Building a Signing Server
Posted on December 18, 2017
| Hans-Christoph Steiner
The Android APK signing model sets the expectation that the signing key will be the same for the entire lifetime of the app. That can be seen in the recommended lifetype of an Android signing key: 20+ years. On top of that, it is difficult to migrate an app to a new key. Since the signing key is an essential part to preventing APKs from impersonating another, Android signing keys must be kept safe for the entire life of the app.
[Read More]
Tracking usage without tracking people
Posted on June 8, 2017
| Hans-Christoph Steiner
One thing that has become very clear over the past years is that there is a lot of value in data about people. Of course, the most well known examples these days are advertising and spy agencies, but tracking data is useful for many more things. For example, when trying to build software that is intuitive and easy to use, having real data about how people are using the software can make a massive difference when developers and designers are working on improving their software.
[Read More]
“If This, Then Panic!” Sample Code for Triggering Emergency Alerts
Posted on October 17, 2016
| n8fr8
Earlier this year, we announced the PanicKit Library for Android and Ripple, our basic app for alerts any compatible app that you are in an emergency situation. Rather than build a solitary, enclosed “panic button” app that only can provide a specific set of functionality, we decided, as we often do, to build a framework, and encourage others to participate. Since then, we’ve had over 10 different apps implement PanicKit responder functionality, including Signal, OpenKeyChain, Umbrella app, StoryMaker and Zom.
[Read More]
HOWTO: get all your Debian packages via Tor Onion Services
Posted on July 31, 2016
| Hans-Christoph Steiner
Following up on some privacy leaks that we looked into a while back, there are now official Debian Tor Onion Services for getting software packages and security updates, thanks to the Debian Sys Admin team. This is important for high risk use cases like TAILS covers, but also it is useful to make it more difficult to do some kinds of targeted attacks against high-security servers. The default Debian and Ubuntu package servers use plain HTTP with unencrypted connections.
[Read More]
Copperhead, Guardian Project and F-Droid Partner to Build Open, Verifiably Secure Mobile Ecosystem
Posted on March 28, 2016
| n8fr8
Three open-source projects haved joined together to announce a new partnership to create an open, verifiably secure mobile ecosystem of software, services and hardware. Led by the work of the Toronto-based CopperheadOS team on securing the core Android OS, Guardian Project and F-Droid have joined in to partner on envisioning and developing a full mobile ecosystem. The goal is to create a solution that can be verifiably trusted from the operating system, through the network and network services, all the way up to the app stores and apps themselves.
[Read More]
How to Migrate Your Android App’s Signing Key
Posted on December 29, 2015
| Abel Luck
It is time to update to a stronger signing key for your Android app! The old default RSA 1024-bit key is weak and officially deprecated.
What? The Android OS requires that every application installed be signed by a digital key. The purpose behind this signature is to identify the author of the application, allow this author and this author alone to make updates to the app, as well as provide a mechanism to establish inter-application trust.
[Read More]
Hiding Apps in Plain Sight
Posted on May 7, 2015
| n8fr8
Beyond just thinking about encryption of data over the wire, or at rest on your mobile device, we also consider physical access to your mobile device, as one of the possible things we need to defend against. Some of our apps, such as Courier, our secure news reader, include a Panic feature, enabling a user to quickly delete data or remove the app, if they fear their device will be taken from them, whether by a friend, family member, criminal or an authority figure.
[Read More]
Getting keys into your keyring with Gnu Privacy Guard for Android
Posted on December 6, 2013
| Hans-Christoph Steiner
Now that you can have a full GnuPG on your Android device with Gnu Privacy Guard for Android, the next step is getting keys you need onto your device and included in Gnu Privacy Guard. We have tried to make it as easy as possible without compromising privacy, and have implemented a few approaches, while working on others. There are a few ways to get this done right now.
Gnu Privacy Guard registered itself with Android as a handler of all the standard OpenPGP MIME types (application/pgp-keys, application/pgp-encrypted, application/pgp-signature), as well as all of the OpenPGP and GnuPG file extensions (.
[Read More]
A tag-team git workflow that incorporates auditing
Posted on November 21, 2013
| Hans-Christoph Steiner
Git is as wonderful as it is terrible, it is immensly flexible but also far from intuitive. So to make our lives easier, we try to use git as it was originally intended, as a toolkit for building workflows.
Integration-Manager Workflow We use a simple version of the “
Integration-Manager Workflow“. One key difference is that we often have multiple contributors acting as the integration manager. This means that there is always someone else besides the original author reviewing each commit.
[Read More]
Your own private dropbox with free software
Posted on November 12, 2013
| Hans-Christoph Steiner
There are lots of file storage and sharing software packages out there that make it easy for a group of people to share files. Dropbox is perhaps the most well known of the group, it provides an easy way for a group of people to share files. The downside of Dropbox is that it is not a private service, just like any cloud-based service. Dropbox has total access to your files that you store there.
[Read More]
Setting up your own app store with F-Droid
Posted on November 5, 2013
| Hans-Christoph Steiner
(_This blog post as now been cooked into an updated HOWTO_)
The Google Play Store for Android is not available in all parts of the world, US law restricts its use in certain countries like Iran, and many countries block access to the Play Store, like China. Also, the Google Play Store tracks all user actions, reporting back to Google what apps have been installed and also run on the phone.
[Read More]
Security Awareness Party
Posted on April 26, 2013
| mark
In the security world, there’s a pesky belief that a tool can either be secure or easy to use, but not both. Some experts also argue that training people to be safe online is too hard and doesn’t accomplish much (see Bruce Schneier’s recent post Security Awareness Training). Without a thoughtful approach, that’s usually how it plays out. But it doesn’t have to be that way! We’re committed to making online security fun to learn and fun to use, and we’re launching a new series of interactive tutorials to make it happen.
[Read More]
ToFU/PoP in your Android App! (a.k.a. extending Orlib to communicate over Tor)
Posted on September 20, 2012
| harlo
In doing my research for InformaCam, I learned a couple of neat tricks for getting an app to communicate over Tor. Here’s a how-to for app developers to use depending on your threat model, and how you have your web server set-up. Enjoy, and please post your comments/questions/suggestions below…
Before we begin… You’re going to need some basic stuff up-and-running for this to work. Before you get coding, make sure you have the following:
[Read More]
<!--:en-->Build your own Open Secure Telephony Network, some assembly required<!--:-->
Posted on May 17, 2012
| lee
The Open Secure Telephony Network is a standard that defines how to configure a VoIP softswitch with the capability to have secure two-way VoIP conversations if both parties are using the same server. The system requires both backend and frontend components, which makes OSTN is a little different than some of the other Guardian apps. Unlike Gibberbot, there are few public SIP services that support secure signalling for a mobile app to connect with.
[Read More]
Orbot Your Twitter!
Posted on May 2, 2012
| n8fr8
In some ways, Twitter is the perfect application to run over the Tor network. It works with small bits of data, it is asynchronous, works naturally in a “store and forward” queue model, and in general, has a decent amount of default security built-in through HTTP/S support and OAuth. Compared to the problem-child of the open web, which often involves large websites, streaming video, flash embeds, and malicious javascript, Twitter is a nearly perfect candidate for use over a secure, anonymous (but sometimes high latency) network.
[Read More]
Announcing ObscuraCam v1 – Enhance Your Visual Privacy!
Posted on June 23, 2011
| Derek
We’re very happy to announce the beta release of ObscuraCam for Android. This is the first release from the SecureSmartCam project, a partnership with WITNESS, a leading human rights video advocacy and training organization. This is the result of an open-source development cycle, comprised of multiple sprints (and branches), that took place over the last five months. This “v1” release is just the first step towards the complete vision of the project.
[Read More]
Create an encrypted file system on Android with LUKS
Posted on February 2, 2011
| Derek
LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it not only facilitates compatibility among distributions, but also provides secure management of multiple user passwords.
Building off the work from other great sources, the Guardian Project hack team decided to take a crack at porting LUKS to Android recently, with the goal of creating a proof of concept build process that can be easily adapted to future projects.
[Read More]
SECURED: T-Mobile myTouch 4G gets Guardian
Posted on November 9, 2010
| n8fr8
One of the services we provide at the Guardian Project is taking any off the shelf Android phone and setting it up to be generally more secure, privacy minded and updated with a powerful suite of trusted apps. Today we were excited to get our hands on a myTouch 4G, manufactured by HTC and sold by T-Mobile. Really beautiful piece of hardware, and once we got our hands on it, a powerhouse of encrypted, anonymous and circumventing communications.
[Read More]
How To: Lockdown Your Mobile E-Mail
Posted on July 9, 2010
| Derek
Update 2015-04-27: _We now recommend OpenKeychain over APG, the app described in this blog post. The set up is drastically easier, so you probably don’t even need this HOWTO anymore. Start by downloading K-9 and OpenKeychain, then go into OpenKeychain and start the config there._
Over the past few years it’s become increasingly popular to sound the call that ‘email is dead{#y8a0}.’ And while many complementary forms of synchronous and asynchronous communication – from IM to social networking – have evolved since email first came on the scene, it’s hard to see email suddenly disappearing from its role as the most important way organizations communicate.
[Read More]
How To: Setup a Private VOIP Phone System for Android
Posted on May 26, 2010
| n8fr8
MAY 2011: Learn more about our new efforts on the Open Secure Telephony Network at https://guardianproject.info/wiki/OSTN – we currently recommend the CSipSimple Android app instead of SIPDroid, for secure voice calls.
Near the very top of Guardian’s open-source application suite wish list is something that might seem like a no-brainer for a secure mobile device: voice. When we take into account network performance and audio fidelity requirements, as well as the International nature of Guardian’s target users (everything from average citizens to multi-national journalists or humanitarian organizations), the prospect of a truly real-time secure VOIP solution starts to reveal itself as quite the challenge.
[Read More]