Denis 'GNUtoo' Carikli writes: > From: Wolfgang Wiedmeyer <[email protected]> > > - Clarify that the storage should be encrypted using a strong passphrase. > - Chatsecure doesn't seem to be maintained anymore and it's not part of > F-Droid anymore, so recommend Conversations instead. > - AGP was replaced with OpenKeychain in K-9 Mail. The link to the K-9 > - Mail website is updated. > - Add orWall to the Android Tor setup. > - Add Silence for encrypting SMS. > - Remove the Tor project's Android hardening guide: The guide was > updated and there is a link to the updated guide at the beginning of > the old guide. The new guide has extensive sections about CopperheadOS > and recommends to use it and donate to the project. CopperheadOS is > nonfree software. They not only use blobs like LineageOS does, but > their entire source code changes have a nonfree licence[1]. > > [1] https://copperhead.co/android/downloads > > Signed-off-by: Wolfgang Wiedmeyer <[email protected]> > Acked-by: Denis 'GNUtoo' Carikli <[email protected]>
You acked v1 and not v2. I guess v2 is ok, too? It only has orWall removed again because it is EOL. Best regards, Wolfgang > --- > freedom-privacy-security-issues.php | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) > > diff --git a/freedom-privacy-security-issues.php > b/freedom-privacy-security-issues.php > index 7def689..0400d81 100644 > --- a/freedom-privacy-security-issues.php > +++ b/freedom-privacy-security-issues.php > @@ -154,13 +154,14 @@ > Some general good advice to ensure the best > possible respect of freedom and privacy/security on mobile devices includes: > <ul> > <li>Installing only free software > applications, from trusted sources such as F-Droid on Replicant.</li> > - <li>Encrypting the device's storage, to > prevent some unauthorized access to the device's data.</li> > - <li>Using software that provides secure > peer-to-peer-encrypted communications such as <a > href="//dev.guardianproject.info/projects/gibberbot">ChatSecure</a> for > instant messaging and <a href="//thialfihar.org/projects/apg/">AGP</a> with > <a href="//code.google.com/p/k9mail">K-9 Mail</a> for emails on > Replicant.</li> > - <li>Using <a > href="//www.torproject.org/">Tor</a> to achieve reliable anonymity, for > instance with <a href="//www.torproject.org/docs/android.html.en">Orbot</a> > on Replicant.</li> > + <li>Encrypting the device's storage > with a strong passphrase, to prevent some unauthorized access to the device's > data.</li> > + <li>Using software that provides secure > encrypted communications such as <a > href="https://conversations.im/";>Conversations</a> for instant messaging and > <a href="https://www.openkeychain.org/";>OpenKeychain</a> with <a > href="https://k9mail.github.io/";>K-9 Mail</a> for emails on Replicant.</li> > + <li>Using <a > href="//www.torproject.org/">Tor</a> to achieve reliable anonymity, for > instance with <a href="//www.torproject.org/docs/android.html.en">Orbot</a> > and <a href="https://orwall.org/";>orWall</a> on Replicant.</li> > + <li>Using <a > href="https://silence.im/";>Silence</a> to encrypt SMS messages.</li> > <li>If the device is telephony-enabled, > switching the modem to airplane mode or (when possible) turning it off when > not in use, to avoid being tracked at all times.</li> > <li>Browsers using the webview > framework (such as the browser shipped with Replicant and <a > href="https://github.com/anthonycr/Lightning-Browser";>Lightning</a>) are > subject to <a > href="https://community.rapid7.com/community/metasploit/blog/2015/01/11/google-no-longer-provides-patches-for-webview-jelly-bean-and-prior";>various > security flaws</a> in Replicant 4.2.</li> > </ul> > - In addition, the <a href="//www.fsf.org/">Free > Software Foundation</a> provides a <a > href="//www.fsf.org/campaigns/surveillance">comprehensive guide to help > protect freedom and privacy</a> and the Tor project an article entitled <a > href="//blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy">Mission > Impossible: Hardening Android for Security and Privacy</a>. > + In addition, the <a href="//www.fsf.org/">Free > Software Foundation</a> provides a <a > href="//www.fsf.org/campaigns/surveillance">comprehensive guide to help > protect freedom and privacy</a>. > </p> > </div> > </div> -- Website: https://fossencdi.org OpenPGP: 0F30 D1A0 2F73 F70A 6FEE 048E 5816 A24C 1075 7FC4 Key download: https://wiedmeyer.de/keys/ww.asc
signature.asc
Description: PGP signature
_______________________________________________ Replicant mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/replicant
