diff --git a/.cargo/config.toml b/.cargo/config.toml
index fde396fa..585f05a5 100644
--- a/.cargo/config.toml
+++ b/.cargo/config.toml
@@ -1,3 +1,11 @@
+[alias]
+# Build the daemon with "firmware" profile and "ring" TLS backend.
+# Requires a cross-compiler (see github actions workflows) and is very slow to build.
+build-daemon-firmware = "build -p rayhunter-daemon --bin rayhunter-daemon --target armv7-unknown-linux-musleabihf --profile firmware --no-default-features --features ring-tls"
+# Build the daemon with "firmware-devel" profile and "rustcrypto" backend.
+# Works with just the Rust toolchain, and is medium-slow to build. Binaries are slightly larger.
+build-daemon-firmware-devel = "build -p rayhunter-daemon --bin rayhunter-daemon --target armv7-unknown-linux-musleabihf --profile firmware-devel"
+
 [target.aarch64-apple-darwin]
 linker = "rust-lld"
 rustflags = ["-C", "target-feature=+crt-static"]
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 73c64bc8..c8c3b356 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -239,6 +239,8 @@ jobs:
         with:
           targets: armv7-unknown-linux-musleabihf
       - uses: Swatinem/rust-cache@v2
+      - name: Install ARM cross-compilation toolchain
+        run: sudo apt-get update && sudo apt-get install -y gcc-arm-linux-gnueabihf
       - name: Build rayhunter-daemon (armv7)
         run: |
           pushd daemon/web
@@ -253,7 +255,7 @@ jobs:
           # what the feature selection in rayhunter-daemon is.
           #
           # https://github.com/rust-lang/cargo/issues/4463
-          cargo build -p rayhunter-daemon --bin rayhunter-daemon --target armv7-unknown-linux-musleabihf --profile=firmware
+          CC_armv7_unknown_linux_musleabihf=arm-linux-gnueabihf-gcc cargo build-daemon-firmware
       - uses: actions/upload-artifact@v4
         with:
           name: rayhunter-daemon
diff --git a/Cargo.lock b/Cargo.lock
index 2454807d..12b873ab 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -962,9 +962,9 @@ dependencies = [
 
 [[package]]
 name = "ed25519-dalek"
-version = "2.1.1"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871"
+checksum = "70e796c081cee67dc755e1a36a0a172b897fab85fc3f6bc48307991f64e4eca9"
 dependencies = [
  "curve25519-dalek",
  "ed25519",
@@ -1267,8 +1267,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "335ff9f135e4384c8150d6f27c6daed433577f86b4750418338c01a1a2528592"
 dependencies = [
  "cfg-if",
+ "js-sys",
  "libc",
  "wasi 0.11.0+wasi-snapshot-preview1",
+ "wasm-bindgen",
 ]
 
 [[package]]
@@ -1278,9 +1280,11 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4"
 dependencies = [
  "cfg-if",
+ "js-sys",
  "libc",
  "r-efi",
  "wasi 0.14.2+wasi-0.2.4",
+ "wasm-bindgen",
 ]
 
 [[package]]
@@ -1964,6 +1968,12 @@ dependencies = [
  "imgref",
 ]
 
+[[package]]
+name = "lru-slab"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154"
+
 [[package]]
 name = "mach2"
 version = "0.4.2"
@@ -2575,6 +2585,61 @@ version = "2.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a993555f31e5a609f617c12db6250dedcac1b0a85076912c436e6fc9b2c8e6a3"
 
+[[package]]
+name = "quinn"
+version = "0.11.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "626214629cda6781b6dc1d316ba307189c85ba657213ce642d9c77670f8202c8"
+dependencies = [
+ "bytes",
+ "cfg_aliases",
+ "pin-project-lite",
+ "quinn-proto",
+ "quinn-udp",
+ "rustc-hash",
+ "rustls",
+ "socket2",
+ "thiserror 2.0.12",
+ "tokio",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "quinn-proto"
+version = "0.11.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "49df843a9161c85bb8aae55f101bc0bac8bcafd637a620d9122fd7e0b2f7422e"
+dependencies = [
+ "bytes",
+ "getrandom 0.3.3",
+ "lru-slab",
+ "rand 0.9.1",
+ "ring",
+ "rustc-hash",
+ "rustls",
+ "rustls-pki-types",
+ "slab",
+ "thiserror 2.0.12",
+ "tinyvec",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "quinn-udp"
+version = "0.5.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fcebb1209ee276352ef14ff8732e24cc2b02bbac986cd74a4c81bcb2f9881970"
+dependencies = [
+ "cfg_aliases",
+ "libc",
+ "once_cell",
+ "socket2",
+ "tracing",
+ "windows-sys 0.59.0",
+]
+
 [[package]]
 name = "quote"
 version = "1.0.40"
@@ -2838,6 +2903,7 @@ dependencies = [
  "log",
  "percent-encoding",
  "pin-project-lite",
+ "quinn",
  "rustls",
  "rustls-pki-types",
  "serde",
@@ -2930,6 +2996,12 @@ version = "0.1.24"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f"
 
+[[package]]
+name = "rustc-hash"
+version = "2.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "357703d41365b4b27c590e3ed91eabb1b663f07c4c084095e60cbed4362dff0d"
+
 [[package]]
 name = "rustc_version"
 version = "0.4.1"
@@ -2972,6 +3044,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7160e3e10bf4535308537f3c4e1641468cd0e485175d6163087c0393c7d46643"
 dependencies = [
  "once_cell",
+ "ring",
  "rustls-pki-types",
  "rustls-webpki 0.103.3",
  "subtle",
@@ -2984,6 +3057,7 @@ version = "1.12.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "229a4a4c221013e7e1f1a043678c5cc39fe5171437c88fb47151a21e6f5b5c79"
 dependencies = [
+ "web-time",
  "zeroize",
 ]
 
@@ -3082,9 +3156,9 @@ dependencies = [
 
 [[package]]
 name = "semver"
-version = "1.0.26"
+version = "1.0.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0"
+checksum = "d767eb0aabc880b29956c35734170f26ed551a859dbd361d140cdbeca61ab1e2"
 
 [[package]]
 name = "serde"
@@ -3492,6 +3566,21 @@ dependencies = [
  "zerovec",
 ]
 
+[[package]]
+name = "tinyvec"
+version = "1.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bfa5fdc3bce6191a1dbc8c02d5c8bffcf557bafa17c124c5264a458f1b0613fa"
+dependencies = [
+ "tinyvec_macros",
+]
+
+[[package]]
+name = "tinyvec_macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
+
 [[package]]
 name = "tokio"
 version = "1.45.0"
@@ -3889,6 +3978,16 @@ dependencies = [
  "wasm-bindgen",
 ]
 
+[[package]]
+name = "web-time"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
 [[package]]
 name = "webpki-roots"
 version = "1.0.0"
diff --git a/daemon/Cargo.toml b/daemon/Cargo.toml
index 71789aef..f886c8cb 100644
--- a/daemon/Cargo.toml
+++ b/daemon/Cargo.toml
@@ -4,6 +4,11 @@ version = "0.6.1"
 edition = "2024"
 rust-version = "1.88.0"
 
+[features]
+default = ["rustcrypto-tls"]
+rustcrypto-tls = ["reqwest/rustls-tls-webpki-roots-no-provider", "dep:rustls-rustcrypto"]
+ring-tls = ["reqwest/rustls-tls-webpki-roots"]
+
 [dependencies]
 rayhunter = { path = "../lib" }
 toml = "0.8.8"
@@ -25,8 +30,6 @@ image = { version =  "0.25.1", default-features = false, features = ["png", "gif
 tempfile = "3.10.1"
 async_zip = { version = "0.0.17", features = ["tokio"] }
 anyhow = "1.0.98"
-reqwest = { version = "0.12.20", default-features = false, features = [
-    "rustls-tls-webpki-roots-no-provider",
-] }
-rustls-rustcrypto = "0.0.2-alpha"
+reqwest = { version = "0.12.20", default-features = false }
+rustls-rustcrypto = { version = "0.0.2-alpha", optional = true }
 async-trait = "0.1.88"
diff --git a/daemon/src/main.rs b/daemon/src/main.rs
index 5195062d..dd951e21 100644
--- a/daemon/src/main.rs
+++ b/daemon/src/main.rs
@@ -168,9 +168,12 @@ fn run_shutdown_thread(
 async fn main() -> Result<(), RayhunterError> {
     env_logger::init();
 
-    rustls_rustcrypto::provider()
-        .install_default()
-        .expect("Couldn't install rustcrypto provider");
+    #[cfg(feature = "rustcrypto-tls")]
+    {
+        rustls_rustcrypto::provider()
+            .install_default()
+            .expect("Couldn't install rustcrypto provider");
+    }
 
     let args = parse_args();
 
diff --git a/doc/installing-from-source.md b/doc/installing-from-source.md
index a35d6a67..bcf8206c 100644
--- a/doc/installing-from-source.md
+++ b/doc/installing-from-source.md
@@ -36,10 +36,17 @@ rustup target add x86_64-pc-windows-gnu
 Now you can root your device and install Rayhunter by running:
 
 ```sh
-# Profile can be changed to 'firmware-devel' when building for development.
-# Build time will decrease at the expense of binary size.
-cargo build -p rayhunter-daemon --bin rayhunter-daemon --target armv7-unknown-linux-musleabihf --profile firmware
+# Build the daemon binary for local development (rustcrypto TLS backend, fast compilation)
+# WARNING: The rustcrypto library, though not known to be insecure, is less well
+# tested than its counterpart and could potentially have severe issues in
+# its cryptographic implementation. We therefore recommend using ring-tls in
+# production builds (see below)
+cargo build-daemon-firmware-devel
 
+# To build it exactly like in CI (more mature ring TLS backend, slower compilation)
+# CC_armv7_unknown_linux_musleabihf=arm-linux-gnueabihf-gcc cargo build-daemon-firmware
+
+# Build rootshell
 cargo build -p rootshell --bin rootshell --target armv7-unknown-linux-musleabihf --profile firmware
 
 # Replace 'orbic' with your device type if different.
@@ -50,7 +57,7 @@ cargo run -p installer --bin installer orbic
 ### If you're on Windows or can't run the install scripts
 
 * Root your device on Windows using the instructions here: <https://xdaforums.com/t/resetting-verizon-orbic-speed-rc400l-firmware-flash-kajeet.4334899/#post-87855183>
-* Build the web UI using `cd bin/web && npm install && npm run build`
+* Build the web UI using `cd daemon/web && npm install && npm run build`
 * Push the scripts in `scripts/` to `/etc/init.d` on device and make a directory called `/data/rayhunter` using `adb shell` (and sshell for your root shell if you followed the steps above)
 * You also need to copy `config.toml.in` to `/data/rayhunter/config.toml`. Uncomment the `device` line and set the value to your device type if necessary.
 * Then run `./make.sh`, which will build the binary, push it over adb, and restart the device. Once it's restarted, Rayhunter should be running!