We are happy to announce the start of work on another step in improving crowdsourced localization, funded by the ISC Project. This is the second part of our ongoing “Linguine” collaboration to move crowdsourced translation to privacy-respecting free software.
Crowdsourced translation has proven enormously successful getting apps and website software translated into many languages. Using tools like Weblate or Transifex, developers can quite easily incorporate translated app strings into their mobile apps and websites.
[Read More]
MASQUE Review
MASQUE is set of related IETF drafts for specifying flexible proxying built into a standard webserver. It is meant to be deployed on a server that is serving public websites, then this connection can be reused for proxying generic connections. It is very much a work in progress, so any of this can change. It is currently built on top of the QUIC+HTTP/3 and HTTP/2+TLS+TCP protocols. The website and proxy packets look the same, and all connections to the webserver will be shared and reused, regardless of whether its a web page request or proxy traffic.
[Read More]
Tracking the Trackers: using machine learning to aid ethical decisions
F-Droid is a free software community app store that has been working since 2010 to make all forms of tracking and advertising visible to users. It has become the trusted name for privacy in Android, and app developers who sell based on privacy make the extra effort to get their apps included in the F-Droid.org collection. These include Nextcloud, Tor Browser, TAZ.de, and Tutanota. Auditing apps for tracking is labor intensive and error prone, yet ever more in demand.
[Read More]
NetCipher + Conscrypt for the best possible TLS
A new NetCipher library has recently been merged: netcipher-conscrypt. In the same vein as the other NetCipher libraries, netcipher-conscrypt wraps the Google Conscrypt library, which provides the latest TLS for any app that includes it. netcipher-conscrypt lets apps then disable old TLS versions like TLSv1.0 and TLSv1.1, as well as disable TLS Session Tickets. This is an alpha release because it only works on recent Android versions (8.1 or newer). The actual functionality works well, the hard part remains making sure that it is possible to inject netcipher-conscrypt as the TLS provider on all Android devices and versions.
[Read More]
Trusted Update Channels vs. Scratching Your Itch
One of the great things about free software is that people can easily take a functional program or library and customize it as they see fit. Anyone can come along, submit bug fixes or improvements, and they can be easily shared across many people, projects, and organizations. With distribution systems like Python’s pypi, there is an update channel that the trusted maintainers can publish fixes so consumers of the library can easily get updates.
[Read More]
Onions on Apples: A New Release of Onion Browser for iOS
During 2019, Guardian Project has been working with developer Mike Tigas to make improvements to his Tor-enabled web browser for iOS, Onion Browser. Here we re-cap the major improvements currently - and soon-to-be - available.
Mike developed Onion Browser on his own, in close collaboration with the Tor Project. Though we’ve worked with Mike in the recent-past, this 2019 project – funded by the Open Technology Fund – gave us significantly more bandwidth to address the challenges of running Tor on iOS, especially alongside a full web-browsing feature set.
[Read More]
IOCipher 64-bit builds
IOCipher v0.5 includes fulil 64-bit support and works with the latest SQLCipher versions. This means that the minimum supported SDK version had to be bumped to android-14, which is still older than what Google Play Services and Android Support libraries require.
One important thing to note is that newer SQLCipher versions require an upgrade procedure since they changed how the data is encrypted. Since IOCipher does use a SQLCipher database, and IOCipher virtual disks will have to be upgraded.
[Read More]
Tor Project: Orfox Paved the Way for Tor Browser on Android
Last month, we tagged the final release of Orfox, an important milestone for us in our work on Tor. Today, we pushed this final build out to all the Orfox users on Google Play, which forces them to upgrade to the official Tor Browser for Android..
Our goal was never to become the primary developer or maintainer of the “best” tor-enabled web browser app on Android. Instead, we chose to act as a catalyst to get the Tor Project and the Tor Browser development team themselves to take on Android development, and upstream our work into the primary codebase.
[Read More]
NetCipher update: global, SOCKS, and TLSv1.2
NetCipher has been relatively quiet in recent years, because it kept on working, doing it was doing. Now, we have had some recent discoveries about the guts of Android that mean NetCipher is a lot easier to use on recent Android versions. On top of that, TLSv1.2 now reigns supreme and is basically everywhere, so it is time to turn TLSv1.0 and TLSv1.1 entirely off.
A single method to enable proxying for the whole app As of Android 8.
[Read More]
PanicKit 1.0: built-in panic button and full app wipes
Panic Kit is 1.0! After over three years of use, it is time to call this stable and ready for widespread use.
Built-in panic button This round of work includes a new prototype for embedding PanicKit directly into Android. Android 9.0 Pie introduced a new “lockdown” mode which follows some of the patterns laid out by PanicKit.
[Read More]
Exploring possibilities of Pluggable Transports on Android
Pluggable Transports (PT) give software developers the means to establishing reliable connections in DPI-filtered network scenarios. A variety of techniques are supported, all available by implementing just one standard. We looked into how this can be put to work in Android Apps. Hence we crafted 3 fully functional PT-enabled prototype Apps based on well known open source projects.
All our prototypes rely on obfs4 which is a stable PT implementation widely deployed by Tor.
[Read More]
Use Onions/HTTPS for software updates
There is a new vulnerability in Debian’s apt that allows anything that can Man-in-the-Middle (MITM) your traffic to get root on your Debian/Ubuntu/etc boxes. Using encrypted connections for downloading updates, like HTTPS or Tor Onion Services, reduces this vulnerability to requiring root on the mirror server in order to exploit it. That is a drastic reduction in exposure. We have been pushing for this since 2014, and Debian, mirror operators, and others in the ecosystem have taken some big steps towards making this the standard.
[Read More]
Wind is a Mozilla & National Science Foundation Grand Prize Winner
On August 14th, members of the Guardian Project team traveled to Mountain View to compete in the final round of the Wireless Innovation for a Networked Society (WINS) Challenge. We learned in July that our Wind project was a finalist, and we now had the opportunity to compete for one of the grand prizes, in a TED-meets-SharkTank style event, at Mozilla HQ.
Wind is a network designed for opportunistic communication and sharing of local knowledge that provides off-grid services for everyday people, using the mobile devices they already have.
[Read More]
IOCipher is the antidote to “Man-in-the-Disk” attack
Recently, at DEFCON 2018, researchers at Check Point announced a new kind of attack made possible by the way many Android apps are implemented. In summary, developers use the shared external storage space in an unsafe manner, by not taking into consideration that other apps also have read and write access to the same space. A malicious app can modify data used by another app, as a vector for compromising that app, causing it to be compromised or crash.
[Read More]
Our “Wind” project is a Mozilla-NSF challenge finalist!
For the last few years, we’ve been working on the Wind network concept, as a nearby, local, off-grid companion, or alternative, to the Web. This year, we decided to participate in the Wireless Innovation Challenge, sponsored by Mozilla and the National Science Foundation. Today, it was announced that we are a finalist in, as they put it, “A Science Fair with $1.6 Million in Prizes”.
Watch the video below to learn more about Wind, or jump right over to the Wind project page.
[Read More]
Orbot: Over 20 Million Served, Ready for the Next Billion
We recently published the latest release of Orbot (16.0.2!), and as usual, we make it available via Google Play, as well F-Droid, and through direct download on our website. Whether we like it or not, Google keeps tracks of things like total installs and active installs (i.e. not uninstalled), and reports on that for us through their dashboard. While publishing this release, we noticed a milestone that made us a bit proud… so pardon this humblebrag.
[Read More]
Orbot v16: a whole new look, and easier to use!
Orbot: Tor for Android has a new release (tag and changelog), with a major update to the user experience and interface. This is the 16th major release of Orbot, since it was launched in late 2009.
The main screen of the app now looks quite different, with all the major features and functions exposed for easy access. We have also added a new onboarding setup wizard for first time users, that assists with configuring connections to the Tor network for users in places where Tor itself is blocked.
[Read More]
Haven: Building the Most Secure Baby Monitor Ever?
About eight months ago, friends at the Freedom of the Press Foundation reached out to us, to see if we were interested in prototyping an idea they had been batting around. They knew that from projects like CameraV and ProofMode, that we knew how to tap into the sensors on smartphones to do interesting things. They also knew we could connect devices together using encrypted messaging and onion routing, through our work on ChatSecure and Tor (Orbot!
[Read More]
Building a Signing Server
The Android APK signing model sets the expectation that the signing key will be the same for the entire lifetime of the app. That can be seen in the recommended lifetype of an Android signing key: 20+ years. On top of that, it is difficult to migrate an app to a new key. Since the signing key is an essential part to preventing APKs from impersonating another, Android signing keys must be kept safe for the entire life of the app.
[Read More]
No more “Root” features in Orbot… use Orfox & VPN instead!
Since I first announced the available of Orbot: Tor for Android about 8 years ago (wow!), myself and others have been working on various methods in which to make the capabilities of Tor available through the operating system. This post is to announce that as of the next, imminent release, Orbot v15.5, we will no longer be supporting the Root-required “Transproxy” method. This is due to many reasons.
First, it turns out that allowing applications to get “root” access on your device seems like a good idea, it can also be seen as huge security hole.
[Read More]