Three open-source projects haved joined together to announce a new partnership to create an open, verifiably secure mobile ecosystem of software, services and hardware. Led by the work of the Toronto-based CopperheadOS team on securing the core Android OS, Guardian Project and F-Droid have joined in to partner on envisioning and developing a full mobile ecosystem. The goal is to create a solution that can be verifiably trusted from the operating system, through the network and network services, all the way up to the app stores and apps themselves. Through a future planned crowdfunded and commercial offering, the partnership will provide affordable off-the-shelf solutions, including device hardware and self-hosted app and update distribution servers, for any individual and organizations looking for complete mobile stacks they can trust.
Update 30 March 2016: Copperhead has announced their crowdfunding plans here.
CopperheadOS is a hardened open-source Android based on AOSP, that is available for download and installation on many Nexus devices. The Guardian Project develops popular free and open-source privacy-enhancing apps like Orbot (Tor for Android), ChatSecure, and ObscuraCam, and software libraries like NetCipher, SQLCipher and PanicKit, for developers who want to enable similar features in their own apps. F-Droid is an installable catalogue of free and open source Android software, that is built into CopperheadOS, as the default app store. It enables decentralized and verifiably secure app distribution by any individual or organization.
“I have been a happy CopperheadOS user since the first moment I installed it”, says Nathan Freitas, Founder and Director of Guardian Project, ” even with running it on a two-generation old, very inexpensive Nexus 5 device. I know I will always have the latest security updates immediately, and that everything on my device is under my control.”
“My Copperhead Nexus is the go-to device in my bag, ” says Freitas, “when I am handling sensitive information, find myself on a network I don’t trust, or am otherwise wary about my communication being tracked, intercepted or tampered with.”
Hans-Christoph Steiner who leads the Guardian Project’s developer platform says “Copperhead with F-Droid and Orbot provides all of the benefits of a smartphone, without the security and privacy downsides introduced by the major vendors, carriers and closed app stores. By building in F-Droid, Copperhead guarantees its users have direct access to the best free and open software, built directly from source-code in a trusthworthy, verifiable way”. Mr. Steiner presented on his work with F-Droid and building “private, unblockable app stores” at FOSDEM 2016 in January.
Collectively, this partnership creates a global team of information security researchers, forensic analysts, software developers, designers and engaged users, looking to move the state of the art forward for open, verifiably secure and privacy-enhancing mobile technology. The groups hope to expand the effort to include other mobile OS teams, application developers and even hardware developers interested in having the same kind of impact on the privacy and security of mobile computing.
James Donaldson of Copperhead says “It’s important for Android users to have a privacy minded viable alternative to closed-source solutions when contemplating mobile security. Teaming up with great partners like F-Droid and Guardian Project allows us to offer our users both security and a great experience with all of the core features they need.”
Guardian Project is an open-source effort based in New York, with a global community of contributors and partners. Copperhead is an information security firm located in Toronto, Canada, specializing in protecting data and devices from unauthorized access. F-Droid is a non-profit volunteer project, and is operated by F-Droid Limited, a non-profit organisation registered in England (no. 8420676).