Domain: guardianproject.info
Stories and comments across the archive that link to guardianproject.info.
Comments · 26
-
Re:Completely safe and secure
Yes, a "project" that tries as hard as possible to make sure you can't tell who works on it. Sign your work if you want trust.
-
Nvidia Shield.
- The entire Android store's selection. Games are cheap (and avoid any 'pay to play' ones).
- Load it full of emulators or MAME.
- It'll be a Kodi box for media streaming.
- Intstall Lil' Debie and have a full Debian chroot environment.
My Android STB has 8 cores, plays 4k content decently well. My wife's Christmas present is going to be a Bluetooth NES controller so we can play the games we grew up with.
-
Re:Open Source Android
Gibbertbot offers OTR XMPP chat for Android, as does ChatSecure for iOS. The DuckDuckGo app for Androind/iOS offers untracked search over HTTPS. There are a number of PGP/GPG email readers/writers for Android and iOS.
All of this can be precluded by the NSA having a backdoor at the graces of the manufacturer, but we still don't know the extent of that. The article states that their iPhone surveillance required them to hack into the host iTunes computer, which can be prevented with a good firewall.
-
Re:Missed the boat...
You can still use android. You just have to use an AOSP implementation without Google Apps. This is the beauty of open source.
Personally I'd recommend FDroid with Cyanogen Mod. It's an open source repository of android apps. Theres lot's of trustworthy 3rd party repositories you can add to it, and you could even make your own.
Many popular proprietary android apps also offer direct apk downloads from their website. It's actually easier than you might think to survive on android without a google account and google play. -
Some great apps
At one level, you're toast, right? You need a burner phone you bought with cash, without using ID, and to activate it without linking it to your person. You need to never have it with you at your commons places to be (house, work, coffeeshop on the corner, etc.) - and once you start talking using apps on a smartphone, you've multiplied the complications here 1000x. If you care that much, you probably should just give up on cell phones.
But, there are a tons of ways to make your usage of cell phones safer and more secure. The Guardian Project is a great place to start - https://guardianproject.info/apps/ - you can get their apps from the Play store, from the F-Droid OSS repo, or as APKs directly. It brings Tor to your Android, OTR chatting, end-to-end encrypted VOIP calls, and even PGP email.
iOS is a bit further behind with all of this, for various reasons.
There was a great guide on this last year, but the site seems to have gone offline. Some intrepid data-rescuers have put the content up on github:
-
Re:Problems with closed sorce
As mentioned, OTR is good for secure chat; and Jitsi (other other VOIP tools that implement OSTN, https://guardianproject.info/wiki/OSTN) can provide end-to-end encrypted voice and video as well as chat. Kinda like skype, but secure.
-
Re:F-Droid is your friend
Android security software is largely organized by guardianproject.info.
-
Great collection of F/LOSS security/privacy tools
The Guardian Project develops and maintains a list of great security and privacy tools (Tor for android, secure chat, encrypted VOIP, PGP support for email... ). They're generally cross-posted on f-droid, and you can find play, f-droid and source links here: https://guardianproject.info/apps/
-
The point is that Google uses XMPP....The fact that Google is based in the US is far less important than the fact that the backbone of their communications infrastructure uses a protocol with an open specification (RFCs included). Google Talk (also including Gmail Chat) provides every single person with a Google account a connection to the macrocosm of every federated XMPP server on the Internet, which also happens to be a benefit for those who want secure, end-to-end encryption on a service not controlled by a single company.
XMPP (aka Jabber), as an open protocol, has been implemented in a gigantic amount of both client & server software, in both free/libre and proprietary projects, and on many platforms. Google accounts (meaning every single Gmail, Youtube accounts, and almost all Android users) all have 100% standards compliant XMPP accounts as well, meaning they can use any client they choose. You don't need to hear it from me, read what Google themselves have to say on the matter:In addition to the Google Talk client, there are many other clients out there that provide a great communications experience. We believe users should have choice in which clients they use to connect to the Google Talk service and we want to encourage the developer community to create new and innovative applications that leverage our service. To enable this, Google Talk uses the standard XMPP protocol for authentication, presence, and messaging.
What does this mean for those who care about security? For one, you can choose software that includes Off-the-Record end-to-end encryption (OTR) such as Pidgin with the OTR plugin on GNU+Linux or Windows, or Adium (which has OTR built-in and enabled by default) on Mac OS X. On Android you can use Beem or Gibberbot, although I personally recommend Beem (and if you are using iOS you obviously don't give a shit about security anyway). By using OTR, Google has no idea what you are typing, even as you use their servers to send & receive XMPP data. As a bonus, you can proxy any of these applications over Tor, so Google has no idea where you are even connecting from, anonymising your IP address.
Because of the benefits of an open protocol, the fact that Google is in the US is far less of a problem than Microsoft being in the US because Skype by design restricts your ability to know how it communicates with Microsoft's supernodes and other Skype clients. This is the very nature of proprietary software: to subjugate you, keep you ignorant, and wield power over you. Google may not be perfect, but at least they are committed to using open standards as the base level of their communication networks, and explicitely encourage people to use what software they want, allow proxied and/or Torified connections to their services, & allow you to use end-to-end encryption with crypto keys that YOU control.
TL,DR:
I am very happy to find out a friend has a Google account, so that as soon as they use it with OTR encryption, I can communicate with them safely & securely from my own XMPP server with end-to-end encryption using an standard, open protocol. Incomparably better than Skype. -
Re:All This Needs Is A FOSS Solution
Ostel is a running public beta of the Open Secure Telephony project. It's end-to-end secure VoIP. Anyone with an Android phone (i.e. everybody reading this) is covered for everything but video by The Guardian Project.
-
Re:All This Needs Is A FOSS Solution
Ostel is a running public beta of the Open Secure Telephony project. It's end-to-end secure VoIP. Anyone with an Android phone (i.e. everybody reading this) is covered for everything but video by The Guardian Project.
-
Orbot: Mobile Anonymity + Circumvention
Need more TOR! https://guardianproject.info/apps/orbot/
-
Re:sounds greatThe Guardian Project is an effort to increase the security of Android. A quote from the website:
The Guardian Project aims to create easy to use apps, open-source firmware MODs, and customized, commercial mobile phones that can be used and deployed around the world, by any person looking to protect their communications and personal data from unjust intrusion and monitoring.
https://guardianproject.info/
Here is a link to their February project update to give you an idea what they are working on: https://guardianproject.info/2012/02/09/february-2012-project-update/ -
Re:sounds greatThe Guardian Project is an effort to increase the security of Android. A quote from the website:
The Guardian Project aims to create easy to use apps, open-source firmware MODs, and customized, commercial mobile phones that can be used and deployed around the world, by any person looking to protect their communications and personal data from unjust intrusion and monitoring.
https://guardianproject.info/
Here is a link to their February project update to give you an idea what they are working on: https://guardianproject.info/2012/02/09/february-2012-project-update/ -
This ain't Meamo
Another web based mobile OS? Why bother? I'll stick with native-ish code, thanks.
Btw, I'm still running Maemo on my N900, but I'll upgrade to Android soonish. Android is good enough, open enough, and satisfies the moral imperative of offering good open source encryption tools, i.e. not worthless CALEA garbage like facetime or skype.
Yes, encrypting your traffic is now a moral imperative, look around, maybe you don't have anything worth hiding, but some guy on your ISP probably organizes occupy stuff or whatever.
-
Re:It's not just about the VPN aspect
Android has by-far the best cryptography suite amongst all phone/tablet OSs, well unless your running vanilla Linux on a tablet.
-
Android
If you use Android, you should check out the Guardian Project.
-
cryptography as protest
Imho, the reprehensible behaviors of our governments over the last decade has made encrypting our communications a moral imperative. I have "nothing on the line" personally, but..
There are many activists in the world doing important things to undermine harmful sources of authority. And my own usage of cryptography helps prevent governments and corporations from identifying the interesting traffic quite so easily.
If you have an Android device, then you should check out the Guardian Project.
-
I lol'd cuz it's true
I honestly like Apple's hardware, well their laptops anyways. Yey MacBook Air!
I've never liked iOS ever since they introduced it without cut & paste. I'm cool experimenting with Apple's user-interface tweaks, like launchpad or whatever, but damn if dropping cut & paste didn't scream "you are not our target market". Apple has introduced cut & paste but damn if they haven't always lagged behind on critical features.
I'm currently using an N900 because I love the integration of VoIP with GSM and IM with SMS. I'm buying an Android soonish because only Android provides a full range of open source cryptographic options. See the Guardian Project.
Imho, the reprehensible behaviors of our governments over the last decade has made encrypting our communications a moral imperative. I.e. I've nothing important enough to keep secret, but damn if I'm not gonna make their lives harder by making my unimportant information inaccessible to them.
-
lil' debi
We've made a Debian chroot installer and manager app for Android, so you can have a Debian chroot running in parallel with Android. You can apt-get anything in Debian/arm. We're interested in server software, so we haven't tried anything beyond things like ssh, nginx, jabberd, etc.
https://guardianproject.info/code/lildebi/
And the code is up on Github:
https://github.com/guardianproject/lildebi -
Re:Encrypt The Phone
Or you could just encrypt the database.
-
Re:GNU VoIP
-
RedPhone uses ZRTP
Its recommended by the Guardian 'secure Android' project: https://guardianproject.info/apps/
-
Let them try
It's going to be interesting to see them snoop packets encrypted through a Tor network. The Guardian Project already has a Tor app in the market and are also working on a lot of other cool tools.
-
Re:Yep...
https://guardianproject.info/ nuff said
;). -
Guardian Project
Hi, check out the guardian project http://guardianproject.info/ which is aimed at mobile security for Android.