« View all posts

CopperheadOS Beta

Posted by Team Copperhead on February 08, 2016

Most secure android CopperheadOS now in Beta

CopperheadOS has made a lot of progress towards a production quality hardened Android operating system. The project is now in the Beta phase. See the high level overview for basic details about the operating system and the technical overview for a more in-depth description of most of the features. There's now an official installation guide along with an initial attempt at build instructions without full coverage of setting up a build environment. GPG signatures have been added for the factory images since they aren't inherently signed with automatic verification like the update zips.

Progress towards a stable release can be followed via the Release milestone on the issue tracker. The completed Beta milestone shows which blocking issues were fixed to reach this point. In addition to the blocking issues, many of the security features were improved and new features were implemented. The features identified various Android bugs which were narrowed down and fixed. In many cases, the bugs were already fixed in Android's master branch and fixes that were not included in the monthly updates from Google simply had to be backported.

Since Alpha, CopperheadOS moved away from using CyanogenMod as the base for the operating system. It's now directly based on the latest stable release of the Android Open Source Project. CyanogenMod was originally chosen as the basis for CopperheadOS to leverage the broad hardware support. However, it proved to be the antithesis of the project's goals and it has lackluster support for devices outside of the Nexus line. CyanogenMod is a testing ground for new features and is perpetually broken in all kinds of new and exciting ways. It lacks a focus on security and AOSP has much better code review and higher standards for code quality. Support for devices outside of the Nexus line tends to be quite broken with no guarantees of continued support and the lack of monthly security updates from the vendors is a dealbreaker due to device specific proprietary components. The drastic changes and broad device support in CyanogenMod also hold back new version upgrades for months. AOSP provides a robust, stable base with predictable support and security updates.

Due to dropping CyanogenMod, support for devices outside of the Nexus line became impractical so Samsung Galaxy S4 support was dropped. Support for the Nexus 9 and Nexus 5X was added and supporting the Nexus 6 and Nexus 6P will happen at some point down the road.

Releases will start being tagged in the repositories at some point before the stable release in order to move towards reproducible builds and to provide a history of the changes without getting in the way of keeping the changes ready for upstreaming and porting to new versions of Android via rebasing. Since CopperheadOS is based on Android's stable branches, there's no long-term development branch. That leaves little incentive to preserve the history for a year, which would get in the way due to the need to extract the changes as standalone patches.

CopperheadOS is well on the way to stable release, but it needs your support to get there. Bug reports, ideas for security improvements, patches and donations are all highly appreciated.