/e/ L01K Last updated : 15/12/2025 Changelog : - 15/12/2025 - Initial commit - Discarded eelodive2.html as there's no meaningful difference to add. in fact, /e/ is just as bad as ever. Prerequisites - L01K LG V30 (because I respect my US998 LG V30 too much to inflict the abominable A15 on that shitbar) - /e/ $rom zip (e-3.2-a15-20251023539369-community-l01k.zip) (latest at time of writing - 15/12/2025) - boot.img; extracted from /e/ rom zip - recovery.img - recovery-e-3.2-a15-20251023539369-community-l01k.img - one desktop/laptop (my t470 just so happened to be present for this) with adb setup (and some text editor to -write-type these down) - at least 1 usb-c cable of any kind (as long as it is a good one) ADB flash recovery from A15 LineageOS (on l01k firmware; with no fastboot access) - adb devices (to check if computer detects device for adb) - adb push $recovery.img /sdcard/$recovery.img - adb shell (no adb root needed yet) - ls /dev/block/platform (soc appears as only result) - ls /dev/block/platform/soc (3 random gibberish as results, moving on to 1da4000.ufshc in my case) - ls /dev/block/platform/soc/1da4000.ufshc (returns numerous results, moving on to by-name) - ls /dev/block/platform/soc/1da4000.ufshc/by-name (returns numerous names, moving on to recovery) - ls /dev/block/platform/soc/1da4000.ufshc/by-name/recovery (returns only /dev/block/platform/soc/1da4000.ufshc/by-name/recovery; considered end of line) - su (yes, we now need root; make sure rooted debugging is enabled) Alternatively, one can exit; then adb root; then adb shell. Regardless, # should show up instead of $. - dd if=/sdcard/$recovery.img of=/dev/block/platform/soc/1da4000.ufshc/by-name/recovery - reboot recovery /e/ / Lineage recovery (factory reset) - Format data - Factory reset > Format data/factory reset > Format data - Reboot recovery /e/ recovery - format system (optional?) - Mount system - Advanced > Mount/unmount system - Format system - Factory reset > Format system > yes Flashing In recovery - Apply update > Apply from ADB - adb sideload $rom.zip - Reboot system now (it took a bit, but it boots) Setup - Skip every option in setup wizard (maybe aside from time for my comfort?) - Don't touch advanced privacy (other than skipping its initial notification) - Enable developer options & USB debugging (needed for boot.img patching and later adb commands); also set smallest width to 561dp (personal preference) - Disable wireless emergency alerts & emergency SOS (not that it mattered, but then again this L01K is never going to work as a cellphone) - Disable Private DNS to prevent random additions in network analysis - Make the system less annoying to use, but without touching stuff related to network connections - Invert navbar to make life easier for me - Tune AOSP keyboard (disable spellcheck, popup keys, correction recommendations) - Disable public network notification - Set time to use 24-hour format but not disable NTP (maybe later in network analysis?) - Disable screenshot & emergency power menu; enable advanced restart - Disable system profiles - Disable automatic updates without nuking updater - Set Quick Settings to Wi-Fi & Caffeine as top 2 options; everything else is whatever - Disable EVERY widget on BlissLauncher - NO DEBLOATING THIS TIME. Keep the system as untouched as possible (except for PCAPDroid for in-system network monitoring & its root access, provided by APatch) - By the way, I forgot to disable Intent Filter Verification Services, so it'll be explicitly mentioned. It only makes its connections on the system's first time connecting to the internet and doesn't make it on subsequent connections without me explicitly disabling it. APatch (needed for PCAPDroid; which will be needed for logging network stuff) + Patching boot.img - Extract boot.img from ROM zip (and move them into /sdcard of device) - Install & open APatch app - patch stock boot.img with APatch app & setup SuperKey + Searching for boot.img directory (results may vary, especially on other devices) - adb devices (to check if computer detects device for adb) - adb shell (no root access needed yet) - ls /dev/block/platform (soc appears as only result) - ls /dev/block/platform/soc (3 random gibberish as results, moving on to 1da4000.ufshc in my case) - ls /dev/block/platform/soc/1da4000.ufshc (returns numerous results, moving on to by-name) - ls /dev/block/platform/soc/1da4000.ufshc/by-name (returns numerous names, moving on to boot) - ls /dev/block/platform/soc/1da4000.ufshc/by-name/boot (returns only /dev/block/platform/soc/1da4000.ufshc/by-name/boot; considered end of line) - exit + Flashing patched boot.img - adb root (requires enabling USB debugging & rooted debugging in developer options) - adb shell - check if root access is available (# should show up, not $; if so type exit, recheck, and start again) - bash (hostname should either change from L-01K to shell@l01k or the name will have color & be bolded) - dd if=/sdcard/(apatch-patched-boot.img) of=/dev/block/platform/soc/1da4000.ufshc/by-name/boot (must be root, otherwise this will not work) - exit (this exits the bash shell) - reboot + Root for PCAPDroid - install PCAPDroid - open APatch - Tap SuperKey & enter password/superkey. Install AndroidPatch by tapping Install button - Disable APatch auto-updates (Settings / gear icon > un-toggle "Check for updates") - Optionally reboot? Reopen APatch afterwards - Go to Superuser section - Toggle PCAPDroid - open PCAPDroid & skip setup wizard - go to options (tap gear icon) - enable capture as root - tap "Ready" button (or play icon) so PCAPDroid autogrants its required permission - Tap stop icon. We're not ready for network monitoring yet; but subsequent "Ready" or play icon tapping should work. Network analysis - Open PCAPDroid and tap "Ready" button (or play icon). A silent notification will appear and you're ready to monitor network connections - Open Settings > Network & Internet > Internet (or long-press Wi-Fi QS tile) and connect to network - Open PCAPDroid & screenshot network connections. + The First Time (stock) - captive portal : connectivity.murena.io - ntp : pool.ntp.org - advanced privacy : gitlab.e.foundation - microG does Go-ogle connections : android.clients.google.com, mtalk.google.com - Intent filter connections on the system's 1st time on internet (but not subsequent connections) : magicearth.com, g.co, app.goo.gl + Changed captive portal (captiveportal.kuketz.de) - connect L01K to desktop - adb devices (enable adb in desktop & allow it to search for devices) - adb shell (no need root access this time) - settings put global captive_portal_http_url http://captiveportal.kuketz.de - settings put global captive_portal_https_url https://captiveportal.kuketz.de - settings put global captive_portal_fallback_url http://captiveportal.kuketz.de - settings put global captive_portal_other_fallback_urls http://captiveportal.kuketz.de - reboot - disconnect L01K from desktop and let the former SLOOOOOOOOOOOOOOOOOOOOOOOOWLY boot - redo network analysis - Results: - captive portal : unchanged (despite the changes) - ntp : explicitly not changed + Disabled NTP & rebooted Results : ntp still makes pool.ntp.org connections (standard AOSP behavior)