The Guardian Project is about more than just apps. All of our code is open-source in order to move the collective ball forward in mobile security efforts. In addition we are building developer-focused libraries, tools and source code for you to add security-oriented features and capabilities to your own apps.

Clean Insights: Privacy Preserving Measurement

Clean Insights gives developers a way to plug into a secure, private measurement platform. It is focused on assisting in answering key questions about app usage patterns, and not on enabling invasive surveillance of all user habits. Our approach provides programmatic levers to pull to cater to specific use cases and privacy needs. It also provides methods for user interactions that are ultimately empowering instead of alienating. Clean Insights is available as a lightweight, minimal impact, freely licensed toolkit to include in your mobile app, desktop app, website or back-end service. [Read More]

Wind: Off-Grid Services for Everyday People

GitHub - blog posts When disaster strikes, connectivity becomes difficult. Information can save your life, guiding you to safety and services. Networks today are fragile and easy overloaded. There has not been enough investment in the many other possible nets, that may be better suited for situations where connections to the global internet are not available or affordable. The potential in radios, sensors and processing available in the cheapest of smartphones and routers are not fully utilized or realized. [Read More]

PanicKit: system-wide panic responses

GitLab - GitHub - Javadoc - blog posts PanicKit is a collection of tools for creating “panic buttons” that can trigger a system-wide response when the user is in an anxious or dangerous situation. It enables trigger apps and responder apps to safely and easily connect to each other. The user engages with the trigger app when in a panic situation. The responder apps receive that trigger signal, and individually execute the steps that they were configured to do. [Read More]

CacheWord: Passphrase Caching and Management

GitLab - GitHub - Javadoc - blog posts CacheWord is an Android library project for passphrase caching and management. It helps app developers securely generate, store, and access secrets derived from a user’s passphrase. It is designed to work easily with IOCipher and SQLCipher-for-Android, but it can be used any time an app needs to manage a password. Broadly speaking this library assists developers with two related problems: [Read More]

TrustedIntents: flexible trusted interactions between Android apps

GitLab - GitHub - blog posts TrustedIntents is a library for flexible trusted interactions between Android apps. It is modeled after Android’s signature protection level for permissions. The key difference is that the framework allows the trusted signature to be set, rather than requiring to match the current app’s signature. For more info: Downloads The binary jar, source jar, and javadoc jar are all available on jcenter. [Read More]

NetCipher: Secured Networking

GitLab - GitHub - Javadoc - blog posts Better TLS and Tor App Integration NetCipher is a library for Android that provides multiple means to improve network security in mobile applications. It provides best practices TLS settings using the standard Android HttpURLConnection methods, HttpURLConnection, OkHTTP3, Volley, and Apache HTTP Client, provides simple Tor integration, makes it easy to configure proxies for HTTP connections and WebView instances. [Read More]

IOCipher: Virtual Encrypted Disks

GitLab - GitHub - Javadoc - blog posts IOCipher provides a virtual encrypted disk for Android apps without requiring the device to be rooted. It uses a clone of the standard API for working with files, so developers already know how to use it. Only password handling, and opening the virtual disk are what stand between the developer and working encrypted file storage. [Read More]

libsqlfs: filesystem on top of SQLite/SQLCipher

libsqlfs provides a complete virtual disk on top of a SQLite or SQLCipher database. The virtual disk is encrypted and contained in a single file, which can be easily moved around, copied, shared, etc. It is a standard FUSE filesytem that can work on Android, GNU/Linux, and perhaps also macOS.

SQLCipher: Encrypted Database

GitHub - blog posts In an environment where mobile data privacy is increasingly in the headlines, this project will make it easier than ever for mobile developers to properly secure their local application data, and in turn better protect the privacy of their users. The data stored by Android apps protected by this type of encryption will be less vulnerable to access by malicious apps, protected in case of device loss or theft, and highly resistant to mobile data forensics tools that are increasingly used to mass copy a mobile device during routine traffic stops. [Read More]

TorService: Tor library for Android

GitLab - GitHub - Javadoc - blog posts This is native Android TorService built on the Tor shared library built for Android. It is designed around the Android lifecycle. The included binaries can also be used directly as a tor daemon. This is used in Orbot, TorServices, OnionShare, and more. Features Native Android TorService for running Tor in a background service Designed around modern Android tools like WorkManager Reproducible Build with included Vagrant setup for running them Source Code Repository library, helpers, tests, and sample project: https://github. [Read More]