From: Wolfgang Wiedmeyer <wolf...@wiedmeyer.de>

- Clarify that the storage should be encrypted using a strong passphrase.
- Chatsecure doesn't seem to be maintained anymore and it's not part of
  F-Droid anymore, so recommend Conversations instead.
- AGP was replaced with OpenKeychain in K-9 Mail. The link to the K-9
- Mail website is updated.
- Add orWall to the Android Tor setup.
- Add Silence for encrypting SMS.
- Remove the Tor project's Android hardening guide: The guide was
  updated and there is a link to the updated guide at the beginning of
  the old guide. The new guide has extensive sections about CopperheadOS
  and recommends to use it and donate to the project. CopperheadOS is
  nonfree software. They not only use blobs like LineageOS does, but
  their entire source code changes have a nonfree licence[1].

[1]  https://copperhead.co/android/downloads

Signed-off-by: Wolfgang Wiedmeyer <wolf...@wiedmeyer.de>
Acked-by: Denis 'GNUtoo' Carikli <gnu...@no-log.org>
---
 freedom-privacy-security-issues.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/freedom-privacy-security-issues.php 
b/freedom-privacy-security-issues.php
index 7def689..0400d81 100644
--- a/freedom-privacy-security-issues.php
+++ b/freedom-privacy-security-issues.php
@@ -154,13 +154,14 @@
                                Some general good advice to ensure the best 
possible respect of freedom and privacy/security on mobile devices includes:
                                <ul>
                                        <li>Installing only free software 
applications, from trusted sources such as F-Droid on Replicant.</li>
-                                       <li>Encrypting the device's storage, to 
prevent some unauthorized access to the device's data.</li>
-                                       <li>Using software that provides secure 
peer-to-peer-encrypted communications such as <a 
href="//dev.guardianproject.info/projects/gibberbot">ChatSecure</a> for instant 
messaging and <a href="//thialfihar.org/projects/apg/">AGP</a> with <a 
href="//code.google.com/p/k9mail">K-9 Mail</a> for emails on Replicant.</li>
-                                       <li>Using <a 
href="//www.torproject.org/">Tor</a> to achieve reliable anonymity, for 
instance with <a href="//www.torproject.org/docs/android.html.en">Orbot</a> on 
Replicant.</li>
+                                       <li>Encrypting the device's storage 
with a strong passphrase, to prevent some unauthorized access to the device's 
data.</li>
+                                       <li>Using software that provides secure 
encrypted communications such as <a 
href="https://conversations.im/";>Conversations</a> for instant messaging and <a 
href="https://www.openkeychain.org/";>OpenKeychain</a> with <a 
href="https://k9mail.github.io/";>K-9 Mail</a> for emails on Replicant.</li>
+                                       <li>Using <a 
href="//www.torproject.org/">Tor</a> to achieve reliable anonymity, for 
instance with <a href="//www.torproject.org/docs/android.html.en">Orbot</a> and 
<a href="https://orwall.org/";>orWall</a> on Replicant.</li>
+                                       <li>Using <a 
href="https://silence.im/";>Silence</a> to encrypt SMS messages.</li>
                                        <li>If the device is telephony-enabled, 
switching the modem to airplane mode or (when possible) turning it off when not 
in use, to avoid being tracked at all times.</li>
                                        <li>Browsers using the webview 
framework (such as the browser shipped with Replicant and <a 
href="https://github.com/anthonycr/Lightning-Browser";>Lightning</a>) are 
subject to <a 
href="https://community.rapid7.com/community/metasploit/blog/2015/01/11/google-no-longer-provides-patches-for-webview-jelly-bean-and-prior";>various
 security flaws</a> in Replicant 4.2.</li>
                                </ul>
-                               In addition, the <a href="//www.fsf.org/">Free 
Software Foundation</a> provides a <a 
href="//www.fsf.org/campaigns/surveillance">comprehensive guide to help protect 
freedom and privacy</a> and the Tor project an article entitled <a 
href="//blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy">Mission
 Impossible: Hardening Android for Security and Privacy</a>.
+                               In addition, the <a href="//www.fsf.org/">Free 
Software Foundation</a> provides a <a 
href="//www.fsf.org/campaigns/surveillance">comprehensive guide to help protect 
freedom and privacy</a>.
                        </p>
                </div>
        </div>
-- 
2.12.0

_______________________________________________
Replicant mailing list
Replicant@lists.osuosl.org
http://lists.osuosl.org/mailman/listinfo/replicant

Reply via email to