mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-10-01 01:35:57 -04:00
Cleaning up, add content to the Android page (#633)
Signed-off-by: Daniel Gray <dng@disroot.org>
This commit is contained in:
parent
9855c3b415
commit
483f408a8d
@ -4,7 +4,7 @@ logo: /assets/img/android/orbot.svg
|
||||
description: |
|
||||
**Orbot** is a free proxy app that routes your connections through the Tor Network.
|
||||
|
||||
Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using the [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN killswitch (⚙️ Settings → Network & internet → VPN → ⚙️ → Block connections without VPN).
|
||||
Orbot can proxy individual apps if they support SOCKS or HTTP proxying. It can also proxy all your network connections using [VpnService](https://developer.android.com/reference/android/net/VpnService) and can be used with the VPN killswitch (⚙️ Settings → Network & internet → VPN → ⚙️ → Block connections without VPN).
|
||||
|
||||
For resistance against traffic analysis attacks, consider enabling *Isolate Destination Address* ( ⁝ →Settings → Connectivity). This will use a completely different Tor Circuit (different middle relay and exit nodes) for every domain you connect to.
|
||||
|
||||
@ -12,7 +12,7 @@ description: |
|
||||
Orbot is often outdated on the Guardian Project's [F-Droid repository](https://guardianproject.info/fdroid) and [Google Play](https://play.google.com/store/apps/details?id=org.torproject.android) so consider downloading directly from the [GitHub repository](https://github.com/guardianproject/orbot) instead.
|
||||
|
||||
All versions are signed using the same signature so they should be compatible with each other.
|
||||
website: 'https://guardianproject.info/apps/org.torproject.android'
|
||||
website: 'https://orbot.app/'
|
||||
downloads:
|
||||
- icon: fab fa-android
|
||||
url: 'https://guardianproject.info/fdroid'
|
||||
|
@ -5,7 +5,7 @@ logo_dark: /assets/img/android/grapheneos-dark.svg
|
||||
description: |
|
||||
**GrapheneOS** is the best choice when it comes to privacy and security.
|
||||
|
||||
GrapheneOS has a lot of security hardening and privacy improvements. It has a [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), network and sensor permissions, and various other [security features](https://grapheneos.org/features). GrapheneOS also comes with full firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
|
||||
GrapheneOS provides additional [security hardening](https://en.wikipedia.org/wiki/Hardening_(computing)) and privacy improvements. It has a [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), network and sensor permissions, and various other [security features](https://grapheneos.org/features). GrapheneOS also comes with full firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
|
||||
|
||||
Notably, GrapheneOS supports [Sandboxed Play Services](https://grapheneos.org/usage#sandboxed-play-services). Google Play Services can be run fully sandboxed like a regular user app and contained in a work profile or user [profile](/android/#android-security-privacy) of your choice. This means that you can run apps dependant on Play Services, such as those that require push notifications using Google's [Firebase Cloud Messaging](https://firebase.google.com/docs/cloud-messaging/) service. GrapheneOS allows you to take advantage of most [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) whilst having full user control over their permissions and access.
|
||||
|
||||
|
@ -4,7 +4,7 @@ logo: /assets/img/android/calyxos.svg
|
||||
description: |
|
||||
**CalyxOS** is a decent alternative to GrapheneOS.
|
||||
|
||||
It has some privacy features on top of AOSP, such as the [Datura firewall](https://calyxos.org/docs/tech/datura-details), [Signal](https://signal.org) integration in the dialer app, and a built in panic button. CalyxOS also comes with firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
|
||||
It has some privacy features on top of AOSP, including [Datura firewall](https://calyxos.org/docs/tech/datura-details), [Signal](https://signal.org) integration in the dialer app, and a built in panic button. CalyxOS also comes with firmware updates and signed builds, so [verified boot](https://source.android.com/security/verifiedboot) is fully supported.
|
||||
|
||||
To accomodate users who need Google Play Services, CalyxOS optionally includes [MicroG](https://microg.org/). With MicroG, CalyxOS also bundles in the [Mozilla](https://location.services.mozilla.com/) and [DejaVu](https://github.com/n76/DejaVu) location services.
|
||||
|
||||
|
@ -17,7 +17,7 @@ description: |
|
||||
|
||||
Like CalyxOS's firewall, the network access toggle can also leak in [some](https://gitlab.com/LineageOS/issues/android/-/issues/3228) situations.
|
||||
|
||||
Not all of the supported devices have [verified boot](https://source.android.com/security/verifiedboot) and some perform it better than others.
|
||||
Not all of the supported devices have [verified boot](https://source.android.com/security/verifiedboot), and some perform it better than others.
|
||||
|
||||
website: 'https://divestos.org'
|
||||
website_tor: 'http://divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion'
|
||||
|
@ -5,7 +5,7 @@ mathjax: true
|
||||
description: |
|
||||
Android is a secure operating system that has strong [app sandboxing](https://source.android.com/security/app-sandbox), [verified boot](https://source.android.com/security/verifiedboot), and a robust [permission](https://developer.android.com/guide/topics/permissions/overview) control system.
|
||||
|
||||
The main privacy concern with most Android devices is that they usually include [Google Play Services](https://developers.google.com/android/guides/overview). This component is proprietary, closed source, has a privileged role on your phone and may collect private user information. It is not a part of the [Android Open Source Project](https://source.android.com/) (AOSP) nor is it included with the below derivatives.
|
||||
The main privacy concern with most Android devices is that they usually include [Google Play Services](https://developers.google.com/android/guides/overview). This component is proprietary, [closed source](https://en.wikipedia.org/wiki/Proprietary_software), has a privileged role on your phone, and may collect private user information. It is not a part of the [Android Open Source Project](https://source.android.com/) (AOSP) nor is it included with the below derivatives.
|
||||
---
|
||||
|
||||
## AOSP Derivatives
|
||||
@ -68,7 +68,7 @@ Modern Android devices have global toggles for disabling [Bluetooth](https://en.
|
||||
|
||||
### Avoid Root
|
||||
|
||||
Rooting Android phones can decrease security significantly as it weakens the complete Android security model. This can decrease privacy should there be an exploit that is assisted by the decreased security. Common rooting methods involve directly tampering with the boot partition, making it impossible to perform successful [verified boot](https://source.android.com/security/verifiedboot). Apps that require root will also modify the system partition meaning that verified boot would have to remain disabled. Having root exposed directly in the user interface also increases the [attack surface](https://en.wikipedia.org/wiki/Attack_surface) of your device and may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) vulnerabilities and [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) policy bypasses.
|
||||
[Rooting](https://en.wikipedia.org/wiki/Rooting_(Android)) Android phones can decrease security significantly as it weakens the complete [Android security model](https://en.wikipedia.org/wiki/Android_(operating_system)#Security_and_privacy). This can decrease privacy should there be an exploit that is assisted by the decreased security. Common rooting methods involve directly tampering with the boot partition, making it impossible to perform successful [verified boot](https://source.android.com/security/verifiedboot). Apps that require root will also modify the system partition meaning that verified boot would have to remain disabled. Having root exposed directly in the user interface also increases the [attack surface](https://en.wikipedia.org/wiki/Attack_surface) of your device and may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) vulnerabilities and [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) policy bypasses.
|
||||
|
||||
Adblockers (AdAway) which modify the <a href="https://en.wikipedia.org/wiki/Hosts_(file)">hosts file</a> and firewalls (AFWall+) which require root access persistently are dangerous and should not be used. They are also not the correct way to solve their intended purposes. For Adblocking we suggest encrypted <a href="/providers/dns/">DNS</a> or <a href="/providers/vpn/">VPN</a> server blocking solutions instead. RethinkDNS, TrackerControl and AdAway in non-root mode will take up the VPN slot (by using a local loopback VPN) preventing you from using privacy enhancing services such as Orbot or a real VPN server.
|
||||
|
||||
@ -78,7 +78,7 @@ We do not believe that the security sacrifices made by rooting a phone are worth
|
||||
|
||||
### Firmware Updates
|
||||
|
||||
Firmware updates are critical for maintaining security and without them your device cannot be secure. Original equipment manufacturers (OEMs) - phone manufacturers have support agreements with their partners to provide the closed source components for a limited support period. These are detailed in the monthly [Android Security Bulletins](https://source.android.com/security/bulletin).
|
||||
Firmware updates are critical for maintaining security and without them your device cannot be secure. Original equipment manufacturers (OEMs)—in other words, phone manufacturers—have support agreements with their partners to provide the closed source components for a limited support period. These are detailed in the monthly [Android Security Bulletins](https://source.android.com/security/bulletin).
|
||||
|
||||
As the components of the phone such as the processor and radio technologies rely on closed source components, the updates must be provided by the respective manufacturers. Therefore it is important that you purchase a device within an active support cycle. [Qualcomm](https://www.qualcomm.com/news/releases/2020/12/16/qualcomm-and-google-announce-collaboration-extend-android-os-support-and) and [Samsung](https://news.samsung.com/us/samsung-galaxy-security-extending-updates-knox/) support their devices for 4 years while cheaper products often have shorter support. With the introduction of the [Pixel 6](https://support.google.com/pixelphone/answer/4457705), Google now makes their own system on chip (SoC) and they will provide 5 years of support.
|
||||
|
||||
@ -92,7 +92,7 @@ It's also important to make sure that you're not using an [end-of-life](https://
|
||||
|
||||
[Permissions on Android](https://developer.android.com/guide/topics/permissions/overview) grant users control over what apps are allowed to access. Google regularly makes [improvements](https://developer.android.com/about/versions/11/privacy/permissions) on the permission system in each successive version. All user installed apps are strictly [sandboxed](https://source.android.com/security/app-sandbox), therefore there is no need to install any antivirus apps. The savings you make from not purchasing or subscribing to security apps is better spent on paying for a supported device in the future.
|
||||
|
||||
Should you want to run an app that you're unsure about consider using a user or work [profile](/android/#android-security-privacy).
|
||||
Should you want to run an app that you're unsure about, consider using a user or work [profile](/android/#android-security-privacy).
|
||||
|
||||
### SafetyNet and Play Integrity API
|
||||
|
||||
@ -165,4 +165,4 @@ GrapheneOS improves upon [AOSP](https://source.android.com/) security with:
|
||||
* **Hardened Memory Allocator:** GrapheneOS uses the [hardened malloc](https://github.com/GrapheneOS/hardened_malloc) subproject as its memory allocator. This focuses on hardening against [memory heap corruption](https://en.wikipedia.org/wiki/Memory_corruption). CalyxOS uses the default AOSP [Scudo Malloc](https://source.android.com/devices/tech/debug/scudo), which is generally [less effective](https://twitter.com/danielmicay/status/1033671709197398016). Hardened Malloc has uncovered vulnerabilities in AOSP which have been [fixed](https://github.com/GrapheneOS/platform_system_core/commit/be11b59725aa6118b0e1f0712572e835c3d50746) by GrapheneOS such as [CVE-2021-0703](https://nvd.nist.gov/vuln/detail/CVE-2021-0703).
|
||||
* **Secure Exec Spawning:** GrapheneOS [spawns](https://en.wikipedia.org/wiki/Spawn_(computing)) fresh processes as opposed to using the [Zygote model](https://ayusch.com/android-internals-the-android-os-boot-process) used by AOSP and CalyxOS. The Zygote model weakens [Address Space Layout Randomization](https://en.wikipedia.org/wiki/Address_space_layout_randomization) (ASLR) and is considered [less secure](https://wenke.gtisc.gatech.edu/papers/morula.pdf). Creating [fresh processes](https://grapheneos.org/usage#exec-spawning) is safer but will have some performance penalty when launching a new application. These penalties are not really noticeable unless you have an [old device](https://support.google.com/nexus/answer/4457705) with slow storage such as the Pixel 3a/3a XL as it has [eMMC](https://en.wikipedia.org/wiki/MultiMediaCard#eMMC).
|
||||
|
||||
**Please note that these are just a few examples and are not an extensive list of GrapheneOS's hardening**.
|
||||
**Please note that these are just a few examples and are not an extensive list of GrapheneOS's hardening**. For a more complete list, please read GrapheneOS' [official documentation](https://grapheneos.org/features).
|
||||
|
Loading…
Reference in New Issue
Block a user