Replicant 6.0 development updates

Replicant 6.0 is moving forward and quite some work has been done over the last months.

Galaxy S2

Only the Galaxy S3 was supported for a very long time. Recently, support for the Galaxy S2 was added. This was made possible because two community members, Grim Kriegor and dllud, sent me a device. The initial work on the device by another community member, Jookia, also gave me a head start for the port.


In December, I attended the 8th Open Hard- and Software Workshop which was a great opportunity to discuss and work on various topics related to the GTA04. I assisted Lukas Märdian from Goldelico with porting Replicant 6.0 to the GTA04 and at the end of the workshop, we were able to boot Replicant 6.0 and had basic functionality working. Lukas continues to work on the port and I’m planning to integrate his changes and get Replicant 6.0 ready for the GTA04.

Support for external WiFi dongles with the AR9271 chipset

After you have installed Replicant on one of the supported devices, you will notice that WiFi doesn’t work. The reason is that the WiFi chips on all supported devices need a proprietary firmware to be loaded onto the chip. As Replicant only ships free software, this firmware is not included in an image.
An alternative is to use an external WiFi dongle with an USB OTG cable. A free firmware exists for the AR9271 chipset and various WiFi adapters use this chipset. Tehnoetic provided patches for initial support in Replicant 4.2. For Replicant 6.0, I went a different way and backported the necessary changes from the 3.4 Linux kernel to the kernel for the Galaxy S2 and S3. Such dongles are now operable with these two devices. Fil Bergamo is working on scripts to make it easy to use WiFi adapters. You can find more information in this forum thread.

Graphics rendering

The previous blog post already metioned that I’m working on the graphics acceleration. Mesa llvmpipe can now be used as an alternative to the Android software renderer. Unfortunately, llvmpipe is still too slow and the Android software renderer stays the default graphics renderer for now. But it’s possible to use some more apps like Firefox-based browsers with llvmpipe that wouldn’t work with the Android software renderer. Llvmpipe also makes it possible to use a recent webview. For now, Replicant 6.0 is stuck with the last webview version that worked with the Android software renderer. Optimizing llvmpipe for ARM likely would make it fast enough. Any help in this regard would be greatly appreciated!
Another long-standing issue is related to the software rendering: QR code scanning or in general barcode scanning didn’t work with Replicant because the software renderer requires a camera preview format that is incompatible with barcode scanner apps. I was able to fix it by doing the neccessary conversions of preview frames that are requested by barcode scanner apps.


I moved the build system from Debian Jessie to the upcoming Debian release with the codename Stretch. The Debian Android Tools team has packaged quite a few more build tools in Stretch which can now be used instead of prebuilt binaries from the default Android toolchain. The whole effort makes the Replicant build process more trustworthy and ensures that all build tools are verifiable and built using only free software.

Security/privacy enhancements

Besides fixing various bugs, I’m especially committed to making Replicant more secure. Originally, I started contributing to Replicant by submitting patches for known security issues in Replicant 4.2. Security updates for the kernel and the Android system are included in Replicant 6.0 as quickly as possible, but delays can always happen due to various reasons. Furthermore, I started to include some security/privacy enhancements from CopperheadOS.

Current work and future plans

Porting Replicant 6.0 to more devices is a priority right now. Besides devices that are already supported by Replicant 4.2, some new targets are evaluated. An interesting target is the LTE variant of the Galaxy S3 (GT-I9305). Currently, only the non-LTE variant (GT-I9300) is supported by Replicant and Replicant doesn’t support any 4G-enabled phone yet. It’s possible to build a Replicant 6.0 image for the LTE variant, but it lacks support for the modem. The main task of the port will be to write a free implementation of the modem interface for telephony, SMS and mobile data.
I also played with the mainline kernel on the Galaxy S3 and I was able to boot Replicant 6.0 on top of the Linux 4.8 kernel with a few patches so that it was usable with very limited functionality. I will share more results from this endeavor in the future.
Replicant is based on CyanogenMod 13.0. As the CyanogenMod project was discontinued, future Replicant 6.0 versions will be based on its successor, LineageOS 13.0.

Replicant 6.0 early work, upstream work and F-Droid issue

Replicant 6.0 early work and associated efforts: At Replicant, things are moving again: Replicant is being updated from Android 4.2 to Android 6.0 by Wolfgang Wiedmeyer. The status and feedback takes place in the forums before it is reviewed and integrated in the official Replicant repositories. This work is currently being done for the Galaxy S 3 (I9300).

At the same time, Wolfgang Wiedmeyer is also working on the following for Replicant 6.0:

  • Graphics acceleration with mesa and llvmpipe: while this still uses the CPU, it should be faster and more feature-complete than the default implementation. This will hopefully fix some of the previously non-working applications in F-Droid.
  • Building the toolchains: Replicant has always used some pre-built toolchains and utilities. Building such tools and/or using the ones from GNU/Linux distributions will make Replicant more trustworthy.

Replicant 6.0 should also bring full device encryption and SELinux support.

Future directions: In the future we also want to be able to support the upstream Linux kernel for devices with a minimal amount of effort. This was made possible thanks to:

  • Android becoming more standard: it now requires very few changes to the upstream Linux to work. Linux also received changes that made it possible.
  • The fact that the amount of work required to mainline a device in Linux has drastically been reduced, for some of the devices we target.

Devices such as the GTA04 and the Optimus Black are good targets for upstream Linux kernel support. They also allow running free bootloaders.

In a similar fashion, we also want to be able to support upstream bootloaders, such as U-Boot.

We hope that this will allow us to have longer term support for such devices. Even if Replicant is unable to continue to support such devices in the future, having them supported by upstream software will potentially enable users to use them with other free software distributions.

We have thus started the work to support devices such as the Optimus Black and the Kindle Fire (first generation) in upstream Linux and U-Boot. Other projects and individuals are also very actively adding support for other devices, such as Allwinner tablets, that will benefit Replicant eventually.

Helping Replicant by contributing to F-Droid: Replicant is supported, recommended by the FSF and listed as a fully free software distribution that respects the GNU Free System Distribution Guidelines, along with other GNU/Linux distributions such as Trisquel or Parabola. Replicant
ships the F-Droid package manager in its images.

F-droid is committed to distributing only free software, and it does. However some of it does not comply with the GNU Free System Distribution Guidelines.

Practically speaking some of the applications F-Droid distributes:

While the list of such anti-features is displayed in red when selecting an application in F-Droid, applications with anti-features are still listed aside compliant ones. This is also quite confusing since free software isn’t expected to contain
such anti-features in the first place.

It took Replicant a long time to realize the issue, this is due
to its developers being very busy, to the fact that the anti-feature
display is confusing and that there was no clear smoking gun.

After an investigation, that was delayed due to the lack of time, a
smoking gun was finally found, and a bug report was opened on the Replicant side.

At FOSDEM 2016, the issue was discussed with F-Droid developers in order to find a way to fix it. On their side, F-Droid developers also opened a bug report. Due to various reasons, progress was very slow and we recently learned that efforts to fix this issue came to a stall.

Replicant developers are more dedicated and used to working on system programming than writing or modifying Android applications. They are also really busy doing so. However, some individuals wanting to help Replicant may be able to work on Android applications, with some time to do so. This is exactly the kind of skills required to solve this issue in F-Droid. Getting it fixed is crucially important for Replicant.

If you’re interested to jump-in and help resolve this issue, please get in touch with us or with F-Droid developers directly to get directions on how to get started.

Media from 2016 Replicant talks

Various media, including slides and video recordings, from recent talks about Replicant are available on the Replicant wiki Conferences page, including :

Some of these presentations are great ways to get an overview of the freedom and privacy/security issues associated with mobile devices, either in English or French. They also offer an introduction to Replicant within that context. Other presentations cover specific technical aspects related to liberating devices at the lower levels.

Shops selling devices pre-installed with Replicant

A few months ago, we were contacted to discuss the endorsement of an online shop selling mobile devices pre-installed with Replicant: Qibre Computer Hardware. While we’re very happy to see such initiatives being developed, we asked for some conditions to be met before endorsing the shop, especially conditions that have to do with informing final users:

  • Users should not be mislead into believing that the devices are fine for freedom and privacy/security. There are plenty of issues remaining, that are explained in general on the Freedom and privacy/security issues page of the website and in greater details on each device’s wiki page (when documented). Those are out of the scope of free software support in Replicant, but it is crucial to mention them when selling a full device. Linking to these resources is a fine way to ensure that customers have access to that information.
  • The devices should ship with the official version of Replicant, not a version that was built from source and signed with different keys. However, it is fine to pre-install free applications originating from F-Droid on top of the system, as long as users are made aware of it.

Qibre has now stopped its activity until further notice.

A few weeks ago, Tehnoetic started selling devices pre-installed with Replicant and was featured on the FSF’s Ethical Tech Giving Guide and FSFE’s Free Your Android campaign. At this point, the following devices can be bought pre-installed with Replicant from Tehnoetic:

Tehnoetic donates a part of the phone sales profits to Replicant and F-Droid projects. In December, Tehnoetic donated Replicant $101 USD.

Thus, buying devices actually helps Replicant move forward! Buying from these shops rather than third-party resellers also helps them secure money to get stocks of Replicant-supported devices in large quantities, so that it remains possible to buy them for a long time!

Upcoming events for Replicant in October/November 2015

Even though development on Replicant is still moving forward at a pretty slow pace, we believe it is crucial to spread the word about the project in order to encourage more people to get involved but also to teach people about the underlying problems for freedom and privacy/security on mobile devices.

During the next two months, Replicant will take part in various free software conferences and events in France. A talk about Replicant, freedom and privacy/security will be given at each event, sometimes with a workshop or some form of public discussion, such as participation in a round table.

Starting next week-end, Replicant will be at the following events:

Those talks will be opened by Benjamin Bayart, iconic figure in the French free software community and long time activist for electronic liberties and net neutrality.

We hope to see as many of you as possible, to help spread the word about Replicant, freedom and privacy/security on mobile devices! As usual, each event will be an occasion to verify the Replicant release key and get some help installing the system on your device! Donations are also welcome, as they make it possible for me to attend such events at all.

See you soon!

November update: Due to the recent attacks in Paris, Capitole du Libre was canceled and Bazar du Libre is taking place in Toulouse on November 21-22. The talk about Replicant was rescheduled in Mix’art Myrys, room 2 at 3:00 pm.

Replicant 4.2 0004 images release

Even though things are moving slowly at Replicant, we figured it was time to release another batch of Replicant 4.2 images. This release doesn’t add support for any new device, but has a focus on security instead, thanks to an active member of the community: Moritz (also known as My Self on the forums). For months, Moritz has been evaluating whether Replicant is affected by various vulnerabilities, retrofitting patches to close those vulnerabilities and submitting these for inclusion in Replicant. Thanks to his great work, this release includes fixes for security issues such as the Stagefright vulnerability or the Installer Hijacking vulnerability.

Since the previous release, all the Replicant-specific source code was moved over to, that is gracefully hosted by the FSF. We are planning on moving all the Replicant source code over to that new server, so that we don’t have to rely on third parties such as CyanogenMod and AOSP to provide the full source code for Replicant. In the meantime, we have started tagging the commits used for each release and signing those tags with the Replicant release key, so that it’s possible to reliably retrieve the source code for a given Replicant release. Those tags are also combined in the release metadata’s git-tags.

For a complete list of changes, you can take a look at the changelog. Installation instructions are available for each device, as well as build guides.

You’re welcome to join-in and contribute code to Replicant! Resources to get started on development are available on the wiki, as well as a list of tasks to improve Replicant.

RMLL feedback, Optimus Black advancement and CCCamp

Two weeks ago, I took part in RMLL as advertised on the Replicant blog shortly before the event. This year again, it was a really nice event to be a part of. Lots of people showed interest for Replicant and some even came specifically to see my talks about the project: what a pleasant surprise! The videos of my talks are already available on the RMLL website and they were also added to the Conferences page of the Replicant wiki.

Back from the event, the development effort was focused on cleaning up the bits and pieces laying around for Optimus Black support in U-Boot, now that the merge window is open. A patch series was sent for review earlier today and despite being incomplete as of now, it will serve as a solid base for future additions. Some more work is indeed required to have all the necessary features supported, but those patches will be written in a non-upstreamable way for Replicant at first. The current status of those dirty patches allows booting CyanogenMod without too much trouble, except for the occasional random reboot and other oddities that still have to be sorted out before it can seriously be used for daily use.

Thus, with basic bootloader support out of the way, it’s time to start the Replicant port to the device. Communication with the modem will require some heavy work on Hayes-RIL, our implementation of the AT protocol radio interface layer, that is supposed to be more modern and robust than other implementations. Other fundamental parts required to have Replicant running with sufficient features to make the device useful should be less trouble.

In a month or so, the Chaos Communication Camp will take place in Germany, organized by the almost mythical Chaos Computer Club. Replicant is going to take part in the event, hopefully with a lightning talk and/or less formal self-organized events. The camp will be a great occasion to chat a bit about the current state of the art of software freedom on mobile devices, and more! Various other interesting projects will be there as well: members of the Neo900 project will hold the Neo village, where I’ll be likely to be found. As usual, I’ll also be available to verify the Replicant release key fingerprint, help newcomers install Replicant on their device and basically anything else that I can help with!

Replicant source code hosting and RMLL 2015

As mentioned a few months ago, Gitorious is closing down and even though the Replicant project page can still be reached there, cloning the repositories has been broken for some time. After thoroughly evaluating all the hosting possibilities for Replicant (thanks to the many suggestions from the community!), we have finally reached a decision. We didn’t want to be affiliated with a hosting provider that doesn’t match Replicant’s core values, that are all about software freedom. In addition, it seemed better not to be hosted by a third party, to ensure the security of the source code. These criteria left us with very little choice available, but thankfully, we were able to comply with them, as the Replicant source code is now hosted by the Free Software Foundaton, at!

We are very thankful to the FSF for providing us with that solution and the hardware required for our needs (the Replicant source code is very large). Eventually, we will move all the Replicant source there, as opposed to only the parts of CyanogenMod and AOSP that we modified, so that we don’t have to rely on any third party at all.

With all those discussions going on, I almost forgot to mention that I will be taking part in RMLL/LSM again this summer. The event takes place in Beauvais, France (near Paris) from July 6th to 10th (sorry for the short notice). I will be presenting two talks there, one about the overall state of the Replicant project, in French, and one about liberating mobile devices from the ground up, in English. In addition, I will be taking part in a workshop on free embedded devices in room 219, were I will show a few embedded devices running free software.

As usual, everyone is welcome to come, say hi and have a nice chat. It’s also possible to verify the Replicant release GPG key in person to trust the verification of our images releases. And of course, I’ll be available to help install Replicant on supported devices!

What’s happening (or not) at Replicant

Two months ago, I (Paul Kocialkowski) gave a talk about reached milestones and ongoing development on Replicant at FOSDEM, one of the biggest yearly European gatherings of free software developers. I was thrilled to meet people interested in Replicant there and pleased to chat with many other free software developers, working on various fields. As usual, talks were recorded and most of those recordings are now available on the FOSDEM website, with no exception for the embedded devroom, where I gave my talk and joined an embedded freedom roundtable with Carsten Munk from Jolla and the attendance. A WebM version of the talk is available on the Conferences page of the wiki.

Back from FOSDEM, most of my work was focused on U-Boot (the universal bootloader) for the LG Optimus Black and Sunxi (Allwinner) devices. Things are starting to look good on the LG Optimus Black, which now correctly boots Android without random run-time faults. As usual, things are moving very slowly due to the lack of time. The next step there will be to submit the first batch of LG Optimus Black support for inclusion in upstream U-Boot.

The Replicant code itself hasn’t changed much in the past months, since I am focusing on bootloaders development at this point. In addition, Gitorious is now closing down and while we have all the source code uploaded there backed up, we’re looking for an alternative solution that doesn’t compromise on the core values behind Replicant and offers significant guarantees. Because of this situation, nothing is to be committed to the repositories before they are moved to a new location, that we are yet to find.
However, some security updates were kindly submitted by the community and those will be reviewed and integrated as soon as everything is back up and running.

So hopefully, things will start moving faster in a bit!

Replicant homepage and roadmap for the future

For a long time, the entry point for Replicant on the web was our blog, which holds status reports and news about the project. However, it did not fit well for providing easy access to relevant material about the project, nor did it give our (growing) community the attention it deserves. This is why we decided to launch a new homepage for the project, highlighting what really matters, in style.
We believe it is a good thing to have, in order to clearly spread the word about Replicant and ease the understanding of our message. The new homepage provides a clear explanation of what Replicant is about, provides answers to some common questions about the project and most importantly, holds a detailed overview of the core freedom and privacy/security issues that we face on mobile devices today, as well as recommendations regarding these topics.

Regarding progress in development, a few things happened recently and a lot more is on the way: time to take a step back, look at what’s in the works and what is next on our roadmap.
After attending RMLL/LSM in Montpellier, France, most of the development time was spent on completing a full rewrite of Samsung-RIL, the software in charge of the various aspects of telephony and mobile data on the Samsung devices we support. This rewrite brings many advantages in terms of stability, features support and also provides a sane and clear base to make external contributions easier. While this is an important contribution to achieve software freedom on mobile devices, these Samsung devices are severely flawed as they don’t allow running free bootloaders.

For some time already, we have decided to focus our development effort on better devices, that can run free bootloaders, in addition to a free system such as Replicant. First, we decided to bring Replicant 4.2 support to the Goldelico GTA04 and have already made good progress since the start. It is not currently usable as a daily phone, but we are confident about the future. The next step in the process is to work on supporting Allwinner devices, starting with cheap Chinese tablets. We are proud to be collaborating with the free software community built around the Allwinner Sunxi platforms: linux-sunxi. Our goal is to provide generic Replicant support for these platforms, so that as many devices as possible can be supported, with little effort required to support a new device. Thanks to the work of the linux-sunxi community, many of these devices can already run a free bootloader and have a community-maintained kernel available, providing a solid base for Replicant on Sunxi devices. In addition, we have spotted a few widely-spread devices that would also be good candidates for running a free bootloader and a free system: stay tuned as we will start documenting these devices soon!

In the meantime, we are more than ever willing to make Replicant as privacy/security-oriented as we can, especially by targeting devices that either don’t have a modem at all (Wi-Fi-only tablets, such as the many Sunxi ones) or are not proven to have bad modem isolation.

As of today, Replicant is still a one-man effort and while all these new directions are very exciting, it takes a lot of time to actually turn them into reality. Since we prefer to focus on these new directions, Replicant will stay based on version 4.2 of Android, even though newer versions are available upstream. Porting Replicant to a newer version requires a lot of effort and doesn’t bring any significant advantage when it comes to freedom.

Regarding the devices we already support that do not match the free bootloaders criteria, we are not going to drop development for them, but the majority of what was possible to achieve on them is already there and while we could keep adding support for more and more of these devices, we believe that development time is better spent on these new exciting directions!