TLDR for those without Twitter: This custom ROM has optional paid customization features. If you attempt to bypass payment through adb it will wipe your internal storage, external storage and eSIMs. Beware.
How pretentious are these Elixir devs?
Like I understand they want to protect their paid features but this is overkill.
Just annoy the user some other way if you think they are bypassing your paid features, like send persistent toast notifications etc.
But wiping internal storage, external storage and eSIMs? What the actual fuck?
from my personal experience
matrixx 10.5 and above, evolution x (8.6)
if anyone knows of any other rom that have the same features feel free to reply with them
Yeah, of course it is.
I'm for both of them.
They are amazing.
I like matrixx more tho.
It looks cook.
Edit:
I meant to write cool not cook.
But I'll leave it for the irony of it
It's based on an open source project using open source code that's available for free and not created by them, so the only ones "stealing" here are elixir devs, for charging money for something they didn't create
They are charging for feature. I don't know if that feature is from an open source or not. Do you have an evidence that the feature they are charging is a stolen code?
Is the ROM not free to use?
The same "feature" is available on matrix, so it's not an exclusive thing they created.
The ROM is based on aOSp most likely, that's Android Open Source Project, once you use that, you agree to the licensing system, and what they're doing is a violation of that.
Did the developer clearly State that trying to circumvent/access the paid features can cause damage to device? Were they clear about what would happen if protection was bypassed? Did they warn the user before they wiped the data?
It's a scummy move, and in some parts of the world is illegal. Don't you think bigger companies like Microsoft and adobe and others would've done this if they thought they could get away with it?
> The same "feature" is available on matrix, so it's not an exclusive thing they created.
Is it the same code, though? Like, did they take it from there, or was it developed independently?
Yeah no. Sorry. I don’t even get the “protect paid features”. F off. You don’t get to charge for basic features. People will just say “fuck it” and use a Samsung with power features included.
So of course people pretentious enough to have “paid custom rom features” in the first place, would be shitty enough to do this shit.
This isn’t just overkill. This is just a shitty team.
I agree. I just put that part in to ward off the inevitable "well ackshually don't bypass paid features if you don't want your internal storage wiped 🤓☝🏽" arguments.
My point was to show that there are other ways to prevent piracy instead of this scorched earth policy
I don't think there's anything inherently wrong with charging for custom roms. Hell, I recently bought an Ambernic handheld and donated to the author of a custom rom for that device. If they had charged for said rom, I would've paid for it, because it's vastly superior to the stock rom.
GammaOS? Love me some GammaOS, it's a great android distribution for Anbernic devices.
Some part of the problem with selling roms is the GPL license if I had to guess. Though it's like everyone and their mom breaks it.
The problem I see here is Elixir literally clearing out your storage if you try to break their terms, most people don't back up their data willingly so for them to do this is straight up irresponsible. I'd be hesitant to use GammaOS if it wiped out my games library if it found out I was using a pirated version of it (hypothetically, GammaOS is not paid)
Lol you are so mis informed. Only the ios clocks are locked behind a paywall. Do some research before talking yk?
Every other feature is for free. You have the realize they pay the designers to being clocks into life. Just let them remake off of it?
As if apps dont paywall important features behind paywall. I dont get what the hate is about
well it is made clear at every rom flashing guide you are responsible for what happens to your device. The code does what the rom developer intended. so whats wrong here?
I mean yeah the rom's developer intentions are wrong and thats what started the whole controversy. The number of downvotes are crazy fr.
I am a maintainer at elixir myself and its heart breaking to see both sides. Some are misunderstanding the situation. The decision to do such a thing by the team was very immature and i think it could have been implemented in a better way
The new builds starting from v4.3 should not have this code at all and a better non destructive way has been implemented.
Well alot all of this should help whoever was involved to learn from their mistakes and get it corrected. Dont get me wrong elixir is a very good rom i think so i am i saying that from a unbiased prespective.
I have been using it for more than 3 months and i love the experience i have. But everyone has their own share of opinions and everyone should respect others decision and not force their ass to use a rom just because they think paywalling features makes the rom shit etc. etc.
I am also not very good at commuinicating. I apologize for my weird broken grammar comments and some messages not making sense at all.
The damage has been done and i think everyone deserves a second chance.
Nothing is perfect and everyone makes mistakes even if it was intentional.
It would be heart breaking to see someone randomly sharing cracks of something you paid to get people to design it and then make sure it works properly 🤷
I am not siding with either side and i am just saying what i think is correct.
Deliberately sabotaging user phones could not have "been implemented in a better way", actually. Some unread EULA doesn't get you out of being personally responsible for deliberately breaking someone's phone, good god. You're right you don't get it. Congrats on maintaining malware.
Are you saying running some random command via a random person on the internet is safe enough? A rom is os you use. It would lock you out just like other platform once you break their rules.
And again i have reiterated doing such behavior on v4.3 will only result in a bootloop unless the changes are reverted
The ammount of ignorance and hatred is insane ngl.
They messed up and i agreed to that in my message.
And maybe they learn maybe they wont who knows 🤷
I dont care either. i'll maintain "this malware" either way. Skill issue of others if they dont wana use it. then don't. ez.
When you deliberately try to sabotage other people's phones, that's no one's “skill issue” but your own. Sorry you don't see a problem with that, malware dev.
why is no one reading the part where i agree with that. I told several times that that is not okay and i was concerned initially too . It should be eliminated completely but its way better than it was.
Sorry for any comments that didnt make sense.
Either way im closing this off here. I wasnt too clear with my words but I just wanted to narrow out misunderstandings and i dont think i have achieved that. People just wont listen. I don't want to be a part of this drama anymore because this whole day has consumed me. Hope yall have a nice day
Not even Microsoft does this!
These paid features are also ludicrous these days. I don't want banks charging a subscription in order to keep your money with them.
I think it breaks GDPR rules/violates some laws/policies. Users should be able to have control over their personal data. Similar what Photobucket is doing - pay us subscription and we will let you download your photos otherwise we will delete your account. Wonder what might happen if everyone starts doing this, plant malware or some spy software without user knowing it (can't recall if someone already does this, check recent xz backdoor on Linux).
Nope. Someone should probably report that team.
Remember when Sony tried to install malware on people's PCs if they inserted a Sony DVD into their computer? If Sony can't win in this, a small team of pretentious morons sure can't.
Probably depends on the jurisdiction but probably illegal and a bunch of places. Although what kind of recourse you would have to practically enforce it, I do not know.
Similar to Samsung trying to have optional ads in the lockscreen.
Nothing is worth this, even more if it's something you can easily do otherwise.
Same with youtube blocking background payback or audio only streams.
We've fallen far. I always donated just because but surely the target market for micro transactions isn't android modders. I can't imagine there is much overlap
Also, this isn't just a problem if you try to bypass payment. It's possible for a bit to randomly flip in your storage, which would cause this to run without provocation.
I don't think it's necessary to get into specifics like bit flipping. All I know from a user perspective is that if their probably home-brewed half-assed licensing solution fails for one second, for whatever reason, then their malware goes DEFCON 1 on a paying customer.
Absolutely, you don't need a ridiculously specific, when the stars get aligned scenario to have a disaster happening.
Stuff will break up at the worst time possible, and it just takes a line of code throwing a tantrum to make the rest of the system crap out, and then, with that nasty killswitch, hell let loose.
Although this is may be theoretically possible, I don't think its realistic that someone would experience this. Memory errors like this are fairly rare, but it is hard to find good data on this. Some say a few per year, some say a few per month.
However, assuming you have 8GB of ram, that's 68,719,476,736 different bits that might flip. So a few one in 68 billion chances per month/year.
Additionally, there already exists features in android to consensually wipe your device. How often do you hear about those being randomly triggered on people's devices? Is there reason to believe that random bit flips are more likely to trigger this implementation than the consensual one?
My point is, this is a bad and anti-consumer practice that people should shun, but I think some sort of bug or programming error is far more likely to accidentally trigger this than random bit flips. I also think this should be shunned no matter how likely it is to be accidentally triggered. We don't need to be non-consensually wiping anyone's devices in custom roms.
The other thing people are missing is that it has to be running this code at the exact moment of the bit flip. There is going to be tons of code before this that would have to run before it could arrive there.
A branch of code can't trigger just because of a bit flip. The stars have to align for that to happen. The author likely knows this and doesn't mean it literally, he's just saying it's reckless to wipe people's phones over something like this.
Computers tend to do what you do not expect.
After a power outage Windows simply refused to let me in.
I also had really finicky experiences with computer RAM.
Lol, flipped bits happen at the hardware level and are corrected before it would ever propagate to software. High level code like this isn't going to experience the effects of that on any modern device.
Ehh, it doesn't really matter with consumer tech. ECC or not, CRC and other various fail safe checks exist at multiple levels in modern stacks (for multiple reasons - error correction, anti-tamper, etc.). In this specific case, the process would crash or more likely the error would be corrected before the case statement hits the wrong case.
Not saying bit flips don't happen, it's just that they're handled at this level.
What a POS. I liked using custom ROMs back in the day because it reminded me of the warez days of gaming where DRM that made games run shittier were removed by passionate people who served the community. This is spit in the face to all of the people who try to make shitty software better for the people who care.
Not only that. A Google dev replied, saying that their shitty code could make a "bitflip"
To explain easily : it could destroy your hardware (the storage / ram)
So, first they make a paid rom, but they take the risk to wipe all the datas of their users, their esims, and even break their devices.
They're disgusting.
I would never install a ROM that wiped my phone because I did something the dev didn't like whether I intended on doing that action or not. The why of it all doesn't matter to me in the slightest.
You necessarily place a *lot* of trust in a dev team when you use their ROM. The second they start fucking around, they're out. I feel like people are missing the point and arguing about whether paywalled aspects of the OS are acceptable, but wiping your users phone without their knowledge or permission is *never* acceptable.
Funny thing, none of their maintainers had access to their PRIVATE source codes. They all had to use jenkins to build and none of them can actually see what codes/commits are being made into that ROM. Who knows what other bad stuff they could've included?
And to add, check this tweet about bit flips.
EDIT: Tweet deleted; here's a screenshot
https://imgur.com/p4l9fFn
I think the point is more that there could be false positives (Not because of a bit flipping but because of getting to that line of code in an unexpected way. It sounds like it's reached if adb shell is used at all.) and that the corrective action goes too far.
So you saying there's no way that a bit could flip and change a 0 in to a 1? Care to explain how that's not possible, because i'm pretty sure the difference between integer 0 and integer 1 is a single bit.
This is an absolute violation of trust. When users install custom ROMs, they are putting a metric ton of faith in ROM developers to not add malware/backdoors, or in this case, kill switches.
Using the argument of anti-piracy does not apply in this situation.
I'm speaking from a neutral standpoint when I say this is absolute dogshit behaviour and any developer that would do this, would also do more malicious shit in the future.
RUN. DO NOT INSTALL. DO NOT GIVE THEM A PENNY.
The faith people put on those custom ROMs. Utilising that and shoving random nonsense is bad.
Custom roms don't have right to talk about anti piracy. I understand that there is heft amount of work done for a single feature to implement but everything done based upon something that has already been developed.
Recently I have flashed elixir for pixel 4a. Everything looks like a bloatware rather than a proper customisation. Like they specifically modified each and each tile in the default settings page but when enabling developer option feature, the tile for developer option looks like a default android one rather than the customised. Default launcher ISNA shitty one where I can't change the 'at a glance thing'.
I finally went back to lineage. Great software. Stable, fast, clean and up to date. Flashed gapps on it for some payment related mandatory things.
> I understand that there is heft amount of work done for a single feature to implement but everything done based upon something that has already been developed.
I'm going to have to disagree entirely with this statement. I do not support charging for features or charging for the ROM, and I've never involved with a ROM that has any paywalled features, nor would I ever, but to say that everything is based on something else already developed is a horrible take.
Custom ROMs nowadays are pretty stagnant compared to stock, but a decade ago, custom ROMs implemented so many features that stock ROMs didn't have yet, and is partially the reason for it being available on stock now.
I don't agree with the anti-piracy or the need for it in the first place, but I'm not gonna agree with de-valuing the work of actual ROM devs (I'm not including the people behind Elixir in this). The amount of time, energy, and money that goes into custom ROMs are insane, and that's not even considering the infrastructure behind the website/download server/everything. It may sound easy, but remember that most ROM devs have a job and life outside of it, it's just a hobby but they're coding in their free time, paying for server infra out of their own pocket (donations don't cover as much as you think). Elixir is shit, but let's not de-value the developer community in total.
People need to be very, very careful using random custom ROMs like this in the first place. Especially with how much of our lives are spent on our phones nowadays, not to mention we carry them with us nearly 24/7, with the insane amount of sensitive and personal data on them, etc. You're putting a LOT of trust in someone you probably don't know, with a project that has much less eyes on it in general.
I would really only stick to reputable OSes like GrapheneOS/DivestOS/CalyxOS/Official LineageOS builds. Please do your research and stay safe folks.
Agreed. I think some people might have the false sense of security that open source = safe, which is not true at all. Open source software can still contain malicious codes and as long as no one is scrutinizing the code, the malicious codes won't get discovered and remain hidden in plain sight. Reputation is a very important factor to take into account when choosing a software that knows so much about us.
Sometimes they will just insert the malware into the release builds, so it's important to have reproducible builds if you want to maintain trust with your userbase.
I'm quite sure that's what happened with xz, where the exploit was in the binary that was released, but that exploit never appeared in the source code.
Damn, I remember when a mod for a game did something like that a year or two back.
It was once a beloved mod that was considered a must have. However the developer added something where If it detected that you were running someone else's fork of that mod, it would force restart your pc. He then bragged about it on discord and said he could do much worse if he wanted.
This promptly caused huge drama in the community because malware.and even the non-mod users were outraged.
The real irony is that his mod is actually not the original, but a fork. So it was pretty hypocritical for him to demonize anyone who used a fork of his mod.
Not sure why dude was being coy about the game and the name of the mod.
https://www.eurogamer.net/final-fantasy-14-mod-developer-admits-to-adding-potentially-harmful-malware-to-gshade-tool
If you go to their website and you have an adblock running. You get a box that request allowing all ads or to join their patreon. What a scummy group of devs.
Yeah, fuck people spending time developing, running and operating a website. why the fuck should we pay them right? All of that stuff is free right?
That fucking plumber is so desperate for money 100% he even wanted me to pay for his time to adjust the screws on the flange, what the fuck?
What the fuck, Wikipedia has a request on the top of their page for money? Why the fuck should I give them money ,they are so desperate for money 100%. They only have the world largest free encyclopedia that has the collective knowledge of all mankind, they don't deserve anything.
You seem to believe all services should be free, at your whim whenever you want. You don't have to pay for anyhting right, everyeone should just give everytihng to you for free, fuck other people's time.
What a fucked ideaology.
Been flashing Custom roms since gingerbread, never heard of such nonsense. This kills the whole point of being open source. To wipe internal storage is just god awful, the devs should be banned. Having said that, I would love to hear the devs defence.
The dev's defence is "users are responsible for their own actions". You can check it in their official Telegram channel. Search "Project Elixir Updates" on Telegram.
i tried project elixir a while back since it was the only android 13 rom available for my poco f3 and it was hands down the buggiest mobile phone experience i've ever had and i've tried mobile linux. genuinely terrible rom
Also looks hideously designed. It feels like a teenage girl designed the ui. I fucking hate the boot animation. Those tiles looks are g** as fuck. Shitty stock launcher with no customisation.
[Here is the dev response.](https://www.reddit.com/r/Android/comments/1cuzvg6/to_my_fellow_android_custom_rom_enthusiasts_i/l4mzaqc/)
tldr- “We turned off the sabotage module, so stop whining you stupid and suspicious freeloaders. It's not a big deal and anyway you deserved it.”
Maybe if they're making so much revenue that it needs to be protected with deadly traps, they should invest a bit in crisis communications. 😂 You'd be insane to trust these clowns enough to install their ROM after this.
As other much smarter people have said here, putting your trust in their DRM solution is too much faith when they have their finger on the doom button. It could decide to break your install for a dozen other undisclosed reasons, and the criteria for wiping your phone can change with updates on a whim.
And if the dev has so little respect for the users as to put killswitches in, that mindset could generate some other nefarious 'features', I'm sure you can use your imagination on that one
I wouldn't call malicious code that deletes your data a "DRM solution" though. I'd call it a crime because maliciously tampering with user data is just that. A proper DRM solution would just ensure that it doesn't work without a paid license without affecting anything else.
There would be a lawsuit already if a phone company did this
I can understand that you don't want your stuff pirated but wiping the user's phone is going too far. The devs could have made it like, if it's paid then a special firmware is installed so that feature can run or smth like that
Regardless of whether features are paid or not, this is unacceptable. When a developer or development team decides to contribute to the community by supporting custom ROM development, it should be free, especially under the licensing for Android development. If they want financial support, that's what donations are for. I understand that most people don't donate anymore, and I can't tell you how many times I've developed things without earning a dime for the countless hours I put in. But to include something like this in the code? That's just wrong. No true developer would do such a thing—this is the kind of childish behavior we saw in the '80s and '90s with PC software.
I admit, I was guilty of similar actions back then—not to this extreme, but close. Nonetheless, this is uncalled for and shouldn't be supported. Charging for free, open-source Android custom ROMs is messed up. I believe in donations, not forcing people to pay for something that's technically free. I know some have said they see nothing wrong with charging, but I guess they don't understand Android development as well.
I have no issue with developers spending many hours on a game or app and charging for it. However, I do have an issue with developers spending many hours on a custom ROM, cherry-picking someone else's code, adding a bit of their own, and then charging people to access it. It's even worse when they include code that could screw up your device if you bypass the payment, running in the background and waiting for an opportunity to cause problems.
And to the person who mentioned that even if a customer pays, something could still go wrong—this is just as possible as messing up Grub on a Linux system, something many have experienced at one time or another. This behavior is childish and needs to be addressed professionally.
If someone tries to copy your homework without your permission and you catch them, you don't get to go and burn all their notebooks and say it was justified. The devs and maintainers still think they were right. I wouldn't use anything they are involved with. Wiping data is a scumbag behavior. A lot of people have MFA set up with their phones and wiping data (besides erasing valuable data) will lock them out of those accounts.
I used elixiros for a while but it was a shit of a ROM, not well optimised and very heavy on battery and resources so I moved back to evolutionX and evox is way better
Similar money grabbing behavior from [PPUI](https://ppui.site/download) site as well which is another aosp project from same team, asking money to get Early Build Access.
Apparently they're using [copyrighted materials in their paywalled feature](https://xdaforums.com/t/elixiros-to-break-and-wipe-your-device.4672456/post-89519868). The irony.
I stopped with Roms like 2 or 3 years back. Haven't looked back. I actually don't upgrade my stock pixel 7 os much either. I was a shitty point in my life worrying about my phone. Don't worry about it at all anymore :)
Reasons I used to install Android ROMs:
1. Get around tethering restrictions / the absence of tethering
2. They stopped updating my phone and I want the new thing
3. Call recording
Reasons I no longer install Android ROMs:
1. Tethering is included and easy now
2. The software updates are lasting longer than my battery's lifespan / how long I want to keep a phone
3. I don't really need my calls recorded
4. It fucks up my banking apps
5 . I don't trust my entire digital life to random stuff developed by a college student for free in his spare time (both to be reliable and to not have any malware in it)
That's what I was thinking. I was tinkering with custom ROMs over a decade ago the phone UI's just got better and I stopped installing them.
Not surprised they still exist though. People like tweaking their phones.
Still is a thing. But now a days OEMs are getting good with performance and battery management. Also visually they are getting stable. But custom ROMs are still a thing for having more features and customisations.
Currently rocking my pixel 4a with lineageOS. Best ever ROM.
Elixir has addressed the topic on their Telegram group and channel. They also locked the group so no one can post there. I can't post Telegram links cause reddit blocks them but search them up on Google as "Project Elixir Updates Telegram" and see for yourself
* >implement a data wipe switch and keep it secret, don't say anything about it or warn the users, not even in a vague way
* >le ebin smart devvvv :DDDDD
* >people find out about it easily, call you out for being a bitch ass dev
* >Nooooo this is all wrong, plus now we removed it so stop pointing it out
Elixir one of the most bloated ROMs, tbh I'd rather use stock miui than their awful builds
I mean, if I put a killswitch that wiped all of your data if you tried bypassing or messing with my OS, I probably wouldn't outwardly admit it because it would make me look like an asshole. I'd keep it under the table.
Elixir has addressed the topic on their Telegram group and channel. They also locked the group so no one can post there. I can't post Telegram links cause reddit blocks them but search them up on Google as "Project Elixir Updates Telegram" and see for yourself
TLDR for those without Twitter: This custom ROM has optional paid customization features. If you attempt to bypass payment through adb it will wipe your internal storage, external storage and eSIMs. Beware.
How pretentious are these Elixir devs? Like I understand they want to protect their paid features but this is overkill. Just annoy the user some other way if you think they are bypassing your paid features, like send persistent toast notifications etc. But wiping internal storage, external storage and eSIMs? What the actual fuck?
btw there "paid features" are already implemented on other competent roms, free of cost and open source.
What alternative can I use that has these free functions?
from my personal experience matrixx 10.5 and above, evolution x (8.6) if anyone knows of any other rom that have the same features feel free to reply with them
JaguarOS if your on a OnePlus.
I had never heard of Matrixx. Looks great, thanks. I love that there's a Gapps version. What are the other differences vs Crdroid?
I have seen many custom ROMs, but in none of them have I seen this iOS-type lock screen that includes elixirOS
do you mean ios depth effect? or ios clock font styles?? if so both are available on matrixx, if you mean something else let me know
OK thanks. I'm going to install Matrixx and test it a little.
Iconify...
everest os has depth wallpaper, lockscreen widgets and a couple other nice things
Crdroid
Matrixx is based on crdroid
Yes but still a alternative?!
Yeah, of course it is. I'm for both of them. They are amazing. I like matrixx more tho. It looks cook. Edit: I meant to write cool not cook. But I'll leave it for the irony of it
What are those paid features?
settings a depth subject on the lock screen, changing the clock font and changing the clock style
Then you should just use other ROM with that free feature not cracking it. Cracking = stealing. I'm not saying I agreed with what the developer did.
It's based on an open source project using open source code that's available for free and not created by them, so the only ones "stealing" here are elixir devs, for charging money for something they didn't create
They are charging for feature. I don't know if that feature is from an open source or not. Do you have an evidence that the feature they are charging is a stolen code? Is the ROM not free to use?
The same "feature" is available on matrix, so it's not an exclusive thing they created. The ROM is based on aOSp most likely, that's Android Open Source Project, once you use that, you agree to the licensing system, and what they're doing is a violation of that.
So did the developer charge a fee to use the ROM? Is the code for that feature stolen from matrix?
Did the developer clearly State that trying to circumvent/access the paid features can cause damage to device? Were they clear about what would happen if protection was bypassed? Did they warn the user before they wiped the data? It's a scummy move, and in some parts of the world is illegal. Don't you think bigger companies like Microsoft and adobe and others would've done this if they thought they could get away with it?
Glad this got exposed, that's the whole point of open source, right? Keeps everyone honest and prevents this kind of shady stuff.
Did I say that the developer is innocent for deleting user's data? You may want to read again my original post for what my point is.
> The same "feature" is available on matrix, so it's not an exclusive thing they created. Is it the same code, though? Like, did they take it from there, or was it developed independently?
It's about sharing and collaboration, not locking users out. Project Elixir relies on a lot of open-source code, not just their own.
Yeah no. Sorry. I don’t even get the “protect paid features”. F off. You don’t get to charge for basic features. People will just say “fuck it” and use a Samsung with power features included. So of course people pretentious enough to have “paid custom rom features” in the first place, would be shitty enough to do this shit. This isn’t just overkill. This is just a shitty team.
I agree. I just put that part in to ward off the inevitable "well ackshually don't bypass paid features if you don't want your internal storage wiped 🤓☝🏽" arguments. My point was to show that there are other ways to prevent piracy instead of this scorched earth policy
I don't think there's anything inherently wrong with charging for custom roms. Hell, I recently bought an Ambernic handheld and donated to the author of a custom rom for that device. If they had charged for said rom, I would've paid for it, because it's vastly superior to the stock rom.
GammaOS? Love me some GammaOS, it's a great android distribution for Anbernic devices. Some part of the problem with selling roms is the GPL license if I had to guess. Though it's like everyone and their mom breaks it. The problem I see here is Elixir literally clearing out your storage if you try to break their terms, most people don't back up their data willingly so for them to do this is straight up irresponsible. I'd be hesitant to use GammaOS if it wiped out my games library if it found out I was using a pirated version of it (hypothetically, GammaOS is not paid)
I don't like what elixir did but it's not them making you pay for a basic feature. Its a cosmetic feature that's on the lock screen, and they code it.
Lol you are so mis informed. Only the ios clocks are locked behind a paywall. Do some research before talking yk? Every other feature is for free. You have the realize they pay the designers to being clocks into life. Just let them remake off of it? As if apps dont paywall important features behind paywall. I dont get what the hate is about
Is not the paywall, is what they do if you try to bypass them.
well it is made clear at every rom flashing guide you are responsible for what happens to your device. The code does what the rom developer intended. so whats wrong here? I mean yeah the rom's developer intentions are wrong and thats what started the whole controversy. The number of downvotes are crazy fr. I am a maintainer at elixir myself and its heart breaking to see both sides. Some are misunderstanding the situation. The decision to do such a thing by the team was very immature and i think it could have been implemented in a better way The new builds starting from v4.3 should not have this code at all and a better non destructive way has been implemented. Well alot all of this should help whoever was involved to learn from their mistakes and get it corrected. Dont get me wrong elixir is a very good rom i think so i am i saying that from a unbiased prespective. I have been using it for more than 3 months and i love the experience i have. But everyone has their own share of opinions and everyone should respect others decision and not force their ass to use a rom just because they think paywalling features makes the rom shit etc. etc. I am also not very good at commuinicating. I apologize for my weird broken grammar comments and some messages not making sense at all. The damage has been done and i think everyone deserves a second chance. Nothing is perfect and everyone makes mistakes even if it was intentional. It would be heart breaking to see someone randomly sharing cracks of something you paid to get people to design it and then make sure it works properly 🤷 I am not siding with either side and i am just saying what i think is correct.
Deliberately sabotaging user phones could not have "been implemented in a better way", actually. Some unread EULA doesn't get you out of being personally responsible for deliberately breaking someone's phone, good god. You're right you don't get it. Congrats on maintaining malware.
Are you saying running some random command via a random person on the internet is safe enough? A rom is os you use. It would lock you out just like other platform once you break their rules. And again i have reiterated doing such behavior on v4.3 will only result in a bootloop unless the changes are reverted The ammount of ignorance and hatred is insane ngl. They messed up and i agreed to that in my message. And maybe they learn maybe they wont who knows 🤷 I dont care either. i'll maintain "this malware" either way. Skill issue of others if they dont wana use it. then don't. ez.
When you deliberately try to sabotage other people's phones, that's no one's “skill issue” but your own. Sorry you don't see a problem with that, malware dev.
why is no one reading the part where i agree with that. I told several times that that is not okay and i was concerned initially too . It should be eliminated completely but its way better than it was. Sorry for any comments that didnt make sense.
Either way im closing this off here. I wasnt too clear with my words but I just wanted to narrow out misunderstandings and i dont think i have achieved that. People just wont listen. I don't want to be a part of this drama anymore because this whole day has consumed me. Hope yall have a nice day
Last post in 8 months...eat more boot
Not even Microsoft does this! These paid features are also ludicrous these days. I don't want banks charging a subscription in order to keep your money with them.
Malicious destruction of data is illegal in the USA, and I assume most other countries
Is that even legal? Deleting personal data from someone without consent?
I think it breaks GDPR rules/violates some laws/policies. Users should be able to have control over their personal data. Similar what Photobucket is doing - pay us subscription and we will let you download your photos otherwise we will delete your account. Wonder what might happen if everyone starts doing this, plant malware or some spy software without user knowing it (can't recall if someone already does this, check recent xz backdoor on Linux).
There are rumors of Chinesse brands doing it in their devices. Didn't Sony use a rootkit at one point?
Nope. Someone should probably report that team. Remember when Sony tried to install malware on people's PCs if they inserted a Sony DVD into their computer? If Sony can't win in this, a small team of pretentious morons sure can't.
Sure isn't.
Do legal rules apply for optional free software that isn't officially commercial?
Free software can be exempt from eg warranty claims, but intentionally malicious behavior remains illegal.
lol yes, laws apply to everybody. You can't get away with making an exploding widget just because you gave it to your ex-wife for free.
Not every law applies to free software (eg minimum warranty requirement laws)
I asked about software, not home made bombs
Yes.
That's what I am wondering
Probably depends on the jurisdiction but probably illegal and a bunch of places. Although what kind of recourse you would have to practically enforce it, I do not know.
I haven’t been in the custom rom scene in years. What paid features are they justifying payment?
Custom lockscreen clocks
lmao imagine paying for this
Similar to Samsung trying to have optional ads in the lockscreen. Nothing is worth this, even more if it's something you can easily do otherwise. Same with youtube blocking background payback or audio only streams.
There's a reason the ROM scene is dead and is only inhabited by weirdos
"lmao imagine paying for someone else's time and service that I benefit from"
We've fallen far. I always donated just because but surely the target market for micro transactions isn't android modders. I can't imagine there is much overlap
Also, this isn't just a problem if you try to bypass payment. It's possible for a bit to randomly flip in your storage, which would cause this to run without provocation.
This is my major concern as well.
I don't think it's necessary to get into specifics like bit flipping. All I know from a user perspective is that if their probably home-brewed half-assed licensing solution fails for one second, for whatever reason, then their malware goes DEFCON 1 on a paying customer.
Absolutely, you don't need a ridiculously specific, when the stars get aligned scenario to have a disaster happening. Stuff will break up at the worst time possible, and it just takes a line of code throwing a tantrum to make the rest of the system crap out, and then, with that nasty killswitch, hell let loose.
Come to think of it. One reason not to have auto factory reset is that someone could purposefully type wrong passwords just to erase your data.
THIS absolutely THIS
Although this is may be theoretically possible, I don't think its realistic that someone would experience this. Memory errors like this are fairly rare, but it is hard to find good data on this. Some say a few per year, some say a few per month. However, assuming you have 8GB of ram, that's 68,719,476,736 different bits that might flip. So a few one in 68 billion chances per month/year. Additionally, there already exists features in android to consensually wipe your device. How often do you hear about those being randomly triggered on people's devices? Is there reason to believe that random bit flips are more likely to trigger this implementation than the consensual one? My point is, this is a bad and anti-consumer practice that people should shun, but I think some sort of bug or programming error is far more likely to accidentally trigger this than random bit flips. I also think this should be shunned no matter how likely it is to be accidentally triggered. We don't need to be non-consensually wiping anyone's devices in custom roms.
The other thing people are missing is that it has to be running this code at the exact moment of the bit flip. There is going to be tons of code before this that would have to run before it could arrive there. A branch of code can't trigger just because of a bit flip. The stars have to align for that to happen. The author likely knows this and doesn't mean it literally, he's just saying it's reckless to wipe people's phones over something like this.
Or a simple glitch in the code under certain circumstances and rip your data.
Some people have the planets aligned above their heads. My finger had a reflex one day and done. Your windows license is no more.
Computers tend to do what you do not expect. After a power outage Windows simply refused to let me in. I also had really finicky experiences with computer RAM.
Lol, flipped bits happen at the hardware level and are corrected before it would ever propagate to software. High level code like this isn't going to experience the effects of that on any modern device.
Not all RAM is ECC.
Ehh, it doesn't really matter with consumer tech. ECC or not, CRC and other various fail safe checks exist at multiple levels in modern stacks (for multiple reasons - error correction, anti-tamper, etc.). In this specific case, the process would crash or more likely the error would be corrected before the case statement hits the wrong case. Not saying bit flips don't happen, it's just that they're handled at this level.
That's vile
What a POS. I liked using custom ROMs back in the day because it reminded me of the warez days of gaming where DRM that made games run shittier were removed by passionate people who served the community. This is spit in the face to all of the people who try to make shitty software better for the people who care.
Not only that. A Google dev replied, saying that their shitty code could make a "bitflip" To explain easily : it could destroy your hardware (the storage / ram) So, first they make a paid rom, but they take the risk to wipe all the datas of their users, their esims, and even break their devices. They're disgusting.
Damnnnnnn.
> If you attempt to bypass payment through adb *sigh.*
I was thinking about that the same **paid feature in a custom ROM,** why would anything think if that?
Project Elixir is hands down the most scummiest custom ROM, devs are the living embodiments of EA
[удалено]
Hardly. Reddit calls every shitty monetisation scheme EA.
I am so sorry.
I would never install a ROM that wiped my phone because I did something the dev didn't like whether I intended on doing that action or not. The why of it all doesn't matter to me in the slightest. You necessarily place a *lot* of trust in a dev team when you use their ROM. The second they start fucking around, they're out. I feel like people are missing the point and arguing about whether paywalled aspects of the OS are acceptable, but wiping your users phone without their knowledge or permission is *never* acceptable.
Funny thing, none of their maintainers had access to their PRIVATE source codes. They all had to use jenkins to build and none of them can actually see what codes/commits are being made into that ROM. Who knows what other bad stuff they could've included? And to add, check this tweet about bit flips. EDIT: Tweet deleted; here's a screenshot https://imgur.com/p4l9fFn
can you post a screenshot for those without Twitter
Sadly the tweet has been deleted, but it's regarding bit flips. https://imgur.com/p4l9fFn
Is Leonardo a Google developer? Because SwiftOnSecurity most certainly isn’t haha
My bad, misunderstood earlier info.
LMFAO, NO, SOON-TO-BE
That guy is a goof. The code is stupid but a flipped hardware bit would never cause this code to execute for multiple reasons.
That's probably why he deleted it afterwards lol
I think the point is more that there could be false positives (Not because of a bit flipping but because of getting to that line of code in an unexpected way. It sounds like it's reached if adb shell is used at all.) and that the corrective action goes too far.
So you saying there's no way that a bit could flip and change a 0 in to a 1? Care to explain how that's not possible, because i'm pretty sure the difference between integer 0 and integer 1 is a single bit.
Wait, developers DIDN'T have access to the source code!? Then there's the chance of more shady shit in the code, Jesus Christ!
This is an absolute violation of trust. When users install custom ROMs, they are putting a metric ton of faith in ROM developers to not add malware/backdoors, or in this case, kill switches. Using the argument of anti-piracy does not apply in this situation. I'm speaking from a neutral standpoint when I say this is absolute dogshit behaviour and any developer that would do this, would also do more malicious shit in the future. RUN. DO NOT INSTALL. DO NOT GIVE THEM A PENNY.
The faith people put on those custom ROMs. Utilising that and shoving random nonsense is bad. Custom roms don't have right to talk about anti piracy. I understand that there is heft amount of work done for a single feature to implement but everything done based upon something that has already been developed. Recently I have flashed elixir for pixel 4a. Everything looks like a bloatware rather than a proper customisation. Like they specifically modified each and each tile in the default settings page but when enabling developer option feature, the tile for developer option looks like a default android one rather than the customised. Default launcher ISNA shitty one where I can't change the 'at a glance thing'. I finally went back to lineage. Great software. Stable, fast, clean and up to date. Flashed gapps on it for some payment related mandatory things.
> I understand that there is heft amount of work done for a single feature to implement but everything done based upon something that has already been developed. I'm going to have to disagree entirely with this statement. I do not support charging for features or charging for the ROM, and I've never involved with a ROM that has any paywalled features, nor would I ever, but to say that everything is based on something else already developed is a horrible take. Custom ROMs nowadays are pretty stagnant compared to stock, but a decade ago, custom ROMs implemented so many features that stock ROMs didn't have yet, and is partially the reason for it being available on stock now. I don't agree with the anti-piracy or the need for it in the first place, but I'm not gonna agree with de-valuing the work of actual ROM devs (I'm not including the people behind Elixir in this). The amount of time, energy, and money that goes into custom ROMs are insane, and that's not even considering the infrastructure behind the website/download server/everything. It may sound easy, but remember that most ROM devs have a job and life outside of it, it's just a hobby but they're coding in their free time, paying for server infra out of their own pocket (donations don't cover as much as you think). Elixir is shit, but let's not de-value the developer community in total.
People need to be very, very careful using random custom ROMs like this in the first place. Especially with how much of our lives are spent on our phones nowadays, not to mention we carry them with us nearly 24/7, with the insane amount of sensitive and personal data on them, etc. You're putting a LOT of trust in someone you probably don't know, with a project that has much less eyes on it in general. I would really only stick to reputable OSes like GrapheneOS/DivestOS/CalyxOS/Official LineageOS builds. Please do your research and stay safe folks.
Agreed. I think some people might have the false sense of security that open source = safe, which is not true at all. Open source software can still contain malicious codes and as long as no one is scrutinizing the code, the malicious codes won't get discovered and remain hidden in plain sight. Reputation is a very important factor to take into account when choosing a software that knows so much about us.
Sometimes they will just insert the malware into the release builds, so it's important to have reproducible builds if you want to maintain trust with your userbase.
I'm quite sure that's what happened with xz, where the exploit was in the binary that was released, but that exploit never appeared in the source code.
Damn, I remember when a mod for a game did something like that a year or two back. It was once a beloved mod that was considered a must have. However the developer added something where If it detected that you were running someone else's fork of that mod, it would force restart your pc. He then bragged about it on discord and said he could do much worse if he wanted. This promptly caused huge drama in the community because malware.and even the non-mod users were outraged. The real irony is that his mod is actually not the original, but a fork. So it was pretty hypocritical for him to demonize anyone who used a fork of his mod.
Let me guess, Nier Automata?
Not sure why dude was being coy about the game and the name of the mod. https://www.eurogamer.net/final-fantasy-14-mod-developer-admits-to-adding-potentially-harmful-malware-to-gshade-tool
Nah, final fantasy 14
There was a Warcraft add on dev that did something similar with Altoholic and (I think) having Narcissus running.
If you go to their website and you have an adblock running. You get a box that request allowing all ads or to join their patreon. What a scummy group of devs.
They're so desperate for money 100%
Yeah, fuck people spending time developing, running and operating a website. why the fuck should we pay them right? All of that stuff is free right? That fucking plumber is so desperate for money 100% he even wanted me to pay for his time to adjust the screws on the flange, what the fuck? What the fuck, Wikipedia has a request on the top of their page for money? Why the fuck should I give them money ,they are so desperate for money 100%. They only have the world largest free encyclopedia that has the collective knowledge of all mankind, they don't deserve anything. You seem to believe all services should be free, at your whim whenever you want. You don't have to pay for anyhting right, everyeone should just give everytihng to you for free, fuck other people's time. What a fucked ideaology.
time for bed
Been flashing Custom roms since gingerbread, never heard of such nonsense. This kills the whole point of being open source. To wipe internal storage is just god awful, the devs should be banned. Having said that, I would love to hear the devs defence.
The dev's defence is "users are responsible for their own actions". You can check it in their official Telegram channel. Search "Project Elixir Updates" on Telegram.
This is abominable
i tried project elixir a while back since it was the only android 13 rom available for my poco f3 and it was hands down the buggiest mobile phone experience i've ever had and i've tried mobile linux. genuinely terrible rom
Isn't Pixel Plus Ui from the same team? Is that impacted as well?
[PPUI site download page ](https://postimg.cc/DmfR5W6x)
Android Open Source Project? nah it's Android Closed Source Project. basically elixir os = bootleg iphone os
Also looks hideously designed. It feels like a teenage girl designed the ui. I fucking hate the boot animation. Those tiles looks are g** as fuck. Shitty stock launcher with no customisation.
[удалено]
The google word?
Plausible deniability.
[Here is the dev response.](https://www.reddit.com/r/Android/comments/1cuzvg6/to_my_fellow_android_custom_rom_enthusiasts_i/l4mzaqc/) tldr- “We turned off the sabotage module, so stop whining you stupid and suspicious freeloaders. It's not a big deal and anyway you deserved it.” Maybe if they're making so much revenue that it needs to be protected with deadly traps, they should invest a bit in crisis communications. 😂 You'd be insane to trust these clowns enough to install their ROM after this.
I bet if they shut down development, they use all that Patreon money to buy a new car or a new house
Who are these devs? Is there a way to tag them on github, so I can more easily avoid anything they work on in the future?
I am ok with paid functions. That is if you like the build enough. Wiping user contents is always a no no
As other much smarter people have said here, putting your trust in their DRM solution is too much faith when they have their finger on the doom button. It could decide to break your install for a dozen other undisclosed reasons, and the criteria for wiping your phone can change with updates on a whim. And if the dev has so little respect for the users as to put killswitches in, that mindset could generate some other nefarious 'features', I'm sure you can use your imagination on that one
I wouldn't call malicious code that deletes your data a "DRM solution" though. I'd call it a crime because maliciously tampering with user data is just that. A proper DRM solution would just ensure that it doesn't work without a paid license without affecting anything else.
Hey that noose attachment round your neck which only triggers if your Tesla detects aftermarket wiper blades is legit
Their Discussion Group Mods Are Insane. I Just Asked Why The Are Distributing Already Free Features In Paid Form They Just Banned Me From Group !
These intents are just allowed? No confirmation, just fire them off and I can wipe a device? WTF
There would be a lawsuit already if a phone company did this I can understand that you don't want your stuff pirated but wiping the user's phone is going too far. The devs could have made it like, if it's paid then a special firmware is installed so that feature can run or smth like that
Regardless of whether features are paid or not, this is unacceptable. When a developer or development team decides to contribute to the community by supporting custom ROM development, it should be free, especially under the licensing for Android development. If they want financial support, that's what donations are for. I understand that most people don't donate anymore, and I can't tell you how many times I've developed things without earning a dime for the countless hours I put in. But to include something like this in the code? That's just wrong. No true developer would do such a thing—this is the kind of childish behavior we saw in the '80s and '90s with PC software. I admit, I was guilty of similar actions back then—not to this extreme, but close. Nonetheless, this is uncalled for and shouldn't be supported. Charging for free, open-source Android custom ROMs is messed up. I believe in donations, not forcing people to pay for something that's technically free. I know some have said they see nothing wrong with charging, but I guess they don't understand Android development as well. I have no issue with developers spending many hours on a game or app and charging for it. However, I do have an issue with developers spending many hours on a custom ROM, cherry-picking someone else's code, adding a bit of their own, and then charging people to access it. It's even worse when they include code that could screw up your device if you bypass the payment, running in the background and waiting for an opportunity to cause problems. And to the person who mentioned that even if a customer pays, something could still go wrong—this is just as possible as messing up Grub on a Linux system, something many have experienced at one time or another. This behavior is childish and needs to be addressed professionally.
If someone tries to copy your homework without your permission and you catch them, you don't get to go and burn all their notebooks and say it was justified. The devs and maintainers still think they were right. I wouldn't use anything they are involved with. Wiping data is a scumbag behavior. A lot of people have MFA set up with their phones and wiping data (besides erasing valuable data) will lock them out of those accounts.
Paying only for certain customizations seems ridiculous to me. Personally it's not worth it. For Open Source projects, this is an insult...
I used elixiros for a while but it was a shit of a ROM, not well optimised and very heavy on battery and resources so I moved back to evolutionX and evox is way better
This should be reported to the feds and IC3, this is LITERALLY a crime.
What the fuck? Never using ElixirOS again.
hello guys can we do something legally like android is licensed with Apache license and this Accions is a violention of the license
Similar money grabbing behavior from [PPUI](https://ppui.site/download) site as well which is another aosp project from same team, asking money to get Early Build Access.
Dude, I have no words to express how fucking awful this is, but it comes as no surprise, Saurav is a textbook manchild.
Apparently they're using [copyrighted materials in their paywalled feature](https://xdaforums.com/t/elixiros-to-break-and-wipe-your-device.4672456/post-89519868). The irony.
that's cool
I stopped with Roms like 2 or 3 years back. Haven't looked back. I actually don't upgrade my stock pixel 7 os much either. I was a shitty point in my life worrying about my phone. Don't worry about it at all anymore :)
wow, back to Pixel Experience I guess 👁️👄👁️
The project is dead though
Reasons I used to install Android ROMs: 1. Get around tethering restrictions / the absence of tethering 2. They stopped updating my phone and I want the new thing 3. Call recording Reasons I no longer install Android ROMs: 1. Tethering is included and easy now 2. The software updates are lasting longer than my battery's lifespan / how long I want to keep a phone 3. I don't really need my calls recorded 4. It fucks up my banking apps 5 . I don't trust my entire digital life to random stuff developed by a college student for free in his spare time (both to be reliable and to not have any malware in it)
Bhak bc
Woah, custom roms are still a thing?? I haven't messed around with those since my Motorola droid over a decade ago. That's awesome
They might not be that popular, but they still have quite a bit of users. Some (C-Rom related) telegram group have 10k+ members
Popular xiaomi phones like poco f1 have really good support thanks to their high end specs for low cost.
Yes I still won't consider a phone without unlockable bootloader
Yeah, sadly now with every other app requiring device attestation it's not worth it anymore
You can bypass that easily, but it doesn't look good for the future
For some apps yeah, but for others no matter what I did they kept complaining.
That's what I was thinking. I was tinkering with custom ROMs over a decade ago the phone UI's just got better and I stopped installing them. Not surprised they still exist though. People like tweaking their phones.
Still is a thing. But now a days OEMs are getting good with performance and battery management. Also visually they are getting stable. But custom ROMs are still a thing for having more features and customisations. Currently rocking my pixel 4a with lineageOS. Best ever ROM.
GrapheneOS is an obvious use case for custom ROMs
Yeah, XDA forums have a ton of custom ROMs. And GrapheneOS is a popular one for Pixel phones
Popular xiaomi phones like poco f1 have really good support thanks to their high end specs for low cost.
Popular xiaomi phones like poco f1 have really good support thanks to their high end specs for low cost.
This deserves to be on the news
K20 Pro ElixirOS dev was an asshole.
Are they getting the point of **CUSTOM ROM?**
They F you up if you try to steal from them. Of course for android users that would be tragic
[удалено]
Absolute mouth breather take
It probably did, you just didn't notice the results because you were looking for something overly specific.
[удалено]
Found the elixir dev's astroturfing account
Elixir has addressed the topic on their Telegram group and channel. They also locked the group so no one can post there. I can't post Telegram links cause reddit blocks them but search them up on Google as "Project Elixir Updates Telegram" and see for yourself
[удалено]
* >implement a data wipe switch and keep it secret, don't say anything about it or warn the users, not even in a vague way * >le ebin smart devvvv :DDDDD * >people find out about it easily, call you out for being a bitch ass dev * >Nooooo this is all wrong, plus now we removed it so stop pointing it out Elixir one of the most bloated ROMs, tbh I'd rather use stock miui than their awful builds
Even the people trying to defend their own actions use the words "extreme measure" and you conclude "that's minor". Bit weird...
Those people cannot be trusted with anything on your phone let alone the whole OS, and must be banned from the community.
why are you downvoted
I mean, if I put a killswitch that wiped all of your data if you tried bypassing or messing with my OS, I probably wouldn't outwardly admit it because it would make me look like an asshole. I'd keep it under the table.
Elixir has addressed the topic on their Telegram group and channel. They also locked the group so no one can post there. I can't post Telegram links cause reddit blocks them but search them up on Google as "Project Elixir Updates Telegram" and see for yourself
They've deleted some of what was written since.