Related
Hi all,
This is my first post, although I have been following the group for a long time. My post is motivated by the observation that a massive imbalance exists, particularily in the Legend development community.
There is a huge mass of non-contributing users badgering a small group of hard-working developers, whilst free-loading off the many hours they spend trying to improve the Legend for all of us. (BTW - I'm not pointing any fingers that don't equally apply to myself!) The value of the hours they are putting in is huge, and the return amounts only to the occational humble click of a thanks button.
I have written to the XDA owners and proposed that they implement a system whereby users can donate to a specific thread, and that each month the proceeds of thoses donations are distributed to posters according to the distribution of new "thanks" clicks to them. Unfortunately I have not heard anything in reply, so in the meantime I propose that we start here in the Legend development forum in a less systematic way.
For example; all of us eagerly following ogo2's thread on his Alpha rom should support how we can. We have all heard BlaYO's hesitance to get too involved in that he needs another Legend to do development work on, as he can't render his own out of service for days on end. Absolutely fair point. I would suggest that all active developers in here create a donation account somewhere so that the rest of us ungrateful, free-loading scavengers (again, myself included, and meant in the most positive way! ) can contribute.
Let's get BlaYO a second development Legend, or ogo2 some resources on Linux compilation etc. It's the least we can do, even if we are just selfishly offering to help them, help us
It would not take much, and I am quite certain that anyone who can afford a Legend can also afford to donate $10-20 now and then. What a small price to pay for all the hours that our devs spend working to bring all of us the latest and greatest. Let's give something back!
There were a bunch of users that actually donated to my PayPal account (a few months ago I didn't believe this could happen by the way).
I'd personally object to such a system for various reasons, the main one being complication of something which is a pretty simple in fact: You like the work of someone, you donate (or buy).
Moreover, there are a few CM developers whose work on their device (which happens to use an msm7227 chipset) directly influences the Legend too and therefore my work as well. They are not active in the Legend forum though.
So what I basically want to say: There's a lot of work going on – not hours but weeks – which you might never see because these almost unmoderated boards here are full of you-name-it and every CM developer I know pretty much dislikes XDA for that very reason.
You don't see us (40+ developers) working, but that doesn't mean we aren't.
Edit:
Ah, and by the way, I've been busy too, so tiwlan on 2.6.35 is almost finished.
ali ba said:
Ah, and by the way, I've been busy too, so tiwlan on 2.6.35 is almost finished.
Click to expand...
Click to collapse
Is this meaning that the new CM7s will have the new kernel?
By the way, what was modified in the kernel source so the tiwlan didn't compile normaly?
I don't need a new Legend, I just need some peace...
There you go
BlaY0 said:
I don't need a new Legend, I just need some peace...
Click to expand...
Click to collapse
Peace be with you
Hmmm... OK, I get that my proposal could have some shortcomings, however the intent is good. It's great to hear that users donated to your Paypal, Ali Ba, perhaps other devs should just publish Paypal details too, and users can direct donations to where they feel they are most deserved?
It is not meant to be fair compensation for the numerous hours spent, as the basic principles of community development should still be the driving force. It could, however, be a token of appreciation from those unable to contribute in any other way.
I can't help but feel that there would be more devs involved with more and faster progress as a consequence, if only there was a little reward in there too. Surely that would be in everybodies interest.
In any event, I offer my thanks to all the devs here, and I would be happy to back that up with a contribution, should you decide to go that way
ali ba said:
Ah, and by the way, I've been busy too, so tiwlan on 2.6.35 is almost finished.
Click to expand...
Click to collapse
I was working on getting wl12xx driver working with 2.6.32 kernel but I didn't succeed yet. Is there a reason not to switch to wl12xx driver instead? It also provides soft AP support int the same driver.
Regarding donations, it would be nice if I could donate you via Google checkout.
Thanks.
Yea leave Blay0 alone man, He's getting enough hassle on the Alpha thread as it is! people say they'd like to help then just request more things like a2sd,overclocked kernel etc.If you know anything about linux try helping by trying to build drivers for the last 2 bits (i.e Bluetooth,wifi)
I must say also that there were individuals who offered me donations which I respectfully refused and instead apoint those guys to their nearest charity. I'm not doing this for money (I make money doing other things) I'm just doing it coz I like to know how things work and I always like to learn new things. So if I become bored those donations definitely won't convince me to keep on doing it.
Don't you guys ever think that I'm doing all this for you! Noooope! I'm doing it for me and my own satisfaction. Yes, that's right I'm actualy a selfish, egoistic basterd but in a process of achieving my own goals (which are also inspired by some of your suggestions) I'm really happy if someone else learn something from me. They are few but it doesn't matter... they will definitelly pass on their knowledge and that's important coz I believe knowledge is universal and must be available to anyone willing to accept it and you cannot charge for that.
Don't kidd yourselves, this Legend thingie will be among us at most for another year and then it will get its successors and its community will become even smaller and eventually it will be disbanded and some of us will find new projects, learnig new thing and again passing on all the gained knowledge.
BlaY0 said:
Don't kidd yourselves, this Legend thingie will be among us at most for another year.
Click to expand...
Click to collapse
A whole year is an optimistic approach
The main problem in the development of the HTC Legend is the device itself. It's a rare phone, and pretty much a very small group of people is using it. That also makes the group of talented developers thinner. Look at the Hero or SGS forums topic/post count. Sure - most of them are retarded, and previously answered questions, but still folks in the dev section are coding some crazy and amazing stuff. That's because those devices where popular and successful. The HTC Legend was ment to be the successor of the HTC Hero, but this ain't gonna happen. Nobody will remember this phone in a year or two. That's of course HTCs fault, not ours.
Also mentioning all the request, demands and stupid questions in the dev forum - this forum is not that bad
Go check the Nexus S section. For example the NexusSense topic (my girlfriend got a Nexus so I'm somewhat interested). Now that's pure fukcin massacre out there
Greets!
Sent from my HTC Legend using XDA Premium App
cyRq said:
A whole year is an optimistic approach
Click to expand...
Click to collapse
Agreed, I thought Legend was a kickass sucessor, but very few people actually bought it...I've deserted to Desire S, but I think that's a very similar case so far anyways...
But back on topic: The thing is, everyone has an interest in what he's doing and unless he has a gain from that work he wouldn't be doing it But the idea of donating is noble ofcourse
Let's support our developers by not asking stupid and obvious questions, using search button, hitting that freakin' "thanks" button as often as we can, and most importantly by using our own brains to gain even more from their work
Dr.Romca said:
Let's support our developers by not asking stupid and obvious questions, using search button, hitting that freakin' "thanks" button as often as we can, and most importantly by using our own brains to gain even more from their work
Click to expand...
Click to collapse
Amen! (10char )
Agree with the great Dr!
PLUS This is a General thread so should be in the general section.....Threads should go into the right forums for a start! Hate to think how many threads there are in the wrong place :/
Well, this is sure an interesting email that I just received back from LG's support team, when asked about the kernel sources.
The rep seems to know what I'm asking for-- but for whatever reason denies my request (which is reasonable by the GPL).
Anyway, full email here:
Dear Tyler,
Thank you for inquiring of LG Electronics.
We do apologize for any inconvenience this may have caused.
We would be more than happy to provide the Kernel source which is: 2.6.32.9-PERF
[email protected] #1
Unfortunately, the source will not be released.
Please feel free to contact us if you have any additional questions or concerns. Thank you again for contacting LG Electronics.
Maya C
E-Mail Administrator
Customer Interactive Center
LGEAI
-----------Original Customer Inquiry------------
Received Date : 06/22/2011 02:03 10
The type of inquiry : Others
Product/Model No. : CDMA/LGVS910
As per the GPL, is there somewhere that I can find kernel sources for the LGVS910?
It is not on your LG Open Source page, is there an alternate location I should look?
If there is no public place to download the source, what is your timeline for releasing it?
Thank you!
Click to expand...
Click to collapse
Hmm, should I quote the GPL back to them, or try asking nicely again?
thecubed said:
Well, this is sure an interesting email that I just received back from LG's support team, when asked about the kernel sources.
The rep seems to know what I'm asking for-- but for whatever reason denies my request (which is reasonable by the GPL).
Anyway, full email here:
Hmm, should I quote the GPL back to them, or try asking nicely again?
Click to expand...
Click to collapse
Yeah, that's an invalid response if the code is GPLed.
I'm not quite sure why or how they think they can get away with that, considering the source for all their other phones is available here: http://www.lg.com/global/support/opensource/opensource.jsp
Even the tmobile g2x has it's sources posted...
What I wonder is if they're just saying that _this_ kernel's sources won't be posted.
Maybe they're embarassed? Hope not, because I demand this kernel's source!
thecubed said:
I'm not quite sure why or how they think they can get away with that, considering the source for all their other phones is available here: http://www.lg.com/global/support/opensource/opensource.jsp
Even the tmobile g2x has it's sources posted...
What I wonder is if they're just saying that _this_ kernel's sources won't be posted.
Maybe they're embarassed? Hope not, because I demand this kernel's source!
Click to expand...
Click to collapse
They may be protecting Microsoft's interests (they think) or they had a side agreement with Netflix. Either way, they can't deny a derivative work. It doesn't work that way. (at least I think? I haven't read the most recent GPL in a while...lol)
majorpay said:
They may be protecting Microsoft's interests (they think) or they had a side agreement with Netflix. Either way, they can't deny a derivative work. It doesn't work that way. (at least I think? I haven't read the most recent GPL in a while...lol)
Click to expand...
Click to collapse
As far as my understanding of the GPL, any code they modify that is released as GPL must be released as GPL also.
So, they (CodeAurora) modified Linux-2.6.32.9, which is GPL, hence they must release any modifications.
Where it gets grey is in terms of proprietary modules. However, if it's compiled into the kernel, I understand that it must also be released as source also. The only way to avoid that is to use module loading and taint the kernel, which then does some other license-protecting stuff.
Damn, the GPL is complicated.
EDIT: I'm in LG Live Chat right now asking...
thecubed said:
As far as my understanding of the GPL, any code they modify that is released as GPL must be released as GPL also.
So, they (CodeAurora) modified Linux-2.6.32.9, which is GPL, hence they must release any modifications.
Where it gets grey is in terms of proprietary modules. However, if it's compiled into the kernel, I understand that it must also be released as source also. The only way to avoid that is to use module loading and taint the kernel, which then does some other license-protecting stuff.
Damn, the GPL is complicated.
Click to expand...
Click to collapse
Yeah, it gets more so every year, and depending on what version of GPL is in use depends on what the specifics are. I'd have to say even if their module loading taints the kernel, they should be able to (read: must) release the modified source prior to the dirty side mods.
if they are anything like samsung, they will sit on it for as long as possible.
LG Chat:
Jorge: Hello Guest. Welcome to LG Electronics! How may I provide you with excellent service today?
Guest: Hello, I was wondering when the kernel sources for the LGVS910 would be posted? Specifically kernel 2.6.32.9-PERF [email protected]
Jorge: unfortunately we do not have a date
Guest: Any reasonable estimate?
Jorge: I will love to say a date but we do not have information.
Guest: Okay, thank you.
Click to expand...
Click to collapse
Well, maybe the person in the email was misinformed, or just plain ol confused...
thecubed said:
LG Chat:
Well, maybe the person in the email was misinformed, or just plain ol confused...
Click to expand...
Click to collapse
Or... the current rep is stalling? Why would there be a delay? Shouldn't the GPLed kernel be available immediately at request?
I'm going to assume it won't be too long before they release 2.3 for this phone.
majorpay said:
Or... the current rep is stalling? Why would there be a delay? Shouldn't the GPLed kernel be available immediately at request?
I'm going to assume it won't be too long before they release 2.3 for this phone.
Click to expand...
Click to collapse
Me too.
To give LG some benefit of the doubt, it is possible they just don't want to put the work into it, considering they may have something brand new around the corner.
But-- what I worry about is OTA locking down the phone.... hence my want/need for sources, just in case.
thecubed said:
Me too.
To give LG some benefit of the doubt, it is possible they just don't want to put the work into it, considering they may have something brand new around the corner.
But-- what I worry about is OTA locking down the phone.... hence my want/need for sources, just in case.
Click to expand...
Click to collapse
Yes, and I've seen 2.3 turn otherwise perfectly good phones into piles of poo, so I definitely want a way back if that happens here. Resource requirements and overall overhead seems to increase 10 fold on 2.3
Come to think of it... I just realized I should be really worried for the next OTA update...
Now, those of us with clockwork need not worry, since it just will say "invalid signature" when LG's updates try to install (since clockwork is signed with the testkeys from cyanogenmod). Once it says "invalid signature" you'd just click "reboot now" and grab the update file from /cache .
But still... the unknown is killing me!
Isn't that exactly what happend with the thunderbolt?
thecubed said:
Come to think of it... I just realized I should be really worried for the next OTA update...
Now, those of us with clockwork need not worry, since it just will say "invalid signature" when LG's updates try to install (since clockwork is signed with the testkeys from cyanogenmod). Once it says "invalid signature" you'd just click "reboot now" and grab the update file from /cache .
But still... the unknown is killing me!
Click to expand...
Click to collapse
Well, we can work on the assumption that it's never coming... because you know how Verizon is about releasing updates.
However, in the meantime LG needs to cough up the goods per legal requirement. It could all be part of a greater conspiracy, ha! Release the next batch of goods and destroy what had been previously done, THEN release the source code to the first kernel.
So in other words when we get 2.3 they'll unsuspectingly give us everything we need for custom roms and kernels once one of us extracts it from the cache...
Little Buddy Sr.
MXFrodo195 said:
So in other words when we get 2.3 they'll unsuspectingly give us everything we need for custom roms and kernels once one of us extracts it from the cache...
Little Buddy Sr.
Click to expand...
Click to collapse
Not likely... They'll release the source for 2.2 to the public when 2.3 gets pushed. We're helping them find all the holes they left in 2.2.
I guess the phones work differently. I have only experienced OTAs on the original droid. In that phone's case; once you got the OTA and the phone rebooted, it would reboot to clockwork. If you wanted to apply the OTA you just selected "Update from SD" (or something like that). If you didn't you just rebooted the phone. Now granted that it will keep on bugging you that you don't have the latest until you trick it by changing the signature (on one of the prop files I believe it was - not sure if it still works that way).
Someone please let me know what I need to say over live chat or by email ill send or talk with them. Nothing to lose and alot to gain. And several cold beverages of my choice will help. I'm just not in the know on open sorce code etc.... I want to help.
From the GPL:
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
Click to expand...
Click to collapse
As long as they hold out, they are in violation of the GPL. It should be noted, however, that they aren't the only ones in the Android world doing this. It has been the discussion hot topic for a lot of Android device manufacturers.
It could all be nothing, and they may not have "gotten around to it" yet. They have released all their previous and current works. It does question why this phone is on hold, and I'd venture to guess (but could be completely wrong) that it revolves around Microsoft protecting their digs in this machine.
The full thing is here if you want to review it...
http://www.gnu.org/licenses/gpl.html
After much practice into linux, i went for a C coding workshop for android. Basically i doubled, maybe even tripled my skill level. I finally am able to promise you something not pointless to this society which feels great hatred on me. I already got over this. I hope such releases can ease the scams in may.
The new kernel, based on ARM.'s vanilla kernel common, will be a 3.4.11 kernel. It features full tweaks to all over the source. Expect little features on initial release. The releases in the front will be focused entirely on fixing the kernel sources itself. The major merge all the way to the latest kernel version might have caused bugs to appear
nicholaschw said:
After much practice into linux, i went for a C coding workshop for android. Basically i doubled, maybe even tripled my skill level. I finally am able to promise you something not pointless to this society which feels great hatred on me. I already got over this. I hope such releases can ease the scams in may.
The new kernel, based on ARM.'s vanilla kernel common, will be a 3.4.11 kernel. It features full tweaks to all over the source. Expect little features on initial release. The releases in the front will be focused entirely on fixing the kernel sources itself. The major merge all the way to the latest kernel version might have caused bugs to appear
Click to expand...
Click to collapse
Again?? Aren't you tired? You went over it but people from the forum certainly not. I absolutely don't wanna argue with you but yesterday Jarred aka Universal SS droped the ARM thread and today you are back.And you are not the same person. Certainly not. You are like bad news,they never fail.
nicholaschw said:
After much practice into linux, i went for a C coding workshop for android. Basically i doubled, maybe even tripled my skill level. I finally am able to promise you something not pointless to this society which feels great hatred on me. I already got over this. I hope such releases can ease the scams in may.
The new kernel, based on ARM.'s vanilla kernel common, will be a 3.4.11 kernel. It features full tweaks to all over the source. Expect little features on initial release. The releases in the front will be focused entirely on fixing the kernel sources itself. The major merge all the way to the latest kernel version might have caused bugs to appear
Click to expand...
Click to collapse
Good for you. Hope it works out better this time and test thoroughly before release and after changes.
might is a understatement. It almost certainly will cause bugs to appear (the most common bug is it not booting when major changes are made to the kernel base). Also allot of the bugs from the kernel don't show symtoms they just go wrong and use a few more KB of memory or that bit restarts and causes a slight slowdown or it takes a few milliseconds longer to complete its task etc.
Edvin73 said:
Again?? Aren't you tired? You went over it but people from the forum certainly not. I absolutely don't wanna argue with you but yesterday Jarred aka Universal SS droped the ARM thread and today you are back.And you are not the same person. Certainly not. You are like bad news,they never fail.
Click to expand...
Click to collapse
Your comments (although highly entertaining) don't do much, at least he's trying. Your right though: some information is contradictory.
EDIT: Have a taco
xonar_ said:
Good for you. Hope it works out better this time and test thoroughly before release and after changes.
might is a understatement. It almost certainly will cause bugs to appear (the most common bug is it not booting when major changes are made to the kernel base). Also allot of the bugs from the kernel don't show symtoms they just go wrong and use a few more KB of memory or that bit restarts and causes a slight slowdown or it takes a few milliseconds longer to complete its task etc.
Your comments (although highly entertaining) don't do much, at least he's trying. Your right though: some information is contradictory.
EDIT: Have a taco
Click to expand...
Click to collapse
I don't get it
First it was Nicholas who said he's handing it to a new maintainer, who is Jared, right? And Jared mentioned it has been dropped support
http://forum.xda-developers.com/showthread.php?t=2034227&page=10
Good news for everyone!ARM. will drop support for the LG optimus black!Hope everyone is happy and have a nice day.(I'll still be in the forums though)Moderators please lock this thread
Sent from my LG-P970 using Tapatalk 2
Click to expand...
Click to collapse
And now ARM Project's back?
Yes. He is fed up of this community. So, he turned over to support HTC. I give him my support for DNA. Now, i comeback to finish off what is destroyed, complete whats junk, and make it into something like a useful book into a library. Thanks xonar. I still have one last lesson. I did not learn drivers. edv, as said above, thats my motive. And, the reason why i comeback is the value of my life. You rather change an enemy into a friend rather than gaining more opposition.
nicholas for f--k sake !!! , once you have the kernel going post the topic and flatter yourself ,, you never learn do you
If this is going to turn into a flame war then I'll close it as that's not needed here but as it's posted in General, you should be here to discuss the topic. It's been explained why the other one was dropped but if nicholaschw wants to try develop something out of it let him and just ignore this thread if you don't have anything productive to add to it. This wasn't posted in Development so he's not expected to have the kernel ready to post so discussion is allowed here.
Thanks
AvRS
ARM Project TEAM.
To get away our doubt to you, may I ask you something about your ARM Project?
You have many thread there,
Optimus Black
Optimus 2X
Xperia Arc
HTC Droid DNA
Samsung Galaxy S3; and
Google Nexus 4.
And I got this post,
nicholaschw said:
We are an non-profit organisation alike cyanogenmod, but only focusing on creating a global aftermarket kernel for the Android OS, specifically to remove the major setbacks of linux.
Click to expand...
Click to collapse
So you're involved with (kind of) non-profit organization (alike CyanogenMod), can we know who's the members of your team? AFAIK, you don't own the phone in personal. So you (might) develop those kernel alone by yourself, or how many developers in your team?
I read your ARM. Project Recruitment, and it seems no one interested, so this non-profit organization doesn't existed yet, or you already have your own internal team?
redy2006 said:
To get away our doubt to you, may I ask you something about your ARM Project?
You have many thread there,
Optimus Black
Optimus 2X
Xperia Arc
HTC Droid DNA
Samsung Galaxy S3; and
Google Nexus 4.
And I got this post,
So you're involved with (kind of) non-profit organization (alike CyanogenMod), can we know who's the members of your team? AFAIK, you don't own the phone in personal. So you (might) develop those kernel alone by yourself, or how many developers in your team?
I read your ARM. Project Recruitment, and it seems no one interested, so this non-profit organization doesn't existed yet, or you already have your own internal team?
Click to expand...
Click to collapse
We currently are five-membered. Xperia is full, me, jared and pidozz. Two more are under evaluation. See ARM.'s git
Good Luck with whatever you're doing, I hope you learn someday.
My better half made me a delicious taco and while eating I read the comments.
It was not my intent to flame, neither argue with anyone. I will rather get drunk and party till morning. Good year everyone.
Sent from my LG-P970 using xda premium
Edvin73 said:
My better half made me a delicious taco and while eating I read the comments.
It was not my intent to flame, neither argue with anyone. I will rather get drunk and party till morning. Good year everyone.
Sent from my LG-P970 using xda premium
Click to expand...
Click to collapse
Off topic but good year to you too,here they don't serve tacos
Sent from my LG-P970 using xda premium
hmm, 80% of repos are forked from already good kernels from such devs like gokhanmoral, CM, garwedgess, coolya, etc.
it's like forking Diana kernel then adding a little touch.
Even your "bproj repo" is a clone from huexxx https://github.com/ARMP/bproj-black/blob/master/Makefile#L198 yet you pushed it as initial commit. I understand, maybe you're shy to fork it repo to repo.
Your Makefile on the repo shows:
export KBUILD_BUILDHOST := $(SUBARCH)
#ARCH ?= $(SUBARCH)
ARCH ?= arm
#CROSS_COMPILE ?= $(CONFIG_CROSS_COMPILE:"%"=%)
CROSS_COMPILE ?= /home/huexxx/android/arm-2010q1/bin/arm-none-linux-gnueabi-
Click to expand...
Click to collapse
Lol. He gets owned pretty much doesnt he?
In the Nexus 4 forums he told us that he works for google btw.
realfelix said:
Lol. He gets owned pretty much doesnt he?
In the Nexus 4 forums he told us that he works for google btw.
Click to expand...
Click to collapse
if i am, i would be in the newspapers. I'm so young. And go look at the post. FATHER. One more thing, this post is useless as gab himself is more capable to give this community a kernel
Thread closed as per OP request.
I wanted to download the ROM "j00m Kitkat 4.4.2 optimized bionic" for the Nexus One. But the user j00m has been disabled and the thread is deleted. Anyone know what happened?
I can't say for sure but as I've seen his Roms posted they appeared to be little more than rip offs of the couple nexus1 devs left, also the op of the threads pandered for money and thanks. My best guess is the real developers got annoyed and finally had a word with moderators.
This is all just speculation though
Sent from my Nexus 7 using XDA Premium 4 mobile app
I think he doesn't have accept from developers to port their ROMs...
Ok, thanks.
I thought: "His ROMs would Malware? And for that reason have expelled"
nickdimoni said:
Ok, thanks.
I thought: "His ROMs would Malware? And for that reason have expelled"
Click to expand...
Click to collapse
No malware, I was using his rom [edit: and am using it now as my daily driver]. I actually thought it was [and still is] the best post-Gingerbread rom available. It was basically Evervolv slimmed to 210mb system and a few tweaks for "lazy people" - details here. The mod who closed his thread cited 2 reasons:
j00m's rom wasn't "different" enough (tho I don't know how he can make that call as it was clearly different enough for me and others to prefer it),
j00m didn't get permission from texasice (isn't everything open source? why is permission necessary?)
Ok, thanks for all.
In your explanations I'm calmer
Rules are rules.
too bad, he was one of the best in here, his rom is amazing,
but rules are rules
Just to clear up some stuff I saw:
abemore said:
[*]j00m's rom wasn't "different" enough (tho I don't know how he can make that call as it was clearly different enough for me and others to prefer it),
[*]j00m didn't get permission from texasice (isn't everything open source? why is permission necessary?)
[/LIST]
Click to expand...
Click to collapse
The ROM was removed because it was essentially Evervolv taken from another developer and called his own. We do not allow that without permission as that is taking someone else's work, slapping on a few tweaks and calling it your own. No credit to the original developer, no mention of where the base came from, nothing. It's disrespectful, and is akin to someone taking the lunch you painstakingly made, adding pepper and then proclaiming it's his, with big donation banners around the plate of food. Not what the original developer would like, yes? That was why his ROM was removed. As for the bit about open source, j00m did not post the kernel sources he used, which was violating GPL and against the spirit of open source. While Evervolv is indeed open source, credit must be given if it is used as a base, and permission must be granted for that by the original developer, as we must respect the work of others as well. Without that, or if permission is not granted, the ROM will be removed from XDA.
TL;DR:
Credit the developers of the base
Ask for permission
Post kernel sources
I hope this clarifies some of the issues I saw. Due to the nature of this thread, I will have to close it as I already saw instructions on evading the ban. My PM is however open to anyone with further queries. Thanks
CyboLabs is Proud to present
Open Bump!
What is Open Bump?
Open Bump is a recreation of the closed source Bump project run by Codefire.
It will allow you to "sign" your boot images in the same way that Codefire does it, only you don't need an internet connection.
Click to expand...
Click to collapse
What Open Bump is NOT
lets get the obvious out the way. It won't axe murder you.
It is not a direct reverse engineer of Codefire's implementation. I found the key and iv on my own
The magic bytes were taken from Codefire's method however. If anyone has insight has to how they were found, please shout up.
It does NOT take your private data so you can use it. Tin hatters feel free to double check
Click to expand...
Click to collapse
How did I find this out
I had a general idea of what to look for, having heard that the exploit is related uicc, and is signed with a cipher.
Dropping the aboot image in to Ghex led me to finding a reference to "uiccsecurity". Using the bytes around this, I found a repeat of 32 bytes, which was followed by 16 bytes which formed something that resembled "SecureWallpaper".
As you can probably guess, this was mainly trail and error backed by common sense and logical thinking.
you can programmatically find these values with the python script:
Python:
aboot_name = './aboot.img'
aboot = open(aboot_name, 'rb').read()
key_end = aboot.index('uicc')
key_start = key_end - 32
key = aboot[key_start:key_end]
sec_key_start = aboot.index(key, key_end)
iv_start = sec_key_start + 32
iv_end = iv_start + 16
iv = aboot[iv_start:iv_end]
deciphering some already generated "signatures" proved that these were the key and iv used for "signing" the images.
Click to expand...
Click to collapse
What is coming next?
Inspecting the signatures that were originally uploaded and the ones that people can generate now, I found only one pattern.
The only similarities were the first 16 bytes of each "signature". I believe that only the magic number is needed, and none of the garbage that follows. This has been confirmed by the LG G3 dev from CyanogenMod, Invisiblek Done
Click to expand...
Click to collapse
How to use it?
I don't know how well this will run on anything other than linux, so for now.. I won't talk about it.
First, ensure you are using python2
then run the script
Code:
python2 open_bump.py "/path/to/boot.img"
flash the output, and enjoy
Click to expand...
Click to collapse
Thanks to:
Obviously, this wouldn't have been possible without Codefire since I wouldn't have known where to look, or that it was exploitable. And it was them that found the magic key.
Big thank you to @pulser_g2, who offered invaluable input on cryptography
Big thank you to @invisiblek, who I mercilessly kanged the main part of the image padding script from
note:
The original part of finding this information out was done on my own with guidance from pulser. The final results of this are posted above.
XDA:DevDB Information
Open_Bump, Tool/Utility for the LG G2
Contributors
cybojenix
Source Code: https://github.com/CyboLabs/Open_Bump
Version Information
Status: Beta
Created 2014-11-23
Last Updated 2014-11-23
Thanks, thats great news to have an open source tool here!
Do you see any chance that this could be integrated into CWM/TWRP so that the recovery rom could bump the boot/recovery images before flashing?
Because the boot/recovery.img has to be extracted from the ROM-zip before flashing, bumping it here would make sure that the phone can boot the image even with the newer bootloader.
This would be great for rom-devs since they don't have to change anything and it would even bump roms that are not maintained anymore.
g4rb4g3 said:
Thanks, thats great news to have an open source tool here!
Do you see any chance that this could be integrated into CWM/TWRP so that the recovery rom could bump the boot/recovery images before flashing?
Because the boot/recovery.img has to be extracted from the ROM-zip before flashing, bumping it here would make sure that the phone can boot the image even with the newer bootloader.
This would be great for rom-devs since they don't have to change anything and it would even bump roms that are not maintained anymore.
Click to expand...
Click to collapse
simple answer, this can be added to the build step really easily. See this commit
edit:
of course it may be useful to make a c program to do this.... I shall think on it.
Propably stupid question but i ll give a shot. Since we have the magic key we cant just skip the bump stuff totally? As i can understand, i dont wait official developer team join the bump train, thats why the damn development of the device is really back while the hardware is more than capable.
**To the OP i wish i could give you a thousand likes sir!
After getting the bootloader may be open G3؟؟
Why not use the original Bump?
Quote:
Codefire has been extremely vague about their method, obviously to prevent someone else replicating their results.
They are also storing people's data unnecessarily, and even adding some information relating to the user in to the "signature", possibly for tracking purposes.
As a result of it being an external service, many reputable teams (which won't be named unless they want to be) have said they will not use it, and would rather wait till LG releases the official unlock method.
Finally, Codefire have said the sha1sum of the boot image is required. Whether they knew or not, it is NOT required, and I will be changing this tool to compensate for that.
Click to expand...
Click to collapse
Happy you found a new exploit for us builders and devs, just feel like you kinda disrespected codefire team by accusing them of things before actually talking to them, seems a bit counter productive, this may piss them off and next device you can kiss new exploits by them good-bye,
just my 2 cents on the matter,
i'd remove the line...
in any case thank you very much, i will add it to my build script
---------- Post added at 08:34 PM ---------- Previous post was at 08:29 PM ----------
nikosblade said:
Propably stupid question but i ll give a shot. Since we have the magic key we cant just skip the bump stuff totally? As i can understand, i dont wait official developer team join the bump train, thats why the damn development of the device is really back while the hardware is more than capable.
**To the OP i wish i could give you a thousand likes sir!
Click to expand...
Click to collapse
"Bump stuff" has nothing to do with users, the devs and builders do the "bumping", and development of the G series has nothing to do with bumping, it just takes time to bring everything up
Good job cybojenix. (moderator edit: watch your language please)
Way to ruin a good thing.
I'm done with Android now. You can do it all now - since you obviously know better than me and everyone else.
I don't appreciate people trying to blackmail me - EnderBlue and Cybo both.
Don't believe me? http://hastebin.com/gulumezawi.txt
Good job guys. Way to ruin unlocks for all future LG phones.
If I *EVER* decide to come back, I will not be releasing anything as free or open source. You've sullied my impression of the open source community. Anything I do will be private releases from now on.
LG hadn't patched Bump, and they were going to leave it alone for us as long as we kept it as a service.
Well, looks like that's over and done with.
Bump included a hash of the image that you uploaded and a hash of your developer ID, and some random junk bytes. That's all. It's exactly what we said it was doing.
Well, hey, now you're free to take over and write roots and unlocks for all LG phones since you obviously have the talent to do so.
Let's be honest though, without my team's hard work that you stole, you wouldn't have been able to do any of this.
But you knew that, you're just a bottom feeder.
I don't get angry often at all- but congrats! You've succeeded in making me mad! Achievement unlocked!
I'm done. Your turn.
EDIT: Also, you know you can't open source your project either considering it contains 'stolen' LG crypto keys. https://github.com/CyboLabs/Open_Bump/issues/1
Have fun with that one.
thecubed said:
Good job cybojenix. (moderator edit: watch your language please)
Way to ruin a good thing.
I'm done with Android now. You can do it all now - since you obviously know better than me and everyone else.
I don't appreciate people trying to blackmail me - EnderBlue and Cybo both.
Don't believe me? http://hastebin.com/gulumezawi.txt
Good job guys. Way to ruin unlocks for all future LG phones.
If I *EVER* decide to come back, I will not be releasing anything as free or open source. You've sullied my impression of the open source community. Anything I do will be private releases from now on.
LG hadn't patched Bump, and they were going to leave it alone for us as long as we kept it as a service.
Well, looks like that's over and done with.
Bump included a hash of the image that you uploaded and a hash of your developer ID, and some random junk bytes. That's all. It's exactly what we said it was doing.
Well, hey, now you're free to take over and write roots and unlocks for all LG phones since you obviously have the talent to do so.
Let's be honest though, without my team's hard work that you stole, you wouldn't have been able to do any of this.
But you knew that, you're just a bottom feeder.
I don't get angry often at all- but congrats! You've succeeded in making me mad! Achievement unlocked!
I'm done. Your turn.
EDIT: Also, you know you can't open source your project either considering it contains 'stolen' LG crypto keys. https://github.com/CyboLabs/Open_Bump/issues/1
Have fun with that one.
Click to expand...
Click to collapse
First off, I didn't black mail. I gave your team notice about open sourcing it after reverse engineering the LG bootloader, not your "signatures".
It's your choice if you want to leave Android. Pinning the blame on me is somewhat childish though.
LG not patching Bump? That's a ludicrous statement, and even if it's true, it's good that this script got released. That way they know it should be patched, since having it a service clearly makes all the difference to them.
The hardest part of your teams work was getting the keys. If you know where to look, then it's easy enough to get engineering builds which I suspect contain the master magic bytes which you released.
I'm honestly shocked at your reaction though. I gave your team all the credit and stated which parts I did myself. The part about the service, and the deception was justified.
You tried to obscure something which by logic can't be obscured. That's how so many people realised they can just append the bytes to the image.
So which one would you rather have, LG not patching the exploit (as you so claim), and having an unknown number of people in china running around flashing custom boot images, or have everyone know how to do it to force LG to recheck their security measures.
What I did may not have been fantastic for the community, but what you did was insanely dangerous for the 90% of LG users.
All you did was make it so LG locks down the bootloader. And really 90% of users??? There probably isn't even 3 percent of the LG base on this website. All you did was screw everybody else over so you could have YOUR OFFICIAL CM.
As well people saying you didn't do enough and are still using there signing key as well as attacking it as well.
Way to think about yourself. You didn't care about the 90% or you wouldn't have done this.
I personally hope LG locks down the bootloader now. Go the way Samsung did and put an efuse on it and prevent downgrading. Hopefully all this happens with lollipop so you can screw over the rest of the LG crowd.
cybojenix said:
it's good that this script got released. That way they know it should be patched, since having it a service clearly makes all the difference to them.
Click to expand...
Click to collapse
"Hey let's potentially close all future LG unlocks and thus the chance to use CyanogenMod on future LG devices then. Just so I can get the current CM builds to say 'Official' and get a big pat on the back from the CM dudes who probably don't care about me too much."
Is that what went through your mind? That instant gratification and ignorance really shows who you are because that's exactly what I see from this OP of yours. Enjoy your 15 minutes of fame. You probably just killed a chance for years of it.
savoca said:
"Hey let's potentially close all future LG unlocks and thus the chance to use CyanogenMod on future LG devices then. Just so I can get the current CM builds to say 'Official' and get a big pat on the back from the CM dudes who probably don't care about me too much."
Is that what went through your mind? That instant gratification and ignorance really shows who you are because that's exactly what I see from this OP of yours. Enjoy your 15 minutes of fame. You probably just killed a chance for years of it.
Click to expand...
Click to collapse
Yes, because I've been such a massive supporter of cm. (sarcasm in case you didn't realise).
I started reverse engineering the bootloader for research purposes. If it was more complex than what I have said above, then I probably wouldn't have done this thread.
If it weren't for the fact that the magic stays the same across all signatures, then I also wouldn't have done this thread.
The response I got from them when I contacted them before releasing this was pretty much one of lack of care. So I went ahead and posted it.
I couldn't care less about fame. In fact there isn't really a lot I do care about, but I won't have the community alienated in to thinking the codefire service was such a great thing.
And once again, I refuse to take the blame for their team leaving Android.
whoppe862005 said:
All you did was make it so LG locks down the bootloader. And really 90% of users??? There probably isn't even 3 percent of the LG base on this website. All you did was screw everybody else over so you could have YOUR OFFICIAL CM.
As well people saying you didn't do enough and are still using there signing key as well as attacking it as well.
Way to think about yourself. You didn't care about the 90% or you wouldn't have done this.
I personally hope LG locks down the bootloader now. Go the way Samsung did and put an efuse on it and prevent downgrading. Hopefully all this happens with lollipop so you can screw over the rest of the LG crowd.
Click to expand...
Click to collapse
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
cybojenix said:
I couldn't care less about fame. In fact there isn't really a lot I do care about, but I won't have the community alienated in to thinking the codefire service was such a great thing.
Click to expand...
Click to collapse
So you only care about ruining good things, and other people's work?
Lol sorry I think I'm done with you. By cybo
savoca said:
So you only care about ruining good things, and other people's work?
Lol sorry I think I'm done with you. By cybo
Click to expand...
Click to collapse
Tbh I thought it would have been clear by now what I care about. Then again I may have been wrong about considering you one of the smart android people.
I care about learning and sharing knowledge. Which is precisely what this thread did.
cybojenix said:
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
Click to expand...
Click to collapse
I saw your PM to autoprime in IRC, it was "I am going to post what I found or you do, either way its going there", it wasn't lack of care, it was that you just stated a fact and left, it was a very rude unthoughtful thing to do, also don't try to BS everyone with your research, you and about 100 other people found the "magic keys", the problem is those "magic keys" were placed there by team codefire, you didn't find them, you found that they were using the key and copied their work, anything else you say is a lie, at least the other 99 people who found this had the basic respect to not post it unless the original team allowed it.
There was no reason to post this, their site was working fine, and if you used the API there was no problem of tracking since it just uses a UID to identify to the server.
at least admit you were wrong and say you are sorry, they won't fix anything but will gain you a minimum amount of respect
sooti said:
I saw your PM to autoprime in IRC, it was "I am going to post what I found or you do, either way its going there", it wasn't lack of care, it was that you just stated a fact and left, it was a very rude unthoughtful thing to do, also don't try to BS everyone with your research, you and about 100 other people found the "magic keys", the problem is those "magic keys" were placed there by team codefire, you didn't find them, you found that they were using the key and copied their work, anything else you say is a lie, at least the other 99 people who found this had the basic respect to not post it unless the original team allowed it.
There was no reason to post this, their site was working fine, and if you used the API there was no problem of tracking since it just uses a UID to identify to the server.
at least admit you were wrong and say you are sorry, they won't fix anything but will gain you a minimum amount of respect
Click to expand...
Click to collapse
Wrong, I stated that I was going to open source it, meaning the work of put in to getting the key and how it's used to get the original magic.
It was after that that I realised the final magic is the only thing needed. I actually worked out how to get the magic key a few hours ago, but since I don't have the right images, it won't be globally usable.
Fair enough, I apologise for pointing out the flaws in codefires service, and that they took it badly.
cybojenix said:
See my other post, I don't care about cm.
Fair enough, 3% are here, so this benefits the security of 97% of lg uses, if the claim that lg was alright with it running s a service is true.
Either way, I did nothing wrong
Click to expand...
Click to collapse
OK. If you did nothing wrong please do explain this
Enderblue-"well, would you be willing to open source it so we can have a official cm support?"
IoMonster-"so it would make storm already worse then what it is now? *paraphrasing for language
IoMonster-"no"
Seems like be said he didn't want it open source but you still went ahead any way.
http://hastebin.com/gulumezawi.txt
And then you saying your going to push it for vs985 even after he said no.
I don't know who Enderblue is, and I'm not affiliated with him..
whoppe862005 said:
OK. If you did nothing wrong please do explain this
Enderblue-"well, would you be willing to open source it so we can have a official cm support?"
IoMonster-"so it would make storm already worse then what it is now? *paraphrasing for language
IoMonster-"no"
Seems like be said he didn't want it open source but you still went ahead any way.
http://hastebin.com/gulumezawi.txt
And then you saying your going to push it for vs985 even after he said no.
Click to expand...
Click to collapse
cybojenix said:
I don't know who Enderblue is, and I'm not affiliated with him..
Click to expand...
Click to collapse
It isn't like it matters if you are or not. It says right in the chat he doesn't want it open sourced. I'm sure about 99% of the people on here have seen that already and I'm pretty sure you have seen it as well.
It states right in the chat he didn't want it open sourced.
whoppe862005 said:
It isn't like it matters if you are or not. It says right in the chat he doesn't want it open sourced. I'm sure about 99% of the people on here have seen that already and I'm pretty sure you have seen it as well.
It states right in the chat he didn't want it open sourced.
Click to expand...
Click to collapse
but the chat wasn't with me, so your point is null
autoprime had ample opportunity to say "don't do it yet", or "go talk to IO". but no, no objections were made.
Codefire treated the service like any other company would treat their unlocking service, so I treated them like a company and showed how it was done.