ok now i see why the need for the additional airgapped project , makes sense, especially that attention bit , including the entire setup , thanks for that little bit of insight , very interesting , my kind of style i like it , i do understand this from a developers standpoint especially when it comes to highly secure projects that people rely on such as yours and anything else would simply not suffice indeed , but as a regular user i couldnt do without net so id go with abit more risky setup aka non airgapped but tightened down firewall instead, it might not be airgapped but its deffinitely far from a piece of pie to get into keep us updated , take care and keep up the good work , this project/s have been sorely needed
Hey sorry about that. We are upgrading our backend. Somethings were broken in the process. It should be up shortly. New Beta for 5.0, stable for 4.4.4. Both are incoming.
I will give you money when this gets stable on a Nexus 5... especially if you can get "Pry-Fi" like capability working
I agree PaulyDefran, for me being able to put this on a Nexus 5 and have it stable is a huge accomplishment and am willing to pay for it. While I appreciate you want to develop your own hardware I think it will be an uphill battle for you to provide hardware equivalent to a Nexus that has a similar price point.
Does this work for the galaxy s4, I am really new to this and need your help if you have the free time. I can't seem to find the download link
No. Nexus Devices only. Nexus Devices are the only phone that have complete source for us to work from and one of the lowest amount binary blobs to work with. Downloads will be back soon, I am way due to the holidays. We had issues with our backend servers and I am going to need to find a new provider.
I think this is a great project and wish the best success, I have been watching Canada border airport control tv series and its horrific what the law enforcement staff do to ones privacy and respect. Literally they will go through each picture and chat message looking for any signs to they prosecute them or deny them entry into the country. Invasion of privacy does not even come into their mind set not when they are out to make their commission and profit from it imo the worse type of criminal you can get, hopefully projects like this and other smart phones geared towards privacy and security become the norm.
If you need a beta tester while you are getting your server affairs ironed out, I have a nexus 5 and would be happy to volunteer!
Hey sorry a few major updates: The lack of replies has been because of massive issues on our backend systems. First our host went down. This was fixed within 48-hours which is great! But sadly we ran into some more issues: * Our Website is currently built on wordpress. We keep this locked down very well (Paranoid levels) using multiple methods and security tools. This includes 2FA, Blacklisting IPs that attempt to login or do anything fishy, whitelist what IPs can login to the site, etc. Sadly our security managed to lock US out.This basically meant we had to either wait until the IP ban past (3 weeks) or delete the word press install and restore from a backup. We waited and we are now back in. This small bug is now fixed and won't happen again. * Simultaneously we lost access to the GuardianRom e-mail account due to an expired CC. We use Google Apps for GRom e-mail for the simplicity. We are trying to migrate over to a more privacy oriented provider but we don't have much money currently and the $10/month Gapps cost is hard to compete with. If any one as a suggestion please let me know. 2FA is a MUST. If we did NOT get back to your e-mail. this is why. Since I only check that account via my cell phone I did not notice it stopped working, and didn't check it out until today when I was changing over our GPG keys. Expect an e-mail in a few days if you did email us. * The harddrives that stored our GPG keys died. We DO have backups and revoke certs. As they are close to expiring anyways we are going to revoke them and issue new certs. NOTE: This only applies to our E-MAIL keys. The keys that sign the downloads are different and are stored in 3 separate locations for safe keeping. Those were not effected by this. New updates coming. Stay posted. We have some interesting things happening over here. Still working on that Guardian Phone, and it looks like it WILL have a removable 3G modem. This way you can go WiFi only if you wish and not have to worry about potential backdoors in the modem (as much).
yeah, that was my reaction too. Everything has being going so well. We have everything lined up for a custom phone to be made. The software is coming along with even better features then we thought of one we started (Yes, I can't wait to share!). But then this happens. Nothing was compromised from a security standpoint, but it slowed us down a bit. Not to worry though. We are currently having our first GuardianPhone manufactured as a test run. We will see how this goes and I WILL post photos
I love that idea, but it seems like it only works on a handful of old non-smartphones. It's also GSM only. In today's world it's hard to see people giving up their 3G and LTE. And it seems hard for this to ever apply to new phones, keeping up with all the new radios and everything (it would be a huge amount of work for devs and won't you need proprietary information about the hardware radios to make the baseband?). So maybe if you just want some extra old non-smartphone to be a secure phone, an open source baseband would be useful. But then why not just use a burner phone, if you really need that?
They question is also if old non-smartphones/burner phones can be secure. Sure they can be more anonymous, but not secure imo; all communications go over an insecure network.
Yes, that's a good point. It would be nice if some devs wanted to just pick one device that custom ROM type users like, such as the Nexus 5, and that is powerful enough to be a little bit future proof, and then develop open firmware for that device. I guess you'd need to do the baseband and the bootloader (anything else?). Then you could have one modern device that's targeted for development for secure ROMs. Of course, I still have no idea if that's possible or would require access to proprietary information about the hardware that is not currently available. Maybe Qualcomm or somebody could decide to be super friendly to the open source world, like Intel has always done. Heck, maybe Intel will/could do it, if they ever get more of a foothold in the mobile device market.
Okay major updates are under way. I will post back here once done but we have made headway on a few things. The main issue we are facing is bringing in funds. To help in this part we are opening up a donation/pledge system. This system will allow use of Bitcoin based donation and CC based donation. I will post all details once it is live on the site.
Okay so the updates as promised: We are at the 90% point with GuardianRom. We have ported everything over to 5.0 (lollipop) on both the Nexus 5 and Nexus 6 EXCEPT hiddenOS. HiddenOS is working but buggy. We have also added in the following apps and features: SOS Button - This is similar to the old intheclear app. It basically allows you to customize a few presets like who to call or text. Shutdown or wipe the phone, send your GPS location or not, etc. If wipe is enabled it wipes the phone 3 times with random data to prevent recovery. Geo-Fencing - This app will be released in F-Droid and the playstore as well. It allows you to set locations as Green, yellow, or Red zones. Green - This is for your home or another trusted place. Places lockscreen time out to a longer amount, enables WiFi and bluetooth, Disables Dead-Mans switch. Yellow Zone - Enable Dead-Mans switch, lockscreen timeout to 30 seconds, WiFi off. RedZone - Phone powered off immediately OR Wiped optionally. All areas are considered Yellow until changed. You are able to customize all events too. Similar to Tasker or other automation apps you can decide what happens in each zones. RedZone can be places like Police Stations, Airports, anything outside of your city, etc. Basically RED = Known hostile zone. Dead-Mans Switch - Once enabled in settings this feature turns on two options. 1) Duress password. Entering the duress password will either reboot the phone or optionally wipe it. 2) You can set a timer. If you don't enter you PIN in every 'X' number of minutes or hours the phone will automatically shutdown or again optionally wipe itself. This can also be used to trigger an SOS and alert friends or family. Encrypted Calls - We have built our own servers to handle calling and no longer use OSTel. You can use your own server instead if you prefer. Uses same dialer as non-encrypted calls, WARNS user if the call is insecure though. Encrypted SMS - We are building our Encrypted SMS app. This will go over standard SMS channels and NOT need data or Google's push servers at all. Encrypted E-Mail - We are building an E-mail client with GPG built in. File level encryption - Originally GuardianRom only encrypted data with FDE. This is great but if someone has access to the phone and can bypass the lockscreen its useless. To Fix this we now encrypt ALL incoming messages (E-Mails and SMS), Browser history, user downloads folder, and optionally contacts and call logs with an RSA-4096 bit key that is generated on first setup. The key is encrypted with your lockscreen password, when your phone is locked the private key is removed from RAM securely (3-pass wipe). All data that is encrypted with the public key and can only be read after the lock screen password is entered and the private key is decrypted. LockDown Mode - LockDown mode can be activate at any time and is the default when booting into the HiddenOS. LockDown Mode disables all networking modules (WiFi,3G,BT,NFC) until YOU enable them. It also forces secure communications ONLY - Encrypted calls, SMS, and TOR or a VPN. If it isn't encrypted it doesn't leave the phone in this mode. LockDown mode also disable installing of 3rd party apps. Encryption Options - We are working on adding in support for TwoFish and Serpent. Options for choosing how many PBKDF2 iterations you want to do, and if you want CBC or XTS mode. XTS is recommended. These options will only be shown if you enter advanced settings. Now for the bad news. As of two days ago GuardianRom has run out of funds. The donations we received from our backers and supporters have gotten us this far. We are so close to completing GuardianRom but we need help. Currently the remainder of the project is on hold until we can raise enough funds. The funds will be used to finish off the software version, get more test units in to test other devices, and to start work on the GuardianPhone. YES - GuardianPhone is ALMOST a thing. It will have a removable 3G Modem so you can be sure it isn't spying on anything. It will be tamper resistant as well. I know everyone here is excited about GuardianRom AND GuardianPhone. All we need is for you to help spread the word. Every Dollar donated helps the project as well. Once we receive the donations we should be able to release by June 2015.
