
Mission Improbable: Hardening Android for Security and Privacy - conductor
https://blog.torproject.org/blog/mission-improbable-hardening-android-security-and-privacy
======
necessity
Interesting, I had never heard of that project before. I'm currently using
CM13 without Gapps. The "privacy guard" and other app permission configs are
absolutely terrible ui-wise. There's several places (hidden in nested
"Advanced" menus) you need to go to set app permissions (some permissions can
be set from two different places and I'm not sure which one has the final say)
and it still requires you to manually set permissions for new apps, theres no
way to set for instance no internet access as a default for new apps.

~~~
secfirstmd
Yeh Copperhead, Guardian Project and Tor is definitely the way to go for a
locked down Android. Though only supported on the Nexus and Pixel devices I
think.

~~~
bsilvereagle
You are correct.

> The hardware for this prototype is the Google Nexus 6P. While we would
> prefer to support lower end models for low income demographics, only the
> Nexus and Pixel lines support Verified Boot with user-controlled keys. We
> are not aware of any other models that allow this, but we would love to hear
> if there are any that do.

~~~
mtgx
I'm hoping that as the Pixel line turns into more of a real business for
Google, they will actually start making phones that cost half as much or even
1/4 as much as the current Pixel devices. Google raised the (pricing) entry
bar for secure Android devices to the level of iPhones, and that leaves most
people without any real options for secure phones especially when most Chinese
phones seem to come with backdoors by default.

I also think Google needs to increase OS update time to at least 3 years, and
security updates to 4 or 5 years. The _entire_ life cycle of a device should
be taken into account when support is considered for devices. And no, two
years is not the lifetime of a smartphone. That's a lie, mostly pushed by
carriers (and of course manufacturers). A smartphone can easily last 4+ years,
and it doesn't have to have the same owner during this period.

------
emsy
I'm in the market for a new phone, and I feel like I'm between a rock and a
hard place. Android is a privacy disaster, but Apple's latest pricing and
product decision make it unlikely to buy another iPhone.

~~~
throwaway98237
The new Blackberry DTEK60 is based on Android but supposedly hardened and has
much longer term security updates. You can still use the Play store. I know,
Blackberry? But seriously, it's not a bad looking phone and has good hardware
specs.

All the same, I'm in the same boat as you. Thinking about switching to land-
line and buying a separate camera and GPS navigation device. Hello 1990's!
Idk. Not liking my options.

~~~
pawadu
The DTEK60 sounds interesting. If Blackberry can get this to market for a
realistic price (300-400 is okay, 700 is not) I will probably get one of
those.

------
subway
As long as we keep seeing modems on the same silicon as our application
processors, attempting to secure a device against even a relatively
incompetent state actor is mostly pointless.

