Make /e/ OS ROM Signature Spoofing microG ready

That’s because the signature spoofing is set to restricted, meaning it’s only available for system privileged apps, and not user apps.

3 Likes

My Galaxy S5 (SM-G900F, aka klte) with freshly installed Havoc-OS ASOP 10 has the privilege “signature spoofing” by default and is therefore “microG ready”.

The app “Signature Spoofing Checker” immediately signaled “Signature Spoofing: ENABLED”

klte_ASOP10 klte_spoof

My Galaxy S7 Edge “hero2lte” with freshly installed unofficial LineageOS 17.1 has the privilege “signature spoofing” by default and is therefore “microG ready”.

Also here the app “Signature Spoofing Checker” immediately shows “Signature Spoofing: ENABLED”

Hi.

So, you didn’t flash any microG on Lineage OS, just install Signature Spoofing Checker ?

So do you think the problem is with /e/ or with MicroG?

Yeah, that’s right @georgie_abitbol.

“microG ready” means that the custom ROM is prepared in source code so that the microG components (Services Core, Services Framework Proxy, Store (FakeStore release) , DroidGuard Helper, UnifiedNlp) can be easily installed later, if useful.

Although mircoG is a useful replacement for the G°°gle Play Services (GPS), it does not fully contribute to privacy and system security. Therefore I can imagine the use of /e/ OS very well without these “mobile services”. I also use GrapheneOS and that works without microG or GPS - with all its limitations.

2 Likes

I don’t see any problem. /e/ OS works with microG by default. I like this much better than LineageOS with the Open GApps Project.

If “Signature Spoofing” doesn’t work, it’s not microG but the /e/ custom ROM source code.

Please note: My proposal is only a variant for future /e/ OS editions.

Now I’m even more confused. I have an official /e/ build. MicroG says signature spoofing is working. So far, so good. Then I applied an update to Signal and found that I now have to open the app in order to receive messages. Then I found this thread, clicked a link above about signature spoofing and wondered if this had anything to do the problem with Signal. I then tried the app linked to above which reported that signature spoofing is not working (contradicting what MicroG says.) So now I don’t know if it’s working or not, nor do I know if this has anything to do with the problem with Signal.

The Signal Messenger also works without G°°gle Play Services and therefore also without mircoG. I use Signal on GrapheneOS. But their problem has nothing to do with the topic I opened.

@Vaughan, if you need help with /e/ OS and Signal Messenger - please open a thread in the appropriate section. There you will surely get help.

There’s Langis, a Signal “non-google”, available on F-Droid

the push messaging is a different thing. It has nothing to do with signature spoofing. For push messaging the app must be registered in MicroG. Best you are check the link @georgie_abitbol has posted above

Signal provides their own official version of the app without GCM but the normal one was working before the update. Anyway thanks to you all for teaching me that this has nothing to do with signature spoofing. Maybe I’ll try reinstalling. Ciao.

I’m in the same situation, no permanent notification and no background process (I don’t use MicroG) since 3 updates. I already tried to reinstall but I just receive notifications when the phone starts. After that, Signal is dead again.
Sadly I can’t downgrade the app because the backup can’t be restored on older versions.

The idea of an /e/OS lite without microG but with sigspoofing support still available sounds good. Having a ROM that’s part of the /e/cosystem while allowimg a certain amount of freedom to go in any direction one may choose.
Add microG if needed for some Google compatibility, just use UnifiedNlp (for location services), or nothing at all.

I prefer and use mostly ROMs that have sigspoofing built in. Preferable to patching or using mods (Xposed FakeGApps).
The thing with LineageOS for microG and /e/ is that the sigspoofing is just there. Whatever needs it will have it. Well, seems that way on the surface.
With other ROMs you either have the ability to toggle on/off spoofing globally (crDroid f.i.) or to explicitly grant permissions for an app to use the spoofing (finer control). I would like to see something like either of those.





3 Likes

Hi @marcdw pl can you raise it as a request on Gitlab. Will label it a feature request. This would be a nice feature to have on the /e/OS

This is a fine variation and would also be a unique selling point for /e/

Alrighty, I’ll raise a request.

Had to do some checking so I could at least provide something for the devs to look at.
Just guessing here, the microG folks provide signature spoofing patches for the various Android versions. Will assume those are what’s used by LOS_microG and /e/ (before any hardening or whatnot).

There are those already working on extending the patches to add the features I mentioned. I’ll look around for others but at least I have a couple to use in the request.

I have tried the apply the patch from here, but build fails:
frameworks/base/core/res/AndroidManifest.xml:2362: error: resource string/permdesc_fakePackageSignature (aka android:string/permdesc_fakePackageSignature) not found.
frameworks/base/core/res/AndroidManifest.xml:2362: error: resource string/permlab_fakePackageSignature (aka android:string/permlab_fakePackageSignature) not found.
frameworks/base/core/res/AndroidManifest.xml:2369: error: resource string/permdesc_fakePackageSignature (aka android:string/permdesc_fakePackageSignature) not found.
frameworks/base/core/res/AndroidManifest.xml:2369: error: resource string/permlab_fakePackageSignature (aka android:string/permlab_fakePackageSignature) not found.

Don’t know and nothing found about this ‘fakePackageSignature’

“That’s because the signature spoofing is set to restricted, meaning it’s only available for system privileged apps, and not user apps.”

Good to know. I was wondering why the app shows “Signature Spoofing: DISABLED”. In that case it’s generally like that on e. If someone wants to know what it is all about, here are some details:
https://blogs.fsfe.org/larma/2016/microg-signature-spoofing-security/

1 Like

OK, here we go, on my build it’s now enabled :slight_smile: