Building a Signing Server

 Posted on December 18, 2017  |  Hans-Christoph Steiner

The Android APK signing model sets the expectation that the signing key will be the same for the entire lifetime of the app. That can be seen in the recommended lifetype of an Android signing key: 20+ years. On top of that, it is difficult to migrate an app to a new key. Since the signing key is an essential part to preventing APKs from impersonating another, Android signing keys must be kept safe for the entire life of the app. [Read More]
bazaar  F-Droid  fdroid  hardware  howto  hsm  identity  security  signing  signing key  smart card  tor 

Build Android apps with Debian: apt install android-sdk

 Posted on March 13, 2017  |  Hans-Christoph Steiner


In Debian stretch, the upcoming new release, it is now possible to build Android apps using only packages from Debian. This will provide all of the tools needed to build an Android app targeting the “platform” android-23 using the SDK build-tools 24.0.0. Those two are the only versions of “platform” and “build-tools” currently in Debian, but it is possible to use the Google binaries by installing them into /usr/lib/android-sdk.

[Read More]
Android  bazaar  debian  howto  open source  reproducible builds  security 

HOWTO: get all your Debian packages via Tor Onion Services

 Posted on July 31, 2016  |  Hans-Christoph Steiner

Following up on some privacy leaks that we looked into a while back, there are now official Debian Tor Onion Services for getting software packages and security updates, thanks to the Debian Sys Admin team. This is important for high risk use cases like TAILS covers, but also it is useful to make it more difficult to do some kinds of targeted attacks against high-security servers. The default Debian and Ubuntu package servers use plain HTTP with unencrypted connections. [Read More]
anonymity  debian  distribution  howto  metadata  privacy  security  tor  tor hidden service  tor onion service 

How to Migrate Your Android App’s Signing Key

 Posted on December 29, 2015  |  Abel Luck

It is time to update to a stronger signing key for your Android app! The old default RSA 1024-bit key is weak and officially deprecated. What? The Android OS requires that every application installed be signed by a digital key. The purpose behind this signature is to identify the author of the application, allow this author and this author alone to make updates to the app, as well as provide a mechanism to establish inter-application trust. [Read More]
Android  bazaar  encryption  F-Droid  fdroid  howto  identity  rsa  security  signing key  TrustedIntents 

Reducing metadata leakage from software updates

 Posted on October 16, 2014  |  Hans-Christoph Steiner

Update: now you can do this with Tor Onion Services Many software update systems use code signing to ensure that only the correct software is downloaded and installed, and to prevent the code from being altered. This is an effective way to prevent the code from being modified, and because of that, software update systems often use plain, unencrypted HTTP connections for downloading code updates. That means that the metadata of what packages a machine has installed is available in plain text for any network observer, from someone sitting on the same public WiFi as you, to state actors with full network observation capabilities. [Read More]
anonymity  bazaar  debian  distribution  encryption  gnu/linux  howto  https  linux  ssl  tails  tor  ubuntu 

Security in a thumb drive: the promise and pain of hardware security modules, take one!

 Posted on March 28, 2014  |  Hans-Christoph Steiner

Hardware Security Modules (aka Smartcards, chipcards, etc) provide a secure way to store and use cryptographic keys, while actually making the whole process a bit easier. In theory, one USB thumb drive like thing could manage all of the crypto keys you use in a way that makes them much harder to steal. That is the promise. The reality is that the world of Hardware Security Modules (HSMs) is a massive, scary minefield of endless technical gotchas, byzantine standards (PKCS#11! [Read More]
Android  ant  bazaar  encryption  hardware  howto  hsm  identity  jarsigner  keytool  openssl  smartcard 

Tweaking HTTPS for Better Security

 Posted on February 12, 2014  |  Hans-Christoph Steiner

The HTTPS protocol is based on TLS and SSL, which are standard ways to negotiate encrypted connections. There is a lot of complexity in the protocols and lots of config options, but luckily most of the config options can be ignored since the defaults are fine. But there are some things worth tweaking to ensure that as many connections as possible are using reliable encryption ciphers while providing forward secrecy. A connection with forward secrecy provides protection to past transactions even if the server’s HTTPS private key/certificate is stolen or compromised. [Read More]
Apache  bazaar  encryption  howto  https  nginx  security  ssl  tls 

Getting keys into your keyring with Gnu Privacy Guard for Android

 Posted on December 6, 2013  |  Hans-Christoph Steiner

Now that you can have a full GnuPG on your Android device with Gnu Privacy Guard for Android, the next step is getting keys you need onto your device and included in Gnu Privacy Guard. We have tried to make it as easy as possible without compromising privacy, and have implemented a few approaches, while working on others. There are a few ways to get this done right now. Gnu Privacy Guard registered itself with Android as a handler of all the standard OpenPGP MIME types (application/pgp-keys, application/pgp-encrypted, application/pgp-signature), as well as all of the OpenPGP and GnuPG file extensions (. [Read More]
Android  encryption  gnupg  gpg  howto  identity  open source  openpgp  pgp  privacy  psst  security 

Setting up your own app store with F-Droid

 Posted on November 5, 2013  |  Hans-Christoph Steiner

(_This blog post as now been cooked into an updated HOWTO_) The Google Play Store for Android is not available in all parts of the world, US law restricts its use in certain countries like Iran, and many countries block access to the Play Store, like China. Also, the Google Play Store tracks all user actions, reporting back to Google what apps have been installed and also run on the phone. [Read More]
Android  bazaar  debian  distribution  F-Droid  fdroid  free software  howto  mobile  open source  privacy  ubuntu 

The Only Way to Visit Strongbox on a Phone

 Posted on May 16, 2013  |  mark

The New Yorker magazine just launched Strongbox, a whistleblower submission system that’s hosted on a hidden website. There’s only one way to access the hidden site on a phone or tablet, and that’s with our Orweb app. Here’s a simple breakdown of how to do securely and anonymously blow the whistle, explained in an interactive tutorial: Visit guardianproject.info/howto/strongbox for an interactive tutorial on using Strongbox on your phone. The website exists as a hidden site on what is widely known as the darknet, since you are going there hidden or “in the dark. [Read More]
Android  darknet  howto  journalism  magazine  onion browser  orbot  orweb  phone  privacy  proxy  security  strongbox  tablet  the new yorker  tor  tutorial  wikileaks 

Security Awareness Party

 Posted on April 26, 2013  |  mark

In the security world, there’s a pesky belief that a tool can either be secure or easy to use, but not both. Some experts also argue that training people to be safe online is too hard and doesn’t accomplish much (see Bruce Schneier’s recent post Security Awareness Training). Without a thoughtful approach, that’s usually how it plays out. But it doesn’t have to be that way! We’re committed to making online security fun to learn and fun to use, and we’re launching a new series of interactive tutorials to make it happen. [Read More]
censorship  circumvention  education  gibberbot  guardian project  howto  obfsproxy  obfuscation  onion  proxy  tor  torproject  tutorial