How to have more apps run on your LineageOS phone

People usually say they either have an iPhone or a "Samsung". For the latter situation, they actually mean they have an Android phone, but the brand of the (giant) hardware manufacturer has apparently become stronger than that of the OS. The lines are blurry though, as manufacturers customize the Android distributions they provide with their phones, as a way to bring differenciation in a context of competitive smartphone market.

So, when buying an Android phone, we get many strings attached: those of Google with the proprietary app store, maps, push notification system, and those of the hardware manufacturer that tailored the system with an additional bulk of apps, often without any possibility to remove them. Why? Money I guess.

I am privacy conscious and don't particularly like having strings attached. So I took the effort to get free of them. When getting a new phone (a refurbished one, to be planet friendly!), I usually nuke the main OS and install another one: LineageOS. Many phones are compatible with it, you can get the full list here. LineageOS is a lightweight customization on top of the open source part of Android, called AOSP. The particularly interesting thing about LineageOS is that it allows you to choose whether you want the Google software suite on your phone, or not. Even if you install it, it comes in a minimal form that allows you to choose which apps to install. So you get the best of both worlds: better control on your privacy and the optional convenience of the Google ecosystem. Also software updates, even if you have an old device, thus fighting planned obsolescence.

Adventurous people will be able to have an Android phone without the Google ecosystem, relying on F-Droid to install the bulk of their apps (open source ones, e.g. the great Organic Maps and ad-free NewPipe Youtube client) and Aurora Store to install the occasionnal proprietary app we need to have in the day-to-day life, as if we went on the Google Play store.

An Android phone without the Google suite is quite uncommon, so while many apps will work flawlessly, some will have issues, in particular if they rely on push notifications or deal with maps. Developers usually implement a fallback system for push notifications, which is a bit more energy intensive, but works. Regarding maps, the situation is trickier. Apps often rely on the local Google Maps API. Having a recent interest in electric cars, I have installed the route planner Chargemap on my LineageOS phone without Google services and got a gray screen instead of an actual map. Issue confirmed after contacting the support:

So yes I'm afraid you need Google services to use the app.
We're thinking about more options for your kind of situation.
Kind regards, Diane Chargemap, User Happiness

It's more "User Sadness" by the way, but I wouldn't blame them, as they are a small company. The Google Maps API is probably very good and it suits the needs of the majority of their customers. There is no easy workaround for me though. The least cumbersome way I identified is to have a second phone, my previous phone actually, and use it with LineageOS + Google suite. Chargemap works flawlessly with this setup. Yay!

Being still interested in electric vehicles, I tried to install Hyundai's Bluelink app, which lets users get stats and remotely control their car. Bad luck, as trying to launch the app leads to a force close with the following notification.

Hey Bluelink, my phone is not rooted! For those unaware, rooting a phone is the operation to unlock the ability to freely edit all settings. It's cool to customize the OS, but may come with the threat that malicious software may tamper with your apps.

Being particularly annoyed that evening and having a few hours to lose, I have connected the phone to the USB port of my computer and launched the Android debugger. Among a sea of log lines from the phone, I could pick an interesting one.

$ adb logcat
...
07-25 23:12:22.340   901   901 V RootBeer: b: b() [152] - ro.debuggable = [1] detected!

So Bluelink is using the RootBeer SDK to determine that my phone is rooted. Let's install their sample app and see. It tells my phone is rooted.

At this stage, I contact Bluelink support, pointing this existing Github issue, still unresolved after two years. Their answer turns out to be uncooperative.

Thank you for your request.
LineageOS and other open source systems are not supported by Bluelink. There is no workaround for that, as this is something that has been decided firmly by our research and development team.
It is known for us, that some other software (like some banking apps or such) might allow the usage of that system, but from our side, it's a decision which won't be changed in the close future, and it means that the Bluelink App won't work under these circumstances.
Your understanding is appreciated.

Remember the little asterisk associated with the "ROOTED*" message above? It is related to the following info found in a menu.

Remember root==god, so there's no 100% way to check for root.

Ever since the Tower of Babel times, humans have always desired to become god-like. Let's put on the Hackerman suite and follow the adb steps detailed in this informative Reddit post, but in an even simpler way.

[Connect phone to computer, turn on developper mode on phone, turn on ADB root debug. Then on the computer, type in the terminal]
$ adb root
[Then allow editions to the file system]
$ mount -o rw,remount /
[Then edit the two files that contain the problematic settings]
$ nano /default.prop
> ro.debuggable=1 # should be 0
$ nano /system/build.prop
> ro.build.type=userdebug" # should be "user"
[Your deeds are over, let's properly exit]
$ adb unroot
[Now disconnect the phone, disable developper mode and reboot the phone]

Victory in five minutes! RootBeer does not detect anymore the unusual OS. And as a consequence, Bluelink launches successfully, like other apps using the same SDK probably will.

Detecting OS tampering will be a cat and mouse game in the foreseeable future, with Safety Net and the more recent Play integrity API for native Android apps. Note the recent efforts lead by Google to introduce the Web Integrity API that aims to do the same kinds of checks for Web browsing and facing substantial backlash. I think those attempts are futile and can easily be circumvented. For example, see what happens for the Widevine DRM (which, in particular, protects Netflix content).

But the main goal of DRM (digital rights management) is probably not to be technically bullet proof. Media companies know their content is pirated in a matter of hours after the release. It's probably more about controlling the platform hosting the content, from a legal and business perspective, as it's most often illegal to circumvent a DRM. Thus you can control the pricing, the amount of ads, release schedule, creation of accounts and gathering of personal data, etc.

I understand the stance of media companies protecting their content, trying to at least. Though I disagree with it. I understand the small company (namely, Chargemap here) using the convenience of proprietary maps APIs to ship an interesting product. I'd probably do the same if I were in their position. I do not understand Hyundai's Bluelink approach to prevent the app from running with such a weak protection. It inconveniences legitimate users and, for sure, will not prevent any evil person to proceed. Bluelink API has already been reverse engineered anyway.