IMHO this have really little to do with legal status, but more with work atmosphere in community. You can see exactly the same problem on console hacking / homebrew scene.
From one side there is huge user base full of people who want to get something working with no effort and usually tend to demand something from developers, but very few can provide even proper bug reports. On other side there is bunch of "experts" some of which tend to leech of others work and even less of actual skilled developers.
So it's just stressful to participate those projects. In the end most of enthusiasts that stick there must have very strong personality or be selfish persons that looking for cheap popularity.
Also there are humble guys who silently work on their own thing, but they usually work alone or in very small groups and don't communicate with outsiders. And of course most of time they don't ever get credit for their work on BSP reverse engineering and fixes.
Back when I was in high school, I ported the game DOOM to Nintendo DS with a friend on IRC, and watched dozens of "forks" afterwards with minor changes or repackaging show up trying to take credit for our work (sometimes not even mentioning us at all as the authors!).
Source port using SDL and my friend Wintermute's libnds. There's no way the DS's ARM9 processor would've been able to handle running DOSBOX. Just out of curiosity, where did you see it, if you don't mind me asking?
Man, I remember feeling disappointed people weren't making more FPS games for DS, so I decided DOOM would be fun to port. I even got the wifi multiplayer working.
EDIT: The biggest unsolved hurdle was getting the music to play (it was MIDI and the DS hardware didn't really have anything to play it back). Eventually someone got a hand-optimized OPL3 ASM player to work on ARM7, but I don't think anybody ever managed to connect it to DOOM running on the ARM9 processor using the FIFO. The DS had two CPUs (ARM7+ARM9), and the ARM9 was completely utilized.
I also helped out in a very minor capacity with DS Linux, but pepsiman did nearly all the work.
Thanks for your work. Yeah, I can definitely see some parallels between the homebrew/emulation/console scene and the Hackintosh or even jailbreak scene. It's getting better, with lots of tools being open source and information being more public (see the 3DS for an example) but there's also moves in the wrong direction, too (closed source Wii U emulator on track to make a million dollars over a few years)
Honestly the most annoying thing about that community is that you're expected to wade through hundreds of pages on forums, piecing together information, and people get furious because the answer to your question was on page 63 out of 124. The custom roms will list the very specific things that differentiate them but there are hardly any guides with best practices except maybe if you have the most popular phone out that year.
There's no reason to say an Android ROM is illegal. Or whatever semi-illegal might be. Maybe it's like semi-falling-off-a-cliff? Semi-hit-by-a-train? I don't mean to mock.
I always guessed Android ROMs were such a misery in the community aspect, because they're very easy and relatively useless. All you need is a computer, which is easy enough, then some open and free software, and you're ready to go and compile your own ROM. The source code is often available, and you can change a color here and there and maybe change some of the Linux kernel parameters so you can say it's for better battery life, or more free RAM if you're into that.
That's the easy part. Now the relatively useless part: phones don't last long. Someone who is keen on tweaking their phone will probably be looking for a new one every year, or every other year. At best they last about three years. The changes to the software is minimal at best, and every custom ROM is practically the same. There is no marketability in these ROMs. There's not millions of dollars of potential revenue to be gotten out of a server that has to run with 20 years of uptime, that a company can jump into and support, like you can see with other uses of Linux. Red Hat supports for like 10 years? Android devices get discarded in two. Therefore there is little professional attention to third party, open source distributions of Android.
Google develops it, companies alter it a little bit, then ship it. Hobbyists from all around the world take the open source aspects of this and maybe add some new stuff here and there. There's no need to expect professionalism from hobbyists.
(I find CyanogenMod, or LineageOS or something now, to be pleasant to use on a phone. It gives the option to run apps as root, and it comes with a terminal, and it tries to remain as open as it can.)
> I find CyanogenMod, or LineageOS or something now, to be pleasant to use on a phone. It gives the option to run apps as root, and it comes with a terminal, and it tries to remain as open as it can.
Absolutely. I especially like it because it gives me the ability to restrict network access from apps (I usually just deny background cellular access but some apps I think have no business talking to the network even over WiFi). Moreover, the permission model is much better which brings me to the reason I uninstalled Facebook Messenger: denying start at boot or any other permission to Facebook Messenger (Or Facebook) on Lineage crashes the permission manager. Whatsapp and Instagram have no such issue. They will happily accept not being able to run at boot (I haven't looked into whether it actually works but at least I can set the permission as I want).
I guess my number one request for a custom rom would be the ability to say I don't want any app to run in background/run at boot/use network connections unless I specifically white list the app for the purpose.
Depends on the device and the ROM creator. I'm using an OnePlus One with SultanXDA's excellent CyanongenMod-based ROM for over a year. Updated every month with security updates and works perfectly fine.
Similar good experience with Nexus 4 and NitrogenOS for my standby device. Android 7, works perfectly fine.
So run a few of the exploits that are posted against the phone yourself and check if they run? Although I wouldn't trust everything on XDA, a lot of the time you're a lot worse off with the manufacturer's code. Hell, there's at least 4 working exploits for my XT1572 and Motorola have shown no interest in updating it, even though it's less than 2 years old.