Cryptophone as source for new ideas

Hey,
are the Replicant Devs aware of the Cryptophone Company? They claim to have a hardened Andoid version on their Cryptophone 500 [1]. Which is basically an modified Galaxy S3. It is possible to get their source code here [2]. Even if its not allowed to use it directly it may be a source for new ideas. The Galaxy s3 is even a Replicant supported device, which makes this more interesting :)

[1] http://www.cryptophone.de/en/products/mobile/cp500/
[2] http://www.cryptophone.de/en/background/source-code/

Replies (1)

RE: Cryptophone as source for new ideas - Added by My Self almost 9 years ago

Thanks for that hint, I was not aware of that company.

I personally don't think the Replicant project will benefit too much from that software with that license terms:
http://www.cryptophone.de/en/background/source-code/license/

I just spent a very short look; but I think the feature-list (Source: http://www.cryptophone.de/en/products/mobile/cp500/) could be enabled with open source software apps on Replicant, too:

"Secure messaging and voice over IP calls on any network [...]"
You could try:
- Linphone for voice...
- Silence for SMS...
- and Conversations for other messaging encryption.
"Hardened Android operating system with granular security management [...]"
Check out some do it yourself hardening
- here: http://redmine.replicant.us/boards/39/topics/8079
- For the rest, Replicant have to merge the security fixes for the upcoming vulnerabilities. Just ensure you're using the latest Replicant version.
"Permission enforcement module controls access to network, data and sensors, keeping you in control of your security policies"
This sounds like:
- the built-in Privacy Guard: https://plus.google.com/+CyanogenMod/posts/gk7X3HjNvnH
- combined with AFWall+
"Baseband firewall protects against over-the-air attacks with constant monitoring of baseband processor activity, baseband attack detection, and automated initiation of countermeasures"
I think you could get the same result if you use the:
- Android IMSI-Catcher Detector
"Two-layer storage encryption system protects data at rest against unauthorized access"
If you have encrypted your device (Settings -> Security -> Encrypt phone), you get a second layer of storage encryption, if you:
- additionally encrypt files with OpenKeychain
- and/or contents of apps (like password managers or encrypted notepads to).
- Finally, don't forget email encryption. Just use K-9 Mail combined with OpenKeychain from above.

(Of course the named apps are just examples. There exists some more alternatives with similar features. Just have a look at your own)...

(1-1/1)

Project

General

Profile

Replicant