CACertMan app to address DigiNotar & other bad CA’s
Posted on September 5, 2011
| n8fr8
As I expect many of you are aware, there was a major compromise to a Dutch Certificate Authority named “DigiNotar” recently, where they allowed SSL certs for domains like *.google.com, *.torproject.org and even *.cia.gov as well as *.*.com to be issued.
It was brought up to the contribs of CyanogenMOD that they should probably remove the DigiNotar CA cert from the built-in Android OS keystore (located at /system/etc/security/cacerts.bks). Since they have 500k+ users, and can be more nimble than other ROM/device distributors, it was seen as a way to quickly address the problem, at least within their community.
[Read More]
Announcing ObscuraCam v1 – Enhance Your Visual Privacy!
Posted on June 23, 2011
| Derek
We’re very happy to announce the beta release of ObscuraCam for Android. This is the first release from the SecureSmartCam project, a partnership with WITNESS, a leading human rights video advocacy and training organization. This is the result of an open-source development cycle, comprised of multiple sprints (and branches), that took place over the last five months. This “v1” release is just the first step towards the complete vision of the project.
[Read More]
Lil’ Debi: Easy Installer for Debian on Android
Posted on June 18, 2011
| n8fr8
Have an Android phone and want an easy Debian chroot running it?
Alpha test our new app, Lil’ Debi. It builds up a whole Debian chroot on your phone entirely using debootstrap. You choose the release, mirror, and size of the disk image, and away it goes. It could take up to an hour, then its done. Then it has a simple chroot manager that mounts and unmounts things, and starts/stops sshd if you have it installed.
[Read More]
Announcing: SQLCipher for Android, Developer Preview r1
Posted on May 9, 2011
| Derek
After some major breakthroughs during last week’s development sprint, we’re extremely excited to announce SQLCipher for Android, Developer Preview r1. SQLCipher is an SQLite extension that provides transparent 256-bit AES encryption of database files. To date, it has been open-sourced, sponsored and maintained by Zetetic LLC, and we are glad to be able to extend their efforts to a new mobile platform. In the mobile space, SQLCipher has enjoyed widespread use in Apple’s iOS, as well as Nokia / QT for quite some time.
[Read More]
Our Foolish Hackday!
Posted on April 6, 2011
| n8fr8
We had a great group of people show up at our April 1st “Don’t Be Fooled” Hackday here at the OpenMobileLab in New York. There were users, there were devs, and all sorts of other people in between. We tracked some of the brainstormed ideas on an open etherpad at: http://piratepad.net/bQPFn6FOhN (text of this pasted in below).
The main outputs of the hacking were LilDebi, an updated Debian installer for Android, the beginnings of a Bitcoin digital currency client, and another called UpOn App, which uses the accelerometer and white noise generators in the device to stop your cellphone from spying on you.
[Read More]
Growing Mobile Test Lab and Library
Posted on April 1, 2011
| n8fr8
At our new meatspace location in New York City, we are building up a library of mobile devices from around the world for open-source developers to use for testing, and specifically to help verify the security of apps running on different carrier configurations and hardware variables.
Mostly our collection has come from picking up what we can, when we can, always with an eye towards anything a few generations back from the state of the art.
[Read More]
Addressing a “Privacy Challenge” with Guardian
Posted on March 2, 2011
| n8fr8
Organized by the ACLU, Tor Project, and PrivacyByDesign.ca, the “Develop for Privacy Challenge” is an interesting new software development challenge that was announced last month. Developers (teams or individuals) have until May 31st to come up with apps which address this goal:
Develop apps for smartphones or other mobile devices that educate users about mobile privacy and give them the ability to claim or demand greater control of their own personal information.
[Read More]
Create an encrypted file system on Android with LUKS
Posted on February 2, 2011
| Derek
LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it not only facilitates compatibility among distributions, but also provides secure management of multiple user passwords.
Building off the work from other great sources, the Guardian Project hack team decided to take a crack at porting LUKS to Android recently, with the goal of creating a proof of concept build process that can be easily adapted to future projects.
[Read More]
Proxy Settings Add-on for Firefox Mobile
Posted on November 8, 2010
| n8fr8
The latest beta of Firefox 4 on Android is proving to be very usable, stable and an increasingly viable alternative to the built-in webkit browser. However, it is unfortunately lacking the ability to manually configure proxy settings through any sort of standard user interface. This is a common problem for Android, which also lacks the ability to set browser or system wide proxy settings. This has caused real issues for us with getting Orbot (aka “Tor on Android”) to work for un-rooted Android devices, because for routing through Tor to work, you must be able to set the HTTP or SOCKS proxy settings.
[Read More]
Orbot Update: New Setup Wizard at Startup
Posted on July 29, 2010
| n8fr8
We’ve been working away at the 0.0.9 release of Orbot over the last few months, and have put a decent amount of effort into usability. Specifically, we hoped to better communicate to users what it means to run Tor on your Android phone. In addition, we wanted to clearly lay out how the various configuration options help to improve your mobile web anonymity and ability to circumvent web filters and tracking by your mobile service provider.
[Read More]
aPad / iRobot / Moons e7001 Teardown
Posted on June 5, 2010
| n8fr8
This is the aPad or iRobot Android 7″ tablet device from www.hiapad.com. I decided to tear mine apart, as the unit I received has a battery issue, and I hoped to see if I could find a bad solder point. In addition, I was curious to see just how hackable or extensible the hardware was. In the end, I was mostly surprised by how much of the thing is put together with tape.
[Read More]
Tor on a Tablet
Posted on May 25, 2010
| n8fr8
We recently acquired a Moons e-7001 “iRobot” tablet which runs Android 1.5. This device is also known as the “aPad”. It is a very basic iPad-clone, though honestly, it can’t really compare with the iPad in terms of quality of screen, build or general use. However, it does only cost $185, supports USB host mode, has a built-in camera, and it is running Android, an actual open-source operating system! It should also be pointed out that you can also now get the Archos 7 Android tablet, which is basically the same thing as this, from Amazon for $199.
[Read More]
Ushahidi-Linda: “Testimony” + “Protection”
Posted on March 10, 2010
| n8fr8
Ushahidi-linda (“Testimony” + “Protection” – disclaimer: we don’t speak Swahili so this was a shot in the dark!)
This is a fork of the Ushahidi on Android app, done as a way to prototype the implementation of increased security, anonymity and privacy for users viewing and submitting reports through Ushahidi.
Ushahidi is a platform that crowdsources crisis information, allowing anyone to submit crisis information through text messaging using a mobile phone, email or web form.
[Read More]