Assistant
REPLY |
Questions about security, privacy and anonymity on the network and under the android | [technoblabla] general security, privacy and anonymity issues |
Message#1 22.01.19, 21:56 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | Questions about security, privacy and anonymity on the network and under the android
Since there are enough different topics for discussing software for Android security, private and anonymous surfing, but discussing general security, privacy and anonymity issues in them is increasingly considered offtopic, I think it makes sense to create a separate topic for this popular topic, where you can all these topics are free to speak and ask. So you are welcome! Safety Since many tips and tools in the subject require superuser (root) rights, you should follow certain safety guidelines: 1. Try to do all the actions consciously, having previously studied the relevant materials and clarifying incomprehensible moments. 2. Make as many backups as possible. They can be done both with the help of custom recovery (TWRP, CWM, PhilZ Touch, Carliv, etc.), and with the help of applications that can backup all the firmware, as well as individual applications and data. Relevant applications can be found in the section: Software ->Backup. Accordingly, it is worth taking care of safe storage of the created backups. About security, all and different Four Horsemen Infocalypse Which apps and tools actually keep your messages safe? Protection of confidential data and anonymity on the Internet PDF prism-break- protection from global surveillance systems such as SORM, PRISM, XKeyscore and TemporaGithub Guardian Project https://privacytools.io/- encryption against global mass surveillanceGithub SECURITY IN-A-BOX- tools and tactics for digital security GitHub - ValdikSS / awesome-anti-censorship: curated list of open-source anti-censorship tools danoctavian / awesome-anti-censorship: curated list of open-source anti-censorship tools GitHub - StreisandEffect / streisand- Wiring, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, Sslh, Stunnel, and a Tor bridge. It also generates custom instructions for all of these services. You can be shared with friends, family members, and fellow activists. sovereign / sovereign: email, calendar, contacts, file sync, IRC bouncer, VPN, and more. https://ssd.eff.org/- Tips, Tools and How-tos for Safer Online Communications How to protect Android: 10 tips for maximum security PDF Mission Impossible: Hardening Android for Security and Privacy PDF eBlocker- hardware and software platform De-Googling my phone · Martin Pitt nomoregoogle.com - a fresh collection of alternatives to the services of the technology giant Project SAFE "I have nothing to hide" Big data The battle for data: what wars are brewing for new oil PDF Epub The bank is hunting you Who merges the business of banks Our personal data is worth nothing. China Big Brother 2.0. How China builds digital dictatorship China has built a police state of the future in Xinjiang Province. "I am a third-class citizen." How smartphones help build a new class society based on loyalty I and the score: second-rate people will appear in China - Russia is next in line According to rumors, Google search engine censored for China is tied to the user's phone number - ITC.ua Russian Federation Scripts Social networks Facebook In contact with Information Security Information Security - Wikipedia Personal Data Protection - Wikipedia OPSEC for Linux users, developers and administrators The basic model of threats to the security of personal data when they are processed in personal data information systems Internet counterintelligence in action: create a personal information security management system Information technology social hacking The art of "teaching protection of information" ... while giving a ton of good-will and non-speaking words PDF DLP Massachusetts Institute of Technology. Lecture course # 6.858. "Security of computer systems." Nikolai Zeldovich, James Mykens. year 2014 MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 1 MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 2 MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 3 MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 1 MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 2 MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 3 MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 1 MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 2 MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 3 MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 1 MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 2 MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 3 MIT course "Computer Systems Security". Lecture 5: "Where Security Errors Come From", Part 1 MIT course "Computer Systems Security". Lecture 5: "Where Security Errors Come From", Part 2 MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 1 MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 2 MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 3 MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 1 MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 2 MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 3 MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 1 MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 2 MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 3 MIT course "Computer Systems Security". Lecture 9: "Web application security", part 1 MIT course "Computer Systems Security". Lecture 9: "Web Application Security", part 2 MIT course "Computer Systems Security". Lecture 9: "Web Application Security", part 3 MIT course "Computer Systems Security". Lecture 10: "Symbolic execution", part 1 MIT course "Computer Systems Security". Lecture 10: "Symbolic execution", part 2 MIT course "Computer Systems Security". Lecture 10: "Symbolic Execution", part 3 MIT course "Computer Systems Security". Lecture 11: “Ur / Web programming language”, part 1 MIT course "Computer Systems Security". Lecture 11: “Ur / Web programming language”, part 2 MIT course "Computer Systems Security". Lecture 11: "Ur / Web programming language", part 3 MIT course "Computer Systems Security". Lecture 12: "Network Security", part 1 MIT course "Computer Systems Security". Lecture 12: "Network Security", part 2 MIT course "Computer Systems Security". Lecture 12: "Network Security", part 3 MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 1 MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 2 MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 3 MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 1 MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 2 MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 3 MIT course "Computer Systems Security". Lecture 15: "Medical software", part 1 MIT course "Security of computer systems". Lecture 15: "Medical software", part 2 MIT course "Security of computer systems". Lecture 15: "Medical software", part 3 MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 1 MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 2 MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 3 MIT course "Security of computer systems". Lecture 17: User Authentication, Part 1 MIT course "Security of computer systems". Lecture 17: User Authentication, Part 2 MIT course "Security of computer systems". Lecture 17: User Authentication, Part 3 MIT course "Computer Systems Security". Lecture 18: "Private Internet Browsing", part 1 MIT course "Security of computer systems". Lecture 18: "Private Internet browsing", part 2 MIT course "Computer Systems Security". Lecture 18: "Private Internet Browsing", part 3 MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 1 (lecture from the creator of the Tor network) MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 2 (lecture from the creator of the Tor network) MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 3 (lecture from the creator of the Tor network) MIT course "Computer Systems Security". Lecture 20: "Security of mobile phones", part 1 MIT course "Computer Systems Security". Lecture 20: “Mobile Phone Security”, part 2 MIT course "Computer Systems Security". Lecture 20: "Mobile Phone Security", part 3 MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 1 MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 2 MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 3 MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 1 MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 2 MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 3 Online services Bitcoin VPN Auto removal Website archiving Mobile networks post office Free Webmail for Better Privacy List of Secure Email Providers that take privacy serious Cock.li https://cock.li/- service for mail and XMPP Dismail Disroot HideMyAss Kolab Now mailbox Mailinator Safe mail SCRYPTmail Checks APK Cloudflare IP Sip SSL / TLS Harmful miscellanea Leaks WebRTC Browser Data Devices Vulnerabilities Synchronization Social networks Storage Encryption Regulations ePrivacy Regulation GDPR Forum "Free Web" | Free internet is discussed in the topic. Amnesiagroup corner Benga1983 corner commandos98 DoberPC corner Corner of elenakawai Formobe corner Corner IcanTellstories JumpingJerry Corner Corner Ruiz_Av Tomin corner Wernow corner About potential threats (Post wernow # 51543260) On threat groups (Post wernow # 51550069) About open code (Post wernow # 51902449) Selling information (Post wernow # 52003733) About toolkit (Post wernow # 52015424) About providers in android (Post wernow # 52061764) On complete privacy and security (Post wernow # 53580616) About F-Droid, messengers and priorities (Post wernow # 59144989) About F-Droid and open source (Post wernow # 59151363) About Fingerprint (Post wernow # 61458449) About biometrics (Post wernow # 61564247) About wiretapping and protection from it (Post wernow # 62796218) On leaks and anonymous networks (Post wernow # 66632070) About file attributes (Post wernow # 66682128) About USSD (Post wernow # 66793981) How to take a dump via tcpdump (Post wernow # 66824767) About the causes of problems with modules Xposed (Post wernow # 67999793) On the priorities of threats (Post wernow # 68333815) About UID 1000 (The Post wernow # 68613246) On the interaction of DuckDuckGo and Yandex (Post wernow # 68635660) About DuckDuckGo Algorithms (Post wernow # 68655630) On the hardware protection device (Post wernow # 69275830) On the protection of the port microUSB (Post wernow # 69281156) About threats and liability (Post wernow # 69293509) About threats, fictional worlds and time (Post wernow # 69309907) On service traffic (Post wernow # 69566867) On the infrastructure Telegram (Post wernow # 70323319) About China (Post wernow # 73860971) About China (Post wernow # 73863824) About China (Post wernow # 73880680) About messengers (Post wernow # 73969101) About Antivirus (Post wernow # 74161934) About China (Post wernow # 74950096) About malware testing and emulators (Post wernow # 75074647) About Google Data Collection (Post wernow # 76081812) About repairing devices (Post wernow # 76537920) About inspections in China (Post wernow # 76539879) About device checks (Post wernow # 77754685) On digital capitalism (Post wernow # 78044951) About Telegram and the Future (Post wernow # 78053170) About the registration of instant messengers in the Russian Federation (Post wernow # 78739705) About famous cryptographers (Post wernow # 78739705) On anonymity (Post wernow # 78927918) About VPN (Post wernow # 79392952) On the set and disagreement (Post wernow # 79458293) On the hidden record and the legislation of the Russian Federation (Post wernow # 79511161) About microcopy and data protection (Post wernow # 79670518) About IMEI registration in the Russian Federation (Post wernow # 79852809) On the registration of IMEI in the Russian Federation (Post wernow # 79858616) About changing IMEI (Post wernow # 80654422) About bookmarks in chips (Post wernow # 80781651) About bookmarks in chips and checking them (Post wernow # 80786808) About bookmarks in chips (Post wernow # 80817610) About removing EXIF (Post wernow # 80944444) Analysis of EXIF (Post wernow # 80973859) yhnyhn11 Software Compatibility Test Suite (CTS) GApps microG GmsCore is a FLOSS framework- framework for replacing original Google Play services NanoDroid- implementation of Play Services Core (open source) NOGAPPS Project / d / gapps- program to remove / disable Gapps (open source) GSM Android IMSI-Catcher Detector- identifies fake base stations (IMSI-Catcher) in GSM / UMTS networks (open source) ®Darshak- helps to detect "silent" sms, signs of phone tapping, lack of communication encryption on Samsung Galaxy S3 (GT I9300) (open source) EAGLE Security- protection against listening in the form of determining false base stations and blocking access of applications to the camera and microphone (closed source code) Network cell info- shows the location of cells on the map and measures the signal strength of the serving cell and neighboring cells (closed source code) ®SnoopSnitch- makes a map of attacks on devices with a Qualcomm chip (open source) Hips Binderfilter Binderfilter- IPC Binder call control system in the core (open source) Picky - an application for managing BinderFilter filters (open source) Commandos98 corner Donkeyguard Donkeyguard- Xposed-module allows you to block access of applications to personal data (open source) Protect My Privacy Protect My Privacy- Xposed module for managing application permissions (closed source) Post Whitestar # 68400078 Xprivacy Xprivacy- Xposed-module that allows you to prevent the leakage of your personal data through the application, control it or replace it to choose from (open source) XPrivacyLua XPrivacyLua- Xposed-module for Marshmallow +, which allows you to prevent the leakage of your personal data through applications, control it or replace it with a choice (open source) XPrivacyLua Official Site XPrivacyLua repo Frequently Asked Questions Comparison with XPrivacy Sensors Sensor Disabler- Xposed-module that allows you to disable and change the values for all sensors available in the device (open source) Camera Camera block- temporarily disables and blocks all camera resources and denies access to the camera for other applications (closed source code) Disable at the kernel level (Post Dementy000 # 79737060) Microphone Mic block- temporarily disables and blocks access to the microphone for other applications (closed source code) Microphone Guard Plus- protection against listening Ultrasound SoniControl- protection against tracking by ultrasounds (closed source code) Ultrasound-firewall for mobile phones | EurekAlert! Science News “Inaudible frequencies”: a firewall blocking ultrasonic cookies appeared / VAS Experts / Habr blog Kernel / Shell Busybox ®BusyBox- BusyBox installer for Android (open source) ® BusyBox- application to install BusyBox (open source) BusyBox Install (No Root)- install BusyBox on devices without root (closed source code) ®Busybox On Rails- installs BusyBox on the device, and also updates it to the current version (open source) Entware Logcat Disconnect ®Stop Log (Root)- disable logcat (closed source) Through the script (Post tweed_man # 70345323) Through build.prop (Post Capush0n # 70345651) Root ® Dianxinos SU- Root access control (closed source) ®Magisk - The Universal Systemless Interface- a utility that allows you to install various system applications and mods in systemless mode and hide the root from any applications and services (open source) ® SuperSU- Advanced access control for superuser rights to applications on the device that require root (closed source code) ® Superuser- a program for managing ROOT rights (open source) ® Superuser- superuser rights management (open source) Superuser- superuser rights management (open source) ®Superuser X (L)- root-access for applications without intermediaries (closed source code) Concealment Rootcloak- Xposed-module that allows you to hide the presence of root for applications (open source) ®suhide- suhide utility allows you to hide the presence of ROOT on your Android device (open source) SELinux SELinuxModeChanger- change SELinux mode Terminal Android Terminal Emulator- terminal emulator (open source) Termux- terminal emulator with an extensive collection of Linux packages (open source) Launcher AppAsLauncher- allows you to select any third-party program as a launcher (closed source code) T-UI F-Droid- launcher with terminal (open source) Linux Linux for tablet BOCHS for Android- OS launch for x86 Complete Linux Installer- we install Linux on Android Debian noroot- debian emulator GNURoot- installation on Android Wheezy, Gentoo, Fedora or Aboriginal without root rights (open source) GNURoot Debian- launch Debian on Android devices (open source) ® Linux Deploy- automate the process of installing, configuring and running GNU / Linux distributions on the Android platform inside the chroot container (open source) ® Linux Installer- Installing Debian / Ubuntu on Android devices PureOS QEMU for Android- starts any OS in the img and iso image XServer XSDL- X server for Android, which allows displaying Linux graphic applications running on an external computer or installed in the chroot Android device Replacing Android on the desktop distribution Recovery update-script Android Script Creator- a program for creating scripts (update.zip) Update Script Generate- program for creating updater-script (update.zip) based on boot.img and system.img for any processor in which it is possible to flash system images in img format (ext2, ext3, ext4) SafetyNet Sip Ostel Setup (Post ANPolter # 47912222) CSipSimple- functional SIP client (open source) Linphone Video- Internet phone using VoIP (open source) SMS / MMS Image SMS- sending image via SMS (open source) Encryption Dark SMS- exchange of encrypted SMS messages, the ability to password protect SMS messages on the phone (closed source code) Silence- SMS / MMS application that supports encryption (open source) The wall- application for sending and receiving SMS messages encrypted with the AES algorithm (closed source code) Tts SVOX Classic Text To Speech Engine- reading text with voice for other applications Webview Android System WebView- Android WebView system component is based on Chrome technology and allows you to view web content in applications Bromite Bromite- WebView implementation without WebRTC and protected from some other digital fingerprints (open source) SystemWebView releases Installing SystemWebView Automators Easer ®Easer F-Droid- automation of actions on events (connection to WiFi, Bluetooth, on time, location) (open source) Tasker Tasker- advanced scheduler, allows for different events to produce actions (closed source code) Use Tasker to the fullest. Android scripting with Tasker and Autotools: protection of programs with a fingerprint, text recognition and hidden tweaks USB Blocking domains and ads ® AdAway- ad blocker with white and black lists support (open source) Adblocker reborn Adblocker reborn- Xposed-module, blocks AdView, AdActivity, receivers, services, WebView and Hosts, while not touching the hosts file itself and does not conflict with the blockers that use it (open source) DNS6- allows you to block hosts via DNS through a local VPN service (open source) ® MinMinGuard- Xposed-module for blocking ads inside applications (open source) PeerBlock For Android- Xposed-module that allows you to block hosts and DNS (open source) Silent- Xposed ad-blocking module (closed source) UnbelovedHosts- Xposed-module, blocking calls to domain names that distribute advertising (closed source code) Browsers Chromium Brave Browser Brave: Fast AdBlock- Chromium-based web browser with built-in AdBlock, tracking protection and security system (open source) Bromite Firefox Firefox- a browser from the developers of Mozilla (open source) Firefox focus- Mozilla browser with automatic blocking of a wide range of online trackers (open source) F-Droid Firefox GOST- Firefox fork with Russian cryptography support Icecatmobile Icecatmobile- fork of Firefox browser that meets the requirements of completely free software (open source) Librefox Waterfox Waterfox browser- browser on the engine Gecko, which continues to support the "obsolete" according to the new Mozilla policy additionsopen source) Waterfox - The free, open and private browser Waterfox - Wikipedia Add-ons Adnauseam Adnauseam- various protection against ad networks Google offends the little ones! Internet monster - against professor, programmer and artist anonymoX anonymoX- ensuring anonymity, IP address spoofing About the features of anonymoX (Post tweed_man # 81169791) Bluhell firewall- restriction of advertising and redirects CanvasBlocker- prohibition of browser fingerprint identification Certainly Something (Certificate Viewer)- view certificates Certificate Patrol- certificate management CheckMyHTTPS- verification of the certificate of the secure connection (open source) Decentraleyes- protection against tracking through centralized CDN Easy image blocker- image loading control HTTP UserAgent cleaner- increased privacy (randomly replacing the UserAgent, canvas, locale fields, blocking WebRTC, etc.), blocking ajax and requests to third-party sites and unnecessary cookies, security assessment https (TLS) connections, phishing protection HTTPS Everywhere- replacement in addresseshttp: //onhttps: // Mobile Password Manager- view and edit saved passwords NoScript- blocking scripts and plug-ins, protection against XSS and Clickjacking attacks Onion Browser Button- connect to Tor in one click Phony- substitution of User Agent Random Agent Spoofer- change profiles at a specified time interval RequestPolicy Continued- control of cross-domain requests Save / Load Prefs- export and import of Firefox settings Self-Destructing Cookies- automatic cleaning Cookies and LocalStorage Speed Tweaks (SpeedyFox)- setting preferences for browser acceleration Spoof Timezone- time zone change Third-party Request Blocker (AMO)- blocking requests to third-party resources uMatrix- firewall with blocking of scripts, frames, etc. User-Agent Switcher- change User-Agent wow-dpi- bypass Russian blocking without the need to use proxy, Tor, etc. F (L) OSS Browser Privacy browser Tor Fire.onion (Browser + Tor)- anonymous web browser (open source) Orfox Tor browser TORnado (Browser + TOR)- anonymous web browser (closed source) Notes Note Crypt Pro- creation of encrypted (AES 128 bits, CBC, PKCS5Padding, random IV, PBKDF2WithHmacSHA1) tag database with support for tags (open source) Swift notes- work with text files, encryption, setting a password, sending (closed source code) Calls Lock Root Call SMS Manager- manager of blocking incoming and outgoing calls and SMS (closed source code) Calendars Calendar Calendar F-Droid- simple calendar with additional CalDAV synchronization, recurring events and reminders (open source) Business calendar- functional calendar (closed source code) Cameras Bacon camera- camera with manual settings for devices that do not support Camera2Api (closed source code) Open camera- multifunctional camera (open source) Simple camera- multifunctional camera (open source) Cards Graphhopper Keyboards The best keyboard for Android -savagemessiahzine.com AnySoftKeyboard Hacker's Keyboard Hacker's Keyboard- A full 5-row keyboard with Tab / Esc / Ctrl keys with a separate number block (open source) Jbak keyboard Jbak keyboard- a beautiful and fast keyboard with a bunch of settings and features ( Jbak2 keyboard Jbak2 keyboard- a safe professional beautiful and fast keyboard, with a bunch of settings and features, without access to the Internet (open source) Multiling O Keyboard Multiling O Keyboard + emoji- multifunctional and customizable keyboard (closed source code) About possible leaks when using the prediction of words (Post tweed_man # 68347962) Simple keyboard Contacts Open contacts- creation and use of a separate contact database (open source) SA Contacts- export phonebook contacts to Excel and vice versa (closed source code) Save contacts to txt- allows you to save selected contacts downloaded from the phone book as a text file in TXT format, which can be sent by email (closed source code) Simple contacts- creation and use of a separate contact database (open source) VCF VCF Contacts VCF Contacts- opens .vcf files in the form of a phone book and allows you to add, delete, edit contacts, make calls (closed source code) On the potential leak (Lent okomand # 69542431) Messengers Messenger Comparison - Wikipedia Comparison of instant messengers - Wikreality Comparison of instant messaging clients - Wikipedia Comparison of LAN messengers - Wikipedia Digital Communications Protocols SECURE MESSAGING APPS COMPARISON Tails - mobile messaging True Private Messaging: 7 Apps to Encrypt Your Chats PDF Crypto-resistant androids. Why encryption in Signal, WhatsApp, Telegram and Viber will not protect your correspondence from hacking PDF Encrypt correctly! Why messengers do not protect the secret of your correspondence Encrypt correctly! Choose an instant messenger for secure and private correspondence. Encrypt correctly! Choose an instant messenger for secure and private correspondence. Actor Actor- centralized messenger (there is an email registration) based on the MTProto v2 protocol (open source) Bitseal Bitseal- decentralized transmission of encrypted messages to another subscriber or many subscribers (open source) Bleep Bleep (alpha)- decentralized messenger (there is a registration by email or anonymously) (closed source code) Briar Briar- messenger that works on the basis of secure Tor networks, as well as Wi-Fi and Bluetooth (open source) Briar Beta - Open Source - News Briar - Darknet Messenger ... Or Good News From The Dark Dungeon Mesh Networks Chat.onion Delta chat Delta chat- centralized instant messenger with end-to-end encryption using the selected mail domain as the server (open source) Delta chat Delta makes chatting better Contribute Dib2Qm Eleet Eleet Private Messenger- private messenger (registration by phone number or anonymously) (closed source code) Choosing a secure messenger for android devices: Eleet Private Messenger Jitsi Jitsi - Wikipedia- Internet telephony and instant messaging system Jitsi (open source) Jitsi meet (open source) Jingle Kontalk Nextcloud talk Nextcloud talk- the extension of the Nextcloud platform, allowing you to make protected audio and video calls, as well as exchange text messages (open source) Nextcloud talk QuickMSG RetroShare Ring Ring- decentralized messenger with e2e encryption (anonymous registration) (open source) Ring (program) - Wikipedia Riot Safeum Safeum- encrypted multimedia messenger (there is an email registration) (closed source code) Signalal Signal private messenger- client-server messenger (registration by phone number) (open source) Snowden advertises Signal. What for? OpenNews: Introduced attack method for WhatsApp and Signal group chat OpenNews: Vulnerabilities in Signal Desktop and Electron Platform Desktop Signal saves cleartext history and encryption keys Silent phone Silent phone- paid instant messenger (anonymous registration) with encryption of audio and video calls and text messages (open source) Signal-Server source code Surespot Surespot- client-server instant messenger (anonymous registration) for secure exchange of text messages, photos and voice notes for up to 10 seconds (open source) Has secure IM app Surespot been compromised by the feds? Telegram Telegram F-Droid- client-server messenger (registration by phone number) based on the MTProto protocol (open source client, closed source server code) Plus Messenger- unofficial client for Telegram (open source client) MTProto - Wikipedia Documentation Telegram Open Network (TON) Security issues Telegram Callback to Telegram developers Is Telegram Safe? Or as I was looking for a bookmark in MTProto Potential Android Telegram Vulnerability Telegram attack for 2 ^ 64 operations, and why the supervillain doesn't need it About the intricacies of privacy in the Telegram Bots API: "this is not a bug, this is a feature" Why two-factor authentication in Telegram does not work How to hack Telegram and WhatsApp: special services are not needed Telegram entered in the register of information dissemination organizers Telegram itself adds someone else's contacts? This is the norm Telegram will ask for a passport Why Telegram Passport is No End to End Vulnerability in Telegram can compromise secret chats. We reveal the numbers of Telegram users Telegram messenger merges metadata to everyone Telegram was unsafe Iranian company intercepted all Telegram traffic Telegram accused of storing messages in unencrypted form Telegram will still share user data with special services. "Media Factory" Eugene Prigogine constantly talks about the vulnerability of the telegram. Is it all scary? Telegram Security Analysis PDF Telegram, AKA “Stand back, we have Math PhDs!” About the "safest" telegram Comparison with Signal (Post neonedrid # 73388860) About location tracking (Post Aeronliru # 68454877) Company Threema Threema- client-server messenger (there is an anonymous registration) with (according to the developers) a serious level of security (closed source code) Frequently asked questions - Threema Threema Encryption Validation - Threema Transparency Report - Threema A look into the Mobile Messaging Black Box The Threema messenger was the first of the foreign services to be entered by the Roskomnadzor in the Register of information dissemination organizers. Threema Swiss Messenger has denied cooperation with the Russian authorities How does the registration of messengers in Roskomnadzor on the example of Threema Tox Antox- decentralized messenger (anonymous registration) for confidential communication (open source) TRIfA- tox client in active development (open source) Whatsapp Wire Wire- secure client-server messenger (there is a registration by email) for communication and conferences (OTR, SRTP, WebRTC, Opus) (open source) Wire back-end services Wire server code now 100% open source - the journey continues Wire’s independent security review WIRE CRYPTOGRAPHY AUDIT (WITH X41 D-SEC) PDF Tina Membe Wire’s Certificate Validation Vulnerability - Tina Membe XMPP Chatsecure Conversations- XMPP client with encryption support and Android HIG design (open source) Freelab messenger- XMPP client, fork Conversations (closed source) IM + All-in-One Mobile Messenger- supports all popular instant messaging services: Facebook, ICQ, VKontakte, Mail.Ru Agent, Classmates. Gadu-Gadu, RenRen, mig33, SINA Weibo, Fetion and Jabber (closed source) Jasmine im- IM client for quick and easy communication, ICQ, QIP, VK, Jabber, etc. (closed source) Pix-Art Messenger F-Droid- fork of a well-known XMPP Conversations client with additional features (open source) Sj im- XMPP client that supports automatic encryption of PGP (OTR) messages (closed source code) Zom Mobile Messenger- XMPP client, focused on simplicity and security (open source) Xabber- universal Jabber client (open source) Location Location Spoofer Location Spoofer- location substitution for applications How to change your location for any Android application Cleaning Andro shredder- permanently delete files and SMS (closed source code) File shredder- utility for permanently deleting files (closed source code) IShredder 3- permanently delete files, photos, sms, contacts (closed source code) ® SD Maid - System Cleaning- cleaning "tails" for remote applications (closed source) Undeleter- permanently delete files of some types (closed source code) shell Passwords bitwarden Keepass Keepass2Android Keepass2Android- password manager (open source) AutoFill plugin- plugin for auto-complete (open source) KeePassDroid- password manager (open source) Password store SealNote Secure Encrypted Note SuperGenPass SuperGenPass- Bookmarklet to generate unique passwords for Internet sites (open source) SuperGenPass: Complete and final solution to the problem of Internet passwords Payment systems Bitcoin post office Fairmail K-9 p≡p pretty easy privacy p≡p F-Droid- mail client with OpenPGP, key exchange via p2p, key import from other clients (open source) Protonmail ProtonMail - Encrypted Email- Email web service with encryption support (open source web version) ProtonMail IMAP / SMTP Bridge- ProtonMail integration with any programs that support IMAP and SMTP TempMail TempMail- creation of temporary mailboxes on the site temp-mail.ru (closed source code) Tutanota Tutanota- Email web service with encryption support (open source) Backup Helium- backup and synchronization, the ability to work without root using the desktop client ®oandbackup- create backup copies of applications with data (open source) ® Titanium Backup- backup applications and user data Nandroid Nandroid Browser- extract and use separate files from nandroid backup ® Nandroid Manager- allows you to view, explore and edit your Nandroid backups Online Nandroid Backup * root- makes CWM / TWRP compatible backup without loading into recovery ® Orange Backup- a program to create compatible with CWM and TWRP backups and synchronization with the cloud Repositories App & Gamesavagemessiahzine.com- view and check for updates of applications and games laid out onsavagemessiahzine.com APKPure App- alternative application market Aptoide- client-server application of an alternative market APKUpdater- can check for updates for programs on popular alternative services APKMirror and APKPure (open source) Aurora Store Aurora Store- search and download programs from the Google Play Store without the Google Services Framework, fork of the Yalp Store (open source) Blackmart- alternative to applanet and the like F-Droid Open store- the application allows developers to create their own repositories with applications for Android Yalp Store Yalp Store- search and download programs from the Google Play Store without the Google Services Framework (open source) Network Ad-hoc / Mesh Android Intercom- calls via bluetooth and Wi-Fi in the local network Anyfi Anyfi- mesh network of devices via Wi-Fi Gilga Serval mesh Wi-Fi talkie- voice chat, chat and file sharing without the Internet within the Wi-Fi network MAC ® Change My MAC- change the MAC address of your Android device (closed source) ® Pry-Fi- change the MAC address of your device (closed source code) ®Wireless Mac Address Changer- changes the MAC address of the device to any other and restores the original back (closed source code) DNS AndroDNS F-Droid- configure DNS queries (open source) Daedalus- change DNS settings via VPN tunnel (open source) DNS man- change DNS for selected Wi-Fi networks (open source) ®Override DNS- DNS change with built-in list of servers (closed source code) Cloudflare 1.1.1.1 1.1.1.1: Faster & Safer Internet- use DNS Over TLS or DNS Over HTTPS (closed source) DNS Over TLS & Over HTTPS now on iOS / Android and for all networks at once DNSCrypt Tunneling iodine- binary files for tunneling through a DNS server (open source) AndIodine- tunneling through a DNS server using VPN Api (open source) Element53 (DNS Tunnel)- tunneling through a DNS server (open source) i2p i2p- access to the anonymous I2P network OONI ooniprobe- a global observation network client for detecting censorship and traffic manipulation on the Internet (open source) Proxy Privoxy ProxyDroid Shadowsocks Ssh Tor Orbot Orbot- the ability to use the Tor network for anonymous surfing (open source) How to set up Tor in Android - turn on Orbot orWall VNC VMLite VNC Server- control of the Android device through the browser VPN The Best VPN Services Bitmask Openvpn Open VPN Connect OpenVPN Client OpenVPN Client- a client with rich capabilities (for example, with a painless TAP connection option without root) for connecting to OpenVPN (closed source code) VPN Client Pro- a client with rich capabilities (for example, with a painless TAP connection option without root) for connecting to a VPN (closed source code) OpenVPN for Android Outline Wireguard WebRTC AtrizA Conference- WebRTC based conferences UniComm- private p2p communications based on WebRTC (open source) Zyptonite Zyptonite- secure decentralized p2p platform Wi-Fi ®fqrouter2- turning the smartphone into a wi-fi repeater and not only ® WiFi TX power- WiFi power control Wi-Fi Direct NearShare- communication and file transfer via WiFi Direct SuperBeam | WiFi Direct Share- wireless data transfer directly between devices (including using WiFi Direct technology) Wi-Fi cast- transfer files via Wi-Fi using the access point built into the phone (without an external Wi-Fi router) WiFi Shoot! WiFi Direct- wireless data transfer directly between devices (WiFi Direct technology) Protection ®ARP guard- traffic interception / redirection protection ® Wifi Protector- detection and prevention of ARP attacks on your phone in Wi-Fi networks Wi-Fi Privacy Police- prevents connection to unknown networks and sending a list of known networks (open source) Monitoring Connection list- View all available TCP device connections Network connections- monitoring of incoming / outgoing connections ®Network Log- monitoring network connections Tinny network monitor- monitor network connection Pentesting Pentesting ®Andrax - Don't be evil but be a CRACKER!- integrated solution for pentesting (open source) ANDRAX Documentation ®AndroDumpper (WPS Connect)- check Wi-Fi router vulnerabilities ® bitShark- traffic sniffer ®CSploit- penetration testing (hacking) in a Wi-Fi network ® DroidSheep- scanning and interception of web sessions (profiles) ® DroidSniff- allows you to scan and intercept web sessions of users sitting under one wifi ® dSploit- an application for analyzing and assessing network security, searching for known vulnerabilities, real-time traffic manipulation, spoofing ® FaceNiff- scanning and interception of Internet sessions ® Intercepter-NG (ROOT)- multifunctional network sniffer iwscan Analyzer [ROOT]- analyzer of networks 802.11 a / b / g / n / ac, Bluetooth, LTE, WCDMA, GSM ®Netcut- allows you to automatically scan the network, receive data about connected devices and, if necessary, disable them @Network Spoofer- sniffer ®Network utilites (Test version)- a set of tools to work with the network, as well as intercept / monitor / redirect traffic within your network Packet capture- allows you to intercept network traffic with SSL decryption ®Packet Sniffer- viewing and analyzing packages Proxymon SSL [ROOT]- debugger of open and secure TCP connections at the data level В® Reaver-GUI for Android- hacking wifi from devices with bcm4329 / 4330 wifi chipset Router keygen- key generator for wi-fi routers ® Shark for Root + Shark Reader- traffic sniffer and view dumps in .pcap format SSLUnpinning- Xposed-module that allows you to make the substitution of certificates in applications (open source) ® Wi.cap. Network sniffer- package sniffer for ROOT devices WIBR + WIfi BRuteforce hack- generation of WEP / WPA / WPA2 keys to all Wi-Fi point ®WIFI WPS WPA TESTER (ROOT)- attempt to connect to some access points using known vulnerabilities ®WifiAccess WPS WPA WPA2- check Wi-Fi router vulnerabilities ® WiFiKill- disable "extra" users of the WiFi network ®WiFree WPS- Wi-Fi hacking (WPS PIN + Router Keygen) ®WPS connect- connect to a wireless network using the WPS protocol ®zANTI- security assessment of Wi-Fi networks Social networks Diaspora Mastodon documentation / Apps.md at master · tootsuite / documentation- list of client applications Firewalls AFWall ® AFWall +- restriction of application access to the Internet (open source, fork DroidWall) FAQ · ukanth / afwall Wiki ® Android Firewall- firewall on Android (open source, fork DroidWall) ® DroidWall- restriction of application access to the Internet based on iptables (open source) Lightningwall- Xposed module, firewall for installed applications (closed source) Netguard- blocks access to applications (both user and system) access to the Internet (via wi-fi or mobile) without root (open source) NoRoot Firewall NoRoot Firewall- firewall that does not require root-rights (closed source code) Firewall for Android Signaling Car alarm Car alarm- determination of the alarm condition in the protected object using a microphone and / or accelerometer and signaling about it in various ways Haven Haven: Keep Watch- an application using various sensors (camera, microphone, gyroscope, accelerometer, light sensor) to record changes in the location of the device (open source) Snowden introduced a mobile application for protection from surveillance Edward Snowden has created a paranoid mobile app. Data synchronization BitTorrent Sync BitTorrent® Sync- allows you to synchronize your files between different devices (closed source) DAVdroid Folderseync Folderseync- cloud synchronization with support for various services and protocols (closed source) Syncthing Syncthing- application for distributed data synchronization (open source) Syncthing-silk- distributed synchronization of files between devices (open source) Cloud data storage Degoo 100 GB free space: Degoo- cloud file storage service (closed source code) MEGA MEGA- client for cloud Mega (closed source) Nextcloud ownCloud System Notifications Toast Xtoast- Xposed module for managing pop-up notifications (closed source) Runtime ART Checker- check runtime (closed source) Monitoring OS Monitor- system monitoring (open source) Simple system monitor- system monitor and task manager (closed source code) Substitution Android Device Changer- Xposed-module, which allows applications to change IMEI, Android Id, Serial Number, Wifi Mac, SSID, Google advertising id, Bluetooth Mac devices for applications (closed source code) Device faker- Xposed-module that allows you to change the device to make it look like another (closed source code) Device ID Masker- Xposed-module that allows you to replace many of the characteristics of the device (closed source code) Phone Id Changer Pro- Xposed module that allows applications to change IMEI, Android Id, Serial Number, Wifi Mac Address, SSID (closed source code) IMEI ®Chamelephon- IMEI change for devices on MediaTek 65XX processors (closed source) ®GhostPhone- IMEI change on MediaTek 65xx / 67xx processors (closed source code) IMEI Changer- Xposed-module that allows you to change the IMEI device (closed source code) Steganography Application Management LuckyPatcher ® LuckyPatcher by ChelpuS- application manager My Android Tools My Android Tools- disable / enable activity, service, receiver, provider for any applications (closed source code) Lists of disabled services / receivers / activites / providers for different applications Per App Hacking APK APK Editor ApkCrack (AETool) ApkCrack (AETool)- tool for editing apk-files Apktool Apktool- decompilation, recompilation, application signature MT Manager ® MT Manager- editing, translating, cloning, encrypting, signing and optimizing user and system (without installing frameworks) apk-files Windows Analysis Apk analyzer- allows you to explore applications on the device, providing a detailed report not only about installed programs, but also about uninstalled apk files App Detective- gives the most complete array of various data on the installed APK, including their contents and online analysis AppBrain Ad Detector- identification of potential problems of all applications installed on the device Exodus Inspeckage Mobile Security Framework- a platform for testing mobile applications (Android / iOS / Windows), fully automated and capable of performing static and dynamic data analysis, identifying potential problems of all applications installed on the device (open source) Frost Cloning App cloner- creation (without the presence of root) modified clones of some programs (closed source code) Sandboxes Island Island- execution of applications in the sandbox (closed source) Android: Island - a utility for isolating and freezing applications without root Shelter UserControl UserControl- execution of applications in the sandbox (closed source) VirtualXposed VirtualXposed- execution of applications in the sandbox with partial support for Xposed (open source) Permissions Android Permissions- shows the list of permissions of installed applications (open source) App Settings App Settings- Xposed-module for fine-tuning applications, including permission management (open source) v1.16 App Ops App Ops- disables selective permissions for selected applications (closed source code) Analysis of the work (Post xynta123 # 64938074) AppOpsX- client for Android AppOpsService (open source) App Ops - Permission manager- application permissions management (closed source) AppOpsXposed- Xposed-module, restoring the functionality of the App Ops system permission manager on Android 4.4.2 and higher (open source) Permission master- Xposed module for working with application permissions (closed source) APK Advanced permission manager- removal of permissions from apk (closed source) APK Permission Remover- removal of permissions from apk (closed source) Permission Manager (re-installer apps)- provision and prohibition of application rights by reinstalling them (closed source code) Hiding AppHider- hiding applications (closed source) Vulnerabilities BlueBorne Vulnerability Scanner by Armis- check device for BlueBorne vulnerability Bluebox Security Scanner- check device for the presence of Master-key vulnerabilities Stagefright Detector- device scan for Stagefright vulnerability Trustable by Bluebox- a tool for researching publicly known system vulnerabilities VTS for Android- a tool for researching publicly known system vulnerabilities Files Recovery ® DiskDigger- recovery of deleted pictures, photos, videos, saving recovered files and the ability to send them to the mail Dumpster - Recycle Bin- file basket ® Hexamob Recovery PRO- recover deleted files Undeleter- recovery of files deleted from SD-cards and internal memory Images Exif Exif_Editor- full EXIF editor ExifTool- viewing and editing the extended information of image files (closed source code) Photo editor- a program for high-quality photo processing (viewing, changing or deleting EXIF data) Photo exif editor- allows you to view, edit and delete Exif photo data Scrambled exif- removal of metadata from images (open source) Media Encryption Cryptography- encryption, training and hashing tool Cryptomator Beta (Unreleased)- encrypt files in cloud storage and access them on all your devices Derandom- prediction of pseudo-random numbers (open source) EDS EDS (Encrypted Data Store)- creation and management of encrypted containers TrueCrypt, VeraCrypt, LUKS, CyberSafe (closed source code) Android: Protecting personal data. EDS: Overview and usage example. Encfs ® Cryptonite- data encryption on the device and in Dropbox (open source) Encdroid- creation of encrypted folders on the device and in Dropbox MiXplorer ® EncPassChanger- change the password of the standard encryption section / data Luks ® LUKS Manager- creation and management of encrypted LUKS containers Midnight murmur Midnight murmur- encryption / decryption of files and text messages with a free design of the encryption procedure PGP APG APG- encryption standard OpenPGP (open source) What is the relationship between APG and OpenKeychain? K9 WITH APG FOR ANDROID ANDROID: APG Gnuprivacyguard Openkeychain Openkeychain- key manager according to the OpenPGP standard (open source) What is the relationship between APG and OpenKeychain? OpenKeychain instruction. OpenPGP PGP implementation on Android Oversec Oversec- transparent encryption and decryption of any text in any application (open source) Oversec is a utility that adds encryption support to any application. PGPTools PGPTools- simple PGP encryption, supports keys from computer How to encrypt chat on your smartphone and tablet using PGPTools PDF Secrecy S.S.E. Secret Space Encryptor (S.S.E Universal Encryption App)- encoder (AES, RC6, Serpent, Blowfish, Twofish, GOST-28147, Threefish (in Pro version), SHACAL-2 (in Pro version)) text and files, password manager (open source) Encrypted for Android: Application S.S.E Lock screens App Lock (HI App Lock)- an application to block and protect confidential information App Lock (Smart App Protector)- protects installed applications with a password or lock, and also prevents the screen from turning off and switching to landscape mode while applications are running from a user-defined list CyanLockScreen- Xposed module to expand the lock screen on 4x4, 5x5 and 6x6 pixels Cyclic Lock- Xposed-module for cycling PIN / password / pattern keys DroidLock: Dynamic Lockscreen- screen lock, where PIN can be time, battery charge, etc. ® GravityBox- Xposed-module with the ability to shuffle PIN numbers on the lock screen Knock Lock-App Lock Pro- functional customizable screen blocker Knock lock- allows you to select the lock area on the display to enable the "Knock Lock" feature Lockdown- blocking applications with various keys Lockmod- Xposed module for customizing the lock screen on Lollipop and above Maxlock- Xposed-module that allows you to block the launch of applications (open source) Picture Password Lockscreen- lock screen with support for drawing points, lines and circles PIN / Pattern Shortcuts- Xposed-module that allows you to open different applications with different PIN codes ScreenLock - Time Password- time based lock screen Shortcut Lock Screen Mod [MM]- Xposed module for setting lock screen shortcuts on Marshmallow Smart lock- protection of any installed applications with a password Smart lock screen- floating screen lock button Timepin- lock screen with PIN based on time Data Locker- clearing data after exceeding the maximum number of attempts to unlock the device Selfdestruction Unlocking- deleting folders on the memory card and clearing the device memory when the limit of incorrect attempts to unlock the screen comes (closed source code) Wrong pin shutdown- turning off the device when exceeding the limit of screen unlock attempts (open source) Energy saving Tips to improve power saving devices on Android OS Wakelock Wakelock detector- search for the cause of the device not falling asleep To place apk files and analyze executable files use the theme: Android: checking and analyzing executable files and other thoughts about it Option Caps TC There is no curator in the subject. For questions about filling the caps, write to the topic, contact the section moderators via the buttonunder the messages. How to do it right, what would you understand the first time, it is writtenhere. Post has been editedferhad.necef - 12.06.19, 12:54 Reason for editing: / d / gapps |
Message#4 01.05.15, 17:41 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | Security in android. Privacy and anonymity on the Internet. The original hat. Since there are enough different topics for discussing software for Android security, private and anonymous surfing, but discussing general security, privacy and anonymity issues in them is increasingly considered offtopic, I think it makes sense to create a separate topic for this popular topic, where you can all these topics are free to speak and ask. So you are welcome! Surveys
Discussion of the realities and future themes. Alternative versions of caps
Safety Since many tips and tools in the subject require superuser (root) rights, you should follow certain safety guidelines: 1. Try to do all the actions consciously, having previously studied the relevant materials and clarifying incomprehensible moments. 2. Make as many backups as possible. They can be done both with the help of custom recovery (TWRP, CWM, PhilZ Touch, Carliv, etc.), and with the help of applications that can backup all the firmware, as well as individual applications and data. Relevant applications can be found in the section: Software ->Backup. Accordingly, it is worth taking care of safe storage of the created backups. About security, all and different Four Horsemen Infocalypse Which apps and tools actually keep your messages safe? Protection of confidential data and anonymity on the Internet PDF prism-break- protection from global surveillance systems such as SORM, PRISM, XKeyscore and TemporaGithub Guardian Project https://privacytools.io/- encryption against global mass surveillanceGithub SECURITY IN-A-BOX- tools and tactics for digital security GitHub - ValdikSS / awesome-anti-censorship: curated list of open-source anti-censorship tools danoctavian / awesome-anti-censorship: curated list of open-source anti-censorship tools GitHub - StreisandEffect / streisand- Wiring, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, Sslh, Stunnel, and a Tor bridge. It also generates custom instructions for all of these services. You can be shared with friends, family members, and fellow activists. sovereign / sovereign: email, calendar, contacts, file sync, IRC bouncer, VPN, and more. https://ssd.eff.org/- Tips, Tools and How-tos for Safer Online Communications How to protect Android: 10 tips for maximum security PDF Mission Impossible: Hardening Android for Security and Privacy PDF eBlocker- hardware and software platform De-Googling my phone · Martin Pitt nomoregoogle.com - a fresh collection of alternatives to the services of the technology giant Project SAFE "I have nothing to hide" Big data The battle for data: what wars are brewing for new oil PDF Epub The bank is hunting you Who merges the business of banks Our personal data is worth nothing. China Big Brother 2.0. How China builds digital dictatorship China has built a police state of the future in Xinjiang Province. "I am a third-class citizen." How smartphones help build a new class society based on loyalty I and the score: second-rate people will appear in China - Russia is next in line According to rumors, Google search engine censored for China is tied to the user's phone number - ITC.ua Russian Federation Scripts Social networks Facebook In contact with Information Security Information Security - Wikipedia Personal Data Protection - Wikipedia OPSEC for Linux users, developers and administrators The basic model of threats to the security of personal data when they are processed in personal data information systems Internet counterintelligence in action: create a personal information security management system Information technology social hacking The art of "teaching protection of information" ... while giving a ton of good-will and non-speaking words PDF DLP Massachusetts Institute of Technology. Lecture course # 6.858. "Security of computer systems." Nikolai Zeldovich, James Mykens. year 2014 MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 1 MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 2 MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 3 MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 1 MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 2 MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 3 MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 1 MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 2 MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 3 MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 1 MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 2 MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 3 MIT course "Computer Systems Security". Lecture 5: "Where Security Errors Come From", Part 1 MIT course "Computer Systems Security". Lecture 5: "Where Security Errors Come From", Part 2 MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 1 MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 2 MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 3 MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 1 MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 2 MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 3 MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 1 MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 2 MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 3 MIT course "Computer Systems Security". Lecture 9: "Web application security", part 1 MIT course "Computer Systems Security". Lecture 9: "Web Application Security", part 2 MIT course "Computer Systems Security". Lecture 9: "Web Application Security", part 3 MIT course "Computer Systems Security". Lecture 10: "Symbolic execution", part 1 MIT course "Computer Systems Security". Lecture 10: "Symbolic execution", part 2 MIT course "Computer Systems Security". Lecture 10: "Symbolic Execution", part 3 MIT course "Computer Systems Security". Lecture 11: “Ur / Web programming language”, part 1 MIT course "Computer Systems Security". Lecture 11: “Ur / Web programming language”, part 2 MIT course "Computer Systems Security". Lecture 11: "Ur / Web programming language", part 3 MIT course "Computer Systems Security". Lecture 12: "Network Security", part 1 MIT course "Computer Systems Security". Lecture 12: "Network Security", part 2 MIT course "Computer Systems Security". Lecture 12: "Network Security", part 3 MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 1 MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 2 MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 3 MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 1 MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 2 MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 3 MIT course "Computer Systems Security". Lecture 15: "Medical software", part 1 MIT course "Security of computer systems". Lecture 15: "Medical software", part 2 MIT course "Security of computer systems". Lecture 15: "Medical software", part 3 MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 1 MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 2 MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 3 MIT course "Security of computer systems". Lecture 17: User Authentication, Part 1 MIT course "Security of computer systems". Lecture 17: User Authentication, Part 2 MIT course "Security of computer systems". Lecture 17: User Authentication, Part 3 MIT course "Computer Systems Security". Lecture 18: "Private Internet Browsing", part 1 MIT course "Security of computer systems". Lecture 18: "Private Internet browsing", part 2 MIT course "Computer Systems Security". Lecture 18: "Private Internet Browsing", part 3 MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 1 (lecture from the creator of the Tor network) MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 2 (lecture from the creator of the Tor network) MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 3 (lecture from the creator of the Tor network) MIT course "Computer Systems Security". Lecture 20: "Security of mobile phones", part 1 MIT course "Computer Systems Security". Lecture 20: “Mobile Phone Security”, part 2 MIT course "Computer Systems Security". Lecture 20: "Mobile Phone Security", part 3 MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 1 MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 2 MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 3 MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 1 MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 2 MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 3 Online services Bitcoin VPN Auto removal Website archiving Mobile networks post office Free Webmail for Better Privacy List of Secure Email Providers that take privacy serious Cock.li https://cock.li/- service for mail and XMPP Dismail Disroot HideMyAss Kolab Now mailbox Mailinator Safe mail SCRYPTmail Checks APK Cloudflare IP Sip SSL / TLS Harmful miscellanea Leaks WebRTC Browser Data Devices Vulnerabilities Synchronization Social networks Storage Encryption Regulations ePrivacy Regulation GDPR Forum "Free Web" | Free internet is discussed in the topic. Amnesiagroup corner Benga1983 corner commandos98 DoberPC corner Corner of elenakawai Formobe corner Corner IcanTellstories JumpingJerry Corner Corner Ruiz_Av Tomin corner Wernow corner About potential threats (Post wernow # 51543260) On threat groups (Post wernow # 51550069) About open code (Post wernow # 51902449) Selling information (Post wernow # 52003733) About toolkit (Post wernow # 52015424) About providers in android (Post wernow # 52061764) On complete privacy and security (Post wernow # 53580616) About F-Droid, messengers and priorities (Post wernow # 59144989) About F-Droid and open source (Post wernow # 59151363) About Fingerprint (Post wernow # 61458449) About biometrics (Post wernow # 61564247) About wiretapping and protection from it (Post wernow # 62796218) On leaks and anonymous networks (Post wernow # 66632070) About file attributes (Post wernow # 66682128) About USSD (Post wernow # 66793981) How to take a dump via tcpdump (Post wernow # 66824767) About the causes of problems with modules Xposed (Post wernow # 67999793) On the priorities of threats (Post wernow # 68333815) About UID 1000 (The Post wernow # 68613246) On the interaction of DuckDuckGo and Yandex (Post wernow # 68635660) About DuckDuckGo Algorithms (Post wernow # 68655630) On the hardware protection device (Post wernow # 69275830) On the protection of the port microUSB (Post wernow # 69281156) About threats and liability (Post wernow # 69293509) About threats, fictional worlds and time (Post wernow # 69309907) On service traffic (Post wernow # 69566867) On the infrastructure Telegram (Post wernow # 70323319) About China (Post wernow # 73860971) About China (Post wernow # 73863824) About China (Post wernow # 73880680) About messengers (Post wernow # 73969101) About Antivirus (Post wernow # 74161934) About China (Post wernow # 74950096) About malware testing and emulators (Post wernow # 75074647) About Google Data Collection (Post wernow # 76081812) About repairing devices (Post wernow # 76537920) About inspections in China (Post wernow # 76539879) About device checks (Post wernow # 77754685) On digital capitalism (Post wernow # 78044951) About Telegram and the Future (Post wernow # 78053170) About the registration of instant messengers in the Russian Federation (Post wernow # 78739705) About famous cryptographers (Post wernow # 78739705) On anonymity (Post wernow # 78927918) About VPN (Post wernow # 79392952) On the set and disagreement (Post wernow # 79458293) On the hidden record and the legislation of the Russian Federation (Post wernow # 79511161) About microcopy and data protection (Post wernow # 79670518) About IMEI registration in the Russian Federation (Post wernow # 79852809) On the registration of IMEI in the Russian Federation (Post wernow # 79858616) About changing IMEI (Post wernow # 80654422) About bookmarks in chips (Post wernow # 80781651) About bookmarks in chips and checking them (Post wernow # 80786808) About bookmarks in chips (Post wernow # 80817610) About removing EXIF (Post wernow # 80944444) Analysis of EXIF (Post wernow # 80973859) About trust (Post wernow # 81453839) About Tor nodes (Post wernow # 81486034) On temporary identification in a cellular mobile communication network (Post wernow # 81606808) About voice analysis (Post wernow # 81683667) yhnyhn11 Software Compatibility Test Suite (CTS) GApps microG GmsCore is a FLOSS framework- framework for replacing original Google Play services NanoDroid- implementation of Play Services Core (open source) NOGAPPS Project GSM Android IMSI-Catcher Detector- identifies fake base stations (IMSI-Catcher) in GSM / UMTS networks (open source) ®Darshak- helps to detect "silent" sms, signs of phone tapping, lack of communication encryption on Samsung Galaxy S3 (GT I9300) (open source) EAGLE Security- protection against listening in the form of determining false base stations and blocking access of applications to the camera and microphone (closed source code) Network cell info- shows the location of cells on the map and measures the signal strength of the serving cell and neighboring cells (closed source code) ®SnoopSnitch- makes a map of attacks on devices with a Qualcomm chip (open source) Hips Binderfilter Binderfilter- IPC Binder call control system in the core (open source) Picky - an application for managing BinderFilter filters (open source) Commandos98 corner Donkeyguard Donkeyguard- Xposed-module allows you to block access of applications to personal data (open source) Protect My Privacy Protect My Privacy- Xposed module for managing application permissions (closed source) Post Whitestar # 68400078 Xprivacy Xprivacy- Xposed-module that allows you to prevent the leakage of your personal data through the application, control it or replace it to choose from (open source) XPrivacyLua XPrivacyLua- Xposed-module for Marshmallow +, which allows you to prevent the leakage of your personal data through applications, control it or replace it with a choice (open source) XPrivacyLua Official Site XPrivacyLua repo Frequently Asked Questions Comparison with XPrivacy Sensors Sensor Disabler- Xposed-module that allows you to disable and change the values for all sensors available in the device (open source) Camera Camera block- temporarily disables and blocks all camera resources and denies access to the camera for other applications (closed source code) Disable at the kernel level (Post Dementy000 # 79737060) Microphone Mic block- temporarily disables and blocks access to the microphone for other applications (closed source code) Microphone Guard Plus- protection against listening Ultrasound SoniControl- protection against tracking by ultrasounds (closed source code) Ultrasound-firewall for mobile phones | EurekAlert! Science News “Inaudible frequencies”: a firewall blocking ultrasonic cookies appeared / VAS Experts / Habr blog Kernel / Shell Busybox ®BusyBox- BusyBox installer for Android (open source) ® BusyBox- application to install BusyBox (open source) BusyBox Install (No Root)- install BusyBox on devices without root (closed source code) ®Busybox On Rails- installs BusyBox on the device, and also updates it to the current version (open source) Entware Logcat Disconnect ®Stop Log (Root)- disable logcat (closed source) Through the script (Post tweed_man # 70345323) Through build.prop (Post Capush0n # 70345651) Root ® Dianxinos SU- Root access control (closed source) ®Magisk - The Universal Systemless Interface- a utility that allows you to install various system applications and mods in systemless mode and hide the root from any applications and services (open source) ® SuperSU- Advanced access control for superuser rights to applications on the device that require root (closed source code) ® Superuser- a program for managing ROOT rights (open source) ® Superuser- superuser rights management (open source) Superuser- superuser rights management (open source) ®Superuser X (L)- root-access for applications without intermediaries (closed source code) Concealment Rootcloak- Xposed-module that allows you to hide the presence of root for applications (open source) ®suhide- suhide utility allows you to hide the presence of ROOT on your Android device (open source) SELinux SELinuxModeChanger- change SELinux mode Terminal Android Terminal Emulator- terminal emulator (open source) Termux- terminal emulator with an extensive collection of Linux packages (open source) Launcher AppAsLauncher- allows you to select any third-party program as a launcher (closed source code) T-UI F-Droid- launcher with terminal (open source) Linux Linux for tablet BOCHS for Android- OS launch for x86 Complete Linux Installer- we install Linux on Android Debian noroot- debian emulator GNURoot- installation on Android Wheezy, Gentoo, Fedora or Aboriginal without root rights (open source) GNURoot Debian- launch Debian on Android devices (open source) ® Linux Deploy- automate the process of installing, configuring and running GNU / Linux distributions on the Android platform inside the chroot container (open source) ® Linux Installer- Installing Debian / Ubuntu on Android devices PureOS QEMU for Android- starts any OS in the img and iso image XServer XSDL- X server for Android, which allows displaying Linux graphic applications running on an external computer or installed in the chroot Android device Replacing Android on the desktop distribution Recovery update-script Android Script Creator- a program for creating scripts (update.zip) Update Script Generate- program for creating updater-script (update.zip) based on boot.img and system.img for any processor in which it is possible to flash system images in img format (ext2, ext3, ext4) SafetyNet Sip Ostel Setup (Post ANPolter # 47912222) CSipSimple- functional SIP client (open source) Linphone Video- Internet phone using VoIP (open source) SMS / MMS Image SMS- sending image via SMS (open source) Encryption Dark SMS- exchange of encrypted SMS messages, the ability to password protect SMS messages on the phone (closed source code) Silence- SMS / MMS application that supports encryption (open source) The wall- application for sending and receiving SMS messages encrypted with the AES algorithm (closed source code) Tts SVOX Classic Text To Speech Engine- reading text with voice for other applications Webview Android System WebView- Android WebView system component is based on Chrome technology and allows you to view web content in applications Bromite Bromite- WebView implementation without WebRTC and protected from some other digital fingerprints (open source) SystemWebView releases Installing SystemWebView Automators Easer ®Easer F-Droid- automation of actions on events (connection to WiFi, Bluetooth, on time, location) (open source) Tasker Tasker- advanced scheduler, allows for different events to produce actions (closed source code) Use Tasker to the fullest. Android scripting with Tasker and Autotools: protection of programs with a fingerprint, text recognition and hidden tweaks USB Blocking domains and ads ® AdAway- ad blocker with white and black lists support (open source) Adblocker reborn Adblocker reborn- Xposed-module, blocks AdView, AdActivity, receivers, services, WebView and Hosts, while not touching the hosts file itself and does not conflict with the blockers that use it (open source) DNS6- allows you to block hosts via DNS through a local VPN service (open source) ® MinMinGuard- Xposed-module for blocking ads inside applications (open source) PeerBlock For Android- Xposed-module that allows you to block hosts and DNS (open source) Silent- Xposed ad-blocking module (closed source) UnbelovedHosts- Xposed-module, blocking calls to domain names that distribute advertising (closed source code) Browsers Chromium Brave Browser Brave: Fast AdBlock- Chromium-based web browser with built-in AdBlock, tracking protection and security system (open source) Bromite Firefox Firefox- a browser from the developers of Mozilla (open source) Firefox focus- Mozilla browser with automatic blocking of a wide range of online trackers (open source) F-Droid Firefox GOST- Firefox fork with Russian cryptography support Icecatmobile Icecatmobile- fork of Firefox browser that meets the requirements of completely free software (open source) Librefox Waterfox Waterfox browser- browser on the engine Gecko, which continues to support the "obsolete" according to the new Mozilla policy additionsopen source) Waterfox - The free, open and private browser Waterfox - Wikipedia Add-ons Adnauseam Adnauseam- various protection against ad networks Google offends the little ones! Internet monster - against professor, programmer and artist anonymoX anonymoX- ensuring anonymity, IP address spoofing About the features of anonymoX (Post tweed_man # 81169791) Bluhell firewall- restriction of advertising and redirects CanvasBlocker- prohibition of browser fingerprint identification Certainly Something (Certificate Viewer)- view certificates Certificate Patrol- certificate management CheckMyHTTPS- verification of the certificate of the secure connection (open source) Decentraleyes- protection against tracking through centralized CDN Easy image blocker- image loading control HTTP UserAgent cleaner- increased privacy (randomly replacing the UserAgent, canvas, locale fields, blocking WebRTC, etc.), blocking ajax and requests to third-party sites and unnecessary cookies, security assessment https (TLS) connections, phishing protection HTTPS Everywhere- replacement in addresseshttp: //onhttps: // Mobile Password Manager- view and edit saved passwords NoScript- blocking scripts and plug-ins, protection against XSS and Clickjacking attacks Onion Browser Button- connect to Tor in one click Phony- substitution of User Agent Random Agent Spoofer- change profiles at a specified time interval RequestPolicy Continued- control of cross-domain requests Save / Load Prefs- export and import of Firefox settings Self-Destructing Cookies- automatic cleaning Cookies and LocalStorage Speed Tweaks (SpeedyFox)- setting preferences for browser acceleration Spoof Timezone- time zone change Third-party Request Blocker (AMO)- blocking requests to third-party resources uMatrix- firewall with blocking of scripts, frames, etc. User-Agent Switcher- change User-Agent wow-dpi- bypass Russian blocking without the need to use proxy, Tor, etc. F (L) OSS Browser Privacy browser Tor Fire.onion (Browser + Tor)- anonymous web browser (open source) Orfox Tor browser TORnado (Browser + TOR)- anonymous web browser (closed source) Notes Note Crypt Pro- creation of encrypted (AES 128 bits, CBC, PKCS5Padding, random IV, PBKDF2WithHmacSHA1) tag database with support for tags (open source) Swift notes- work with text files, encryption, setting a password, sending (closed source code) Calls Lock Root Call SMS Manager- manager of blocking incoming and outgoing calls and SMS (closed source code) Calendars Calendar Calendar F-Droid- simple calendar with additional CalDAV synchronization, recurring events and reminders (open source) Business calendar- functional calendar (closed source code) Cameras Bacon camera- camera with manual settings for devices that do not support Camera2Api (closed source code) Open camera- multifunctional camera (open source) Simple camera- multifunctional camera (open source) Cards Graphhopper Keyboards The best keyboard for Android -savagemessiahzine.com AnySoftKeyboard Hacker's Keyboard Hacker's Keyboard- A full 5-row keyboard with Tab / Esc / Ctrl keys with a separate number block (open source) Jbak keyboard Multiling O Keyboard Multiling O Keyboard + emoji- multifunctional and customizable keyboard (closed source code) About possible leaks when using the prediction of words (Post tweed_man # 68347962) Simple keyboard Contacts Open contacts- creation and use of a separate contact database (open source) SA Contacts- export phonebook contacts to Excel and vice versa (closed source code) Save contacts to txt- allows you to save selected contacts downloaded from the phone book as a text file in TXT format, which can be sent by email (closed source code) Simple contacts- creation and use of a separate contact database (open source) VCF VCF Contacts VCF Contacts- opens .vcf files in the form of a phone book and allows you to add, delete, edit contacts, make calls (closed source code) On the potential leak (Lent okomand # 69542431) Messengers Messenger Comparison - Wikipedia Comparison of instant messengers - Wikreality Comparison of instant messaging clients - Wikipedia Comparison of LAN messengers - Wikipedia Digital Communications Protocols SECURE MESSAGING APPS COMPARISON Tails - mobile messaging True Private Messaging: 7 Apps to Encrypt Your Chats PDF Crypto-resistant androids. Why encryption in Signal, WhatsApp, Telegram and Viber will not protect your correspondence from hacking PDF Encrypt correctly! Why messengers do not protect the secret of your correspondence Encrypt correctly! Choose an instant messenger for secure and private correspondence. Encrypt correctly! Choose an instant messenger for secure and private correspondence. Actor Actor- centralized messenger (there is an email registration) based on the MTProto v2 protocol (open source) Bitseal Bitseal- decentralized transmission of encrypted messages to another subscriber or many subscribers (open source) Bleep Bleep (alpha)- decentralized messenger (there is a registration by email or anonymously) (closed source code) Briar Briar- messenger that works on the basis of secure Tor networks, as well as Wi-Fi and Bluetooth (open source) Briar Beta - Open Source - News Briar - Darknet Messenger ... Or Good News From The Dark Dungeon Mesh Networks Chat.onion Delta chat Delta chat- centralized instant messenger with end-to-end encryption using the selected mail domain as the server (open source) Delta chat Delta makes chatting better Contribute Dib2Qm Eleet Eleet Private Messenger- private messenger (registration by phone number or anonymously) (closed source code) Choosing a secure messenger for android devices: Eleet Private Messenger Jitsi Jitsi - Wikipedia- Internet telephony and instant messaging system Jitsi (open source) Jitsi meet (open source) Jingle Kontalk Nextcloud talk Nextcloud talk- the extension of the Nextcloud platform, allowing you to make protected audio and video calls, as well as exchange text messages (open source) Nextcloud talk QuickMSG RetroShare Ring Ring- decentralized messenger with e2e encryption (anonymous registration) (open source) Ring (program) - Wikipedia Riot Safeum Safeum- encrypted multimedia messenger (there is an email registration) (closed source code) Signalal Signal private messenger- client-server messenger (registration by phone number) (open source) Snowden advertises Signal. What for? OpenNews: Introduced attack method for WhatsApp and Signal group chat OpenNews: Vulnerabilities in Signal Desktop and Electron Platform Desktop Signal saves cleartext history and encryption keys Silent phone Silent phone- paid instant messenger (anonymous registration) with encryption of audio and video calls and text messages (open source) Signal-Server source code Surespot Surespot- client-server instant messenger (anonymous registration) for secure exchange of text messages, photos and voice notes for up to 10 seconds (open source) Has secure IM app Surespot been compromised by the feds? Telegram Telegram F-Droid- client-server messenger (registration by phone number) based on the MTProto protocol (open source client, closed source server code) Plus Messenger- unofficial client for Telegram (open source client) MTProto - Wikipedia Documentation Telegram Open Network (TON) Security issues Telegram Callback to Telegram developers Is Telegram Safe? Or as I was looking for a bookmark in MTProto Potential Android Telegram Vulnerability Telegram attack for 2 ^ 64 operations, and why the supervillain doesn't need it About the intricacies of privacy in the Telegram Bots API: "this is not a bug, this is a feature" Why two-factor authentication in Telegram does not work How to hack Telegram and WhatsApp: special services are not needed Telegram entered in the register of information dissemination organizers Telegram itself adds someone else's contacts? This is the norm Telegram will ask for a passport Why Telegram Passport is No End to End Vulnerability in Telegram can compromise secret chats. We reveal the numbers of Telegram users Telegram messenger merges metadata to everyone Telegram was unsafe Iranian company intercepted all Telegram traffic Telegram accused of storing messages in unencrypted form Telegram will still share user data with special services. "Media Factory" Eugene Prigogine constantly talks about the vulnerability of the telegram. Is it all scary? Telegram Security Analysis PDF Telegram, AKA “Stand back, we have Math PhDs!” About the "safest" telegram Comparison with Signal (Post neonedrid # 73388860) About location tracking (Post Aeronliru # 68454877) Company Threema Threema- client-server messenger (there is an anonymous registration) with (according to the developers) a serious level of security (closed source code) Frequently asked questions - Threema Threema Encryption Validation - Threema Transparency Report - Threema A look into the Mobile Messaging Black Box The Threema messenger was the first of the foreign services to be entered by the Roskomnadzor in the Register of information dissemination organizers. Threema Swiss Messenger has denied cooperation with the Russian authorities How does the registration of messengers in Roskomnadzor on the example of Threema Tox Antox- decentralized messenger (anonymous registration) for confidential communication (open source) TRIfA- tox client in active development (open source) Whatsapp Wire Wire- secure client-server messenger (there is a registration by email) for communication and conferences (OTR, SRTP, WebRTC, Opus) (open source) Wire back-end services Wire server code now 100% open source - the journey continues Wire’s independent security review WIRE CRYPTOGRAPHY AUDIT (WITH X41 D-SEC) PDF Tina Membe Wire’s Certificate Validation Vulnerability - Tina Membe XMPP Chatsecure Conversations- XMPP client with encryption support and Android HIG design (open source) Freelab messenger- XMPP client, fork Conversations (closed source) IM + All-in-One Mobile Messenger- supports all popular instant messaging services: Facebook, ICQ, VKontakte, Mail.Ru Agent, Classmates. Gadu-Gadu, RenRen, mig33, SINA Weibo, Fetion and Jabber (closed source) Jasmine im- IM client for quick and easy communication, ICQ, QIP, VK, Jabber, etc. (closed source) Pix-Art Messenger F-Droid- fork of a well-known XMPP Conversations client with additional features (open source) Sj im- XMPP client that supports automatic encryption of PGP (OTR) messages (closed source code) Zom Mobile Messenger- XMPP client, focused on simplicity and security (open source) Xabber- universal Jabber client (open source) Location Location Spoofer Location Spoofer- location substitution for applications How to change your location for any Android application Cleaning Andro shredder- permanently delete files and SMS (closed source code) File shredder- utility for permanently deleting files (closed source code) IShredder 3- permanently delete files, photos, sms, contacts (closed source code) ® SD Maid - System Cleaning- cleaning "tails" for remote applications (closed source) Undeleter- permanently delete files of some types (closed source code) shell Passwords bitwarden Keepass Keepass2Android Keepass2Android- password manager (open source) AutoFill plugin- plugin for auto-complete (open source) KeePassDroid- password manager (open source) Password store SealNote Secure Encrypted Note SuperGenPass SuperGenPass- Bookmarklet to generate unique passwords for Internet sites (open source) SuperGenPass: Complete and final solution to the problem of Internet passwords Payment systems Bitcoin post office Fairmail K-9 p≡p pretty easy privacy p≡p F-Droid- mail client with OpenPGP, key exchange via p2p, key import from other clients (open source) Protonmail ProtonMail - Encrypted Email- Email web service with encryption support (open source web version) ProtonMail IMAP / SMTP Bridge- ProtonMail integration with any programs that support IMAP and SMTP TempMail TempMail- creation of temporary mailboxes on the site temp-mail.ru (closed source code) Tutanota Backup Helium- backup and synchronization, the ability to work without root using the desktop client ®oandbackup- create backup copies of applications with data (open source) ® Titanium Backup- backup applications and user data Nandroid Nandroid Browser- extract and use separate files from nandroid backup ® Nandroid Manager- allows you to view, explore and edit your Nandroid backups Online Nandroid Backup * root- makes CWM / TWRP compatible backup without loading into recovery ® Orange Backup- a program to create compatible with CWM and TWRP backups and synchronization with the cloud Repositories App & Gamesavagemessiahzine.com- view and check for updates of applications and games laid out onsavagemessiahzine.com APKPure App- alternative application market Aptoide- client-server application of an alternative market APKUpdater- can check for updates for programs on popular alternative services APKMirror and APKPure (open source) Aurora Store Aurora Store- search and download programs from the Google Play Store without the Google Services Framework, fork of the Yalp Store (open source) Blackmart- alternative to applanet and the like F-Droid Open store- the application allows developers to create their own repositories with applications for Android Yalp Store Yalp Store- search and download programs from the Google Play Store without the Google Services Framework (open source) Network Ad-hoc / Mesh Android Intercom- calls via bluetooth and Wi-Fi in the local network Anyfi Anyfi- mesh network of devices via Wi-Fi Gilga Serval mesh Wi-Fi talkie- voice chat, chat and file sharing without the Internet within the Wi-Fi network MAC ® Change My MAC- change the MAC address of your Android device (closed source) ® Pry-Fi- change the MAC address of your device (closed source code) ®Wireless Mac Address Changer- changes the MAC address of the device to any other and restores the original back (closed source code) DNS AndroDNS F-Droid- configure DNS queries (open source) Daedalus- change DNS settings via VPN tunnel (open source) DNS man- change DNS for selected Wi-Fi networks (open source) ®Override DNS- DNS change with built-in list of servers (closed source code) Cloudflare 1.1.1.1 1.1.1.1: Faster & Safer Internet- use DNS Over TLS or DNS Over HTTPS (closed source) DNS Over TLS & Over HTTPS now on iOS / Android and for all networks at once DNSCrypt Tunneling iodine- binary files for tunneling through a DNS server (open source) AndIodine- tunneling through a DNS server using VPN Api (open source) Element53 (DNS Tunnel)- tunneling through a DNS server (open source) i2p i2p- access to the anonymous I2P network OONI ooniprobe- a global observation network client for detecting censorship and traffic manipulation on the Internet (open source) Proxy Privoxy ProxyDroid Shadowsocks Ssh Tor Orbot Orbot- the ability to use the Tor network for anonymous surfing (open source) How to set up Tor in Android - turn on Orbot orWall VNC VMLite VNC Server- control of the Android device through the browser VPN The Best VPN Services Bitmask Openvpn Open VPN Connect OpenVPN Client OpenVPN Client- a client with rich capabilities (for example, with a painless TAP connection option without root) for connecting to OpenVPN (closed source code) VPN Client Pro- a client with rich capabilities (for example, with a painless TAP connection option without root) for connecting to a VPN (closed source code) OpenVPN for Android Outline Wireguard WebRTC AtrizA Conference- WebRTC based conferences UniComm- private p2p communications based on WebRTC (open source) Zyptonite Zyptonite- secure decentralized p2p platform Wi-Fi ®fqrouter2- turning the smartphone into a wi-fi repeater and not only ® WiFi TX power- WiFi power control Wi-Fi Direct NearShare- communication and file transfer via WiFi Direct SuperBeam | WiFi Direct Share- wireless data transfer directly between devices (including using WiFi Direct technology) Wi-Fi cast- transfer files via Wi-Fi using the access point built into the phone (without an external Wi-Fi router) WiFi Shoot! WiFi Direct- wireless data transfer directly between devices (WiFi Direct technology) Protection ®ARP guard- traffic interception / redirection protection ® Wifi Protector- detection and prevention of ARP attacks on your phone in Wi-Fi networks Wi-Fi Privacy Police- prevents connection to unknown networks and sending a list of known networks (open source) Monitoring Connection list- View all available TCP device connections Network connections- monitoring of incoming / outgoing connections ®Network Log- monitoring network connections Tinny network monitor- monitor network connection Pentesting Pentesting ®Andrax - Don't be evil but be a CRACKER!- integrated solution for pentesting (open source) ANDRAX Documentation ®AndroDumpper (WPS Connect)- check Wi-Fi router vulnerabilities ® bitShark- traffic sniffer ®CSploit- penetration testing (hacking) in a Wi-Fi network ® DroidSheep- scanning and interception of web sessions (profiles) ® DroidSniff- allows you to scan and intercept web sessions of users sitting under one wifi ® dSploit- an application for analyzing and assessing network security, searching for known vulnerabilities, real-time traffic manipulation, spoofing ® FaceNiff- scanning and interception of Internet sessions ® Intercepter-NG (ROOT)- multifunctional network sniffer iwscan Analyzer [ROOT]- analyzer of networks 802.11 a / b / g / n / ac, Bluetooth, LTE, WCDMA, GSM ®Netcut- allows you to automatically scan the network, receive data about connected devices and, if necessary, disable them @Network Spoofer- sniffer ®Network utilites (Test version)- a set of tools to work with the network, as well as intercept / monitor / redirect traffic within your network Packet capture- allows you to intercept network traffic with SSL decryption ®Packet Sniffer- viewing and analyzing packages Proxymon SSL [ROOT]- debugger of open and secure TCP connections at the data level В® Reaver-GUI for Android- hacking wifi from devices with bcm4329 / 4330 wifi chipset Router keygen- key generator for wi-fi routers ® Shark for Root + Shark Reader- traffic sniffer and view dumps in .pcap format SSLUnpinning- Xposed-module that allows you to make the substitution of certificates in applications (open source) ® Wi.cap. Network sniffer- package sniffer for ROOT devices WIBR + WIfi BRuteforce hack- generation of WEP / WPA / WPA2 keys to all Wi-Fi point ®WIFI WPS WPA TESTER (ROOT)- attempt to connect to some access points using known vulnerabilities ®WifiAccess WPS WPA WPA2- check Wi-Fi router vulnerabilities ® WiFiKill- disable "extra" users of the WiFi network ®WiFree WPS- Wi-Fi hacking (WPS PIN + Router Keygen) ®WPS connect- connect to a wireless network using the WPS protocol ®zANTI- security assessment of Wi-Fi networks Social networks Diaspora Mastodon documentation / Apps.md at master · tootsuite / documentation- list of client applications Firewalls AFWall ® AFWall +- restriction of application access to the Internet (open source, fork DroidWall) FAQ · ukanth / afwall Wiki ® Android Firewall- firewall on Android (open source, fork DroidWall) ® DroidWall- restriction of application access to the Internet based on iptables (open source) Lightningwall- Xposed module, firewall for installed applications (closed source) Netguard- blocks access to applications (both user and system) access to the Internet (via wi-fi or mobile) without root (open source) NoRoot Firewall NoRoot Firewall- firewall that does not require root-rights (closed source code) Firewall for Android Signaling Car alarm Car alarm- determination of the alarm condition in the protected object using a microphone and / or accelerometer and signaling about it in various ways Haven Haven: Keep Watch- an application using various sensors (camera, microphone, gyroscope, accelerometer, light sensor) to record changes in the location of the device (open source) Snowden introduced a mobile application for protection from surveillance Edward Snowden has created a paranoid mobile app. Data synchronization BitTorrent Sync BitTorrent® Sync- allows you to synchronize your files between different devices (closed source) DAVdroid Folderseync Folderseync- cloud synchronization with support for various services and protocols (closed source) Syncthing Syncthing- application for distributed data synchronization (open source) Syncthing-silk- distributed synchronization of files between devices (open source) Cloud data storage Degoo 100 GB free space: Degoo- cloud file storage service (closed source code) MEGA MEGA- client for cloud Mega (closed source) Nextcloud ownCloud System Notifications Toast Xtoast- Xposed module for managing pop-up notifications (closed source) Runtime ART Checker- check runtime (closed source) Monitoring OS Monitor- system monitoring (open source) Simple system monitor- system monitor and task manager (closed source code) Substitution Android Device Changer- Xposed-module, which allows applications to change IMEI, Android Id, Serial Number, Wifi Mac, SSID, Google advertising id, Bluetooth Mac devices for applications (closed source code) Device faker- Xposed-module that allows you to change the device to make it look like another (closed source code) Device ID Masker- Xposed-module that allows you to replace many of the characteristics of the device (closed source code) Phone Id Changer Pro- Xposed module that allows applications to change IMEI, Android Id, Serial Number, Wifi Mac Address, SSID (closed source code) IMEI ®Chamelephon- IMEI change for devices on MediaTek 65XX processors (closed source) ®GhostPhone- IMEI change on MediaTek 65xx / 67xx processors (closed source code) IMEI Changer- Xposed-module that allows you to change the IMEI device (closed source code) Steganography Application Management LuckyPatcher ® LuckyPatcher by ChelpuS- application manager My Android Tools My Android Tools- disable / enable activity, service, receiver, provider for any applications (closed source code) Lists of disabled services / receivers / activites / providers for different applications Per App Hacking APK APK Editor ApkCrack (AETool) ApkCrack (AETool)- tool for editing apk-files Apktool Apktool- decompilation, recompilation, application signature MT Manager ® MT Manager- editing, translating, cloning, encrypting, signing and optimizing user and system (without installing frameworks) apk-files Windows Analysis Apk analyzer- allows you to explore applications on the device, providing a detailed report not only about installed programs, but also about uninstalled apk files App Detective- gives the most complete array of various data on the installed APK, including their contents and online analysis AppBrain Ad Detector- identification of potential problems of all applications installed on the device Exodus Inspeckage Mobile Security Framework- a platform for testing mobile applications (Android / iOS / Windows), fully automated and capable of performing static and dynamic data analysis, identifying potential problems of all applications installed on the device (open source) Frost Cloning App cloner- creation (without the presence of root) modified clones of some programs (closed source code) Sandboxes Island Island- execution of applications in the sandbox (closed source) Android: Island - a utility for isolating and freezing applications without root Shelter UserControl UserControl- execution of applications in the sandbox (closed source) VirtualXposed VirtualXposed- execution of applications in the sandbox with partial support for Xposed (open source) Permissions Android Permissions- shows the list of permissions of installed applications (open source) App Settings App Settings- Xposed-module for fine-tuning applications, including permission management (open source) v1.16 App Ops App Ops- disables selective permissions for selected applications (closed source code) Analysis of the work (Post xynta123 # 64938074) AppOpsX- client for Android AppOpsService (open source) App Ops - Permission manager- application permissions management (closed source) AppOpsXposed- Xposed-module, restoring the functionality of the App Ops system permission manager on Android 4.4.2 and higher (open source) Permission master- Xposed module for working with application permissions (closed source) APK Advanced permission manager- removal of permissions from apk (closed source) APK Permission Remover- removal of permissions from apk (closed source) Permission Manager (re-installer apps)- provision and prohibition of application rights by reinstalling them (closed source code) Hiding AppHider- hiding applications (closed source) Vulnerabilities BlueBorne Vulnerability Scanner by Armis- check device for BlueBorne vulnerability Bluebox Security Scanner- check device for the presence of Master-key vulnerabilities Stagefright Detector- device scan for Stagefright vulnerability Trustable by Bluebox- a tool for researching publicly known system vulnerabilities VTS for Android- a tool for researching publicly known system vulnerabilities Files Recovery ® DiskDigger- recovery of deleted pictures, photos, videos, saving recovered files and the ability to send them to the mail Dumpster - Recycle Bin- file basket ® Hexamob Recovery PRO- recover deleted files Undeleter- recovery of files deleted from SD-cards and internal memory Images Exif Exif_Editor- full EXIF editor ExifTool- viewing and editing the extended information of image files (closed source code) Photo editor- a program for high-quality photo processing (viewing, changing or deleting EXIF data) Photo exif editor- allows you to view, edit and delete Exif photo data Scrambled exif- removal of metadata from images (open source) Media Encryption Cryptography- encryption, training and hashing tool Cryptomator Beta (Unreleased)- encrypt files in cloud storage and access them on all your devices Derandom- prediction of pseudo-random numbers (open source) EDS EDS (Encrypted Data Store)- creation and management of encrypted containers TrueCrypt, VeraCrypt, LUKS, CyberSafe (closed source code) Android: Protecting personal data. EDS: Overview and usage example. Encfs ® Cryptonite- data encryption on the device and in Dropbox (open source) Encdroid- creation of encrypted folders on the device and in Dropbox MiXplorer ® EncPassChanger- change the password of the standard encryption section / data Luks ® LUKS Manager- creation and management of encrypted LUKS containers Midnight murmur Midnight murmur- encryption / decryption of files and text messages with a free design of the encryption procedure PGP APG APG- encryption standard OpenPGP (open source) What is the relationship between APG and OpenKeychain? K9 WITH APG FOR ANDROID ANDROID: APG Gnuprivacyguard Openkeychain Openkeychain- key manager according to the OpenPGP standard (open source) What is the relationship between APG and OpenKeychain? OpenKeychain instruction. OpenPGP PGP implementation on Android Oversec Oversec- transparent encryption and decryption of any text in any application (open source) Oversec is a utility that adds encryption support to any application. PGPTools PGPTools- simple PGP encryption, supports keys from computer How to encrypt chat on your smartphone and tablet using PGPTools PDF Secrecy S.S.E. Secret Space Encryptor (S.S.E Universal Encryption App)- encoder (AES, RC6, Serpent, Blowfish, Twofish, GOST-28147, Threefish (in Pro version), SHACAL-2 (in Pro version)) text and files, password manager (open source) Encrypted for Android: Application S.S.E Lock screens App Lock (HI App Lock)- an application to block and protect confidential information App Lock (Smart App Protector)- protects installed applications with a password or lock, and also prevents the screen from turning off and switching to landscape mode while applications are running from a user-defined list CyanLockScreen- Xposed module to expand the lock screen on 4x4, 5x5 and 6x6 pixels Cyclic Lock- Xposed-module for cycling PIN / password / pattern keys DroidLock: Dynamic Lockscreen- screen lock, where PIN can be time, battery charge, etc. ® GravityBox- Xposed-module with the ability to shuffle PIN numbers on the lock screen Knock Lock-App Lock Pro- functional customizable screen blocker Knock lock- allows you to select the lock area on the display to enable the "Knock Lock" feature Lockdown- blocking applications with various keys Lockmod- Xposed module for customizing the lock screen on Lollipop and above Maxlock- Xposed-module that allows you to block the launch of applications (open source) Picture Password Lockscreen- lock screen with support for drawing points, lines and circles PIN / Pattern Shortcuts- Xposed-module that allows you to open different applications with different PIN codes ScreenLock - Time Password- time based lock screen Shortcut Lock Screen Mod [MM]- Xposed module for setting lock screen shortcuts on Marshmallow Smart lock- protection of any installed applications with a password Smart lock screen- floating screen lock button Timepin- lock screen with PIN based on time Data Locker- clearing data after exceeding the maximum number of attempts to unlock the device Selfdestruction Unlocking- deleting folders on the memory card and clearing the device memory when the limit of incorrect attempts to unlock the screen comes (closed source code) Wrong pin shutdown- turning off the device when exceeding the limit of screen unlock attempts (open source) Energy saving Tips to improve power saving devices on Android OS Wakelock Wakelock detector- search for the cause of the device not falling asleep Continuation of the header (Network, System) Continued caps (Hardware, Location, Telephone, Encryption / Cryptography / Steganography, Creativity) Post has been editedokomand - 17.06.19, 14:05 |
Message#5 14.05.15, 23:58 | |
Old resident [offline] Group: Friendssavagemessiahzine.com Messages 711 Check in: 07.05.08 Reputation: 73 | privateperson2015, To fake imsi you need a suitable fake Ki. Otherwise the network will say go ahead. :) Yes, and then how to receive incoming, if imsi is associated with a subscriber number? : D And imei can change at least once a minute, you vseravno authenticly identified by transmitted imsi. Imei it so, for the black list of stolen / not legally imported devices. But it almost does not work with us. And wiping your imei you made it "gray", which only may attract undue attention ... Post has been editedtimspb - 15.05.15, 00:08 |
Message#6 15.05.15, 01:59 | |
User [offline] Group: Friendssavagemessiahzine.com Messages 88 Check in: 09.09.14 Reputation: 1 | [email protected], 23:58 To fake imsi you need a suitable fake Ki. Otherwise the network will say go ahead. :) Yes, and then how to receive incoming, if imsi is associated with a subscriber number? : D And imei can change at least once a minute, you vseravno authenticly identified by transmitted imsi. Imei it so, for the black list of stolen / not legally imported devices. But it almost does not work with us. And wiping your imei you made it "gray", which only may attract undue attention ... I understand that changing imei without a SIM card will not help much to get out of sight)) But it’s easier to change imei than to change the device)) I understood what the salt is about .. Well, okay, this is not about this topic) I would like the developers to develop their software in different directions to protect the android, not only from wiretapping, but also, for example, from subscriber location and signal triangulation, protection from stealth sms, etc. |
Message#7 12.06.15, 21:18 | |
🎄 [offline] Group: Friendssavagemessiahzine.com Messages 1392 Check in: 19.06.11 Reputation: 489 | There are applications: a microscope (when you can see microbes through the camera of the device), ultrasound from mosquitoes and dogs (through a standard speaker), a lie detector (without sensors), a metal detector (which detects gold and platinum), thermal imagers (through a standard camera), There is also a program that determines the presence of spirits and ghosts near you (through the disturbance of psi-energy, by measuring the electromagnetic field), and there is (will) a program that determines the presence of an interception from the operator (using a very complex algorithm that requires volume calculations connections and analytics on the developer’s server, it is possible that distributed calculations may be required due to the massive amounts of incoming data) ... ---- Operators in the CIS do not listen to anyone. This makes the complex feed (its various modifications and equipment). He always stands behind the operator. And the default operators give the entire amount of the form already decrypted (both at the entrance and at the exit). This does not mean that all data is heard / analyzed by real people, but if all the same your number will be listened to, your incoming / outgoing data will not change at all. In simple terms, the feed does not know anything about encryption and does not change anything in the data one iota. And the operators do not know anything about wiretapping (who exactly, when, how long, in what volume). They are never told this. Sorm removes only data already opened by the operator. I omitted many details, but the meaning is exactly that. Therefore, it is possible to determine whether you are listening through the feed, (and not through the equipment of the operator), with the same effect as to determine the psi-energy disturbance. P.s. In the countries of rotten democracy, the operators are listening just the same, but upon request / order of the court / special services. But the method is the same (incoming / outgoing data remains unchanged, although I cannot say for all countries, because there are operators who do not have a permanent intermediate open area) .. There are nuances (with them and with us), when the controlled object is sent hush sms, and this is definable and blockable programmatically. And of course the collection (sometimes selective analysis) of metadata (this is already done by the operators themselves), but this is no longer control of voice traffic. |
Message#8 05.12.15, 14:56 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | [email protected], 23:45 And yes, this is exactly the application that Edward Snowden himself recommends using (Edward Snowden). A truly secure application should at least allow using not just phone numbers as identifiers. What kind of anonymity then speech. Well at least the source code, unlike Telegram, is open. Tox clients are truly safe and anonymous. Post has been editedokouser - 05.12.15, 14:57 -------------------- |
Message#9 05.12.15, 20:02 | |
Veteran [offline] Group: Friendssavagemessiahzine.com Messages 1535 Check in: 02.01.07 Samsung Galaxy S5 SM-G900F Reputation: 305 | Unfortunately, Snowden did not explain why Signal should be used (well, or I did not find it). Open source is not an argument. Telegram sources are also open:https://telegram.org/apps#source-code Plus Durov awarded a prize of $ 100,000 to the one who hacked the defense. Post has been editedeen - 05.12.15, 20:07 |
Message#10 05.12.15, 20:17 | |
Experienced [offline] Group: Friendssavagemessiahzine.com Messages 622 Check in: 21.08.12 Reputation: 23 | [email protected], 20:02 Plus Durov awarded a prize of $ 100,000 to the one who hacked the defense. those who seriously need data, they will not crack the cipher, but simply come and confiscate the server under absolutely any pretext. And this window dressing with kilobaxes is a complete mess. I have no doubt that the connection between the prog and the server is protected. But the fact that the prog does not pull all the data from the phone to this server, which Durov does not concern at all - there is no guarantee for this. And even more so there is no protection from the fact that Durov himself will merge everything that is needed. Well, if a multimillion Skype was forced, then Durov was never a defense at all. Security must be guaranteed by the architecture, not by the words of marketers and other boltologists. Neither the Telegram nor the Signal Private Messenger, which requires my mobile number, guarantees no data protection. So far, only tox and surespot can be trusted, but, unfortunately, they are very raw. The rest is just chats / dialers, in which "privacy" and "security" in the name and description are just an advertising move. [email protected], 20:02 Unfortunately, Snowden did not explain why Signal should be used. Yes, it is a pity that a person who has made an enormous contribution to the protection of the privacy and informational integrity of people mentions such dregs somewhere, requiring the registration of a telephone number and contrary to anonymity. If he said it at all, and not just someone uses his image, as the image of Che Guevara, sold without his consent by such organizations with which he would not have anything in life. Post has been editedformobe120 - 05.12.15, 20:24 |
Message#11 05.12.15, 20:25 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | [email protected], 19:02 Telegram sources are also open Is Signal's source code also closed? -------------------- |
Message#12 06.12.15, 00:02 | |
Veteran [offline] Group: Friendssavagemessiahzine.com Messages 1535 Check in: 02.01.07 Samsung Galaxy S5 SM-G900F Reputation: 305 | [email protected], 20:17 The fact that the prog does not pull all the data from the phone to this server, which Durov does not touch at all - there is no guarantee for this. Warranty is open source. In which you can see that the program does not transmit to the server "all data from the phone." And in the signal, and in the telegram everything is in order. Unlike other popular programs (watsapp, etc.). they will not crack the cipher, but simply come and confiscate the server under absolutely any pretext OK, confiscated. What's next? If the server contains encrypted messages, and the key to them in principle does not exist on the server - let them crack and read. Years after dtsat. On the telegram server it will be exactly like this (we are talking only about the secret chat, and not about the usual chats / channels). And indeed, now the FBI is pressing Durov on the topic of "giving the keys", but for him to remove the secret chats from the messenger at all. But how it is arranged in signal - I have not yet understood. I would be grateful (+) if someone pokes his nose in the description (you can in English). this window dressing with kilobaxes is a complete mess Thanks to this "window dressing" a person has already received money. Although not the full amount: he did not read the chat, but found a potential vulnerability in the code. See details on Habré. [email protected], 20:25 Is Signal's source code also closed? And what's the point in server codes? After all, there is no way to verify that the published code corresponds to the executable modules on the server. [email protected], 14:56 A truly secure application should at least allow using not just phone numbers as identifiers. What kind of anonymity then speech. Yes, the very fact that people with such telephone numbers communicated with each other - on the server the signal (telegram, watsapp, etc.) is stored. And, of course, can be merged with the relevant services. With this you need to either accept or not use such instant messengers at all (and, by the way, a mobile phone, too). But the content of this communication is quite possible to protect. Post has been editedeen - 06.12.15, 00:05 |
Message#13 06.12.15, 01:23 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | Warranty is open source. In which you can see that the program does not transmit to the server "all data from the phone." The guarantee is not only in what is seen in open source, as developers can not collect apk from them, but in the ability to view the code and build their own installation based on it, which is what projects like F-Droid do. You are either a telepath or a person close to Durov, because without source you know what will be there ... And what's the point in server codes? After all, there is no way to verify that the published code corresponds to the executable modules on the server. Hmm, how consistent in this context is your passage about open source client ... And the point is that then we can build our server ourselves, and not feed ourselves with tales of a white bull. Since when in smartphones forbidden not to insert a SIM card? And the contents of the communication can be protected when you are exactly sure that the encryption keys do not go to any external servers, which some clever people know thoroughly ... Post has been editedokouser - 06.12.15, 01:31 -------------------- |
Message#14 06.12.15, 04:20 | |
Veteran [offline] Group: Friendssavagemessiahzine.com Messages 1535 Check in: 02.01.07 Samsung Galaxy S5 SM-G900F Reputation: 305 | [email protected], 01:23 developers can not build apk of them This will be a direct deception, and it will be discovered - there are many who want it. once without source you know what will be there So the point is that the source is. And anyone can check (and checked, I think, 100,500 times) that when using secret chat on the server side, you cannot get encryption keys. And therefore it is impossible to read the correspondence, even it suddenly appears on the confiscated server (the developers say that it is not stored there at all, but that's fine). Consistently in this context sounds your passage about open source client You really do not understand? If you have an executable module and source code, you can find out if they match each other. In the case of a client Signal or Telegram, there are both published sources and apk. Therefore, a comparison is theoretically possible. And executables running on Open Whisper / Telegram servers cannot be obtained. Accordingly, server source codes (if they are suddenly published) do not make any sense for the analysis of the security of correspondence, there is nothing to compare them with. [[and, by the way, mobile phone too]] [Since when in smartphones forbidden not to insert a SIM?!] I wrote about the mobile phone, not about the smartphone. Well, "mobile communication too" - so clearer? |
Message#15 06.12.15, 10:04 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | And anyone can check (and checked, I think, 100,500 times) that when using secret chat on the server side, you cannot get encryption keys. Convinced. But in group chats, are the encryption keys transmitted to the server? How is this with Signal? The same Telegram in F-Droid is assembled, but Signal is not. If you have an executable module and source code, you can find out if they match each other. This is not always the case. From the bytecode is not always possible to get the source. Once again, this is why there are projects like the F-Droid. In this case, terminology is important. So about that, and in such programs, it is extremely important to completely untie the user from mobile communication. Why this is not done - an open question. Post has been editedokouser - 06.12.15, 10:21 -------------------- |
Message#16 06.12.15, 15:34 | |
Veteran [offline] Group: Friendssavagemessiahzine.com Messages 1535 Check in: 02.01.07 Samsung Galaxy S5 SM-G900F Reputation: 305 | [email protected], 10:04 But in group chats, are the encryption keys transmitted to the server? Yes, messages in normal (non-secret) telegram chats can be decrypted on the server. Moreover, they write on Habré about experiments proving that messages are analyzed on the server and used in contextual advertising. Business s. How is this with Signal? there iscomparison of instant messengersfromElectronic Frontier Foundation. From it, in particular, it follows: 1. Messages in chats Signal on the server can not be decrypted 2. A detailed description of Signal cryptography does exist. Will seek. In such programs, it is extremely important to completely untie the user from mobile communication. Why this is not done - an open question. So in the description of Signal there are no statements about anonymity and unlinking from mobile communication. And why not done - this question for tehnotrepalki. [The same Telegram in F-Droid is compiled, but Signal is not.] I don’t understand why the F-Droid build guarantees security. Suppose there are sources from F-Droid and apk compiled from them. Where is the confidence that apk is built from the published sources? How does this differ from the case when the source code from Open Whisper and apk from it? Post has been editedeen - 06.12.15, 15:45 |
Message#17 06.12.15, 18:14 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | Moreover, they write on Habré about experiments proving that messages are analyzed on the server and used in contextual advertising. Link? Of course, but on the other hand, if there are links in the messages, it can be a generation of previews for them. I don’t understand why the F-Droid build guarantees security. Suppose there are sources from F-Droid and apk compiled from them. Where is the confidence that apk is built from the published sources? How does this differ from the case when the source code from Open Whisper and apk from it? No, I did not say that. There are also necessary and sufficient conditions. So this is necessary, but not sufficient. I think the fact that you can go through all the steps to compile the source and check whether the hashes of the apesheks are the same. Post has been editedokouser - 06.12.15, 18:25 -------------------- |
Message#18 06.12.15, 18:39 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 3483 Check in: 30.05.05 Samsung Galaxy A6 + SM-A605F Reputation: 132 | IMHO safe when no server is used, messages are stored only with correspondents with the deadline specified by the author of the message (for example, the message lives no more than 2 hours. then it is destroyed) -------------------- Samsung Galaxy A6 + 2108 (SM-A605FN./ Android 9), Lenovo YogaBook YB1-X91F (Windows10), Samsung Gear S3 Frontier (Tizen 4.0.0.2), Samsung Gear Fit 2, Meizu M2 16GB (Flyme 6.2..2G) |
Message#19 06.12.15, 18:41 | |
Veteran [offline] Group: Friendssavagemessiahzine.com Messages 1535 Check in: 02.01.07 Samsung Galaxy S5 SM-G900F Reputation: 305 | [email protected], 18:14 If there are links in the messages, then it can be a generation of previews for them. No, it's not about previews for links. Like this: if in correspondence (not the secret chat) long enough to discuss some kind of [crap], this very [crap] starts to appear in ads on the web pages. Of course, this [crap] was mentioned only in this messenger, in other messengers and in the mail they never discussed, and did not go to the sites dedicated to it. For the sake of fairness, I could not repeat the results of this experiment - I couldn’t find a product that I often advertise on the one hand, and on the other hand, so that I didn’t go to sites describing it before. [so that you can go through all the steps to compile the source and check whether the hashes of the apesheks match.] Why it is impossible to go through the same steps to compile the source Open Whisper and not compare with apk Open Whisper? IMHO safe when no server is used, messages are stored only with correspondents with the deadline specified by the author of the message (for example, the message lives no more than 2 hours. then it is destroyed) This is exactly how secret chat works in Telegram. Well, that is, the developers say so. We cannot verify this statement ("I swear by my mother" is not a guarantee). Therefore, he wrote: "even if it suddenly shows up on the confiscated server", i.e. if the developers lied. Post has been editedeen - 06.12.15, 18:49 |
Message#20 06.12.15, 18:55 | |
Guru [offline] Group: Friendssavagemessiahzine.com Messages 10194 Check in: 06.01.14 Reputation: 571 | IMHO safe when no server is used, messages are stored only for correspondents with the deadline specified by the author A similar principle is implemented in Tox, and according to the developers at Bleep. Why it is impossible to go through the same steps to compile the source Open Whisper and not compare with apk Open Whisper? Because they will not tell with what tools and how they build the apk, and the hashes will be guaranteed to be different. Posted 12/06/2015 6:55 PM: This is exactly how secret chat works in Telegram. Well, that is, the developers say so. Do secret chat messages bypass the server? And where are the developers say. There are sources, if everything is in the code as the developers say, then assembling the apk, everything will be exactly the same, even if there are bookmarks in the official apk. -------------------- |
Message#21 06.12.15, 19:08 | |
Veteran [offline] Group: Friendssavagemessiahzine.com Messages 1535 Check in: 02.01.07 Samsung Galaxy S5 SM-G900F Reputation: 305 | [email protected], 18:55 Do secret chat messages bypass the server? It is not over. But the developers say that messages are not stored on the server. Exactly this statement is impossible to verify. And where are the developers say. Sources are There are no server sources. If in the code everything is as the developers say, then collecting the apk apk has nothing to do with it, it's about the server. And there is no access to server executables. |
mobile version | Now: 06/22/19, 10:52 |