The Guardian Project is about more than just apps. All of our code is open-source in order to move the collective ball forward in mobile security efforts. In addition we are building developer-focused libraries, tools and source code for you to add security-oriented features and capabilities to your own apps.

Wind: Off-Grid Services for Everyday People

GitHub - blog posts When disaster strikes, connectivity becomes difficult. Information can save your life, guiding you to safety and services. Networks today are fragile and easy overloaded. There has not been enough investment in the many other possible nets, that may be better suited for situations where connections to the global internet are not available or affordable. The potential in radios, sensors and processing available in the cheapest of smartphones and routers are not fully utilized or realized. [続きを読む]

PanicKit: system-wide panic responses

GitLab - GitHub - Javadoc - blog posts PanicKit is a collection of tools for creating “panic buttons” that can trigger a system-wide response when the user is in an anxious or dangerous situation. It enables trigger apps and responder apps to safely and easily connect to each other. The user engages with the trigger app when in a panic situation. The responder apps receive that trigger signal, and individually execute the steps that they were configured to do. [続きを読む]

CacheWord: Passphrase Caching and Management

GitLab - GitHub - Javadoc - blog posts CacheWord is an Android library project for passphrase caching and management. It helps app developers securely generate, store, and access secrets derived from a user’s passphrase. It is designed to work easily with IOCipher and SQLCipher-for-Android, but it can be used any time an app needs to manage a password. Broadly speaking this library assists developers with two related problems: [続きを読む]

TrustedIntents: flexible trusted interactions between Android apps

GitLab - GitHub - blog posts TrustedIntents is a library for flexible trusted interactions between Android apps. It is modeled after Android’s signature protection level for permissions. The key difference is that the framework allows the trusted signature to be set, rather than requiring to match the current app’s signature. For more info: https://dev.guardianproject.info/projects/trustedintents/wiki/Wiki/ https://guardianproject.info/2014/01/21/improving-trust-and-flexibility-in-interactions-between-android-apps/ https://developer.android.com/guide/topics/manifest/permission-element.html#plevel Downloads The binary jar, source jar, and javadoc jar are all available on jcenter. [続きを読む]

NetCipher: Secured Networking

GitLab - GitHub - Javadoc - blog posts Better TLS and Tor App Integration NetCipher is a library for Android that provides multiple means to improve network security in mobile applications. It provides best practices TLS settings using the standard Android HttpURLConnection methods, HttpURLConnection, OkHTTP3, Volley, and Apache HTTP Client, provides simple Tor integration, makes it easy to configure proxies for HTTP connections and WebView instances. [続きを読む]

IOCipher: Virtual Encrypted Disks

GitLab - GitHub - Javadoc - blog posts IOCipher provides a virtual encrypted disk for Android apps without requiring the device to be rooted. It uses a clone of the standard java.io API for working with files, so developers already know how to use it. Only password handling, and opening the virtual disk are what stand between the developer and working encrypted file storage. [続きを読む]

libsqlfs: filesystem on top of SQLite/SQLCipher


libsqlfs provides a complete virtual disk on top of a SQLite or SQLCipher database. The virtual disk is encrypted and contained in a single file, which can be easily moved around, copied, shared, etc. It is a standard FUSE filesytem that can work on Android, GNU/Linux, and perhaps also macOS.

SQLCipher: Encrypted Database

GitHub - blog posts In an environment where mobile data privacy is increasingly in the headlines, this project will make it easier than ever for mobile developers to properly secure their local application data, and in turn better protect the privacy of their users. The data stored by Android apps protected by this type of encryption will be less vulnerable to access by malicious apps, protected in case of device loss or theft, and highly resistant to mobile data forensics tools that are increasingly used to mass copy a mobile device during routine traffic stops. [続きを読む]