-
Notifications
You must be signed in to change notification settings - Fork 22
Home
Welcome to the AndroidStealth/SafeBox/Safe 'n Sound wiki!
Because, nowadays, the fact that something is on your phone does not mean only you can see it. It's time to take control of your privacy once again. Even when your phone is out of your hands. This application aims to provide that control by hiding and locking your data in a content manager that is hidden itself.
This project aims to create a nomadic Android app for renewed control over your private data. Lock and hide your content: only share it when you want to. Control the look and feel of the app as you share it with others only when you want it.
Such protections are very important with the increase in casual searches of phones. Because this data is easily accessible under normal circumstances high tech solutions to acquire these are rarely used. As such this is meant against the 'casual search' of someone looking through your phone and using built in tools to find your data. This is especially important because in some areas and environments information is being suppressed. Though this is not just something that happens with oppressive governments. There are several occurrences of cops in many countries overstepping their legal bounds and deleting photographs and videos from people's phones [1,2,3] . This app attempts to counteract this trend by encrypting and obscuring the data managed by it. And because the app itself will be hidden (even in plain sight) the user will obtain a higher control of who accesses their data, giving them more privacy.
All data that enters the application is encrypted and stored in a separate folder on your device. This folder is automatically generated by the application so as not to stand out as an application that holds huge amounts of data.
The application uses an Android Service which monitors and controls the state of the files managed by the application. This service runs in the background, where it manages asynchronous locking of files and monitoring and notifying the user of file states. This includes the in-activity overlay of the thumbnails indicating the encryption status, but also the notification in case of unlocked files (which can lock files on tap). This allows for temporary use of the files in other applications.
The actual encryption of files is done through Facebook's crypto library, Conceal. As we don't change the defaults this means the files are encrypted using AES-GCM and HMAC-SHA1. However since our goal is only to protect against casual searching do not expect it hold up well to a technological advanced attacker with unlimited access to your phone. Given the way keys for this encryption are stored.
The application is designed to be nomadic. By this, we mean that the app can be spread to other devices directly from the device; an app store, like Google Play, or downloading it from a trusted website would not be required. Instead users only need to be in physical proximity to someone who already has the app and wants to share it with them. This is especially useful in areas where unfiltered access to the application is restricted.
The basic concept of this is to include functionality that shares the .apk, the installer for android apps, of the application through default system-provided methods like bluetooth, or WiFi-Direct. This can include an initial setup through NFC. The app itself facilitates this way of sharing by having it built into its functionality. So the recipient only needs to accept the apk file and install it.
Before the user shares the application, it can modify parts of the application. This allows users to personalize the application, and by doing so enhancing the difficulty of detecting of the application through casual search, as it can be different from one installation to the next.
This is what we call the ability to change the name and icon of an application. This generally is done before sharing with someone. Making sure that the application can not be easily spotted by name and icon. We allow users to choose their own icons and fill in any text they want, as long as the characters are part of the extended ASCII list, excluding a few reserved characters like |?*<":>+[]/. However as of right not there are still some limitations:
- The name has a length limit based upon the original name of the application as it can be found in the source here.
- If you get the installer from one person and another later tries to provide an update it will mention that it is an incorrectly signed app. And would destroy all data if forced over the old version.
- There is little to no verification that the application you are getting is the application as provided here.
While the above gives a general idea of the app in general it still leaves out much of the specifics. The following will go more in depth in how this is done. This can be used as a manual but has not been written with the intent of providing user guide.
- [1] http://www.urban75.org/photos/photography-case-studies.html
- [2] http://photographyisnotacrime.com/
- [3] http://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:GHSHE:2013:5264
6-page IEEE style two-column
Ready 13 May: https://www.usenix.org/conference/foci13 ?
Recycle above text
security and obscurity
Crypto, device confiscation, casual search
1 column of libraries and intent throwing etc
How to deal with Bluetooth, Wifi and NFC
Interaction design graph-thingie
What is the vault and what to do with it
6-8 screenshots of all screens
Morphing, quad-tap widget