Commit 5138265e authored by Tad's avatar Tad
Browse files

Add the Project News page

parent b5c5f1aa
......@@ -80,6 +80,7 @@
<a class="sublink-1" href="index.php?page=recommended_apps">Recommended Apps</a>
<a class="sublink-1" href="index.php?page=extras">Extras</a>
<span>Docs</span>
<a class="sublink-1" href="index.php?page=news">News</a>
<a class="sublink-1" href="index.php?page=faq">FAQ</a>
<a class="sublink-1" href="index.php?page=screenshots">Screenshots</a>
<a class="sublink-1" href="index.php?page=troubleshooting">Troubleshooting</a>
......
......@@ -39,6 +39,7 @@
<li>Linux is a trademark of Linus Torvalds</li>
<li>Android is a trademark of Google LLC</li>
<li>LineageOS is a trademark of LineageOS LLC (87714781)</li>
<li>GrapheneOS is a trademark of the GrapheneOS Project</li>
<li>CopperheadOS is a trademark of Copperhead Limited (87236999)</li>
<li>Mozilla Firefox is a trademark of The Mozilla Foundation</li>
<li>Tor is a tradmark of The Tor Project, Inc. (3465432)</li>
......
<div class="card fluid">
<h2>Project News</h2>
<p>Occasional updates about DivestOS project.</p>
<div class="section" id="2020-12">
<h3>December 2020 Update<a href="#2020-12"></a></h3>
<h4>General Updates</h4>
<ul>
<li>November and December ASB builds have been released.</li>
<li>Mull is now on its 3rd Fenix based release, with the latest 84.1.0. Huge thanks to @relan for their build scripts. <a href="https://gitlab.com/divested-mobile/mull-fenix" target="_blank" rel="nofollow noopener noreferrer">repo link</a></li>
<li>Hypatia has been updated to show database release/update dates in addition to a multithreading fix.</li>
<li>Etar is now used for the calendar app across all versions.</li>
<li>A handful of more proprietary blob variants have been removed.</li>
<li>Vendor build fingerprints are now all replaced.</li>
<li>Lots of miscellaneous fixes and cleanup.</li>
<li>All 15.1 builds and higher are now fully dexpreopted, this allows for reduced memory usage and also decreased boot times on FDE devices.</li>
<li>TCP SACK is no longer disabled. SACK PANIC has now been patched on nearly all kernels supported. It has vaulable bandwidth saving benefits.</li>
<li>There have been many new CVE patches, especially for 3.18 kernels.</li>
</ul>
<h4>Roster Updates</h4>
<ul>
<li>clark has been updated from 14.1 to 17.1 (potential modem issues). In-place upgrade to work, but your mileage may vary.</li>
<li>flo has been updated from 15.1 to 17.1, but requires repartitioning.</li>
<li>cheeseburger/dumpling are compiling for 17.1, but not booting.</li>
<li>coral and flame 17.1 builds are available (untested).</li>
<li>rs988 and h990 17.1 builds are available (untested).</li>
<li>yellowstone 16.0 builds are available (untested).</li>
<li>h870 15.1 builds are available (untested).</li>
</ul>
<h4>Website Updates</h4>
<ul>
<li>Paragraphs now have links for easy saving/sharing.</li>
<li>Browser, recommended apps, and functionality tables have all been updated.</li>
<li>A handful of credit updates.</li>
<li>There is now a captcha to access the device downloads page. It works without JavaScript, and has audio support.</li>
<li>There is a new vanity onion address divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion. The old address also still works. <a href="https://github.com/cathugger/mkp224o" target="_blank" rel="nofollow noopener noreferrer">tool used</a></li>
<li>Most pages are now cached by the browser.</li>
<li>Most text based content served up will now be compressed either by deflate or brotli.</li>
</ul>
<h4>Other things</h4>
<ul>
<li>Old DivestOS patches have been used to remove AmbientSDK from Replicant. <a href="https://git.replicant.us/replicant/packages_apps_Contacts/tag/?h=cm-13-before-ambientsdk" target="_blank" rel="nofollow noopener noreferrer">git tag</a></li>
<li>3G is starting to be rapidly phased out, meaning calls with most carriers will not be possible unless IMS/VoLTE works on your device.</li>
<li>Heads up: LineageOS will most likely be dropping official 16.0 builds once 18.0/18.1 is released.</li>
</ul>
<h4>Future work</h4>
<ul>
<li>Test how much breakage the deblobber is causing to the IMS stack, or if that is upstream.</li>
<li>Finish importing <a href="https://gitlab.com/divested-mobile/kernel_patches/-/commit/6e7fc4c8f83081e7634eb1e73f58dd433930b0a8" target="_blank" rel="nofollow noopener noreferrer">this</a></li>
<li>Add back AOSP patching support to the CVE patcher. It is undecided how to best implement it.</li>
</ul>
</div>
<div class="section" id="2020-11">
<h3>October 2020 Update<a href="#2020-11"></a></h3>
<ul>
<li>Most 3.4 devices should expect 40-100 more kernel CVE patches. <a href="https://gitlab.com/divested-mobile/kernel_patches/commit/4f9f775f05c4feea9fabeaa61658be027571b4a6" target="_blank" rel="nofollow noopener noreferrer">git commit</a></li>
<li>Most 3.18 devices should expect 10-40 more kernel CVE patches. <a href="https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/commit/5a07867289e1236fd35c894860abca79b9ce402f" target="_blank" rel="nofollow noopener noreferrer">git commit</a></li>
<li>A handful of other kernel CVE patches are available for all other devices as per usual.</li>
<li>Lots of work has been done on making the CVE patcher easier for other projects to use. <a href="https://gitlab.com/divested-mobile/cve_checker" target="_blank" rel="nofollow noopener noreferrer">repo link</a></li>
<li>Mull is now severly out of date. There hasn't been the time to rebase it. It is strongly suggested to use Bromite or the new Fennec F-Droid until then. Bromite repo is already included in DivestOS F-Droid.</li>
<li>victara build failed last month due to recovery image being too large, however it is now once again available.</li>
<li>h850 and zenfone3 builds have been pulled as they were last updated in 2018 and 2019 respectively.</li>
<li>[Upstream] Updated to October security bulletin.</li>
<li>[Upstream] Updated WebView to Chromium 86.0.4240.75, has many security fixes.</li>
<li>[Upstream] klte and shamu have had many upstream changes, worth testing if you have the time.</li>
<li>11/R builds will likely not be available until March with most devices hopefully being updated by May.</li>
</ul>
</div>
<div class="section" id="2020-10">
<h3>September 2020 Update<a href="#2020-10"></a></h3>
<ul>
<li>The CVE patch database now has many more patches thanks to importing data from the Civil Infrastructure Platform CVE tracker.</li>
<li>The CVE patcher has had some minor fixes to improve output reliability.</li>
<li>There have been some GPS fixes for all branches, will be available in the next rebuilds.</li>
<li>Many new (untested) devices: pro1, enchilada, fajita, guacamole, guacamoleb, and broken beryllium.</li>
<li>Mull is likely on its last release due to ESR 68 branch being closed off.</li>
<li>Hypatia now supports an extra malware hash database from ESET.</li>
<li>Credits and screenshots on the website have been updated.</li>
</ul>
</div>
<div class="section" id="historical">
<h3>Historical Recap<a href="#historical"></a></h3>
<ul>
<li>2020/12/21: VoLTE support was unbroken.</li>
<li>2020/12/21: The umask for the build scripts was adjusted, fixing many small issues.</li>
<li>2020/12/11: All non-LTS Linux CVE patches were dropped from the repository.</li>
<li>2020/11/06: Added many missing Linux CVE patches missed by the CIP scripts from Debian retired tracker.</li>
<li>2020/10/22: Mull was rebased onto Fenix, built on top of much effort from Relan.</li>
<li>2020/10/15: A critical issue was identified and resolved that affected many devices. It caused slow performance and boot issues. Originally introduced 2018/10/01.</li>
<li>2020/10/11: Initial inclusion of Etar for Calendar.</li>
<li>2020/10/06: Added many Linux 3.4 CVE patches thanks to @haggertk.</li>
<li>2020/09/18: Added many Linux 3.18 CVE patches from the AOSP 3.18 branch using the CIP scripts.</li>
<li>2020/08/07: Initial import of Linux CVE patches from the Civil Infrastructure Platform tracker.</li>
<li>2020/06/17: The start of providing GPG signatures for all builds.</li>
<li>2020/06/14: The CodeAurora CVE patch list was created.</li>
<li>2020/06/12: DivestOS is publically released, initially on the F-Droid Forum.</li>
<li>2020/06/07: The AOSP CVE patch list was created.</li>
<li>2020/04/14: Initial support for building on top of LineageOS 17.1.</li>
<li>2019/10/18: Automated kernel hardening via command line arguments was introducted.</li>
<li>2019/10/04: Initial import of Linux CVE patches from the Google Project Zero tracker.</li>
<li>2019/09/25: Most signing keys were switched to RSA-4096.</li>
<li>2019/09/13: Per-device signing keys were introduced.</li>
<li>2019/08/28: Delta OTA support was introduced.</li>
<li>2019/08/27: Image signing was overhauled.</li>
<li>2019/08/05: Initial inclusion of OpenCamera and Simple Gallery.</li>
<li>2019/07/05: IPv6 privacy extensions were enabled on all devices.</li>
<li>2019/06/02: First versions to stop sending the IMSI to the SUPL, discovered by @MSe</li>
<li>2019/05/23: The .org was obtained.</li>
<li>2019/05/13: Initial import of many Linux CVE patches from the Red Hat CVE tracker.</li>
<li>2019/05/08: Initial work on restoring verified boot support in LineageOS began.</li>
<li>2019/04/04: The GrapheneOS hardened memory allocator was included for use on supported devices.</li>
<li>2019/03/12: PicoTTS was first patched to make it functional again.</li>
<li>2019/03/04: Initial support for building on top of LineageOS 16.0.</li>
<li>2019/03/04: Initial support for WireGuard was added.</li>
<li>2019/02/02: The website is overhauled onto SBNR.</li>
<li>2019/01/31: The Static But Not Really (SBNR) project is born out of the DivestOS website as a standalone minimal website framework.</li>
<li>2018/12/18: Support for building on top of LineageOS 11.0 was restored and rebased.</li>
<li>2018/10/20: Tor support was added to the OTA updater.</li>
<li>2018/09/11: Filesystem discards were enabled on /data.</li>
<li>2018/08/08: A-GPS MSA was disabled across all devices for increased privacy.</li>
<li>2018/07/13: The vendor overlay was created for more easily applying select changes.</li>
<li>2018/06/24: DivestOS finally received its own boot animation.</li>
<li>2018/06/17: The provisioner repository was created for quickly installing recommended apps via F-Droid.</li>
<li>2018/05/29: Initial import of Linux CVE patches from the Syzkaller tracker.</li>
<li>2018/05/21: Analytics libraries were degraded by injecting AndroidManifest overrides.</li>
<li>2018/05/13: The website is overhauled to use mini.css.</li>
<li>2018/05/11: Malware scanning via ClamAV support was added to the build scripts.</li>
<li>2018/04/28: Initial patches to support DNS66 loading defaults from system.</li>
<li>2018/04/01: The proprietary LOSCoins malware was removed before ever being included in DivestOS.</li>
<li>2018/03/13: The PrebuiltApps repo was created for including official/F-Droid builds of apps.</li>
<li>2018/03/08: F-Droid approved the inclusion of F-Droid into the system.</li>
<li>2018/03/04: LineageOS approved the rebranding was sufficient.</li>
<li>2018/02/13: Initial support for building on top of LineageOS 15.1</li>
<li>2018/01/04: Very basic Spectre mitigations were automatically applied to 3.10 kernels.</li>
<li>2018/01/03: Very basic Spectre mitigations were applied to Mull.</li>
<li>2017/12/25: Mull came into existance.</li>
<li>2017/12/13: Veritas, now called Hypatia, was created as the first FOSS realtime malware scanner for Android systems.</li>
<li>2017/12/09: Automatic kernel hardening via defconfig overrides was introduced.</li>
<li>2017/11/21: Initial work on building Firefox for Android without blobs began.</li>
<li>2017/11/11: A script for deblobbing separate /firmware partitions was created.</li>
<li>2017/11/10: Initial automatic applying of Linux incrementals.</li>
<li>2017/11/07: Creation of our initial original Linux CVE patch list.</li>
<li>2017/11/02: Initial versioning of CVE patches to reduce breakage.</li>
<li>2017/10/30: Utilzing the new CVE patcher, all devices were mitigated against KRACK.</li>
<li>2017/10/29: Introduction of automatic kernel CVE patching for all devices.</li>
<li>2017/10/29: The CVE downloader/patcher project was created.</li>
<li>2017/10/14: The repositories were relicensed GPLv3.</li>
<li>2017/09/10: Extirpater saw its initial port to Android.</li>
<li>2017/08/01: A commit references a patch made four years earlier? Not too sure about this one.</li>
<li>2017/06/15: Silence was included in the images.</li>
<li>2017/06/04: Start of work on automated kernel CVE patching.</li>
<li>2017/06/04: The project was rebranded into DivestOS.</li>
<li>2017/05/30: OTA updates became supported.</li>
<li>2017/02/25: The dedicated website was created.</li>
<li>2017/01/25: The first revision of our automated deblobber was created.</li>
<li>2017/01/04: Public images were discontinued again.</li>
<li>2016/12/27: Work starts on rebasing onto LineageOS from CyanogenMod.</li>
<li>2016/12/21: The monorepo for what is now called DivestOS was created.</li>
<li>2016/07/10: Earliest recorded date of removing the proprietary AmbientSDK malware from our CyanogenMod 13.0 builds.</li>
<li>2016/04/26: The recommended apps lists was released as a Gist on GitHub.</li>
<li>2016/03/19: Public images return, supporting 8 devices.</li>
<li>2016/03/03: Earliest recorded date of our UnifiedNLP backend, MergedWiFiNLP, utilizing simple CSV files.</li>
<li>2016/01/01: Public images were discontinued.</li>
<li>2015/11/20: First builds signed using proper release-keys.</li>
<li>2015/11/19: A PaX enabled kernel is sucessfully booted on bacon, with help from Daniel Micay.</li>
<li>2015/04/01: Our first CyanogenMod 12.1 based images made available.</li>
<li>2014/12/31: The earliest recorded date of publically offering custom images. They were based off of CyanogenMod 12 and available for five devices.</li>
</ul>
</div>
</div>
......@@ -6,7 +6,7 @@ $SBNR_DOMAIN_WHITELIST = array($SBNR_DOMAIN_PRIMARY, "divestoseb5nncsydt7zzf5hrf
$SBNR_GEN_ONE_PAGE = false;
$SBNR_GEN_DARKMODE = false;
$SBNR_CAPTCHA_STANDALONE_ENABLED = false;
$SBNR_CACHABLE_PAGES = array("about", "bootloader", "broken", "browsers", "build", "extras", "faq", "home", "messengers", "network_connections", "our_apps", "post_install", "privacy_policy", "recommended_apps", "saving_data", "screenshots", "technical_details", "terms_of_service", "troubleshooting");
$SBNR_CACHABLE_PAGES = array("about", "bootloader", "broken", "browsers", "build", "extras", "faq", "home", "messengers", "network_connections", "news", "our_apps", "post_install", "privacy_policy", "recommended_apps", "saving_data", "screenshots", "technical_details", "terms_of_service", "troubleshooting");
//Footer
$SBNR_FOOTER_LEGAL = true;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment