Questions about security, privacy and anonymity in the network and under the android | [technoblabla] general security, privacy and anonymity issues



Rep: (583)
Questions about security, privacy and anonymity on the network and under the android



Since there are enough different topics for discussing software for Android security, private and anonymous surfing, but discussing general security, privacy and anonymity issues in them is increasingly considered offtopic, I think it makes sense to create a separate topic for this popular topic, where you can all these topics are free to speak and ask.
So you are welcome!

Safety
Since many tips and tools in the subject require superuser (root) rights, you should follow certain safety guidelines:
1. Try to do all the actions consciously, having previously studied the relevant materials and clarifying incomprehensible moments.
2. Make as many backups as possible. They can be done both with the help of custom recovery (TWRP, CWM, PhilZ Touch, Carliv, etc.), and with the help of applications that can backup all the firmware, as well as individual applications and data.
Relevant applications can be found in the section:
Software ->Backup.
Accordingly, it is worth taking care of safe storage of the created backups.
About security, all and different
Four Horsemen Infocalypse
Which apps and tools actually keep your messages safe?
Protection of confidential data and anonymity on the Internet PDF
prism-break- protection from global surveillance systems such as SORM, PRISM, XKeyscore and TemporaGithub
Guardian Project
https://privacytools.io/- encryption against global mass surveillanceGithub
SECURITY IN-A-BOX- tools and tactics for digital security
GitHub - ValdikSS / awesome-anti-censorship: curated list of open-source anti-censorship tools
danoctavian / awesome-anti-censorship: curated list of open-source anti-censorship tools
GitHub - StreisandEffect / streisand- Wiring, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, Sslh, Stunnel, and a Tor bridge. It also generates custom instructions for all of these services. You can be shared with friends, family members, and fellow activists.
sovereign / sovereign: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.
https://ssd.eff.org/- Tips, Tools and How-tos for Safer Online Communications
How to protect Android: 10 tips for maximum security PDF
Mission Impossible: Hardening Android for Security and Privacy PDF
eBlocker- hardware and software platform
De-Googling my phone В· Martin Pitt
nomoregoogle.com - a fresh collection of alternatives to the services of the technology giant
Project SAFE "I have nothing to hide"
Big data
Information Security
Information Security - Wikipedia
Personal Data Protection - Wikipedia
OPSEC for Linux users, developers and administrators
The basic model of threats to the security of personal data when they are processed in personal data information systems
Internet counterintelligence in action: create a personal information security management system
Information technology social hacking
The art of "teaching protection of information" ... while giving a ton of good-will and non-speaking words PDF
DLP
IPC
Massachusetts Institute of Technology. Lecture course # 6.858. "Security of computer systems." Nikolai Zeldovich, James Mykens. year 2014
MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 1
MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 2
MIT course "Computer Systems Security". Lecture 1: "Introduction: threat models", part 3
MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 1
MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 2
MIT course "Computer Systems Security". Lecture 2: "Control of hacker attacks", part 3
MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 1
MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 2
MIT course "Computer Systems Security". Lecture 3: "Buffer overflow: exploits and protection", part 3
MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 1
MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 2
MIT course "Computer Systems Security". Lecture 4: "Separation of privileges", part 3
MIT course "Computer Systems Security". Lecture 5: "Where Security Errors Come From", Part 1
MIT course "Computer Systems Security". Lecture 5: "Where Security Errors Come From", Part 2
MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 1
MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 2
MIT course "Computer Systems Security". Lecture 6: "Opportunities", part 3
MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 1
MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 2
MIT course "Computer Systems Security". Lecture 7: "Sandbox Native Client", part 3
MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 1
MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 2
MIT course "Computer Systems Security". Lecture 8: "Model of network security", part 3
MIT course "Computer Systems Security". Lecture 9: "Web application security", part 1
MIT course "Computer Systems Security". Lecture 9: "Web Application Security", part 2
MIT course "Computer Systems Security". Lecture 9: "Web Application Security", part 3
MIT course "Computer Systems Security". Lecture 10: "Symbolic execution", part 1
MIT course "Computer Systems Security". Lecture 10: "Symbolic execution", part 2
MIT course "Computer Systems Security". Lecture 10: "Symbolic Execution", part 3
MIT course "Computer Systems Security". Lecture 11: “Ur / Web programming language”, part 1
MIT course "Computer Systems Security". Lecture 11: “Ur / Web programming language”, part 2
MIT course "Computer Systems Security". Lecture 11: "Ur / Web programming language", part 3
MIT course "Computer Systems Security". Lecture 12: "Network Security", part 1
MIT course "Computer Systems Security". Lecture 12: "Network Security", part 2
MIT course "Computer Systems Security". Lecture 12: "Network Security", part 3
MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 1
MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 2
MIT course "Computer Systems Security". Lecture 13: "Network Protocols", part 3
MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 1
MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 2
MIT course "Computer Systems Security". Lecture 14: "SSL and HTTPS", part 3
MIT course "Computer Systems Security". Lecture 15: "Medical software", part 1
MIT course "Security of computer systems". Lecture 15: "Medical software", part 2
MIT course "Security of computer systems". Lecture 15: "Medical software", part 3
MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 1
MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 2
MIT course "Security of computer systems". Lecture 16: "Attacks through the side channel", part 3
MIT course "Security of computer systems". Lecture 17: User Authentication, Part 1
MIT course "Security of computer systems". Lecture 17: User Authentication, Part 2
MIT course "Security of computer systems". Lecture 17: User Authentication, Part 3
MIT course "Computer Systems Security". Lecture 18: "Private Internet Browsing", part 1
MIT course "Security of computer systems". Lecture 18: "Private Internet browsing", part 2
MIT course "Computer Systems Security". Lecture 18: "Private Internet Browsing", part 3
MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 1 (lecture from the creator of the Tor network)
MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 2 (lecture from the creator of the Tor network)
MIT course "Computer Systems Security". Lecture 19: “Anonymous Networks”, part 3 (lecture from the creator of the Tor network)
MIT course "Computer Systems Security". Lecture 20: "Security of mobile phones", part 1
MIT course "Computer Systems Security". Lecture 20: “Mobile Phone Security”, part 2
MIT course "Computer Systems Security". Lecture 20: "Mobile Phone Security", part 3
MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 1
MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 2
MIT course "Computer Systems Security". Lecture 21: "Tracking data", part 3
MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 1
MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 2
MIT course "Computer Systems Security". Lecture 22: MIT Information Security, Part 3

Online services
Bitcoin
VPN
Auto removal
Website archiving
Mobile networks
Platforms
Search
post office
Checks
Abuse
APK
Cloudflare
DNS
IP
Sip
SSL / TLS
URL
Harmful
miscellanea
Certificates
Speed
Leaks
Vulnerabilities
Encryption

Synchronization
Social networks
Storage
Encryption

Regulations

Forum
"Free Web" | Free internet is discussed in the topic.
Amnesiagroup corner
Benga1983 corner
commandos98
DoberPC corner
Corner of elenakawai
Fahren-heit
Formobe corner
Corner IcanTellstories
JumpingJerry Corner
Corner Ruiz_Av
Tomin corner
Wernow corner
About potential threats (Post wernow # 51543260)
On threat groups (Post wernow # 51550069)
About open code (Post wernow # 51902449)
Selling information (Post wernow # 52003733)
About toolkit (Post wernow # 52015424)
About providers in android (Post wernow # 52061764)
On complete privacy and security (Post wernow # 53580616)
About F-Droid, messengers and priorities (Post wernow # 59144989)
About F-Droid and open source (Post wernow # 59151363)
About Fingerprint (Post wernow # 61458449)
About biometrics (Post wernow # 61564247)
About wiretapping and protection from it (Post wernow # 62796218)
On leaks and anonymous networks (Post wernow # 66632070)
About file attributes (Post wernow # 66682128)
About USSD (Post wernow # 66793981)
How to take a dump via tcpdump (Post wernow # 66824767)
About the causes of problems with modules Xposed (Post wernow # 67999793)
On the priorities of threats (Post wernow # 68333815)
About UID 1000 (The Post wernow # 68613246)
On the interaction of DuckDuckGo and Yandex (Post wernow # 68635660)
About DuckDuckGo Algorithms (Post wernow # 68655630)
On the hardware protection device (Post wernow # 69275830)
On the protection of the port microUSB (Post wernow # 69281156)
About threats and liability (Post wernow # 69293509)
About threats, fictional worlds and time (Post wernow # 69309907)
On service traffic (Post wernow # 69566867)
On the infrastructure Telegram (Post wernow # 70323319)
About China (Post wernow # 73860971)
About China (Post wernow # 73863824)
About China (Post wernow # 73880680)
About messengers (Post wernow # 73969101)
About Antivirus (Post wernow # 74161934)
About China (Post wernow # 74950096)
About malware testing and emulators (Post wernow # 75074647)
About Google Data Collection (Post wernow # 76081812)
About repairing devices (Post wernow # 76537920)
About inspections in China (Post wernow # 76539879)
About device checks (Post wernow # 77754685)
On digital capitalism (Post wernow # 78044951)
About Telegram and the Future (Post wernow # 78053170)
About the registration of instant messengers in the Russian Federation (Post wernow # 78739705)
About famous cryptographers (Post wernow # 78739705)
On anonymity (Post wernow # 78927918)
About VPN (Post wernow # 79392952)
On the set and disagreement (Post wernow # 79458293)
On the hidden record and the legislation of the Russian Federation (Post wernow # 79511161)
About microcopy and data protection (Post wernow # 79670518)
About IMEI registration in the Russian Federation (Post wernow # 79852809)
On the registration of IMEI in the Russian Federation (Post wernow # 79858616)
About changing IMEI (Post wernow # 80654422)
About bookmarks in chips (Post wernow # 80781651)
About bookmarks in chips and checking them (Post wernow # 80786808)
About bookmarks in chips (Post wernow # 80817610)
About removing EXIF ​​(Post wernow # 80944444)
Analysis of EXIF ​​(Post wernow # 80973859)
yhnyhn11


Software
Compatibility Test Suite (CTS)
GApps
microG GmsCore is a FLOSS framework- framework for replacing original Google Play services
NanoDroid- implementation of Play Services Core (open source)
NOGAPPS Project
/ d / gapps- program to remove / disable Gapps (open source)
GSM
Android IMSI-Catcher Detector- identifies fake base stations (IMSI-Catcher) in GSM / UMTS networks (open source)
В®Darshak- helps to detect "silent" sms, signs of phone tapping, lack of communication encryption on Samsung Galaxy S3 (GT I9300) (open source)
EAGLE Security- protection against listening in the form of determining false base stations and blocking access of applications to the camera and microphone (closed source code)
Network cell info- shows the location of cells on the map and measures the signal strength of the serving cell and neighboring cells (closed source code)
В®SnoopSnitch- makes a map of attacks on devices with a Qualcomm chip (open source)
Hips
Binderfilter
Binderfilter- IPC Binder call control system in the core (open source)
Picky - an application for managing BinderFilter filters (open source)
Commandos98 corner

Donkeyguard
Donkeyguard- Xposed-module allows you to block access of applications to personal data (open source)
Protect My Privacy
Protect My Privacy- Xposed module for managing application permissions (closed source)
Post Whitestar # 68400078
Xprivacy
Xprivacy- Xposed-module that allows you to prevent the leakage of your personal data through the application, control it or replace it to choose from (open source)
XPrivacyLua
XPrivacyLua- Xposed-module for Marshmallow +, which allows you to prevent the leakage of your personal data through applications, control it or replace it with a choice (open source)
XPrivacyLua Official Site
XPrivacyLua repo
Frequently Asked Questions
Comparison with XPrivacy
Forum

Sensors
Sensor Disabler- Xposed-module that allows you to disable and change the values ​​for all sensors available in the device (open source)
Camera
Camera block- temporarily disables and blocks all camera resources and denies access to the camera for other applications (closed source code)
Disable at the kernel level (Post Dementy000 # 79737060)
Microphone
Mic block- temporarily disables and blocks access to the microphone for other applications (closed source code)
Microphone Guard Plus- protection against listening
Ultrasound


Kernel / Shell
Busybox
В®BusyBox- BusyBox installer for Android (open source)
В® BusyBox- application to install BusyBox (open source)
BusyBox Install (No Root)- install BusyBox on devices without root (closed source code)
В®Busybox On Rails- installs BusyBox on the device, and also updates it to the current version (open source)
Entware
Logcat
Root
В® Dianxinos SU- Root access control (closed source)
В®Magisk - The Universal Systemless Interface- a utility that allows you to install various system applications and mods in systemless mode and hide the root from any applications and services (open source)
В® SuperSU- Advanced access control for superuser rights to applications on the device that require root (closed source code)
В® Superuser- a program for managing ROOT rights (open source)
В® Superuser- superuser rights management (open source)
Superuser- superuser rights management (open source)
В®Superuser X (L)- root-access for applications without intermediaries (closed source code)
Concealment
Rootcloak- Xposed-module that allows you to hide the presence of root for applications (open source)
В®suhide- suhide utility allows you to hide the presence of ROOT on your Android device (open source)

SELinux
SELinuxModeChanger- change SELinux mode
Terminal
Android Terminal Emulator- terminal emulator (open source)
Termux- terminal emulator with an extensive collection of Linux packages (open source)

Launcher
AppAsLauncher- allows you to select any third-party program as a launcher (closed source code)
T-UI F-Droid- launcher with terminal (open source)
Linux
Linux for tablet
BOCHS for Android- OS launch for x86
Complete Linux Installer- we install Linux on Android
Debian noroot- debian emulator
GNURoot- installation on Android Wheezy, Gentoo, Fedora or Aboriginal without root rights (open source)
GNURoot Debian- launch Debian on Android devices (open source)
В® Linux Deploy- automate the process of installing, configuring and running GNU / Linux distributions on the Android platform inside the chroot container (open source)
В® Linux Installer- Installing Debian / Ubuntu on Android devices
PureOS

QEMU for Android- starts any OS in the img and iso image
XServer XSDL- X server for Android, which allows displaying Linux graphic applications running on an external computer or installed in the chroot Android device
Replacing Android on the desktop distribution
Recovery
update-script
Android Script Creator- a program for creating scripts (update.zip)
Update Script Generate- program for creating updater-script (update.zip) based on boot.img and system.img for any processor in which it is possible to flash system images in img format (ext2, ext3, ext4)

SafetyNet
SafetyNet Helper Sample- a simple utility to check the status of SafetyNet (open source)
Sip
Ostel Setup (Post ANPolter # 47912222)
CSipSimple- functional SIP client (open source)
Linphone Video- Internet phone using VoIP (open source)
SMS / MMS
Image SMS- sending image via SMS (open source)
Encryption
Dark SMS- exchange of encrypted SMS messages, the ability to password protect SMS messages on the phone (closed source code)
Silence- SMS / MMS application that supports encryption (open source)
The wall- application for sending and receiving SMS messages encrypted with the AES algorithm (closed source code)

Tts
SVOX Classic Text To Speech Engine- reading text with voice for other applications
Webview
Android System WebView- Android WebView system component is based on Chrome technology and allows you to view web content in applications
Bromite
Bromite- WebView implementation without WebRTC and protected from some other digital fingerprints (open source)
SystemWebView releases
Installing SystemWebView
Forum


Automators
Easer
В®Easer F-Droid- automation of actions on events (connection to WiFi, Bluetooth, on time, location) (open source)
Tasker

USB
Blocking domains and ads
В® AdAway- ad blocker with white and black lists support (open source)
Adblocker reborn
Adblocker reborn- Xposed-module, blocks AdView, AdActivity, receivers, services, WebView and Hosts, while not touching the hosts file itself and does not conflict with the blockers that use it (open source)

DNS6- allows you to block hosts via DNS through a local VPN service (open source)
В® MinMinGuard- Xposed-module for blocking ads inside applications (open source)
PeerBlock For Android- Xposed-module that allows you to block hosts and DNS (open source)
Silent- Xposed ad-blocking module (closed source)
UnbelovedHosts- Xposed-module, blocking calls to domain names that distribute advertising (closed source code)
Browsers
Chromium
Brave
Browser Brave: Fast AdBlock- Chromium-based web browser with built-in AdBlock, tracking protection and security system (open source)
Bromite
Bromite- Chromium based browser with ad blocker and privacy protection (open source)

Firefox
Firefox- a browser from the developers of Mozilla (open source)
Firefox focus- Mozilla browser with automatic blocking of a wide range of online trackers (open source) F-Droid
Firefox GOST- Firefox fork with Russian cryptography support
Icecatmobile
Icecatmobile- fork of Firefox browser that meets the requirements of completely free software (open source)
Librefox
Librefox- additions in privacy and security to Firefox (open source)
Waterfox
Waterfox browser- browser on the engine Gecko, which continues to support the "obsolete" according to the new Mozilla policy additionsopen source)
Waterfox - The free, open and private browser
Waterfox - Wikipedia

Add-ons
Adnauseam

anonymoX

Bluhell firewall- restriction of advertising and redirects
CanvasBlocker- prohibition of browser fingerprint identification
Certainly Something (Certificate Viewer)- view certificates
Certificate Patrol- certificate management
CheckMyHTTPS- verification of the certificate of the secure connection (open source)
Decentraleyes- protection against tracking through centralized CDN
Easy image blocker- image loading control
HTTP UserAgent cleaner- increased privacy (randomly replacing the UserAgent, canvas, locale fields, blocking WebRTC, etc.), blocking ajax and requests to third-party sites and unnecessary cookies, security assessment https (TLS) connections, phishing protection
HTTPS Everywhere- replacement in addresseshttp: //onhttps: //
Mobile Password Manager- view and edit saved passwords
NoScript- blocking scripts and plug-ins, protection against XSS and Clickjacking attacks
Onion Browser Button- connect to Tor in one click
Phony- substitution of User Agent
Random Agent Spoofer- change profiles at a specified time interval
RequestPolicy Continued- control of cross-domain requests
Save / Load Prefs- export and import of Firefox settings
Self-Destructing Cookies- automatic cleaning Cookies and LocalStorage
Speed ​​Tweaks (SpeedyFox)- setting preferences for browser acceleration
Spoof Timezone- time zone change
Third-party Request Blocker (AMO)- blocking requests to third-party resources
uMatrix- firewall with blocking of scripts, frames, etc.
User-Agent Switcher- change User-Agent
wow-dpi- bypass Russian blocking without the need to use proxy, Tor, etc.

F (L) OSS Browser
Privacy browser
Tor
Fire.onion (Browser + Tor)- anonymous web browser (open source)
Orfox
Orfox: Tor Browser for Android- a secure browser for Android based on Mozilla Firefox (open source)
Tor browser

TORnado (Browser + TOR)- anonymous web browser (closed source)

Notes
Note Crypt Pro- creation of encrypted (AES 128 bits, CBC, PKCS5Padding, random IV, PBKDF2WithHmacSHA1) tag database with support for tags (open source)
Swift notes- work with text files, encryption, setting a password, sending (closed source code)
Calls
Lock
Root Call SMS Manager- manager of blocking incoming and outgoing calls and SMS (closed source code)

Calendars
Calendar Calendar F-Droid- simple calendar with additional CalDAV synchronization, recurring events and reminders (open source)
Business calendar- functional calendar (closed source code)
Cameras
Bacon camera- camera with manual settings for devices that do not support Camera2Api (closed source code)
Open camera- multifunctional camera (open source)
Simple camera- multifunctional camera (open source)
Cards
Keyboards
The best keyboard for Android -savagemessiahzine.com
AnySoftKeyboard
AnySoftKeyboard- virtual keyboard with support for multiple languages ​​(open source)
Hacker's Keyboard
Hacker's Keyboard- A full 5-row keyboard with Tab / Esc / Ctrl keys with a separate number block (open source)
Jbak keyboard
Jbak keyboard- a beautiful and fast keyboard with a bunch of settings and features (open sourceNow closed)
Jbak2 keyboard
Jbak2 keyboard- a safe professional beautiful and fast keyboard, with a bunch of settings and features, without access to the Internet (open source)
Multiling O Keyboard
Simple keyboard
Simple keyboard- customizable keyboard with minimal resolutions (open source)

Contacts
Open contacts- creation and use of a separate contact database (open source)
SA Contacts- export phonebook contacts to Excel and vice versa (closed source code)
Save contacts to txt- allows you to save selected contacts downloaded from the phone book as a text file in TXT format, which can be sent by email (closed source code)
Simple contacts- creation and use of a separate contact database (open source)
VCF
VCF Contacts
VCF Contacts- opens .vcf files in the form of a phone book and allows you to add, delete, edit contacts, make calls (closed source code)
On the potential leak (Lent okomand # 69542431)


Messengers
Messenger Comparison - Wikipedia
Comparison of instant messengers - Wikreality
Comparison of instant messaging clients - Wikipedia
Comparison of LAN messengers - Wikipedia
Digital Communications Protocols
SECURE MESSAGING APPS COMPARISON
Tails - mobile messaging
True Private Messaging: 7 Apps to Encrypt Your Chats PDF
Crypto-resistant androids. Why encryption in Signal, WhatsApp, Telegram and Viber will not protect your correspondence from hacking PDF
Encrypt correctly! Why messengers do not protect the secret of your correspondence
Encrypt correctly! Choose an instant messenger for secure and private correspondence.
Encrypt correctly! Choose an instant messenger for secure and private correspondence.
Actor
Actor- centralized messenger (there is an email registration) based on the MTProto v2 protocol (open source)
Bitseal
Bitseal- decentralized transmission of encrypted messages to another subscriber or many subscribers (open source)
Bleep
Bleep (alpha)- decentralized messenger (there is a registration by email or anonymously) (closed source code)
Briar
Briar- messenger that works on the basis of secure Tor networks, as well as Wi-Fi and Bluetooth (open source)
Briar Beta - Open Source - News
Briar - Darknet Messenger ... Or Good News From The Dark Dungeon Mesh Networks
Chat.onion
Chat.onion- decentralized messenger based on the Tor network (anonymous registration) (open source)
Delta chat
Delta chat- centralized instant messenger with end-to-end encryption using the selected mail domain as the server (open source)
Delta chat
Delta makes chatting better
Contribute
Dib2Qm
Dib2Qm- IMAP and QuickMSG-based email messaging (open source)
Eleet
Eleet Private Messenger- private messenger (registration by phone number or anonymously) (closed source code)
Choosing a secure messenger for android devices: Eleet Private Messenger
Jitsi
Jitsi - Wikipedia- Internet telephony and instant messaging system
Jitsi (open source)
Jitsi meet (open source)
Jingle
Kontalk
Kontalk- client-server messenger (registration by phone number) based on XMPP (open source)
Nextcloud talk
Nextcloud talk- the extension of the Nextcloud platform, allowing you to make protected audio and video calls, as well as exchange text messages (open source)
Nextcloud talk
QuickMSG
QuickMSG- mail client with PGP support (open source)
RetroShare
RetroShare- a decentralized messenger based on the platform of the same name (open source)
Ring
Ring- decentralized messenger with e2e encryption (anonymous registration) (open source)
Ring (program) - Wikipedia
Riot
Riot- decentralized messenger (anonymous registration) (open source)
Safeum
Safeum- encrypted multimedia messenger (there is an email registration) (closed source code)
Signalal
Silent phone
Silent phone- paid instant messenger (anonymous registration) with encryption of audio and video calls and text messages (open source)
Signal-Server source code
Surespot
Surespot- client-server instant messenger (anonymous registration) for secure exchange of text messages, photos and voice notes for up to 10 seconds (open source)
Has secure IM app Surespot been compromised by the feds?
Telegram
Telegram F-Droid- client-server messenger (registration by phone number) based on the MTProto protocol (open source client, closed source server code)
Plus Messenger- unofficial client for Telegram (open source client)
MTProto - Wikipedia
Documentation

Proxy
Telegram Open Network (TON)

Security issues Telegram
Callback to Telegram developers
Is Telegram Safe? Or as I was looking for a bookmark in MTProto
Potential Android Telegram Vulnerability
Telegram attack for 2 ^ 64 operations, and why the supervillain doesn't need it
About the intricacies of privacy in the Telegram Bots API: "this is not a bug, this is a feature"
Why two-factor authentication in Telegram does not work
How to hack Telegram and WhatsApp: special services are not needed
Telegram entered in the register of information dissemination organizers
Telegram itself adds someone else's contacts? This is the norm
Telegram will ask for a passport
Why Telegram Passport is No End to End
Vulnerability in Telegram can compromise secret chats.
We reveal the numbers of Telegram users
Telegram messenger merges metadata to everyone
Telegram was unsafe
Iranian company intercepted all Telegram traffic
Telegram accused of storing messages in unencrypted form
Telegram will still share user data with special services.
"Media Factory" Eugene Prigogine constantly talks about the vulnerability of the telegram. Is it all scary?
Telegram Security Analysis PDF
Telegram, AKA “Stand back, we have Math PhDs!”
About the "safest" telegram
Comparison with Signal (Post neonedrid # 73388860)
About location tracking (Post Aeronliru # 68454877)
Company

Threema
Tox
Antox- decentralized messenger (anonymous registration) for confidential communication (open source)
TRIfA- tox client in active development (open source)
Tok - Encrypted Messenger- Exchange messages and files through encryption and without a centralized server with support for group chats. (open source)
Whatsapp
Wire
XMPP
Chatsecure

Conversations- XMPP client with encryption support and Android HIG design (open source)
Freelab messenger- XMPP client, fork Conversations (closed source)
IM + All-in-One Mobile Messenger- supports all popular instant messaging services: Facebook, ICQ, VKontakte, Mail.Ru Agent, Classmates. Gadu-Gadu, RenRen, mig33, SINA Weibo, Fetion and Jabber (closed source)
Jasmine im- IM client for quick and easy communication, ICQ, QIP, VK, Jabber, etc. (closed source)
Pix-Art Messenger F-Droid- fork of a well-known XMPP Conversations client with additional features (open source)
Sj im- XMPP client that supports automatic encryption of PGP (OTR) messages (closed source code)
Zom Mobile Messenger- XMPP client, focused on simplicity and security (open source)
Xabber- universal Jabber client (open source)

Location
Location Spoofer

Cleaning
Wipe for Android
Andro shredder- permanently delete files and SMS (closed source code)
File shredder- utility for permanently deleting files (closed source code)
IShredder 3- permanently delete files, photos, sms, contacts (closed source code)
В® SD Maid - System Cleaning- cleaning "tails" for remote applications (closed source)
Undeleter- permanently delete files of some types (closed source code)
shell

Passwords
bitwarden
bitwarden- client-server password manager (open source)
Keepass
Keepass2Android
Keepass2Android- password manager (open source)
AutoFill plugin- plugin for auto-complete (open source)

KeePassDroid- password manager (open source)
Password store
Password store- password manager compatible withpass (open source)
SealNote Secure Encrypted Note
SealNote Secure Encrypted Note- notes, registration data under encryption 256-bit AES (open source)
SuperGenPass

Payment systems
post office
Fairmail
K-9
K-9 Mail- mail client (open source)
p≡p
pretty easy privacy p≡p F-Droid- mail client with OpenPGP, key exchange via p2p, key import from other clients (open source)
Protonmail
ProtonMail - Encrypted Email- Email web service with encryption support (open source web version)
ProtonMail IMAP / SMTP Bridge- ProtonMail integration with any programs that support IMAP and SMTP
TempMail
TempMail- creation of temporary mailboxes on the site temp-mail.ru (closed source code)
Tutanota
Tutanota- Email web service with encryption support (open source)

Backup
Helium- backup and synchronization, the ability to work without root using the desktop client
В®oandbackup- create backup copies of applications with data (open source)
В® Titanium Backup- backup applications and user data
Nandroid
Nandroid Browser- extract and use separate files from nandroid backup
В® Nandroid Manager- allows you to view, explore and edit your Nandroid backups
Online Nandroid Backup * root- makes CWM / TWRP compatible backup without loading into recovery
В® Orange Backup- a program to create compatible with CWM and TWRP backups and synchronization with the cloud
Repositories
App & Gamesavagemessiahzine.com- view and check for updates of applications and games laid out onsavagemessiahzine.com
APKPure App- alternative application market
Aptoide- client-server application of an alternative market
APKUpdater- can check for updates for programs on popular alternative services APKMirror and APKPure (open source)
Aurora Store
Aurora Store- search and download programs from the Google Play Store without the Google Services Framework, fork of the Yalp Store (open source)

Blackmart- alternative to applanet and the like
F-Droid
F-Droid- repository of open source software (open source)
Second Security Audit Results

Open store- the application allows developers to create their own repositories with applications for Android
Yalp Store
Yalp Store- search and download programs from the Google Play Store without the Google Services Framework (open source)

Network
Ad-hoc / Mesh
Android Intercom- calls via bluetooth and Wi-Fi in the local network
Anyfi
Anyfi- mesh network of devices via Wi-Fi
Gilga
Serval mesh

Wi-Fi talkie- voice chat, chat and file sharing without the Internet within the Wi-Fi network
MAC
macchanger

В® Change My MAC- change the MAC address of your Android device (closed source)
В® Pry-Fi- change the MAC address of your device (closed source code)
В®Wireless Mac Address Changer- changes the MAC address of the device to any other and restores the original back (closed source code)
DNS
AndroDNS F-Droid- configure DNS queries (open source)
Daedalus- change DNS settings via VPN tunnel (open source)
DNS man- change DNS for selected Wi-Fi networks (open source)
В®Override DNS- DNS change with built-in list of servers (closed source code)
Cloudflare
DNSCrypt
Tunneling
iodine- binary files for tunneling through a DNS server (open source)
AndIodine- tunneling through a DNS server using VPN Api (open source)
Element53 (DNS Tunnel)- tunneling through a DNS server (open source)

i2p
i2p- access to the anonymous I2P network
OONI
ooniprobe- a global observation network client for detecting censorship and traffic manipulation on the Internet (open source)
Proxy
Privoxy
ProxyDroid
В® ProxyDroid- HTTP / SOCKS4 / SOCKS5 proxy with automatic inclusion by SSID (open source)
Shadowsocks
Shadowsocks- fast SOCKS5 proxy with traffic encryption (open source)

Ssh
Tor
Orbot
Orbot- the ability to use the Tor network for anonymous surfing (open source)
How to set up Tor in Android - turn on Orbot
orWall
orWall- firewall for use in conjunction with Orbot, may conflict with other firewalls (open source)

VNC
VMLite VNC Server- control of the Android device through the browser
VPN
The Best VPN Services
Bitmask
Bitmask- VPN and encrypted (OpenPGP) email support (open source)
Openvpn
Open VPN Connect
Open VPN Connect- OpenVPN client (closed source)
OpenVPN Connect Android FAQ
OpenVPN Client
OpenVPN Client- a client with rich capabilities (for example, with a painless TAP connection option without root) for connecting to OpenVPN (closed source code)
VPN Client Pro- a client with rich capabilities (for example, with a painless TAP connection option without root) for connecting to a VPN (closed source code)
OpenVPN for Android

Outline
Wireguard
Wireguard- client for connections to the WireGuard tunnels (open source)

WebRTC
AtrizA Conference- WebRTC based conferences
UniComm- private p2p communications based on WebRTC (open source)
Zyptonite
Zyptonite- secure decentralized p2p platform

Wi-Fi
В®fqrouter2- turning the smartphone into a wi-fi repeater and not only
В® WiFi TX power- WiFi power control
Wi-Fi Direct
NearShare- communication and file transfer via WiFi Direct
SuperBeam | WiFi Direct Share- wireless data transfer directly between devices (including using WiFi Direct technology)
Wi-Fi cast- transfer files via Wi-Fi using the access point built into the phone (without an external Wi-Fi router)
WiFi Shoot! WiFi Direct- wireless data transfer directly between devices (WiFi Direct technology)
Protection
В®ARP guard- traffic interception / redirection protection
В® Wifi Protector- detection and prevention of ARP attacks on your phone in Wi-Fi networks
Wi-Fi Privacy Police- prevents connection to unknown networks and sending a list of known networks (open source)

Monitoring
Connection list- View all available TCP device connections
Network connections- monitoring of incoming / outgoing connections
В®Network Log- monitoring network connections
Tinny network monitor- monitor network connection
Pentesting
Pentesting

В®AndroDumpper (WPS Connect)- check Wi-Fi router vulnerabilities
В® bitShark- traffic sniffer
В®CSploit- penetration testing (hacking) in a Wi-Fi network
В® DroidSheep- scanning and interception of web sessions (profiles)
В® DroidSniff- allows you to scan and intercept web sessions of users sitting under one wifi
В® dSploit- an application for analyzing and assessing network security, searching for known vulnerabilities, real-time traffic manipulation, spoofing
В® FaceNiff- scanning and interception of Internet sessions
В® Intercepter-NG (ROOT)- multifunctional network sniffer
iwscan Analyzer [ROOT]- analyzer of networks 802.11 a / b / g / n / ac, Bluetooth, LTE, WCDMA, GSM
В®Netcut- allows you to automatically scan the network, receive data about connected devices and, if necessary, disable them
@Network Spoofer- sniffer
В®Network utilites (Test version)- a set of tools to work with the network, as well as intercept / monitor / redirect traffic within your network
Packet capture- allows you to intercept network traffic with SSL decryption
В®Packet Sniffer- viewing and analyzing packages
Proxymon SSL [ROOT]- debugger of open and secure TCP connections at the data level
Р’В® Reaver-GUI for Android- hacking wifi from devices with bcm4329 / 4330 wifi chipset
Router keygen- key generator for wi-fi routers
В® Shark for Root + Shark Reader- traffic sniffer and view dumps in .pcap format
SSLUnpinning- Xposed-module that allows you to make the substitution of certificates in applications (open source)
В® Wi.cap. Network sniffer- package sniffer for ROOT devices
WIBR + WIfi BRuteforce hack- generation of WEP / WPA / WPA2 keys to all Wi-Fi point
В®WIFI WPS WPA TESTER (ROOT)- attempt to connect to some access points using known vulnerabilities
В®WifiAccess WPS WPA WPA2- check Wi-Fi router vulnerabilities
В® WiFiKill- disable "extra" users of the WiFi network
В®WiFree WPS- Wi-Fi hacking (WPS PIN + Router Keygen)
В®WPS connect- connect to a wireless network using the WPS protocol
В®zANTI- security assessment of Wi-Fi networks
Social networks
Diaspora
dandelion *- communication in the social network Diaspora (open source)
Mastodon

Firewalls
AFWall
В® AFWall +- restriction of application access to the Internet (open source, fork DroidWall)
FAQ В· ukanth / afwall Wiki

В® Android Firewall- firewall on Android (open source, fork DroidWall)
В® DroidWall- restriction of application access to the Internet based on iptables (open source)
Lightningwall- Xposed module, firewall for installed applications (closed source)
Netguard- blocks access to applications (both user and system) access to the Internet (via wi-fi or mobile) without root (open source)
NoRoot Firewall
NoRoot Firewall- firewall that does not require root-rights (closed source code)
Firewall for Android


Signaling
Car alarm
Car alarm- determination of the alarm condition in the protected object using a microphone and / or accelerometer and signaling about it in various ways
Haven
Haven: Keep Watch- an application using various sensors (camera, microphone, gyroscope, accelerometer, light sensor) to record changes in the location of the device (open source)
Snowden introduced a mobile application for protection from surveillance
Edward Snowden has created a paranoid mobile app.

Data synchronization
BitTorrent Sync
BitTorrentВ® Sync- allows you to synchronize your files between different devices (closed source)
DAVdroid
DAVdroid- CalDAV / CardDAV synchronization (open source)
Folderseync
Folderseync- cloud synchronization with support for various services and protocols (closed source)
Syncthing
Syncthing- application for distributed data synchronization (open source)
Syncthing-silk- distributed synchronization of files between devices (open source)
Cloud data storage
Degoo
100 GB free space: Degoo- cloud file storage service (closed source code)
MEGA
MEGA- client for cloud Mega (closed source)
Nextcloud
- sync files with the Nextcloud server (open source)
ownCloud
ownCloud- synchronization of files with the ownCloud server (open source)


System
Notifications
Toast
Xtoast- Xposed module for managing pop-up notifications (closed source)

Runtime
ART Checker- check runtime (closed source)
Monitoring
OS Monitor- system monitoring (open source)
Simple system monitor- system monitor and task manager (closed source code)
Substitution
Android Device Changer- Xposed-module, which allows applications to change IMEI, Android Id, Serial Number, Wifi Mac, SSID, Google advertising id, Bluetooth Mac devices for applications (closed source code)
Device faker- Xposed-module that allows you to change the device to make it look like another (closed source code)
Device ID Masker- Xposed-module that allows you to replace many of the characteristics of the device (closed source code)
Phone Id Changer Pro- Xposed module that allows applications to change IMEI, Android Id, Serial Number, Wifi Mac Address, SSID (closed source code)
IMEI
В®Chamelephon- IMEI change for devices on MediaTek 65XX processors (closed source)
В®GhostPhone- IMEI change on MediaTek 65xx / 67xx processors (closed source code)
IMEI Changer- Xposed-module that allows you to change the IMEI device (closed source code)


Steganography
Pixelknot- allows you to hide text messages in images (open source)
Application Management
LuckyPatcher
В® LuckyPatcher by ChelpuS- application manager
My Android Tools
My Android Tools- disable / enable activity, service, receiver, provider for any applications (closed source code)
Lists of disabled services / receivers / activites / providers for different applications
Per App Hacking
Per App Hacking- Xposed-module to control the behavior of applications (open source)

APK
APK Editor
ApkCrack (AETool)
ApkCrack (AETool)- tool for editing apk-files
Apktool
Apktool- decompilation, recompilation, application signature
MT Manager
В® MT Manager- editing, translating, cloning, encrypting, signing and optimizing user and system (without installing frameworks) apk-files

Windows
APK-Info- view APK information (open source)

Analysis
Apk analyzer- allows you to explore applications on the device, providing a detailed report not only about installed programs, but also about uninstalled apk files
App Detective- gives the most complete array of various data on the installed APK, including their contents and online analysis
AppBrain Ad Detector- identification of potential problems of all applications installed on the device
Exodus
Inspeckage
Inspeckage- Xposed-module for dynamic analysis of installed applications (open source)

Mobile Security Framework- a platform for testing mobile applications (Android / iOS / Windows), fully automated and capable of performing static and dynamic data analysis, identifying potential problems of all applications installed on the device (open source)
Frost
В®AirFrozen ~ Disabler (ROOT)- freeze (stop) applications (open source)
Cloning
App cloner- creation (without the presence of root) modified clones of some programs (closed source code)
Sandboxes
Island
Island- execution of applications in the sandbox (closed source)
Android: Island - a utility for isolating and freezing applications without root
Shelter
Shelter- running applications in the sandbox (open source)
UserControl
UserControl- execution of applications in the sandbox (closed source)
VirtualXposed
VirtualXposed- execution of applications in the sandbox with partial support for Xposed (open source)

Permissions
Android Permissions- shows the list of permissions of installed applications (open source)
App Settings
App Settings- Xposed-module for fine-tuning applications, including permission management (open source)
v1.16

App Ops
App Ops- disables selective permissions for selected applications (closed source code)
Analysis of the work (Post xynta123 # 64938074)

AppOpsX- client for Android AppOpsService (open source)
App Ops - Permission manager- application permissions management (closed source)
AppOpsXposed- Xposed-module, restoring the functionality of the App Ops system permission manager on Android 4.4.2 and higher (open source)
Permission master- Xposed module for working with application permissions (closed source)
APK
Advanced permission manager- removal of permissions from apk (closed source)
APK Permission Remover- removal of permissions from apk (closed source)
Permission Manager (re-installer apps)- provision and prohibition of application rights by reinstalling them (closed source code)

Hiding
AppHider- hiding applications (closed source)

Vulnerabilities
BlueBorne Vulnerability Scanner by Armis- check device for BlueBorne vulnerability
Bluebox Security Scanner- check device for the presence of Master-key vulnerabilities
Stagefright Detector- device scan for Stagefright vulnerability
Trustable by Bluebox- a tool for researching publicly known system vulnerabilities
VTS for Android- a tool for researching publicly known system vulnerabilities
Files
Recovery
В® DiskDigger- recovery of deleted pictures, photos, videos, saving recovered files and the ability to send them to the mail
Dumpster - Recycle Bin- file basket
В® Hexamob Recovery PRO- recover deleted files
Undeleter- recovery of files deleted from SD-cards and internal memory
Forum

Images
Exif
Exif_Editor- full EXIF ​​editor
ExifTool- viewing and editing the extended information of image files (closed source code)
Photo editor- a program for high-quality photo processing (viewing, changing or deleting EXIF ​​data)
Photo exif editor- allows you to view, edit and delete Exif photo data
Scrambled exif- removal of metadata from images (open source)

Media
MediaInfo- obtaining technical information from audio and video files (open source)

File sharing

Encryption
Cryptography- encryption, training and hashing tool
Cryptomator Beta (Unreleased)- encrypt files in cloud storage and access them on all your devices
Derandom- prediction of pseudo-random numbers (open source)
EDS
EDS (Encrypted Data Store)- creation and management of encrypted containers TrueCrypt, VeraCrypt, LUKS, CyberSafe (closed source code)
Android: Protecting personal data. EDS: Overview and usage example.
Encfs
В® Cryptonite- data encryption on the device and in Dropbox (open source)
Encdroid- creation of encrypted folders on the device and in Dropbox
MiXplorer


В® EncPassChanger- change the password of the standard encryption section / data
Luks
В® LUKS Manager- creation and management of encrypted LUKS containers
Midnight murmur
Midnight murmur- encryption / decryption of files and text messages with a free design of the encryption procedure
PGP
Secrecy
Secrecy- encrypt files with AES256 (open source)
S.S.E.
Secret Space Encryptor (S.S.E Universal Encryption App)- encoder (AES, RC6, Serpent, Blowfish, Twofish, GOST-28147, Threefish (in Pro version), SHACAL-2 (in Pro version)) text and files, password manager (open source)
Encrypted for Android: Application S.S.E

Lock screens
App Lock (HI App Lock)- an application to block and protect confidential information
App Lock (Smart App Protector)- protects installed applications with a password or lock, and also prevents the screen from turning off and switching to landscape mode while applications are running from a user-defined list
CyanLockScreen- Xposed module to expand the lock screen on 4x4, 5x5 and 6x6 pixels
Cyclic Lock- Xposed-module for cycling PIN / password / pattern keys
DroidLock: Dynamic Lockscreen- screen lock, where PIN can be time, battery charge, etc.
В® GravityBox- Xposed-module with the ability to shuffle PIN numbers on the lock screen
Knock Lock-App Lock Pro- functional customizable screen blocker
Knock lock- allows you to select the lock area on the display to enable the "Knock Lock" feature
Lockdown- blocking applications with various keys
Lockmod- Xposed module for customizing the lock screen on Lollipop and above
Maxlock- Xposed-module that allows you to block the launch of applications (open source)
Picture Password Lockscreen- lock screen with support for drawing points, lines and circles
PIN / Pattern Shortcuts- Xposed-module that allows you to open different applications with different PIN codes
ScreenLock - Time Password- time based lock screen
Shortcut Lock Screen Mod [MM]- Xposed module for setting lock screen shortcuts on Marshmallow
Smart lock- protection of any installed applications with a password
Smart lock screen- floating screen lock button
Timepin- lock screen with PIN based on time
Data
Locker- clearing data after exceeding the maximum number of attempts to unlock the device
Selfdestruction Unlocking- deleting folders on the memory card and clearing the device memory when the limit of incorrect attempts to unlock the screen comes (closed source code)
Wrong pin shutdown- turning off the device when exceeding the limit of screen unlock attempts (open source)

Energy saving
Tips to improve power saving devices on Android OS
Wakelock
Wakelock detector- search for the cause of the device not falling asleep

To place apk files and analyze executable files use the theme:
Android: checking and analyzing executable files and other thoughts about it

Option Caps TC

There is no curator in the subject. For questions about filling the caps, write to the topic, contact the section moderators via the buttonPictureunder the messages. How to do it right, what would you understand the first time, it is writtenhere.

Post has been editedferhad.necef - 06.08.19, 20:35
Reason for editing: "safe" FireFox + Wipe file sharing for Android Send



Rep: (583)
With the help of regulatory documentation and those. descriptions.

Do you have technical documentation at SORM ?!
Major, you? ;)

Post has been editedokouser - 12.01.16, 16:36



Rep: (406)
Let's just say that I do not have documentation for SORM (starting with the first version) and, fortunately, it cannot be, due to my very long absence of Russian citizenship and persistent dislike for my former place of residence :-). But I have different documentation (by no means of a marketing nature) on the organization of communication networks of Russian operators (some, but significant). And there it is spelled out enough about SORMs, and DPI, etc.
And, actually, this is not my merit :-) :-)
And, yes, my husband really is Mayor :-) :-). Hope to increase :-) :-)
By the way, according to the last two SORMs, a certain amount of sane information corresponding to reality is in the Russian segment of the Network.
But, I’m afraid that 90 percent of juveniles who like to use this reduction have not even really read the same Wikipedia (“as a science fiction ad” :-)). Remember the old joke: "I know w-shu, gong-fu, muay-thai ... And many other awesome words." Here it is. IMHO.
So that this does not happen, this section of our forum makes sense to stuff.


Post has been editedelenakawai - 12.01.16, 16:47



Rep: (583)
But I have different documentation (by no means of a marketing nature) on the organization of communication networks of Russian operators (some, but significant). And there it is spelled out enough about SORMs, and DPI, etc.

Did you say that so that we now sit and envy? )
Or, after all, will something fall from the lord's shoulder? ;)
At least links to sane, in your opinion, information.



Rep: (406)
Envy is not at all. I will post here in pieces, as I discuss a topic.
Actually, I did something about this in some forum topics. In particular, when there was a blocking of the FS video box. Some users were surprised to learn from me that it turns out that the state’s telecom operators are obliged to fulfill :-) and there are strict deadlines for everything.

Posted on 1/12/2016, 17:10:

By the way, some time ago, the Minister of Communications, in my opinion, commenting on the blocking of torrents, said that the whole block is designed for most users who DO NOT use technical means to bypass the block. In fact, this is recognition of one simple thing: at the moment, operators in the Russian Federation still cannot completely cut off all “parasitic” traffic (I mean torrents) at the national level. The reason is the lack of money and technology at all levels.
I'm not talking about completely disconnecting runet from the network. By the way, it didn’t work either (the exercises in August 2015 showed this).
Personally, I believe that there is another factor - the low level of professionalism of civil servants of some organizations :-)

Post has been editedelenakawai - 12.01.16, 17:14



Rep: (583)
and there are strict deadlines for everything

This does not surprise me, but the insides of SORM are very interesting to discuss.
In general, today or tomorrow I will transfer everything from other topics and proceed.



Rep: (3)
By the way about SORM can be read in the next book
http://www.niits.ru/public/books/?sorm
And here is the plus materialhttp://www.securitylab.ru/analytics/446852.php
Order of the Ministry of Communications on the implementation of SORM-3http://www.slideshare.net/temychk/sorm-spd14

Post has been editedamnesiagroup - 12.01.16, 23:20



Rep: (406)
The links for the general presentation of the topic are excellent (especially the second one).
But the book is a little outdated. At the time of release there, for the most part, a solid theory and general reasoning were in progress. But, again, for the "entry" into the topic - very suitable.



Rep: (583)
And still.
How likely is it that SORM can change packets at the data link or network level, thus monitoring the traffic of a particular user?



Rep: (3)
SORM is a piece of hardware built on FPGA and able to drive a huge amount of traffic through itself, plus a software package that is built on the basis of a modular system and allows you to add various traffic processing algorithms in real time + plus a huge staff of programmers working in the field of military intelligence + vulnerability database, I think that there is such a probability, even if the person who told me this information pretty embellished the complex’s abilities. But, as a rule, everything that was previously listed is not even required to deanonymize this or that person, thanks to ordinary human negligence, I set up a VPN or tor, dns forgot to let it go along the same route, ipv6 is also quite an interesting protocol, which is often forgotten, cookie , java, pictures, webrtc, time and time zone, screen resolution and how many more seemingly insignificant things that lead to the full disclosure of anonymity.

Posted on 1/13/2016, 19:51:

Root of evil

The coexistence of two protocols - IPv4 and IPv6 - has many interesting and subtle aspects that can lead to unexpected consequences. Despite the fact that the sixth version of the IP protocol is not backward compatible with the fourth version, both of these versions are “glued” together by the domain name system (DNS). To make it clearer what is at stake, let's look at a simple example. For example, take a site (say, www.example.com) that has IPv4 and IPv6 support. The corresponding domain name (www.example.com in our case) will contain DNS records of both types: A and AAAA. Each A record contains one IPv4 address, and each AAAA record contains one IPv6 address. Moreover, for one domain name there can be several records of both types. Thus, when an application that supports both protocols wants to interact with the site, it can request any of the available addresses. The preferred family of addresses (IPv4 or IPv6) and the end address that will be used by the application (given that there are several for the fourth and sixth versions) will differ from one protocol implementation to another.

This coexistence of protocols means that when a client supporting both stacks is going to interact with another system, the presence of A- and AAAA-records will influence which protocol will be used to communicate with this system.

VPN and dual protocol stack

Many VPN implementations do not support or, even worse, completely ignore IPv6. When establishing a connection, the VPN software takes care of transporting IPv4 traffic - it adds a default route for IPv4 packets, thereby ensuring that all IPv4 traffic is sent through the VPN connection (instead of being sent in clear form through a local router ) However, if IPv6 is not supported (or completely ignored), each packet whose header indicates the destination IPv6 address will be sent in clear text through the local IPv6 router.

The main cause of the problem lies in the fact that although IPv4 and IPv6 are two different protocols that are incompatible with each other, they are closely used in the domain name system. Thus, for a system that supports both protocol stacks, it is not possible to secure a connection to another system without ensuring the security of both protocols (IPv6 and IPv4).

Legitimate VPN Traffic Leakage Scenario

Consider a host that supports both protocol stacks, uses a VPN client (working only with IPv4 traffic) to connect to a VPN server, and is connected to a dual-stacked network. If some application on the host needs to communicate with a dual-stacked host, the client usually requests both A- and AAAA-DNS records. Since the host supports both protocols, and the remote host will have both types of DNS records (A and AAAA), one of the likely scenarios will be to use the IPv6 protocol to communicate between them. And since the VPN client does not support the sixth version of the protocol, IPv6 traffic will not be sent through the VPN connection, but will be sent in clear form via the local network.

This scenario sets the risk of transmitting open data of valuable data, while we think that it is safely transmitted through a VPN connection. In this particular case, the leak of VPN traffic is a side effect of using software that does not support IPv6 on a network (and on a host) that supports both protocols.

Deliberately Leak VPN Traffic

An attacker can intentionally trigger an IPv6 connection on a victim’s computer by sending fake ICMPv6 Router Advertisement messages. Such packages can be sent using utilities such as rtadvd, SI6 Networks ’IPv6 Toolkit, or THC-IPv6. Once an IPv6 connection is established, “communication” with a system that supports both protocol stacks can result, as discussed above, in a leak of VPN traffic.

And although this attack can be quite fruitful (due to the growing number of sites that support IPv6), it will lead to traffic leakage only when the recipient supports both versions of the IP protocol. However, it is not difficult for an attacker to cause traffic leaks for any recipient (dual-stacked or not). By sending fake Router Advertisement messages containing the corresponding RDNSS option, the attacker can pretend to be a local recursive DNS server, then conduct DNS spoofing to carry out a man-in-the-middle attack and intercept the corresponding traffic. As in the previous case, tools like SI6-Toolkit and THC-IPv6 can easily do this trick.

Post has been editedamnesiagroup - 13.01.16, 19:49



Rep: (583)
webrtc

and what is webrtc bad if there is vpn / tor?
not supporting IPv6, on a network (and on a host) that supports (it) both protocols

And if tunneling is used, does the risk remain?
If the local router does not support ipv6, then there is no threat?



Rep: (3)
and what is webrtc bad if there is vpn / tor?

It is not bad, because we were talking about anonymity, and through WebRTC you can get a list of all local (behind NAT) interfaces in the system.
https://github.com/diafygi/webrtc-ips
And if tunneling is used, does the risk remain?
If the local router does not support ipv6, then there is no threat?

Tunneling needs to be considered in more detail, a very broad definition in my opinion, if you encapsulate all protocols, I think the risk can be avoided.
And about the router, also a completely uncertain case, it may not support ipv6, and in vain without filtering to drive to LAN.


Post has been editedamnesiagroup - 13.01.16, 20:37



Rep: (583)
I would also like to discuss the security of different versions of android.
What vulnerabilities were fixed from version to version?
What promise to fix in future versions?



Rep: (3)
Android 1.0 "Apple Pie (early name" Astroboy ")"
Russian name: "Apple Pie"

1.0
The first stable version of the system.
Appeared application store Android Market
Release Date: September 23, 2008 • Linux Kernel Version: 2.6.25 • API Version: 1

Android 1.1 "Banana Bread (early name" Bender ")"
Russian name: "Banana Bread"

1.1
Correction of several problems.
API changes.
Added details and reviews to maps.
Increased screen off period when used in phone mode.
Added buttons "Show" and "Hide" in the call menu.
Added support for saving attachments from MMS.
Added support for labels in layouts [3].
Note: the version was released only for T-Mobile G1 [source not specified 1604 days].
Release date: February 9, 2009 • Linux kernel version: 2.6.25 • API version: 2

Android 1.5 "Cupcake [4]"
Russian name: "Cupcake"

1.5
Ability to install third-party keyboards [5].
New software keyboard with auto-fill and the ability to work at different positions of the screen.
Support for widgets and folders on the desktop.
Video recording and playback in MPEG-4 and 3GP [5].
Support for A2DP and AVRCP Bluetooth profile [5].
The ability to automatically connect to a Bluetooth headset, located at a certain distance.
Update WebKit and Squirrelfish Javascript Engine [5].
The ability to publish photos (Picasa) and videos (YouTube) on the Internet [5].
Added search on a web page and the ability to work with text [5].
Visual changes in the browser.
Change your contact list and call history.
Added tools for maintenance and automatic detection of the file system of the memory card [5].
Animation when switching between windows [5].
Release Date: April 30, 2009 [6] • Linux Kernel Version: 2.6.27 [5] • API Version: 3

Android 1.6 Donut [4]
Russian name: "Donut"

1.6
The design has been changed and work with the Android Market app store has been improved [4].
The interface for working with a photo, video camera and image gallery is integrated, making it easy to switch between photo and video mode, and the gallery has the ability to select multiple objects for deletion at once [7].
Added multi-language voice search function.
An updated search function that allows you to search among bookmarks, history, contacts, as well as on the Internet [7].
Improved speed of search and camera applications.
Added support for CDMA, 802.1x, VPN, as well as speech synthesis function [7].
WVGA resolution support.
Gesture framework and GestureBuilder tool [7] added.
Added free turn-by-turn navigation from Google [7].
Release Date: September 15, 2009 [8] • Linux Kernel Version: 2.6.29 [7] • API Version: 4

Android 2.0 / 2.1 "Eclair [4]"
Russian name: "Eclair"

2.0
Added the ability to use multiple Google accounts.
Updated email client interface for working with multiple accounts.
Added support for Microsoft Exchange Server through Exchange ActiveSync 2.5
Added the ability to quickly access contacts.
Added the ability to search through SMS and MMS messages and automatically delete old messages when the limit is reached.
Camera update: support for flash, digital zoom and effects.
Improved on-screen keyboard layout and dictionary learning mechanism.
New browser user interface and HTML5 support
Updated calendar.
Updating graphics architecture to improve hardware acceleration.
Support Bluetooth 2.1 and OPP and PBAP profile.
Added support for new screen sizes and resolutions.
Changed user interface.
Improved MotionEvent class to support multi-touch [9] [10].
2.0.1
Minor API changes, bug fixes, framework behavioral changes.
2.1
Added “live” wallpaper [11].
Improved background contrast [source not specified 1603 days].
Improved Google Maps 3.1.2 improvements [source not specified 1603 days].
Notes:

The 2.0.1 SDK was released on December 3, 2009 [source not specified 1603 days].
2.1 SDK was released on January 12, 2010 [source not specified 1603 days].
Release Date: October 27, 2009 (2.0), January 12, 2010 (2.1) [12] • Linux kernel version: 2.6) [source not specified 1603 days] • API version: 5, 6, 7
2010


Android 2.2 "Froyo [13]"
Russian name: "Frozen Yogurt"

2.2
General optimization of Android OS, memory and performance [14]
Additional speed improvements for applications using JIT compilation [15]
Integration into the browser JavaScript-engine V8, previously implemented in Chrome [16]
Improved support for Microsoft Exchange (security policies, automatic recognition, viewing GAL, calendar synchronization, remote work)
Improved application launch through phone and browser shortcuts
Added USB tethering and Wi-Fi functionality.
Added the ability to block access to data via cellular communication.
Updated application for working with Android Market, which added the ability to group and automatic updates [14]
Quickly switch between multiple keyboard layouts and their corresponding dictionaries
Bluetooth voice dialing and sharing
Support for numeric and character-numeric passwords
Browser fields support for downloading files [17]
Support for installing applications in extended memory
Support for Adobe Flash 10.2 [18]
Support for ultra-high resolution (320 dpi) screens, such as a 4-inch screen with 720p resolution [19]
OpenGL ES 2.0 support
2.2.1
Fixes some bugs, includes security and performance updates.
2.2.2
Fixed minor bugs, including problems with SMS on the Nexus One.
2.2.3
Security update.
Release Date: May 20, 2010 [13] • Linux Kernel Version: 2.6.32 [16] • API Version: 8

Android 2.3.x “Gingerbread [20]”
Russian name: "Gingerbread"

2.3
Updated UI Design
Support for super-large screen sizes and resolutions (WXGA and higher) [19]
Native support for SIP VoIP telephony
Support for playing WebM / VP8 video formats, as well as support for AAC audio standard
New sound effects: reverb, equalizer, headphone virtualization, bass boost
Near Field Communication standard support
System support for copy and paste
Redesigned multi-touch software keyboard
Improved support for embedded code development
Improvements for game developers in the field of audio, graphics and information input
Parallel garbage collection to improve performance
Built-in support for more sensors (for example, gyros and barometers)
Download Manager for long downloads
Improved power management and application control
Built-in multi-camera support
Migrating from YAFFS to ext4 [21] [22]
2.3.1
Bugs fixed
2.3.2
SMS / MMS bugs fixed.
2.3.3
Some improvements and APIs for the Android 2.3 platform [23]
2.3.4
Video and voice chat for Google Talk [24]
2.3.5
Network stack performance improvements for the Nexus S 4G, other changes and improvements
Bluetooth bug fixed on Samsung Galaxy S
Improved Gmail app
Fixed problem with time zones (GMT + 3 and GMT + 4)
2.3.6
Fixed voice search bug
2.3.7
Added support for Google Wallet payment system for Nexus S 4G
Release Date: December 6, 2010 [20] • Linux Kernel Version: 2.6.35 [21] • API Version: 9, 10 2011


Android 3.x "Honeycomb [1] [25]"
Russian name: "Honeycomb"

3.0
Multi-core processor support
Improved tablet support with new user interface
Three-dimensional desktop with rewritten widgets
Improved multitasking
Browser improvements, including bookmarks for open web pages, auto-completion of forms, synchronization of links with Google Chrome, private browsing mode
Video chat support using Google Talk [25]
Hardware acceleration support
3.0.1
???
3.1
The list of recently launched applications has been expanded.
Resizable Desktop Widgets
Support for external keyboards, mice, joysticks / gamepads
Native playback of audio files in FLAC format
HTTP proxy support for each connected WiFi point
3.2
Optimizations made to support a wider range of tablets.
Added a special mode of scaling applications with a fixed size
Expanded Screen Support API for Developers
Easy access of applications to files on the SD card, for example for synchronization
3.2.1
Minor fixes for security and stability, improvements in Wi-Fi
Update for Android Market with automatic updates and easy-to-read text of the Terms and Conditions
Google Books update
Improved support for Adobe Flash in the browser
Improved predictive input in Chinese
3.2.2
Minor improvements and fixes for 4G Motorola Xoom [26].
Release Date: February 22, 2011 [27] • Linux Kernel Version: 2.6.36 [28] • API Version: 11, 12, 13

Android 4.0 "Ice Cream Sandwich [29]"
Russian name: "Wafer ice cream (English) Russian."

Ice Cream Sandwich was announced on May 10, 2011 at the Google I / O 2011 conference [30] and was presented on October 19, 2011 with the Galaxy Nexus smartphone [31]. Among the declared features:

4.0.1
Using a single shell for tablets, smartphones and other devices based on Android OS [32] [33] [34]
Open Accessory API - API for integration with a variety of equipment
Support Real-time Transport Protocol API for audio [30]
Improved multitasking
Change the notification panel
Modified lock panel with shortcuts for quick launch of the camera, access to phone functions (calls), access to text messages and email menus
Improved text input and spell checking [35]
Improved voice dictation mode [35]
Internet traffic control system
Software enhancement of the camera: the introduction of the mode of panoramic shooting, software image stabilization, real-time effects during video shooting
Support for taking screenshots (screen capture) using the operating system [31]
The updated browser with support for tabs, synchronization of bookmarks Google Chrome. Also updated WebKit core and V8 engine with Crankshaft support
Advanced security features: unlocking the device through face recognition of the owner [31], full encryption of the device, ASLR [35], the new VPN API.
Wi-Fi Direct Support [35]
4.0.2
Bug fixes for Galaxy Nexus
4.0.3
Optimize and fix bugs for smartphones and tablets.
4.0.4
Improved camera performance, increased stability, smoother screen rotation and some fixes [36].
Release Date: October 19, 2011 [30] • Linux Kernel Version: 3.0 • API Version: 14, 15 2012


Android 4.1 / 4.2 / 4.3 "Jelly Bean [37]"
Russian name: "Jelly candy"

June 27, 2012 on Google I / O, Google introduced the next version of Android 4.1 Jelly Bean along with the Nexus 7 tablet. The changes mainly affected the smooth operation of the interface. The new update brought improvements in performance - the central and graphic processors work in parallel. Thanks to this, on some devices Android 4.1 will work at a frequency of 60 frames per second [38].

On October 29, 2012, together with the Nexus 10 tablet and the LG Nexus 4 smartphone, the Android 4.2 Jelly Bean operating system was officially introduced [39].

On July 25, 2013, the Android 4.3 Jelly Bean operating system was officially announced with a small number of changes [40].

4.1.1
Updated interface, using Project Butter technology for a smoother UI. The technology includes triple buffering of the graphics pipeline to achieve no jumps in the frame rate during interface animation, as well as vertical synchronization technology.
Automatically scaling the widget and changing the location of the rest of the content if it does not fit on the desktop.
Update virtual keyboard, received predictive input system and advanced dictionary. Support for new languages.
The possibility of voice input offline, without using an Internet connection.
Blind or visually impaired people will be able to connect a Braille input device to a smartphone or tablet on Android 4.1.
More informative notification bar.
An updated search, thanks to which, in the manner of a voice assistant, you can get answers to asked voice questions.
Added Google Now service. It will provide the user with useful information, based on the calendar, the history of search queries and routes of the phone.
Contact photos are now stored and displayed in high quality.
Improved Camera application adds some features.
The new interface for tablets, the classic interface of Android 3.0-4.0.4 is available through editing Build.Prop, changing the DPI to a value below 140.
4.1.2
Bugs fixed and performance improved.
Increasing and decreasing the size of notifications in the panel are now performed with one finger.
Added landscape desktop mode in Nexus 7.
4.2[41]
One of the main innovations in Android 4.2 has been the support of profiles, now several accounts can be used on one device, each with its own settings, programs and personal information.
The keyboard now supports gestures for input like the popular Swype. To enter words, you can now drag your finger on the keyboard by selecting the necessary letters, and the built-in dictionary will try to provide the necessary options. In general, according to Google, in Android 4.2 dictionaries have become more accurate and complete.
The Camera application has a new shooting mode called Photo Sphere, it allows you to create 360-degree panoramas and publish them on Google+ or Google Maps, thus creating your own Street View version.
There is support for wireless transmission of video and games to compatible TVs using Miracast technology.
The notification panel now has access to the quick settings menu.
A new Daydream standby mode has appeared, when the device is connected to the docking station or is in sleep mode, it can display various useful information, news, weather, or just photos from the album.
Google Now has also received a slight improvement, it can now scan Gmail to find various relevant content, such as plane tickets or meeting invitations, and create reminder cards.
Now you can place widgets on the lock screen.
Updated camera interface.
Upgrading the Linux kernel to branch 3.4.
Removed the classic tablet interface used in 3.0-4.0.4.
4.2.1
The error of the missing month (December) in the Contacts application has been fixed.
Improved vibration performance with notifications.
It became possible to connect gamepads and joysticks to the HID device via Bluetooth [42].
4.2.2
Some security enhancements, bug fixes.
In the curtain of the notification center when downloading, not only the filling progress bar is displayed, but also the percentages and download time.
Shortcuts for quick activation of Wi-Fi and Bluetooth in the switch panel received an additional option: now a long press of the icon immediately turns on the wireless module, and a single click sends the user to the settings.
There are new sounds: when you connect the device to the wireless charging station, a new signal alerts the critical battery level.
Fixed errors in the transmission of sound via Bluetooth.
Improved ADB security.
2013

4.3
Keep and Hangouts will now be included in the firmware and Google Apps by default.
A recently found bug called MasterKey is fixed.
Smart or Bluetooth 4.0 LowEnergy is included in the new firmware, which increases the energy efficiency of the device when using this protocol.
The notification area now shows all running applications, even in the background. Disable the display of the icon in the panel can be in the settings.
In the settings, you can set the permanent operation of Wi-Fi for improved geo-positioning.
AVRCP 1.3, available in conjunction with Bluetooth Smart, allows you to use Bluetooth to combine two devices and use them as control devices.
A new camera and gallery is available.
The system now supports OpenGL ES 3.0.
There was a hidden setting of individual permissions for applications.
4.3.1
Eliminating small errors and improving the stability of the system and its performance. Only for Nexus 7 (2013) LTE.
Release date: June 27, 2012 (4.1), October 29, 2012 (4.2), July 24, 2013 (4.3) • Linux kernel version: 3.0.8—3.4 (4.2.1+) • API version: 16, 17, 18

Android 4.4 "KitKat"
Russian name: "KitKat"

October 31, 2013, Google introduced the next version of Android Kitkat. The changes affected the interface. Android has also been optimized to run on budget smartphones with 512 MB of RAM.

Simultaneously with the new version of Android, Google also introduced the Google Nexus 5 smartphone. Version innovations:

4.4
Constantly active voice assistant. You do not need to touch the screen, you just have to say “Ok Google”, then you can give a command or dictate what you need to find.
Display covers and control buttons on the lock screen when playing music or showing movies via Chromecast.
Navigation buttons and notification bar automatically hidden
Faster task switching and optimized memory allocation.
Priority in the phone book. The contacts with which the user communicates most often are shown at the top of the list. Right in the Contacts application you can search for people, places on the map and organization.
Smart number identifier. If the number is not found in the "Contacts", the phone will try to determine according to Google Maps which organization they are calling from.
Communication Center. The Hangouts application allows you to chat, make and receive video calls, send and receive SMS and MMS messages and share GIF animations.
Japanese emoticons. In the standard keyboard added colorful miniature pictures Emoji.
Cloud printers support. Photos, documents and web pages can be printed on printers connected to the Google Cloud Print service, and on other printers that support printing through mobile applications.
Quick save files to the cloud. Some applications (for example, the updated QuickOffice) support the instant sending of files to Google Drive.
Support Message Access Profile in cars equipped with Bluetooth modules.
Chromecast support.
Launching web apps via Chrome.
Displays movie subtitles in a standard video player.
Built-in service "Remote Control Android".
Updated file loader design with sorting and customization of the display of downloaded files: list or thumbnails.
Switch between installed launchers through system settings.
Updated email application with folders, account photos and improved navigation.
Support for applications that use infrared.
Access to location settings via the icon in “Quick Settings”.
Setting the method of determining the location: exact or with less battery consumption. In the system settings, you can see which applications are trying to determine the location.
Running applications in the Security-Enhanced Linux sandbox.
Support pedometers.
Making NFC payments through Google Wallet and other payment systems. Statistics are stored in the cloud or device memory.
Android Runtime Experimental Compiler (ART) [43]
Immersive mode that automatically hides unnecessary data on the device screen while playing, reading or watching a video.
4.4.1
Elimination of small errors.
4.4.2[44]
Improved camera Nexus 5, reducing the lag of the shutter, more precise focus and better white balance. Also includes fixing some bugs and improving performance. Nexus 7 2012 added “Wireless Monitor” Settings - Display.
4.4.3
Improved dialer interface and Contacts application
Various fixes and improvements
4.4.4[45]
The security bug related to OpenSSL has been fixed.
Release date: October 31, 2013 (4.4), December 5, 2013 (4.4.1), December 9, 2013 (4.4.2), June 2, 2014 (4.4.3), June 20, 2014 (4.4.4) • Linux kernel version: 3.4 • API version: 19

Android 5.0 / 5.1 "Lollipop"
Russian name: "Candy"

5.0
Main article: Android Lollipop
"Material design" - a new component of the user interface, which is based on simplicity, brightness, clarity and functionality.
There was a Project Volta, thanks to which the operating system accesses the processor not by single requests, but by data packets, thereby saving charge, with the result that the Nexus 5 can work 1.5 hours longer.
Notifications on the lock screen. To open one of the notifications, double click on it
Now, instead of the compiler Dalvik used compiler ART.
Ambient display is a function in which when you take a Nexus 6 or Nexus 9 in your hands, the display immediately turns on showing important notifications.
Smart lock.
Added a flashlight to the quick settings menu.
Reworked auto-adjust screen brightness.
In the menu "About phone" the opportunity to leave feedback about the device. (Nexus)
Now you can start the camera and "dialers" from the lock screen.
Full user manager.
You can configure application alerts by turning them off, even if there is no such option in the program itself.
New interface to change running applications.
5.0.1
Bugs fixed
5.0.2
Bugs fixed
5.1
Bugs fixed
Improved system stability
Improved shutter, intuitive interface for quick selection of Wi-Fi and Bluetooth networks.
Support for working with two SIM-cards (previously, manufacturers had to implement this function on their own), for each SIM-card you can create your profile with a certain color, which will color the color of the standard "dialer" for quick recognition of the used SIM-card.
HD Voice support (provided that the technology is supported by the operator and the hardware of the smartphone)
The new protection system of the smartphone and the Device Protection system (Device Protection blocks the smartphone or tablet in case of theft or loss, making it virtually useless until the current owner passes the Google account verification and removes the software lock).
A new gesture for "polite notifications", having brushed the notification upwards, a reminder of the missed event will remain.
5.1.1
Fixed a leak with memory
Added Google's built-in VPN service for greater security when connecting to open Wi-Fi networks (Nexus only)
Release date: November 3, 2014 (5.0), December 3, 2014 (5.0.1), December 20, 2014 (5.0.2), March 9, 2015 (5.1), March 21, 2015 (5.1.1) • Version Linux kernels: 3.10 • API version: 21, 22

Android 6.0 "Marshmallow"
Russian name: "Marshmallow"

6.0
Main article: Android Marshmallow
Google has announced a new version of its mobile operating system. Google introduced Vice-President Sundar Pichai at the conference for Google I / O developers.
Among the main functions of the release is the Android Pay mobile payment system and standardized verification using fingerprints at the platform level. For devices equipped with a fingerprint scanner, gadget unlocking and shopping authorization on Google Play will be available, and developers can embed the corresponding API in any Android applications.
Google also paid a lot of attention to saving battery power - it is in this area that Android devices are often criticized. The Doze function works due to the motion sensor: when the device is at rest for a long time, the "deep sleep" mode is activated, the application activity in the background mode is severely limited, which saves battery power.
Google also promised users more control over how applications use their data — requests for working with information will not be sent at the time of installation, but directly during the use of the application.
The new feature Chrome custom tabs is designed to make more convenient the consumption of web content on mobile. In total, Android M will be about 100 new features, said Google Vice President David Burke.
Release date: May 28, 2015 • Linux kernel version: • API version: 23


Post has been editedBlack fish - 15.01.16, 08:03
Reason for editing: removed the sheet in the spoiler



Rep: (583)
Is this from wikipedia?
Not all changes should be left, but only those related to security.
In this list there are not enough messages about fixed vulnerabilities, and they were.
For example, not a word anywhere about the implementation of SELinux.
Apparently, there is a separate list, but finding it is more difficult.

Post has been editedokouser - 14.01.16, 20:48



Rep: (406)
Talking about anonymity and privacy ...
On my last visit to Moscow, in December-January 2016, I discovered that a bunch of boat borauser + orbot (extreme version) stopped working correctly with sites blocked in the Russian Federation. Not with everyone, but a certain number of sites still remained forbidden to access, despite the correct operation of the orbits. (Cleaning the caches, etc., didn’t change the result. I’ll immediately point out that blocked sites DO NOT use .onion yet). I had to use the Psiphon Pro program and solved the problems.
As I understand it, the largest telecom operators (in my version it was a Rostelek) are "silent glanders," but they are beginning to adapt to the new rules of the game ...



Rep: (23)
A lot of output torus nodes are already in the Russian Federation, so it is natural that when leaving them the restrictions will remain.
With the mobile version of xs, and on the computer there are several alternative options:
-exclude the RU zone from the list of permitted exit
-map in mappings in configs in such a way that the necessary sites always use other exits, while you can use sites blocked in the states through Russian outlets, and let sites that are prohibited from us through foreigners, in general, make any sites work, finding for each his own way out
-use after leaving the torus the usual public proxy, this at the same time helps to avoid blacklists, there are relevant recommendations for settings on okolotorovskih resources

Like orbot also allows you to edit configs, so the first 2 options are also suitable for android.

Post has been editedformobe120 - 16.01.16, 07:07



Rep: (406)
The conversation is a little about something else, about the fact itself.
If you recall, a year ago, the Russian security forces carried out R&D on the Torah. And if Thor used to be a 100% panacea for locks, now this is no longer the case.
And there are still many ways to get around the prohibitions, there are no problems with this :-)



Rep: (23)
The conversation is a little about something else, about the fact itself.

and what is the fact? No one did anything extraordinary. Ordinary operators do not need this at all, they abide by the rules "on the go", although the RTK is not just an operator, of course, but that is not the point. The incident occurred due to the fact that the Russian segment is developing and it also has torus nodes. Yes, there is a possibility that they are controlled by services, but nevertheless they expand the network for those who are worried about other problems, some kind of ban on something in faraway Zimbabwe, roughly speaking.
The desirability of blacklisting the nodes of your country has always been in the recommendations of the torus, and this applies to any country. Nothing new has happened, this is not a hack, but just an "expansion of the torus to the east")))

By the way, I now went to this hedgehog from under the torus without problems. I saw faces there, which are already regularly appearing in the media, because of which no one will physically or financially spend energy on introducing superblocks into the torus.
That version of orbot, which was in December, generally had a leak of dns. But the fact that another program, essentially a simple VPN, solved the problem, indicates that the CSN has nothing to do with it, and the problem was precisely in a randomly formed chain with a Russian output node, which itself uses Russian providers and appropriate filters to access the sites superimposed on it like on everyone else. This could happen regardless of which country you are connecting to the torus itself.

And if earlier Thor was a 100% panacea for locks, now this is no longer the case.

Yes, it’s so, just by configuring the config, as the developers recommend, and such a problem will never arise again.
Russian security forces carried out R&D

More remembered was another work, the suppression of psycho-volitional stability with the help of optical exposure. We spent a lot of money on our taxes: D This kind of LED lamp turned out, you can hang it in chill outs and club smoking rooms))) Anyone will lose their mental stability when looking at this rzhaku))
Any Russian projects work like this: if, as a result of the work, no one was imprisoned for embezzlement and 3 times more money was allocated for revision, then there is nothing to fear;)


Post has been editedformobe120 - 16.01.16, 13:16



Rep: (406)
Any Russian projects work like this:

Let's hope so :-)
Regarding the "introduction of super-blocking torus", etc. If you notice, the Russian Federation is no longer guided by common sense, but only by some chimeras. By the way, a vivid example is the idea of ​​implementing DPI. The idea to oblige all operators to use these glands belongs precisely to Rostelek. There are two reasons. The first is a banal deflection. The second is to receive money from the state to develop a concept and purchase pieces of iron for their further supply with margins to other providers. And, as far as I know, all this is successfully moving forward.
Now about the nodes. At the end of last year, Stratfor statistics came across regarding fake (controlled) nodes in the Russian Federation. They believed that such in the Russian Federation - almost 35%.

By the way, in the header in the program section you can add such messengers as Threema and Bleep. (True, the first is paid. The question of the efficiency of the second is a big question, but nonetheless).

Post has been editedelenakawai - 16.01.16, 13:53



Rep: (583)
that a bunch of Boat Browser + Orbot (extreme version) stopped working correctly with sites blocked in the Russian Federation

There is another option that something was wrong with this bundle.
What ip was shown in the browser?
By the way, in the header in the program section you can add such messengers as Threema and Bleep

I will bring it.
And from you we are waiting for revealing documentation on SORM, DPI and Russian operators;)


Post has been editedokouser - 16.01.16, 13:50


Full version    

Help     rules

Now: 08/08/19, 15:34