First Reproducible Builds Summit
Posted on December 9, 2015
| Hans-Christoph Steiner
I was just in Athens for the “Reproducible Builds Summit“, an Aspiration-run meeting focused on the issues of getting all software builds to be reproducible. This means that anyone starting with the same source code can build the exact same binary, bit-for-bit. At first glance, it sounds like this horrible, arcane detail, which it is really. But it provides tons on real benefits that can save lots of time. And in terms of programming, it can actually be quite fun, like doing a puzzle or sudoku, since there is a very clear point where you have “won”.
[Read More]
CipherKit reproducible builds
Posted on September 21, 2015
| Hans-Christoph Steiner
We have been on a kick recently with making our build process support “reproducible builds” aka “deterministic builds”. What is this reproducible thing? Basically, what that means is that you can run a script and end up with the exact same binary file as our official releases, be it a APK, JAR, AAR, whatever. That lets anyone verify that our releases are produced only from the source in git, without including anything else, whether deliberately or accidentally (like malware).
[Read More]
Orfox: Aspiring to bring Tor Browser to Android
Posted on June 30, 2015
| n8fr8
Update 24 September, 2015: Orfox BETA is now on Google Play: https://play.google.com/store/apps/details?id=info.guardianproject.orfox
In the summer of 2014 (https://lists.mayfirst.org/pipermail/guardian-dev/2014-August/003717.html{.external}), we announced that the results of work by Amogh Pradeep (https://github.com/amoghbl1{.external}), our 2014 Google Summer of Code student, has proven we could build Firefox for Android with some of the settings and configurations from the Tor Browser desktop software. We called this app Orfox, in homage to Orbot and our current Orweb browser.
[Read More]
Building a trustworthy app store that respects privacy
Posted on June 2, 2015
| Hans-Christoph Steiner
One core piece of our approach is thinking about very high risk situations, like Ai Weiwei or Edward Snowden, then making the tools for operating under that pressure as easy to use as possible. That means that we might occasionally come across as a little paranoid. It is important to dive into the depths of what might be possible. That is an essential step in evaluating what the risks and defenses are, and how to prioritize them.
[Read More]
Getting Android tools into Debian
Posted on April 30, 2015
| Hans-Christoph Steiner
As part of Debian’s project in Google Summer of Code, I’ll be working with two students, Kai-Chung Yan and Komal Sukhani, and another mentor from the Debian Java Team team, Markus Koschany. We are going to be working on getting the Android SDK and tools into Debian, as part of the Debian Android Tools team, building upon the existing work already included from the Java and Android Tools teams.
[Read More]
Phishing for developers
Posted on February 24, 2015
| Hans-Christoph Steiner
I recently received a very interesting phishing email directed at developers with apps in Google Play. One open question is, how targeted it was: did anyone else get this?
It turns out that Google has been recently stepping up enforcement of certain terms, so it looks like some people are taking advantage of that. It is a pretty sophisticated or manually targeted phishing email since they got the name of the app, email address, and project name all correct.
[Read More]
Complete, reproducible app distribution achieved!
Posted on February 11, 2015
| Hans-Christoph Steiner
With F-Droid, we have been working towards getting a complete app distribution channel that is able to reproducibly build each Android app from source. while this may sound like a mundane detail, it does provide lots of tangible benefits. First, it means that anyone can verify that the app that they are using is 100% built from the source code, with nothing else added. That verifies that the app is indeed 100% free, open source software.
[Read More]
Experimental app to improve privacy in location sharing
Posted on January 29, 2015
| Hans-Christoph Steiner
As part of the T2 Panic effort, I’ve recently been diving deep into the issues of sharing location. It is unfortunately looking really bad, with many services, including Google, frequently sharing location as plain text over the network. I’ve started to write up some of the issues on this blog.
As part of this, I’ve put together an experimental Android app that aims to act as a privacy filter for all ways of sharing location.
[Read More]
First working test of IOCipher for Obj-C
Posted on January 26, 2015
| Hans-Christoph Steiner
Every so often, we revisit our core libraries in the process of improving our existing apps, and creating new ones. IOCipher has become a standard part of our apps since it provides a really easy way to include encrypted file storage in Android apps. And we are now working on spreading it to iOS as well, headed up by Chris Ballinger, with the first preliminary tests of IOCipher for Obj-C. Testing and contributions are most welcome!
[Read More]
Sharing your location privately
Posted on January 23, 2015
| Hans-Christoph Steiner
Facebook location sharing embeds the location in every single message, providing a detailed log to the recipient, Facebook, and anyone Facebook shares that data with One handy feature that many smartphones give us is the ability to easily share our exact position with other people. You can see this feature in a lot of apps. Google Maps lets you click “Share” and send a URL via any method you have available.
[Read More]
Reducing metadata leakage from software updates
Posted on October 16, 2014
| Hans-Christoph Steiner
Update: now you can do this with Tor Onion Services
Many software update systems use code signing to ensure that only the correct software is downloaded and installed, and to prevent the code from being altered. This is an effective way to prevent the code from being modified, and because of that, software update systems often use plain, unencrypted HTTP connections for downloading code updates. That means that the metadata of what packages a machine has installed is available in plain text for any network observer, from someone sitting on the same public WiFi as you, to state actors with full network observation capabilities.
[Read More]
CipherKit updates: IOCipher and CacheWord
Posted on September 26, 2014
| Hans-Christoph Steiner
We’ve been on a big kick recently, updating the newest members of our CipherKit family of frameworks: IOCipher and CacheWord. There also are is a little news about the original CipherKit framework: SQLCipher-for-Android.
IOCipher v0.2 IOCipher is a library for storing files in an encrypted virtual disk. It’s API is the exact same as java.io for working with files, and it does not need root access. That makes it the sibling of SQLCipher-for-Android, both are native Android APIs that wrap the SQLCipher database.
[Read More]
Question: central server, federated, or p2p? Answer: all!
Posted on September 18, 2014
| Hans-Christoph Steiner
There are many ideas of core architectures for providing digital services, each with their own advantages and disadvantages. I break it down along the lines of central servers, federated servers, and peer-to-peer, serverless systems.
a central service with clients connecting to it Most big internet companies operate in effect as a central server (even though they are implemented differently). There is only facebook.com, there are no other services that can inter-operate with facebook.
[Read More]
Introducing TrustedIntents for Android
Posted on July 30, 2014
| Hans-Christoph Steiner
Following up on our research on secure Intent interactions, we are now announcing the first working version of the TrustedIntents library for Android. It provides methods for checking any Intent for whether the sending and receiving app matches a specified set of trusted app providers. It does this by “pinning” to the signing certificate of the APKs. The developer includes this “pin” in the app, which includes the signing certificate to trust, then TrustedIntents checks Intents against the configured certificate pins.
[Read More]
New Official Guardian Project app repo for FDroid!
Posted on June 30, 2014
| Hans-Christoph Steiner
We now have an official FDroid app repository that is available via three separate methods, to guarantee access to a trusted distribution channel throughout the world! To start with, you must have FDroid installed. Right now, I recommend using the latest test release since it has support for Tor and .onion addresses (earlier versions should work for non-onion addresses):
https://f-droid.org/repo/org.fdroid.fdroid_710.apk
In order to add this repo to your FDroid config, you can either click directly on these links on your devices and FDroid will recognize them, or you can click on them on your desktop, and you will be presented with a QR Code to scan.
[Read More]
Our first deterministic build: Lil’ Debi 0.4.7
Posted on June 9, 2014
| Hans-Christoph Steiner
We just released Lil’ Debi 0.4.7 into the Play Store and f-droid.org. It is not really different than the 0.4.6 release except in has a new, important property: the APK contents can be reproduced on other machines to the extent that the APK signature can be swapped between the official build and builds that other people have made from source, and this will still be installable. This is known as a “deterministic build” or “reproducible build”: the build process is deterministic, meaning it runs the same way each time, and that results in an APK that is reproducible by others using only the source code.
[Read More]
Orbot now at v14.0.0 build 100!
Posted on June 7, 2014
| n8fr8
The latest Orbot is out soon on Google Play, and by direct download from the link below:
Android APK: https://guardianproject.info/releases/orbot-latest.apk
(PGP Sig)
The major improvements for this release are:
Uses the latest Tor 0.2.42.22 stable version Fix for recent OpenSSL vulnerabilities Addition of Obfuscated Bridges 3 (Obfs3) support Switch from Privoxy to Polipo (semi-experimental) and much more… see the CHANGELOG link below for all the details.
The tag commit message was “updating to 14.
[Read More]
Automatic, private distribution of our test builds
Posted on June 6, 2014
| Hans-Christoph Steiner
One thing we are very lucky to have is a good community of people willing to test out unfinished builds of our software. That is a very valuable contribution to the process of developing usable, secure apps. So we want to make this process as easy as possible while keeping it as secure and private as possible. To that end, we have set up an FDroid repository of apps generated from the test builds that our build server generates automatically every time we publish new code.
[Read More]
Reset The Net!
Posted on June 4, 2014
| n8fr8
We’re making the Internet more secure, by taking part in #ResetTheNet https://resetthenet.org
Security in a thumb drive: the promise and pain of hardware security modules, take one!
Posted on March 28, 2014
| Hans-Christoph Steiner
Hardware Security Modules (aka Smartcards, chipcards, etc) provide a secure way to store and use cryptographic keys, while actually making the whole process a bit easier. In theory, one USB thumb drive like thing could manage all of the crypto keys you use in a way that makes them much harder to steal. That is the promise. The reality is that the world of Hardware Security Modules (HSMs) is a massive, scary minefield of endless technical gotchas, byzantine standards (PKCS#11!
[Read More]