-
Notifications
You must be signed in to change notification settings - Fork 5
/
README.html
1426 lines (1252 loc) · 69.1 KB
/
README.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Mobile</title>
<style>
/* Generic style */
body {
font-family: Arial, sans-serif;
line-height: 1.6;
margin: 5em;
max-width: 800px; /* Limit screen maximum width */
margin-left: auto;
margin-right: auto;
}
h1, h2, h3, h4, h5, h6 {
font-weight: bold;
margin-bottom: 0.5em;
}
h1 {
font-size: 2.5em;
line-height: 1.2;
}
h2 {
font-size: 2em;
line-height: 1.3;
}
h3 {
font-size: 1.8em;
line-height: 1.4;
}
p {
margin: 1em 0;
text-align: justify; /* Justify text for better readability */
}
a {
color: #007bff;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
blockquote {
margin: 1em 0;
padding: 0 1em;
border-left: 3px solid #ccc;
}
blockquote cite {
font-style: italic;
}
img {
max-width: 100%;
height: auto;
display: block;
margin: 1em 0;
}
pre {
background-color: #f8f9fa;
border: 1px solid #ccc;
padding: 1em;
overflow: auto;
white-space: pre-wrap; /* Wrap long lines in preformatted text */
}
code {
font-family: Consolas, Monaco, 'Andale Mono', monospace;
font-size: 0.9em;
}
/* Tables */
table {
width: 100%;
border-collapse: collapse;
margin-bottom: 1em;
}
th, td {
border: 1px solid #ccc;
padding: 0.8em;
}
th {
background-color: #f2f2f2;
}
/* Lists */
ul, ol {
margin: 1em 0;
padding-left: 2em;
}
/* Miscellaneous */
sup {
vertical-align: super;
font-size: smaller;
}
sub {
vertical-align: sub;
font-size: smaller;
}
@media screen and (max-width: 600px) {
/* Adjustments for smaller screens */
body {
font-size: 16px; /* Font size for better readability */
line-height: 1.5;
margin: 0.5em;
}
h1 {
font-size: 2em;
}
h2 {
font-size: 1.8em;
}
h3 {
font-size: 1.6em;
}
th, td {
padding: 0.6em;
}
pre {
padding: 0.5em;
}
}
</style>
</head>
<body>
<h1>📱🦊🔒 Android Mobile 🔒🦊📱</h1>
<blockquote><h3>"No matter who you are, every day of your life, you're sitting in a database just ready to be looked at." (Edward Snowden)</h3></blockquote>
<p align="center"><img src=".data/telephone_1986_-_andy_warhol_830px.png" title="Telephone (1986) - Andy Warhol"/></p>
<!-- ################################################# -->
<hr>
<h3>Hardening References</h3>
<table border="1">
<tr>
<td align="left" valign="top" style="width: 50%">
<a href="https://blog.torproject.org/mission-impossible-hardening-android-security-and-privacy/" target="_blank" rel="noopener noreferrer">• Mission <b>Impossible</b>: Hardening Android for Security And Privacy</a><br>
<a href="https://blog.torproject.org/mission-improbable-hardening-android-security-and-privacy/" target="_blank" rel="noopener noreferrer">• Mission <b>Improbable</b>: Hardening Android for Security And Privacy</a><br>
<a href="https://www.kicksecure.com/wiki/Mobile_Phone_Security" target="_blank" rel="noopener noreferrer">• Kicksecure - Mobile Devices Privacy and Security</a><br>
<a href="https://www.kicksecure.com/wiki/Mobile_Operating_System_Comparison">• Kicksecure - Mobile Operating System Comparison</a><br>
<a href="https://www.guardianproject.info" target="_blank" rel="noopener noreferrer">• Guardian Project</a><a href="https://www.github.com/guardianproject" target="_blank" rel="noopener noreferrer"> (GitHub)</a><br>
<a href="https://www.whonix.org/wiki/Tips_on_Remaining_Anonymous#Avoid_(Mobile)_Phone_Verification_(Use_only_with_caution)" target="_blank" rel="noopener noreferrer">• Whonix - Avoid (Mobile) Phone Verification (Use only with caution)</a><br>
<a href="https://www.source.android.com/docs/core/architecture/kernel/hardening" target="_blank" rel="noopener noreferrer">• Android - Kernel Hardening</a><br>
<a href="https://www.cisecurity.org/benchmark/google_android" target="_blank" rel="noopener noreferrer">• Google - Android CIS Benchmark</a><br>
<a href="https://www.mas.owasp.org" target="_blank" rel="noopener noreferrer">• OWASP - Mobile Application Security</a><br>
<a href="https://www.attack.mitre.org/techniques/mobile" target="_blank" rel="noopener noreferrer">• MITRE ATT&CK - Mobile Techniques</a><br>
</td>
<td align="left" valign="top" style="width: 50%">
<a href="https://www.public.cyber.mil/stigs/downloads/?_dl_facet_stigs=mobility" target="_blank" rel="noopener noreferrer">• DoD Cyber Exchange - Security Technical Implementation Guides (STIGs)</a><br>
<a href="https://en.wikipedia.org/wiki/EncroChat" target="_blank" rel="noopener noreferrer">• EncroChat - Wikipedia</a><br>
<a href="https://www.theintercept.com/2021/07/27/pegasus-nso-spyware-security" target="_blank" rel="noopener noreferrer">• How to Defend Yourself Against the Powerful New Nso Spyware Attacks Discovered Around the World</a><br>
<a href="https://www.citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022" target="_blank" rel="noopener noreferrer">• NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains</a><br>
<a href="" target="_blank" rel="noopener noreferrer"></a><br>
</td>
</tr>
</table>
<!-- ################################## -->
<hr>
<h3>Custom ROMs</h3>
<ul>
<li><a href="https://www.mobian-project.org">Mobian</a> <a href="https://www.wiki.debian.org/Mobian/Devices">(Supported Devices)</a> - A Debian derivative for mobile devices</li>
<li><a href="https://www.ubuntu-touch.io">Ubuntu-Touch</a> <a href="https://www.devices.ubuntu-touch.io">(Supported Devices)</a> - We are building privacy and freedom focussed mobile software</li>
<li><a href="https://www.grapheneos.org">GraphenoOS</a> <a href="https://www.grapheneos.org/faq#supported-devices">(Supported Devices)</a> - Security and privacy focused mobile OS</li>
<li><a href="https://copperhead.co/android/">CopperheadOS</a> <a href="https://copperhead.co/android/docs/devices/">(Supported Devices)</a> - Security and privacy focused mobile OS</li>
<li><a href="https://www.postmarketos.org">postmarketOS</a> <a href="https://www.wiki.postmarketos.org/wiki/Devices">(Supported Devices)</a> - A real Linux distribution for phones</li>
<li><a href="https://www.calyxos.org">CalyxOS</a> <a href="https://www.calyxos.org">(Supported Devices)</a> - Private by Design</li>
<li><a href="https://www.divestos.org">DivestOS</a> <a href="https://www.divestos.org/pages/devices">(Supported Devices)</a> - A mobile operating system divested from the norm</li>
<li><a href="https://www.wiki.lineageos.org">LineageOS</a> <a href="https://www.projectelixiros.com/download">(Supported Devices)</a> - A free and open-source operating system for various devices</li>
<li><a href="https://www.projectelixiros.com">Project Elixir</a> <a href="https://www.kali.org/get-kali/#kali-mobile">(Supported Devices)</a> - Unleash Innovation</li>
<li><a href="https://www.replicant.us">Replicant</a> <a href="https://www.redmine.replicant.us/projects/replicant/wiki/DeviceStatus">(Supported Devices)</a> - A fully free Android distribution running on several devices</li>
<li><a href="https://www.kali.org/get-kali/#kali-mobile">Kali Mobile</a> <a href="https://www.kali.org/get-kali/#kali-mobile">(Supported Devices)</a> - Kali NetHunter is a free & Open-source Mobile Penetration Testing Platform</li>
<li><a href="https://www.puri.sm/products/liberty-phone">Liberty Phone</a> - The Freedom and Privacy plus Made in the USA Electronics with a Secure Supply Chain.</li>
<li><a href="https://www.github.com/climberhunt/PiPhone">PiPhone</a> - A DIY cellphone based on Raspberry Pi</li>
</ul>
<!-- ################################## -->
<hr>
<h4>Other custom ROMs:</h4>
<ul>
<li><a href="https://www.aicp-rom.com">AICP (Android Ice Cold Project)</a> - A feature-packed custom ROM for various Android devices.</li>
<li><a href="https://www.aosip.weebly.com">AOSiP (Android Open Source illusion Project)</a> - Custom ROM based on AOSP with rich features.</li>
<li><a href="https://www.aosp-extended.github.io">AOSP Extended</a> - Based on AOSP with added features and customizations.</li>
<li><a href="https://www.arrowos.net">ArrowOS</a> - A lightweight ROM focused on performance and efficiency.</li>
<li><a href="https://www.blissroms.com">BlissROMs</a> - A ROM that combines stability, features, and customization.</li>
<li><a href="https://www.crdroid.net">crDroid</a> - A custom ROM focused on speed, stability, and customization.</li>
<li><a href="https://www.derpfest.org">Derpfest</a> - A feature-packed custom ROM with a focus on user experience.</li>
<li><a href="https://www.dirtyunicorns.com">Dirty Unicorns</a> - A customizable ROM built on AOSP.</li>
<li><a href="https://www.droidontime.com">Droid On Time (DOT OS)</a> - A custom Android ROM that focuses on performance and stability.</li>
<li><a href="https://www.e.foundation">/e/ OS</a> - A privacy-focused custom ROM based on Android.</li>
<li><a href="https://www.evolution-x.org">Evolution X</a> - A ROM based on AOSP with additional enhancements.</li>
<li><a href="https://www.github.com/AospExtended">AOSP Extended</a> - AOSP-based ROM with additional features and customization.</li>
<li><a href="https://www.github.com/PixelExperience">Pixel Experience</a> - A custom ROM that provides a clean and stock Pixel experience.</li>
<li><a href="https://www.github.com/ResurrectionRemix">ResurrectionRemix</a> - Combines features from various ROMs.</li>
<li><a href="https://www.havoc-os.com">Havoc-OS</a> - A custom ROM with a ton of features and tweaks for enhanced user experience.</li>
<li><a href="https://www.lineageos.org">LineageOS</a> - A popular and open-source custom ROM built on Android.</li>
<li><a href="https://www.omnirom.org">OmniROM</a> - A community-driven custom ROM offering many features.</li>
<li><a href="https://www.paranoidandroid.co">Paranoid Android</a> - A custom ROM focusing on minimalism and efficiency.</li>
<li><a href="https://www.pixelexperienceplus.com">Pixel Experience Plus</a> - An extended version of Pixel Experience with additional features.</li>
<li><a href="https://www.resurrectionremix.com">Resurrection Remix</a> - A popular ROM combining features from many other ROMs.</li>
<li><a href="https://www.sammobile.com">SamMobile</a> - Offers firmware for Samsung devices, useful for custom ROM installations.</li>
<li><a href="https://www.sourceforge.net/projects/corvus-os">Corvus OS</a> - A gaming-centric custom ROM with tweaks for performance.</li>
<li><a href="https://www.sourceforge.net/projects/havoc-os">Havoc OS</a> - A feature-rich ROM with extensive customization.</li>
<li><a href="https://www.sourceforge.net/projects/projectsakura">Project Sakura</a> - A custom ROM that focuses on simplicity and stability.</li>
<li><a href="https://www.sourceforge.net/projects/revengeos">RevengeOS</a> - A simple and stable custom ROM.</li>
<li><a href="https://www.sourceforge.net/projects/superioros">Superior OS</a> - Lightweight and optimized for performance.</li>
<li><a href="https://www.syberiaos.com">Syberia OS</a> - An AOSP-based ROM offering balance between features and stability.</li>
<li><a href="https://www.theunlockr.com/roms/android-roms">TheUnlockr: Android ROMs</a> - A collection of various Android custom ROMs.</li>
<li><a href="https://www.xiaomifirmwareupdater.com/miui">Xiaomi Firmware Updater</a> - Offers firmware updates for Xiaomi devices.</li>
</ul>
<!-- ################################## -->
<hr>
${\color{Red}\textbf{WARNING! BACKDOORS EVERYWHERE!}}$
<h3>Backdoors Everywhere</h3>
<a href="https://www.youtube.com/watch?v=aN9MzWw9G3o">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DaN9MzWw9G3o" alt=" Did Apple Create This Backdoor for the NSA? " title=" Did Apple Create This Backdoor for the NSA? "/>
</a>
<a href="https://www.youtube.com/watch?v=vg9ETJkeaTE">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dvg9ETJkeaTE" alt="Leaked: The Feds Can See Your Notifications" title="Leaked: The Feds Can See Your Notifications"/>
</a><br>
<a href="https://www.youtu.be/VonHAsY4-VA">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fyoutu.be%2FVonHAsY4-VA" alt="Phone Surveillance Exposed" title="Phone Surveillance Exposed"/>
</a>
<a href="https://www.youtube.com/watch?v=lfOgm1IcBd0">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fyoutube.com%2Fwatch%3Fv%3DlfOgm1IcBd0" alt="The Spy in Your Phone | Al Jazeera World" title="The Spy in Your Phone | Al Jazeera World"/>
</a>
<!-- ################################## -->
<hr>
<p>👷🛠️UNDER CONSTRUCTION🚧🏗</p>
<h4>Technology Comparison</h4>
<table border="1">
<thead>
<tr>
<th>Technology</th>
<th>Decentralization</th>
<th>Anonymity</th>
<th>Resilience</th>
<th>Accessibility</th>
<th>Speed</th>
<th>Challenges</th>
</tr>
</thead>
<tbody>
<tr>
<td>GSM (Traditional Mobile Networks)</td>
<td>Low</td>
<td>Low</td>
<td>Low (easily surveilled, controlled)</td>
<td>High (widely accessible)</td>
<td>High</td>
<td>Susceptible to government surveillance and control, requires centralized infrastructure.</td>
</tr>
<tr>
<td>Private GSM Networks</td>
<td>Medium</td>
<td>Medium</td>
<td>Medium (localized, difficult to monitor)</td>
<td>Low (requires setup and maintenance)</td>
<td>High</td>
<td>Limited range, regulatory challenges, expensive setup.</td>
</tr>
<tr>
<td>Satellite Phones</td>
<td>Medium</td>
<td>Medium</td>
<td>Medium (can bypass local networks but still traceable)</td>
<td>Low (expensive, regulatory restrictions in some areas)</td>
<td>Medium</td>
<td>High cost, signal blockage issues, legal restrictions in certain countries.</td>
</tr>
<tr>
<td>LoRa Networks</td>
<td>High</td>
<td>Medium</td>
<td>High (independent of traditional infrastructure)</td>
<td>Low (requires specific hardware)</td>
<td>Low</td>
<td>Limited bandwidth, short range without mesh network, specialized hardware needed.</td>
</tr>
<tr>
<td>Mesh Networks</td>
<td>High</td>
<td>Medium</td>
<td>High (difficult to censor/control)</td>
<td>Low to Medium (dependent on community adoption)</td>
<td>Medium</td>
<td>Requires widespread adoption, potential for limited range without sufficient nodes.</td>
<tr>
<td>Tor (The Onion Router)</td>
<td>High</td>
<td>High</td>
<td>Medium (can bypass censorship but still dependent on the Internet)</td>
<td>Medium (requires technical knowledge)</td>
<td>Medium</td>
<td>Weak end point, slow speeds, requires Internet access, subject to state attempts at blocking.</td>
</tr>
<tr>
<td>Amateur Radio (Ham Radio)</td>
<td>High</td>
<td>Low to Medium</td>
<td>High (operates independently of state networks)</td>
<td>Low (requires license, specialized equipment)</td>
<td>Low to Medium</td>
<td>Requires technical knowledge, legal restrictions, potential for interference.</td>
</tr>
</tbody>
</table>
<!-- ################################## -->
<hr>
<h3>Off-grid Communication</h3>
<h4><a href="https://reticulum.network/">Reticulum Network</a></h4>
<p>"Reticulum is the cryptography-based networking stack for building local and wide-area networks with readily available hardware. Reticulum can continue to operate even in adverse conditions with very high latency and extremely low bandwidth.</p>
<p>The vision of Reticulum is to allow anyone to operate their own sovereign communication networks, and to make it cheap and easy to cover vast areas with a myriad of independent, interconnectable and autonomous networks. Reticulum is Unstoppable Networks for The People."</p>
<a href="https://youtu.be/q8ltLt5SK6A">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fyoutu.be%2Fq8ltLt5SK6A" alt="Reticulum Network: How it Works and Why it's SO GOOD - Linux in a Bit (2024)" title="Reticulum Network: How it Works and Why it's SO GOOD - Linux in a Bit (2024)"/>
</a>
<ul>
<li><a href="https://reticulum.network">Reticulum Network</a> - A complete networking stack.</li>
</ul>
<!-- ################################## -->
<hr>
<h3>Mobile security</h3>
<p>Mobile (In)security: To enhance privacy, avoid using mobile devices or consider placing them in a Faraday bag. The GSM network is highly traceable, and even turning off your cell phone may not protect you from tracking.</p>
<p>As well as considering that the phone isn't really switched off, the fact that it has been switched off can already raise suspicions from a “time, place and manner” point of view (geofence context). <b>It seems a good option to leave the phone on at home or to have two phones</b>.</p>
<p>A Faraday bag is a simple, portable enclosure that blocks electromagnetic fields, preventing electronic devices inside from sending or receiving signals. It's useful for protecting your devices from tracking, hacking, or unwanted communication. Below is a step-by-step guide to making your own Faraday bag.</p>
<a href="https://www.youtube.com/watch?v=jfSe-xyQQzg">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DjfSe-xyQQzg" alt="Make & Test DIY Faraday bag for key FOB, RFID card, Passport - STOP Keyless car theft & more" title="Make & Test DIY Faraday bag for key FOB, RFID card, Passport - STOP Keyless car theft & more"/>
</a>
<a href="https://www.youtube.com/watch?v=sQ_V9LYfiUg">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DsQ_V9LYfiUg" alt="DIY Faraday Bag" title="DIY Faraday Bag"/>
</a>
<a href="https://www.youtube.com/watch?v=KdmIyKFTJEI">
<img src="https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DKdmIyKFTJEI" alt="Do Faraday Bags Really Work? Check out these testing results!" title="Do Faraday Bags Really Work? Check out these testing results!"/>
</a>
<h5>Materials Needed</h5>
<ul>
<li>Aluminum foil (heavy-duty preferred)
<ul>
<li>Alternative: Copper or nickel mesh, which offers enhanced shielding and durability.</li>
<li>Alternative: Conductive metallic fabric or Faraday fabric for a more durable and flexible bag.</li>
</ul>
</li>
<li>Plastic Ziploc bag or other durable, sealable plastic bag
<ul>
<li>Alternative: Mylar bag or any other airtight, non-conductive pouch for better sealing.</li>
</ul>
</li>
<li>Duct tape or conductive tape (for reinforcement and sealing edges)
<ul>
<li>Alternative: Aluminum or copper tape for a more secure, conductive seal.</li>
</ul>
</li>
<li>Scissors (for cutting foil or fabric)</li>
<li>Optional: Velcro strips or zip ties (for creating a reusable closure)</li>
</ul>
<!-- ################################## -->
<hr>
<p>👷🛠️UNDER CONSTRUCTION🚧🏗</p>
<h3>Basic Security Tips and Recommendations:</h3>
<p><em>For intermediate security, it's no military-grade security.</em></p>
<ul>
<li>Consider using a Faraday Bag.</li>
<li>Be aware of the physical security of your device; if it's seized, immediate access may be possible with Cellebrite despite all protections.</li>
<li>Keep your device's operating system and apps up to date to mitigate known vulnerabilities.</li>
<li>Use full-disk encryption to protect data at rest. Both iOS and Android offer this feature.</li>
<li>Enable a strong, alphanumeric password rather than a simple PIN or pattern.</li>
<li>Consider using a secondary device for sensitive communication that you do not use for other activities.</li>
<li>Consider using encrypted messaging apps like Simplex, Session or Signal, which offer end-to-end encryption.</li>
<li>Use a VPN (Virtual Private Network) to obscure your online activities from ISPs and other intermediaries. Your data could be collect by data brokers and selled to government. </li>
<li>Disable Wi-Fi, Bluetooth, and GPS when not in use to reduce tracking risks.</li>
<li>Regularly check app permissions to ensure no unauthorized access to your location or microphe.</li>
</ul>
<!-- ################################## -->
<hr>
<p>👷🛠️UNDER CONSTRUCTION🚧🏗</p>
<h3>BURNER PHONES</h3>
<p><em>The GSM network is highly traceable, even a turned-off cell phone is no longer safe.</em></p>
<ul>
<li>Avoid Reusing SIM Cards or Devices:
<ul>
<li>Always use a new SIM card and a new device
for each communication session. This prevents the possibility of
linking different activities together through the same hardware
or SIM.</li>
</ul>
</li>
<li>Avoid Carrying Different Devices Together:
<ul>
<li>Never carry your burner phone along with your
primary phone or other devices. If you do, the devices can be correlated
through proximity tracking or geolocation data.</li>
</ul>
</li>
<li>Avoid Creating Physical Associations Between Different Devices:
<ul>
<li>Use different locations when using different
devices. Do not use a burner phone in places you frequently visit
or where your primary phone is usually active. This prevents linking
the burner to your personal identity.</li>
</ul>
</li>
<li>Avoid Calling or Being Called by the Same Contacts on Different Devices:
<ul>
<li>Make sure that your burner phone is used to
contact individuals who do not have your primary phone number.
This helps avoid linking different devices through shared contacts.</li>
</ul>
</li>
<li>Use Cash or Anonymous Payment Methods:
<ul>
<li>Purchase burner phones and SIM cards with cash
or through anonymous payment methods. Avoid using credit cards
or any payment method that can be traced back to you.</li>
</ul>
</li>
<li>Buy Devices Far from Home:
<ul>
<li>Purchase your burner phone and SIM card from
locations far from where you live or frequently visit. Avoid places
with surveillance cameras that could capture your purchase.</li>
</ul>
</li>
<li>Disable GPS and Location Services:
<ul>
<li>Turn off all location services, GPS, and Wi-Fi
on the burner phone to reduce the risk of location tracking. If
possible, disable or remove the GPS hardware entirely.</li>
</ul>
</li>
<li>Avoid Storing Personal Information:
<ul>
<li>Do not store any personal information, contacts,
or messages on the burner phone. Use it strictly for the intended
temporary purpose and dispose of it afterward.</li>
</ul>
</li>
<li>Use Encrypted Communication Apps:
<ul>
<li>When communicating through a burner phone,
use encrypted messaging apps like Signal, Session, SimpleX, or
Telegram. Be cautious as some apps may still leak metadata.</li>
</ul>
</li>
<li>Be Aware of IMSI Catchers:
<ul>
<li>Avoid areas known to have heavy surveillance
or where IMSI catchers (devices that mimic cell towers to intercept
communications) might be deployed. These can be used to track and
intercept burner phone communications.</li>
</ul>
</li>
<li>Practice Good Operational Security (OpSec):
<ul>
<li>Develop and maintain strict OpSec habits, such
as only turning on the burner phone when necessary, and never using
it at home or work. Dispose of the phone after use in a secure
manner, such as by dismantling and destroying it.</li>
</ul>
</li>
<li>Remove or Disable Microphones and Cameras:
<ul>
<li>Consider physically removing or disabling the
phone’s microphones and cameras to prevent audio and video surveillance.
Many phones have multiple microphones, often one near the speaker
and one near the bottom of the device. These components can be
removed or disabled, but doing so may affect the phone's functionality.</li>
</ul>
</li>
<li>Dispose of the Phone Securely:
<ul>
<li>After the phone has served its purpose, dispose
of it in a way that ensures it cannot be traced back to you. This
may involve physically destroying the device or disposing of it
in a location far from where you live or work.</li>
</ul>
</li>
</ul>
<p>Additional References:</p>
<ul>
<li><a href="https://lifehacker.com/how-to-buy-a-burner-phone-1843905326" target="_blank" rel="noopener noreferrer">How to Buy a Burner Phone by LifeHacker</a></li>
<li><a href="https://www.eff.org/deeplinks/2024/06/next-generation-cell-site-simulators-here-heres-what-we-know"
target="_blank" rel="noopener noreferrer">The Next Generation of Cell-Site Simulators is Here. Here’s What We Know by EFF.</a></li>
<li><a href="https://www.schneier.com/tag/cell-phones/"
target="_blank" rel="noopener noreferrer">Schneier on Security - Tag Phones</a></li>
<li><a href="https://www.whonix.org/wiki/VoIP" target="_blank" rel="noopener noreferrer">Whonix - VoIP</a></li>
<li><a href="https://www.wired.com/story/the-wired-guide-to-protecting-yourself-from-government-surveillance/" target="_blank" rel="noopener noreferrer">The WIRED Guide to Protecting Yourself From Government Surveillance</a></li>
</ul>
<!-- ################################## -->
<hr>
<h3>CRYPTOPHONES</h3>
<p>Cryptophones are specialized mobile devices designed to provide secure communication through encryption. One notable example is the Encrochat case, where criminals used highly encrypted phones.</p>
https://www.vice.com/en/tag/encrypted-phones/<br>
<p>Tips and Recommendations:</p>
<ul>
<li>Choose cryptophones that have been vetted by reputable cybersecurity experts for potential backdoors or vulnerabilities.</li>
<li>Be cautious of the supply chain when purchasing a cryptophone; only buy from trusted vendors.</li>
<li>Regularly update the cryptophone's software to protect against newly discovered vulnerabilities.</li>
<li>Consider using separate devices for sensitive communication and daily tasks to minimize exposure.</li>
<li>Always assume that encrypted communication could eventually be decrypted, so limit the sharing of highly sensitive information.</li>
</ul>
<p>References:</p>
<ul>
<li><a href="https://www.xperylab.medium.com/the-dark-phones-encrochat-criminals-are-building-their-own-communication-system-474f3aeef759" target="_blank" rel="noopener noreferrer">Encrochat Case - Criminals Building Their Own Communication System</a></li>
<li><a href="https://www.vice.com/en/article/akdg8p/encrochat-hack-police-arrests-encrypted-phone" target="_blank" rel="noopener noreferrer">Vice - Encrochat Hack and Police Arrests</a></li>
<li><a href="https://www.forbes.com/sites/thomasbrewster/2020/07/02/encrochat-hack-shows-police-can-still-reach-the-darkest-corners-of-the-criminal-web/?sh=1f437a4c17c0" target="_blank" rel="noopener noreferrer">Forbes - Encrochat Hack Shows Police Reach into the Criminal Web</a></li>
<li><a href="https://www.schneier.com/blog/archives/2018/03/ufed_phone_hack.html" target="_blank" rel="noopener noreferrer">Schneier on Security - UFED Phone Hack</a></li>
<li><a href="https://www.securelist.com/forensics-bypassing-device-encryption/93557" target="_blank" rel="noopener noreferrer">Kaspersky - Forensics and Bypassing Device Encryption</a></li>
<li><a href="https://www.citizenlab.ca/2020/12/guesswork-the-theft-of-encrypted-smartphones-via-government-hacking" target="_blank" rel="noopener noreferrer">Citizen Lab - The Theft of Encrypted Smartphones via Government Hacking</a></li>
</ul>
<!-- ################################## -->
<hr>
<h3>Cellebrite UFED</h3>
<h4>Identifying or Defeating Some Exploits</h4>
<p>Cellebrite's UFED (Universal Forensic Extraction Device) is a powerful tool used by governments to extract data from mobile devices bypassing security features. Understanding the vulnerabilities it exploits can help in securing your devices against such intrusions.</p>
<p><a href="https://www.github.com/levlesec/lockup" target="_blank" rel="noopener noreferrer">A proof-of-concept Android application to detect and defeat some of the Cellebrite UFED forensic toolkit extraction techniques (GitHub)</a></p></li>
<!-- ################################## -->
<hr>
<p>👷🛠️UNDER CONSTRUCTION🚧🏗</p>
<h4>Mobile Data and GSM Comparison Using a Burner Phone and a Geofence Database</h4>
<p>Your cell phone is a walking spy. Below is the comparison, when using a burner phone and geofence database, between Internet Tracking (using mobile data with a unique phone ID) and GSM Tracking (SIM/Chip-based with cell tower data).</p>
<table border="1">
<thead>
<tr>
<th>Aspect</th>
<th>Internet Tracking (Burner Phone with Mobile Data)</th>
<th>GSM Tracking (Burner Phone with SIM/Cell Tower Data)</th>
</tr>
</thead>
<tbody>
<tr>
<td>Tracking Method</td>
<td>Burner phone connects to the internet, sending location data through mobile data, with a unique phone ID (IMEI or device ID).</td>
<td>Burner phone connects to cell towers, and its IMSI/IMEI is logged by telecom providers when the phone is used (calls, texts, or mobile data). No internet is needed, or mobile data can be deactivated.</td>
</tr>
<tr>
<td>Location Tracking</td>
<td>Precise location data (IP address, GPS) can pinpoint exact locations.</td>
<td>Location is tracked via the proximity to cell towers. In urban areas, more towers provide a general location, but not pinpoint accuracy.</td>
</tr>
<tr>
<td>Scenario Example</td>
<td>If the burner phone uses mobile data for a call, it can be identified and tracked using its unique ID (IMEI), retroactively correlated with a database (how to call this secret database?).</td>
<td>If the burner phone uses GSM to make a call, its general location can be tracked when it connects to cell towers, retroactively the IMSI/IMEI is logged by telecom providers. Even turning the phone off doesn't reduce traceability, because of the correlation between the area and the time the phone was off.</td>
</tr>
<tr>
<td>Geofence Database Usage</td>
<td>Geofence can be used to collect location data of all devices in a certain area within a specific time frame. This can result in tracking of burner phones in area.</td>
<td>Geofence can also be applied in GSM tracking, collecting location data from all burner phones in a specific area. Telecom providers log IMSI/IMEI, which can link the burner phone to an area.</td>
</tr>
</tbody>
</table>
<!-- ################################## -->
<hr>
<h3>Android Root (Jailbreak)</h3>
<h4>Root Forums & Communities</h4>
• <a href="https://www.xdaforums.com">XDA Forums</a> - The largest and most popular Android development community.<br>
• <a href="https://www.rootzwiki.com/index">RootzWiki Forums</a> - Community forums for Android rooting and custom ROMs.<br>
• <a href="https://www.forums.androidcentral.com">Android Central Forums</a> - General Android discussions, including root.<br>
• <a href="https://www.androidforums.com">Android Forums</a> - Dedicated sections for rooting various Android devices.<br>
• <a href="https://www.reddit.com/r/androidroot">Reddit: r/androidroot</a> - A Reddit community for Android rooting topics.<br>
<h4>Rooting Tools & Resources</h4>
• <a href="https://www.github.com/topjohnwu/Magisk">Magisk</a> - The leading tool for Android root, offering a systemless rooting method.<br>
• <a href="https://www.twrp.me">TWRP (Team Win Recovery Project)</a> - A custom recovery solution that enables flashing custom ROMs and other modifications.<br>
• <a href="https://www.github.com/0x192/universal-android-debloater">Android Debloater</a> - A tool to remove bloatware from your Android device without root.<br>
• <a href="https://www.phonedb.net/index.php?m=repository&list=rom_update">PHONEDB</a> - A database of ROMs and updates for Android devices.<br>
<h4>Custom ROMs</h4>
• <a href="https://www.github.com/PixelExperience">Pixel Experience</a> - A custom ROM that provides a clean and stock Pixel experience.<br>
• <a href="https://www.droidontime.com">Droid On Time (DOT OS)</a> - A custom Android ROM that focuses on performance and stability.<br>
• <a href="https://www.theunlockr.com/roms/android-roms">TheUnlockr: Android ROMs</a> - A collection of various Android custom ROMs.<br>
• <a href="https://www.sammobile.com">SamMobile</a> - Offers firmware for Samsung devices, useful for custom ROM installations.<br>
<h4>Samsung Resources</h4>
• <a href="https://xdaforums.com/c/samsung.11975/">XDA: Samsung Phones</a> - Dedicated sub-forums for Samsung devices on XDA.<br>
• <a href="https://www.samsungodin.com">Odin for Samsung</a> - Odin is a tool used to flash firmware onto Samsung devices.<br>
• <a href="https://www.frija-tool.com">Frija</a> - A Samsung firmware download tool that simplifies the process of downloading official firmware.<br>
• <a href="https://www.samfirmtool.com">SamFirm</a> - A legacy tool used to download Samsung stock firmware.<br>
<h4>Xiaomi (MIUI or POCO) Resources</h4>
• <a href="https://xdaforums.com/c/xiaomi.12005/">XDA: Xiaomi/MIUI Devices</a> - XDA sub-forum for Xiaomi and MIUI devices.<br>
• <a href="https://www.xiaomi.eu/community">Xiaomi.eu Community</a> - A community for Xiaomi users, known for custom MIUI ROMs.<br>
• <a href="https://www.mi-globe.com">MIUI Globe ROM</a> - Custom MIUI ROMs with additional features and optimizations.<br>
• <a href="https://www.miuirom.org">MIUI ROM</a> - A platform providing MIUI ROMs, themes, and updates.<br>
<h4>Realme Resources</h4>
• <a href="https://xdaforums.com/c/realme.12009/">XDA: Realme Devices</a> - Dedicated sub-forum for Realme devices on XDA.<br>
• <a href="https://www.realmecommunity.com">Realme Community</a> - Official Realme forums for discussions, troubleshooting, and updates.<br>
• <a href="https://www.realmefirmware.com">Realme Firmware</a> - A website offering official Realme firmware for various devices.<br>
• <a href="https://www.getdroidtips.com/tag/realme">GetDroidTips: Realme</a> - Tutorials, firmware, and rooting guides for Realme devices.<br>
• <a href="https://www.forum.xda-developers.com/t/realme-bootloader-unlock-guide.4005619">Realme Bootloader Unlock Guide (XDA)</a> - Guide to unlocking the bootloader on Realme devices.<br>
• <a href="https://www.community.realme.com/in/post-details/1425235924814989312">Realme Official Bootloader Unlock Instructions</a> - Official bootloader unlocking procedure from Realme.<br>
• <a href="https://www.realme.com/in/support/software-update">Realme Software Update Page</a> - Official Realme support page for software updates.<br>
• <a href="https://www.cyanogenmods.org/downloads/category/realme">CyanogenMods: Realme</a> - Custom ROMs and mods for Realme devices.<br>
<h4>Motorola Resources</h4>
• <a href="https://xdaforums.com/c/motorola.11990/">XDA: Motorola Phones</a> - Sub-forum for Motorola devices on XDA.<br>
• <a href="https://www.firmware.center/firmware/Motorola">Motorola Firmware Center</a> - A repository for Motorola stock firmware.<br>
• <a href="https://www.forum.xda-developers.com/t/motorola-bootloader-unlocking.3760140">Motorola Bootloader Unlocking Guide (XDA)</a> - Guide for unlocking Motorola bootloaders.<br>
• <a href="https://www.support.motorola.com/us/en/solution/MS87215">Motorola Official Bootloader Unlock</a> - Motorola’s official guide to unlocking the bootloader.<br>
<h4>LG Resources</h4>
https://xdaforums.com/c/lg.12042/
<!-- ################################## -->
<hr>
<h3>MOBILE STORE</h3>
<ul>
<li><a href="https://www.f-droid.org">F-Droid</a> - A trusted repository for open-source Android apps.</li>
<li><a href="https://www.apt.izzysoft.de/fdroid">IzzyOnDroid</a> - An additional F-Droid repository with curated apps.</li>
<li><a href="https://www.divestos.org">DivestOS</a> - A privacy-focused mobile operating system with its own F-Droid repository.</li>
<li><a href="https://www.auroraoss.com">Aurora Store</a> - A privacy-respecting alternative to the Google Play Store.</li>
</ul>
<p>Note: For more on secure Android app stores, see <a href="https://www.privacyguides.org/en/android/#f-droid">Privacy Guides</a>.</p>
<!-- ################################## -->
<hr>
<h3>MOBILE SECURITY APPS</h3>
<p><em>For intermediate security, it's not military-grade security, but it adds important layers of protection.</em></p>
<h4>Sandboxes</h4>
<ul>
<li><a href="https://www.gitea.angry.im/PeterCxy/Shelter#shelter">Shelter</a> - An app for isolating and running apps in a separate sandbox.</li>
<li><a href="https://secure-system.gitlab.io/Insular">Insular</a> - A fork of Shelter, providing a way to isolate apps from accessing sensitive data.</li>
</ul>
<h4>Emergency</h4>
<ul>
<li><a href="https://www.f-droid.org/en/packages/me.lucky.wasted">Wasted</a> - Send distress signals when you’re in danger.</li>
<li><a href="https://github.com/guardianproject/ripple">Ripple</a> - A distress signal app for activists and journalists.</li>
<li><a href="https://www.f-droid.org/en/packages/de.nulide.findmydevice">Find My Device (FMD)</a> - Locate your Android device in case of theft or loss.</li>
</ul>
<h4>Sanitizers</h4>
<ul>
<li><a href="https://www.f-droid.org/en/packages/us.spotco.extirpater">Extirpater</a> - Securely wipe sensitive data from your device.</li>
<li><a href="https://www.f-droid.org/en/packages/io.github.randomfilemaker">RandomFileMaker</a> - Create random files to overwrite and sanitize data.</li>
<li><a href="https://github.com/peterhearty/WipeFiles">WipeFiles</a> - A file-shredding tool for securely deleting files.</li>
</ul>
<h4>Track Trackers</h4>
<ul>
<li><a href="https://github.com/Exodus-Privacy/exodus-android-app">Exodus</a> - Scan apps for embedded trackers and privacy threats.</li>
<li><a href="https://github.com/celzero/rethink-app">Rethink-App</a> - Firewall and DNS-over-HTTPS protection to block trackers.</li>
</ul>
<h4>Passwords</h4>
<ul>
<li><a href="https://github.com/Kunzisoft/KeePassDX">KeePassDX</a> - A powerful password manager supporting KeePass databases.</li>
<li><a href="https://www.f-droid.org/en/packages/proton.android.pass.fdroid">Proton Pass</a> - A secure password manager from the makers of ProtonMail.</li>
<li><a href="https://github.com/freeotp/freeotp-android">FreeOTP</a> - A two-factor authentication application for systems utilizing one-time password protocols.</li>
<li><a href="https://github.com/beemdevelopment/Aegis">Aegis</a> - A 2FA (two-factor authentication) manager for securing logins.</li>
<li><a href="https://github.com/Yubico/yubioath-flutter">Yubico</a> - Secure authentication for YubiKey users.</li>
</ul>
<h4>Cryptography</h4>
<ul>
<li><a href="http://howtogeek.com/141953/how-to-encrypt-your-android-phone-and-why-you-might-want-to">Encrypt your Android phone</a> - A guide on how and why to encrypt your device.</li>
<li><a href="https://www.f-droid.org/en/packages/org.cryptomator.lite">Cryptomator</a> - Securely encrypt your cloud storage data.</li>
<li><a href="https://code.google.com/p/cryptonite">Cryptonite (TrueCrypt)</a> - An Android version of the TrueCrypt encryption software.</li>
<li><a href="https://www.f-droid.org/en/packages/org.sufficientlysecure.keychain">OpenKeychain (OpenPGP)</a> - Manage your PGP keys and encrypt/decrypt messages.</li>
<li><a href="https://www.f-droid.org/packages/com.sovworks.edslite">EDS Lite</a> - Encrypt file containers on Android, similar to TrueCrypt.</li>
<li><a href="https://github.com/hash-checker/hash-checker">Hash Checker</a> - A tool to verify file integrity with hash functions.</li>
<li><a href="https://github.com/seoulcodingcafe/HashEasily">Hash Easily</a> - Generate hashes (MD5, SHA) for files and strings.</li>
</ul>
<h4>Anon Networks</h4>
<ul>
<li><a href="https://github.com/Gedsh/InviZible">InviZible</a> - An all-in-one tool that combines Tor, DNSCrypt, and I2P for anonymous browsing.</li>
<li><a href="https://github.com/guardianproject/orbot">Orbot</a> - Use Tor to browse the web anonymously on your Android device.</li>
<li><a href="https://guardianproject.info/apps/info.guardianproject.orfox">Orfox</a> - A privacy-focused web browser for use with Orbot, based on Tor Browser.</li>
<li><a href="https://orwall.org/">orWall Project</a> - Put your apps behind Orbot and block all unwanted traffic in one go.</li>
</ul>
<h4>Keyboards</h4>
<ul>
<li><a href="https://github.com/florisboard/florisboard">Florisboard (Beta)</a> - A fast, open-source keyboard with modern features.</li>
<li><a href="https://anysoftkeyboard.github.io">AnySoftKeyboard</a> - A privacy-focused, customizable keyboard with multiple language support.</li>
<li><a href="https://f-droid.org/en/packages/rkr.simplekeyboard.inputmethod/">Simple Keyboard</a> - Simply keyboard and nothing more.</li>
<li><a href="https://github.com/klausw/hackerskeyboard">Hackers Keyboard</a> - A full 5-row keyboard for terminal use, coding, and more.</li>
</ul>
<h4>Others</h4>
<ul>
<li><a href="https://github.com/EtchDroid/EtchDroid">EtchDroid</a> - Create bootable USB drives from your Android device.</li>
<li><a href="https://github.com/Android1500/AndroidFaker">Android Faker</a> - Spoof device information for testing and anonymity.</li>
<li><a href="https://github.com/microg/GmsCore">Free implementation of Play Services</a> - microG: A free and open-source implementation of Google Play Services.</li>
<li><a href="https://gsmarena.com">Phones Reference - GSMArena</a> - Comprehensive phone specifications and reviews.</li>
<li><a href="https://phonescoop.com">Phones Reference - PhoneScoop</a> - Phone specs, comparisons, and analysis.</li>
<li><a href="https://github.com/botherder/androidqf">AndroidQF</a> - A tool to extract Android app metadata.</li>
</ul>
<!-- ################################## -->
<hr>
<br>
<p>👷🛠️UNDER CONSTRUCTION🚧🏗</p>
<details>
<summary>Instant Messaging Communication</summary>
<br>
<p>Communicate with friends and family as if you're in a war room.</p>
<img src=".data/war_room_dr._strangelove.jpeg" alt="War Room" width="640" height="320">
<h5>SimpleX</h5>
<ul>
<li><a href="https://www.github.com/simplex-chat/simplex-chat">SimpleX Chat</a></li>
</ul>
<h5>Session</h5>
<ul>
<li><a href="https://www.github.com/oxen-io/session-desktop">Session Desktop</a></li>
<li><a href="https://www.github.com/oxen-io/session-android">Session Android</a></li>
<li><a href="https://www.github.com/GNU-Linux-libre/Awesome-Session-Group-List">Session Group List</a></li>
<li><a href="https://www.arxiv.org/pdf/2002.04609.pdf">Session Paper</a></li>
<li><a href="https://www.getsession.org/blog/session-and-australias-laws-to-circumvent-secure-communications">Session and Australia’s Laws to Circumvent Secure Communications</a></li>
<li><a href="https://www.404media.co/encrypted-chat-app-session-leaves-australia-after-visit-from-police-2/">404 Media - Encrypted Chat App ‘Session’ Leaves Australia After Visit From Police</a></li>
</ul>
<h5>Signal</h5>
<ul>
<li><a href="https://www.github.com/signalapp">Signal GitHub</a></li>
<li><a href="https://www.signal.org/android/apk">Signal APK</a></li>
<li><a href="https://www.community.signalusers.org/t/overview-of-third-party-security-audits/13243">Security Audits Overview</a></li>
<li><a href="https://www.youtube.com/watch?v=QEq2JQ6nzuQ">Signal Did NOT Get Hacked</a></li>
</ul>
<h4> Secure Messaging and Instant Messaging</h4>
<img src=".data/C0m4pps.png" alt="Chat Apps" width="640" height="320">
<h4>Secure messaging and instant messaging comparison: Session, SimpleX, Signal, and Telegram</h4>
<table border="1">
<thead>
<tr>
<th>Feature</th>
<th><a href="https://getsession.org" target="_blank" rel="noopener noreferrer">Session</a></th>
<th><a href="https://simplex.chat" target="_blank" rel="noopener noreferrer">SimpleX</a></th>
<th><a href="https://signal.org" target="_blank" rel="noopener noreferrer">Signal</a></th>
<th><a href="https://telegram.org" target="_blank" rel="noopener noreferrer">Telegram</a></th>
</tr>
</thead>
<tbody>
<tr>
<td>Protocol Type</td>
<td>LibP2P</td>
<td>Custom (Double Ratchet)</td>
<td>Signal Protocol (Double Ratchet)</td>
<td>MTProto</td>
</tr>
<tr>
<td>Primary Use Case</td>
<td>Anonymous, decentralized messaging</td>
<td>Privacy-focused messaging</td>
<td>Privacy-focused messaging</td>
<td>General messaging, media sharing</td>
</tr>
<tr>
<td>Encryption</td>
<td>End-to-end encryption (default)</td>
<td>End-to-end encryption (default)</td>
<td>End-to-end encryption (default)</td>
<td>Client-server encryption (default), End-to-end encryption (Secret Chats)</td>
</tr>
<tr>
<td>Decentralization</td>
<td>Fully decentralized (no central servers)</td>
<td>Decentralized communication nodes</td>
<td>Centralized servers</td>
<td>Centralized servers</td>
</tr>
<tr>
<td>Identity Management</td>
<td>Anonymous (no phone number or email required)</td>
<td>Username-based (no phone number required)</td>
<td>Phone number-based</td>
<td>Phone number-based</td>
</tr>
<tr>
<td>Message Persistence</td>
<td>Client-side only (no cloud storage)</td>
<td>Client-side only (no cloud storage)</td>
<td>Client-side only (optional backup)</td>
<td>Cloud storage (optional local storage)</td>
</tr>
<tr>
<td>Group Chats</td>
<td>Supported</td>
<td>Supported</td>
<td>Up to 1,000 members</td>
<td>Up to 200,000 members</td>
</tr>
<tr>
<td>File Sharing</td>
<td>Limited to client-side capacity</td>
<td>Limited to client-side capacity</td>
<td>Supports files up to 100MB</td>
<td>Supports large files (up to 2GB)</td>
</tr>
<tr>
<td>Metadata Protection</td>
<td>Strong (no central server metadata storage)</td>
<td>Strong (no central server metadata storage)</td>
<td>Strong (minimizes metadata collection)</td>
<td>Limited (metadata stored on servers)</td>
</tr>
<tr>
<td>Open Source</td>
<td>Fully open-source</td>
<td>Fully open-source</td>
<td>Fully open-source</td>
<td>Partially (client is open-source, server is proprietary)</td>
</tr>
<tr>
<td>Cross-Platform Availability</td>
<td>iOS, Android, Windows, macOS, Linux</td>
<td>iOS, Android, Linux, Web</td>
<td>iOS, Android, Windows, macOS, Linux</td>
<td>iOS, Android, Windows, macOS, Linux, Web</td>
</tr>
<tr>
<td>License</td>
<td>GPLv3</td>
<td>AGPLv3</td>
<td>GPLv3</td>
<td>Custom (Telegram license)</td>
</tr>
</tbody>
</table>
<h4>Communication Protocols</h4>
<h5>Matrix (Protocol)</h5>
<ul>
<li><a href="https://www.matrix.org">matrix.org</a></li>
<li><a href="https://www.github.com/matrix-org">github.com/matrix-org</a></li>
<li><a href="https://www.en.wikipedia.org/wiki/Matrix_(protocol)">Wikipedia - Matrix Protocol</a></li>
<li><a href="https://www.reddit.com/r/Mastodon/comments/mzubbb/mastodon_vs_matrix">Mastodon vs Matrix Discussion</a></li>
</ul>
<ul>
<li>Anonymous Chat, IRC, XMPP in Whonix: <a href="https://www.whonix.org/wiki/Chat">whonix.org/wiki/Chat</a></li>
<li>XMPP vs Matrix vs MQTT: <a href="https://www.rst.software/blog/xmpp-vs-matrix-vs-mqtt-which-instant-messaging-protocol-is-best-for-your-chat-application">rst.software/blog</a></li>
</ul>
<h5>XMPP</h5>
<ul>
<li><a href="https://www.xmpp.org/software/?platform=linux">XMPP Software for Linux</a></li>
<li><a href="https://www.xmpp.org/software/gajim">Gajim</a></li>
<li><a href="https://www.github.com/profanity-im/profanity">Profanity IM</a></li>
<li><a href="https://www.github.com/zom/zom-android">Zom Android</a></li>
<li><a href="http://conversations.im">Conversations IM</a></li>
<li><a href="https://www.github.com/psi-im/psi">Psi IM</a></li>
<li><a href="https://www.github.com/dino/dino">Dino IM</a></li>
<li><a href="https://www.github.com/nioc/xmpp-web">XMPP Web</a></li>
</ul>
<h1>Comparison of Secure Communication Protocols</h1>
<table border="1">
<thead>
<tr>
<th>Protocol</th>
<th>Protocol Type</th>
<th>Primary Use Case</th>
<th>Architecture</th>
<th>Scalability</th>
<th>Message Format</th>
<th>Security Features</th>
<th>Offline Support</th>
<th>Quality of Service</th>
<th>Supported Clients</th>
<th>Extensibility</th>
<th>License</th>
</tr>
</thead>
<tbody>
<tr>
<td><a href="https://matrix.org/" target="_blank" rel="noopener noreferrer">Matrix</a></td>
<td>Decentralized Messaging</td>
<td>Real-time Messaging</td>
<td>Decentralized</td>
<td>High</td>
<td>JSON</td>
<td>End-to-End Encryption (E2EE), Cross-device Sync</td>
<td>Yes</td>
<td>Medium (depends on network quality)</td>
<td>Web, Mobile, Desktop</td>
<td>Highly Extensible</td>
<td>Apache License 2.0</td>
</tr>
<tr>
<td><a href="https://signal.org/" target="_blank" rel="noopener noreferrer">Signal Protocol</a></td>
<td>Secure Messaging</td>
<td>Private Communication</td>
<td>Centralized</td>
<td>Medium</td>
<td>Protobuf</td>
<td>Forward Secrecy, Deniable Authentication, E2EE</td>
<td>Yes (for queued messages)</td>
<td>High</td>
<td>Mobile, Desktop</td>
<td>Limited Extensibility</td>
<td>GPLv3</td>
</tr>
<tr>
<td><a href="https://xmpp.org/" target="_blank" rel="noopener noreferrer">XMPP with OMEMO</a></td>
<td>Instant Messaging</td>
<td>Messaging and Presence</td>
<td>Decentralized</td>
<td>High</td>
<td>XML</td>
<td>End-to-End Encryption (OMEMO), Multi-device Support</td>
<td>Yes</td>
<td>Medium</td>
<td>Web, Mobile, Desktop</td>
<td>Moderate Extensibility</td>
<td>GPL</td>
</tr>
<tr>
<td><a href="https://mqtt.org/" target="_blank" rel="noopener noreferrer">MQTT with TLS</a></td>
<td>Lightweight Messaging</td>