this will be fixed in April release.
I removed access to NTP servers in September-October, and apparently, when the phone is in deep sleep, it doesn't get updated over carrier's network, but it does through NTP servers. Once the phone is unlocked, the time is updated, but it is too late for alarm purposes. I did a test build with time updated through Cloudflare ntp servers, and there are no more delays. So, this will be fixed in April release.
JaguarOneplus9Pro-03242024-Full-OTA.zip
1.4 GB
Test release for Oneplus 9 Pro - Full: to check video crashing. Also fixes Alarm clock etc.
JaguarOneplus9ProTest-03292024-OTA.zip
1.4 GB
Here is another 9 Pro Full Test build with zram disabled
JaguarOneplus9Pro-FULL-03312024-OTA.zip
1.4 GB
This is another test build for 9 Pro with a different OOM implementation + ZRAM On.
Warning: You may not boot, in which case, just change slots and restart in your previous build.
Warning: You may not boot, in which case, just change slots and restart in your previous build.
For Indian Users who are lacking 5G. You can enable 5G right on Jaguar without the need to be on OOS.
You just need to enable Diag mod in terminal (Magisk required):
1. Connect the phone to PC
2. Open terminal on PC and type adb shell; then su
3. You will get a Magisk prompt on the phone to allow root, allow it
4. Then type on PC terminal setprop sys.usb.config diag,adb
5. Disconnect the phone, reconnect and do the usual QPST thing, i.e. editing carrier_policy.xml and carrier_policy..xml_subscription01 files.
You just need to enable Diag mod in terminal (Magisk required):
1. Connect the phone to PC
2. Open terminal on PC and type adb shell; then su
3. You will get a Magisk prompt on the phone to allow root, allow it
4. Then type on PC terminal setprop sys.usb.config diag,adb
5. Disconnect the phone, reconnect and do the usual QPST thing, i.e. editing carrier_policy.xml and carrier_policy..xml_subscription01 files.
ScreenshotCellMapper.png
157.1 KB
I was able to enable 5G Stand Alone on T-Mobile US on my Oneplus 8 with QPST on Jaguar and without wiping anything. So, it is definitely possible for any 8 and 9 series and especially for Indian users.
I've also enabled the incoming Mwave n261 frequency, which was only available on Verizon variant and explicitly disabled in others.
I've also enabled the incoming Mwave n261 frequency, which was only available on Verizon variant and explicitly disabled in others.
Google Fixes two 'zero-day vulnerabilities' exploited by forensics firms. Applicable to Pixels only. No other device is affected.
I actually doubt those were vulnerabilities, but rather FEATURES. Forensics companies would need to reboot the phone into fastboot and then dump memory. Turns out, on Pixels, rebooting into fastboot did not erase RAM. Again, sounds like a feature to me.
https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/
I actually doubt those were vulnerabilities, but rather FEATURES. Forensics companies would need to reboot the phone into fastboot and then dump memory. Turns out, on Pixels, rebooting into fastboot did not erase RAM. Again, sounds like a feature to me.
https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/
BleepingComputer
Google fixes two Pixel zero-day flaws exploited by forensics firms
Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.
April release V43 for Oneplus 8/8Pro/8T posted on XDA.
1. April security patches
2. Updated kernel
3. Updated webview
4. Alarm clock should be fixed
5. Offline charging fixed
1. April security patches
2. Updated kernel
3. Updated webview
4. Alarm clock should be fixed
5. Offline charging fixed
More goodies from the Google's Central Committee coming with Android 15:
Google has created yet another avenue for exploits, 'woke (pun intended)' bluetooth, i.e. when your phone is OFF, bluetooth would still be ON and actively communicating with other devices/networks.
The agit-propaganda sales pitch is: we can help you find your device.
"Together, these multi-layered user protections (from the exploit we've just created) help mitigate potential risks to user privacy and safety"
https://security.googleblog.com/2024/04/find-my-device-network-security-privacy-protections.html?m=1
Google has created yet another avenue for exploits, 'woke (pun intended)' bluetooth, i.e. when your phone is OFF, bluetooth would still be ON and actively communicating with other devices/networks.
The agit-propaganda sales pitch is: we can help you find your device.
"Together, these multi-layered user protections (from the exploit we've just created) help mitigate potential risks to user privacy and safety"
https://security.googleblog.com/2024/04/find-my-device-network-security-privacy-protections.html?m=1
Googleblog
How we built the new Find My Device network with user security and privacy in mind
Posted by Dave Kleidermacher, VP Engineering, Android Security and Privacy Keeping people safe and their data secure and private is a t...
Google Find My Device Part Deux:
Apparently, embedding Bluetooth network in the coming Android 15 was not enough. Now, Pixels 8 and higher could be bluetooth discovered even on the phone with the dead battery thanks to 'specialized Pixel hardware', where 'there's reserve power on the device for several hours that is channeled to the Bluetooth chip. Such devices can be located 'for several hours after being turned off or if they shut off from a low battery'.
According to the article, Apple's recent Iphones, as well as some Samsung devices also support offline tracking. 'In each case, these companies use large networks of other peoples' devices to detect yours when it goes missing or is stolen'.
https://www.theverge.com/2024/4/8/24123909/google-pixel-8-pro-offline-dead-battery-location-finding
Apparently, embedding Bluetooth network in the coming Android 15 was not enough. Now, Pixels 8 and higher could be bluetooth discovered even on the phone with the dead battery thanks to 'specialized Pixel hardware', where 'there's reserve power on the device for several hours that is channeled to the Bluetooth chip. Such devices can be located 'for several hours after being turned off or if they shut off from a low battery'.
According to the article, Apple's recent Iphones, as well as some Samsung devices also support offline tracking. 'In each case, these companies use large networks of other peoples' devices to detect yours when it goes missing or is stolen'.
https://www.theverge.com/2024/4/8/24123909/google-pixel-8-pro-offline-dead-battery-location-finding
The Verge
Google’s Pixel 8 and 8 Pro can now be located even with a dead battery
You can find them if they’re without a data connection, too.
For 9 and 6 users: disable battery optimization for Clock to fix late alarm.
JaguarOneplus9Pro_V43-Full-04122024-OTA.zip
1.4 GB
This is a new build for 9 Pro-Full with flag default_compaction=true. Apps and processes in Cache get compressed. Also, smart charging should now work. Try and report. 9 Pro only.
Tucker Carlson Interviewing TG's Pavel Durov:
https://tuckercarlson.com/the-tucker-carlson-interview-pavel-durov/
https://tuckercarlson.com/the-tucker-carlson-interview-pavel-durov/
Tucker Carlson
The Tucker Carlson Interview: Pavel Durov
The social media app Telegram has over 900 million users around the world. Its founder Pavel Durov sat down with us at his offices in Dubai for his first on-camera interview in almost a decade.
More on Signal encryption:
As we all know, Signal has been audited and it received:
'Glowing Reviews', 'Found to be Secure and Trustworthy' and 'Widely Respected in the Security World'. Snowden and Elon Musk recommend it... .
Now, looking at the Audit itself: https://eprint.iacr.org/2016/1013.pdf
Our model describes key indistinguishability of two-party multi-stage keyexchange protocols. There are other security and functionality goals which Signal may address but which we do not study, including: group messaging properties, message sharing across multiple devices, voice and videocall security, protocol efficiency (e.g. 0-round-trip modes), privacy, and deniability.
So, the security researchers did NOT look at group messaging, voice calls and video calls.
Here is another quote:
The trust assumptions on the registration channel are not defined; Signal specifies a mandatory method for participants to verify each other’s identity keys through an out-of-band channel, but most implementations do not require such verification to take place before messaging can occur. Without it, an untrusted key distribution
server can impersonate any agent.
In English: Unless you verify the initial keys by some other means, i.e., over SMS, e-mail (both insecure) or in person, a malicious server can impersonate any identity. Now, imagine such authentication in a group of 100, not to mention issues related to sharing messages between a 100+ devices.
As we all know, Signal has been audited and it received:
'Glowing Reviews', 'Found to be Secure and Trustworthy' and 'Widely Respected in the Security World'. Snowden and Elon Musk recommend it... .
Now, looking at the Audit itself: https://eprint.iacr.org/2016/1013.pdf
Our model describes key indistinguishability of two-party multi-stage keyexchange protocols. There are other security and functionality goals which Signal may address but which we do not study, including: group messaging properties, message sharing across multiple devices, voice and videocall security, protocol efficiency (e.g. 0-round-trip modes), privacy, and deniability.
So, the security researchers did NOT look at group messaging, voice calls and video calls.
Here is another quote:
The trust assumptions on the registration channel are not defined; Signal specifies a mandatory method for participants to verify each other’s identity keys through an out-of-band channel, but most implementations do not require such verification to take place before messaging can occur. Without it, an untrusted key distribution
server can impersonate any agent.
In English: Unless you verify the initial keys by some other means, i.e., over SMS, e-mail (both insecure) or in person, a malicious server can impersonate any identity. Now, imagine such authentication in a group of 100, not to mention issues related to sharing messages between a 100+ devices.
Here is a typical, but interesting discussion about GrapheneOS on F-Droid. Pretty civil until one of GOS devs made a brand new profile and started to throw insults.
If that was Micay, I think he is getting better, i.e., whatever treatment he is getting, it is starting to work: He called me a liar who spreads misinformation once only.
https://forum.f-droid.org/t/graphene-os-questions-comments-concerns-etc/25837/9
If that was Micay, I think he is getting better, i.e., whatever treatment he is getting, it is starting to work: He called me a liar who spreads misinformation once only.
https://forum.f-droid.org/t/graphene-os-questions-comments-concerns-etc/25837/9
F-Droid Forum
Graphene OS Questions, comments, concerns, etc
Does any one have any suggestions, tips, or experiences for dealing with F Droid apps while using Graphene OS?
Few Additional Tit Bits about KernelSU
1. Kernels with KernelsSu are built as debug kernels, which means they have root enabled by default (that's known)
2. KernelSU devs are aware of that, so, they've implemented a hash that KernelSU manager would expect. In other words, kernel would only accept root commands from KernelSU manager. Fair enough, but that hash is PUBLICLY available on github. See this:
https://github.com/crdroidandroid/android_kernel_oneplus_sm8350/blob/14.0/drivers/kernelsu/Makefile Lines 36-38.
"KSU_EXPECTED_HASH := c371061b19d8c7d7d6133c6a9bafe198fa944e50c1b31c9d8daa8d7f1fc2d2d6"
So, any app that wants to circumvent KernelSU manager can incorporate that hash and kernel would accept root from that app.
P.S. By the way, I have nothing against Crdroid, which is a good development. Just used their github page as an example... .
1. Kernels with KernelsSu are built as debug kernels, which means they have root enabled by default (that's known)
2. KernelSU devs are aware of that, so, they've implemented a hash that KernelSU manager would expect. In other words, kernel would only accept root commands from KernelSU manager. Fair enough, but that hash is PUBLICLY available on github. See this:
https://github.com/crdroidandroid/android_kernel_oneplus_sm8350/blob/14.0/drivers/kernelsu/Makefile Lines 36-38.
"KSU_EXPECTED_HASH := c371061b19d8c7d7d6133c6a9bafe198fa944e50c1b31c9d8daa8d7f1fc2d2d6"
So, any app that wants to circumvent KernelSU manager can incorporate that hash and kernel would accept root from that app.
P.S. By the way, I have nothing against Crdroid, which is a good development. Just used their github page as an example... .
GitHub
android_kernel_oneplus_sm8350/drivers/kernelsu/Makefile at 14.0 · crdroidandroid/android_kernel_oneplus_sm8350
Contribute to crdroidandroid/android_kernel_oneplus_sm8350 development by creating an account on GitHub.