iodéOS 6 released!

But this argument doesn’t work, because it doesn’t matter whether I would do a direct downgrade or start from scratch, then that would be the same if the software were still at the same level.

I guess the difference would be, that in alternative 1 all your data would be preserved during the downgrade and therefore at risk of being attacked afterwards (regarding the older version with possible security bugs)

Maybe I didn´t explain this very well. What I meant was upgrades are irreversable by design. Downgrading is impossible, is is a security feature, and prevents malicious attacks, but has the unfortunate side effect that the only way to go backward is to wipe the device back to zero first.

Hi,

since the last upgrade on iodé 6, the update of iodé-browser in f-droid doesn’t work. The update starts, but it gives out “error-107: the parser encountered a bad shared user id name in the manifest”.

Is there something I can do, to fix this? Using a browser that hasn’t been updated for 7 days doesn’t seem very wise…

Thanks

the iodé browser is a system app.
Try the following:

1. make a backup of your broswer data. This is the same procedure as for Firefox
2. from Settings > Apps > Preinstalled Apps > Commmunication, remove iodé Browser
3. reboot
4. from Settings > Apps > Preinstalled Apps > Commmunication, reinstall iodé Browser
5. reboot
6. recover the browser data

Because I’m curious, I just installed iodéOS 6.0 on one of my “spare FP3”.

• Installation process won’t finish without manual reboot into fastboot at a certain point
• USB restriction cannot be changed - apps crash
• For that reason you cannot access the file on the phone by USB

j’ai le même bug… je vois la miniature, mais quand je clique dessus rien… enfin si mais très court a peine le temps d’apercevoir le bouton de partage

J’ai tout remis en 5.8. J’attends une MAJ propre et sans bug avant de passer en 6.0 sur XA2… si maj en 6.0 existe un jour.

fairphone4 odéOS 6 has worked perfectly

What’s next with the iodé 6.0 update? My Reserve phone runs with Lineage 22.1 / Android 15 without any problems.

What do you mean?
Further updates will follow. What else will happen?

@bellini is asking whether the xa2 will be upgraded to version 6 at some point.

iodé, like any custom ROM, has limited resources spread over many devices, and can’t always keep every device up to date with the latest android version. That said, almost 3/4 of the devices on the supported devices page are on iodé 6 (android 15). While some devices are behind lineage in terms of android version, others are ahead or still supported once lineage has been abandoned. On this wiki you can see how different custom ROMs compare in this regard,

I’ll throw the thesis into the room… Users who use custom Romes are security and privacy oriented.

But if there’s been no update for over a month… the question from Bellini is appropriate.

Indeed. I imagine they are working on it.

Thanks, but I was already thinking about my XA2 problem. The XA2 I was using as a daily driver is a victim of this bug. I thought something had happened since the reply: “iodéOS 6 released! - #23 by vince31fr.
I guess I was wrong and will now flash Lineage, it’s more work but with the right apps it’s just as safe.
So long…

I wouldn’t say that.
the majority use custom ROMs because:

1. more features than stock
2. more configuration options than stock
3. no more support from stock
4. more security and privacy than stock

and 4) is the smallest part of the total

iode promises big… more security and privacy… according to the website…on which the business model is based.
where’s the security… If there isn’t even a February security patch in March?

Security and privacy are not the same thing, though they are often conflated. The mantra is that “you can´t have privacy without security” but this is not entirely true, though they are interrelated.*

GrapheneOS is focused on security, with few supported devices (pixel 6, 7, 8, 9, fold, and tablet) Focus on one line of devices means more frequent releases, but is not without disadvantages:

1. Users who want new devices are forced to buy from the worst privacy violator: google
2. users in many countries don’t have access to pixels

These are not the only reasons why GrapheneOS isn’t the right fit for some: For users coming from stock android it’s underwhelming: there’s not even an app store besides google play.

Most custom ROMs are more focused on privacy than security, and iodé is not an exception, The iodé blocker is mainly a privacy tool. That said, iodé also takes security seriously: 1) by providing the security advantages of bootloader locking on all devices that allow it 2) monthly releases. Delays occasionally occur, as a device may be too buggy to release, as was the case with the XA2. This is still far better than lineage or /e/OS. And as the project grows, more resources will be available for more developer support, which will improve security on devices like this that get missed in the struggle to prioritize many open projects… But the interest in the general populace is for privacy, not security, so focusing on privacy makes sense.

So offering greater device support seemingly reduces security. But many people who wouldn’t otherwise have access to a device can run a privacy-focused OS, which increases everyone’s privacy. It also is more sustainably in terms of the environment to extend to more devices. The iode GSI is also a big step in this direction.

*To illustrate the interrelation between security and privacy, consider members of the sentinel alliance. These are people who have been hacked by mercenary spyware and are getting organized to condemn this industry, which is a danger to democracy and human rights around the world, It’s mostly used to spy on regime critics, journalists, lawyers rather than the supposed use case: terrorists. No one knows for sure, but if your threat model is governments using mercenary spyware, there probably only three secure choices for mobile device:

1. a dumb phone
2. a recent pixel (6+)
3. the latest iPhone in lockdown mode.

These are secure options, but the privacy implications of using the iPhone with an iCloud or using a device with stock Android are atrocious: the same people with access to military grade spyware can request all of the data from apple or google within their jurisdiction (if they need to ask, which is unlikely)

But if this is your threat model, are you really safe? The emphasis on timely software updates is mainly to protect us from this threat model. As soon as a zero-day exploit is uncovered and a patch is made, you can be safe from exploit. But there is a huge industry of mercenary spyware manufacturers developing zero-days, and the people paying for it are getting results, even on devices that are up to date. That said, their clients (governments) can’t use these very expensive attacks on the civilian population at wide: overuse is costly (they pay per victim) and will lead to wasting a multi-million dollar exploit of they infect the wrong device (in a security researcher’s lab.)

But if your threat model is like most people’s, you are more concerned about privacy: big tech aggregating your data and selling it back to third parties. These industries offer their clients the possibility to manipulate you with targeted ads and use intimate knowledge about people’s political leaning. to target certain sections of the society with disinformation to shift sentiments in elections,

Lastly, privacy may actually be vital for security, since spyware attackers use social engineering to compromise victims. Sentinal Alliance victims often received SMSs and other messages tailored to their exact habits such as flights, package receipts etc which were likely known due to privacy breaches or bad privacy practices.

You must not forget that GOS now employs 6 full-time developers.
and as I said, they only support Pixel devices.
so there is a lot of work and effort involved.
so it is only logical that small custom ROMs cannot keep up with the pace. and especially not when the variety of devices is even greater.

Did I talk about graphene ??? NO

And before I say my opinion about you here …

I hold it like Bellini

so long