The Guardian Project is about more than just apps. All of our code is open-source in order to move the collective ball forward in mobile security efforts. In addition we are building developer-focused libraries, tools and source code for you to add security-oriented features and capabilities to your own apps.
Connect
- Guardian Project GitHub: All of source code is hosted here, and mostly licensed under the GNU Public License v3.
- IRC – Come hang out on IRC at #guardianproject on freenode [Direct] or OFTC [Direct].
- Guardian-Dev Discussion List: Guardian Project Developer Email List
- Join our Developer Square Community Site: https://talk.developersquare.net
Developer Square is our new public community site for sharing, discussing, connect and learning. The main DevSq.net page offers an index of the content and resources we are promoting and sharing, while the “Talk” site (https://talk.developersquare.net) is a full fledged community discussion site focused on open-source, mobile app development.
Tools
CipherKit: We have 3 tools designed for Android app developers to make apps that are able to ensure better encryption and anonymity:
SQLCipher: Encrypted Database
SQLCipher is an SQLite extension that provides transparent 256-bit AES encryption of database files. It mirrors the standard android.database API. Pages are encrypted before being written to disk and are decrypted when read back.
SQLCipher Source Code
IOCipher: Encrypted Virtual Disk
IOCipher is a virtual encrypted disk for apps without requiring the device to be rooted. It uses a clone of the standard java.io API for working with files. Just password handling & opening the virtual disk are what stand between developers and fully encrypted file storage. It is based on libsqlfs and SQLCipher.
IOCipher Source Code
NetCipher: Encrypted Network Data & Tor Integration
NetCipher is improving network security. It provides a strong TLS/SSL verifier to help mitigate weaknesses in the certificate authority system. It eases the implementation of supporting SOCKS and HTTP proxies into applications and also supports onion routing for anonymity and traffic surveillance circumvention.
NetCipher Source Code
PanicKit: customizable, system-wide, app-specific panic buttons
PanicKit is a collection of tools for letting panic trigger and panic receiver apps safely and easily connect to each other. The trigger apps are the part that the user will actual engage when in a panic situation. The receiver apps receive the trigger signal from the trigger apps when the user has initiated the panic response. The connections between trigger and receiver can be strictly enforced based on packageName and APK signing key.
PanicKit Source Code
TrustedIntents: flexible trusted interactions between Android apps
TrustedIntents is a library for flexible trusted interactions between Android apps. It is modeled after Android’s signature protection level for permissions. The key difference is that the framework allows the trusted signature to be set, rather than requiring to match the current app’s signature.
TrustedIntents Source Code
libsqlfs
libsqlfs provides a complete virtual disk on top of a SQLite or SQLCipher database. The virtual disk is encrypted and contained in a single file, which can be easily moved around, copied, shared, etc. It is a standard FUSE filesytem that can work on Android, GNU/Linux, and hopefully soon Mac OS X.
libsqlfs GitHub code.
Not Maintained
Here are some apps/libraries that we have made in the past, but are not longer maintained. For anyone interested in taking up maintenance, we will gladly help them with the process of taking the project over from us.
Lil’ Debi: Mobile Debian Installer
Debian is an operating system composed of open source software packages mostly carrying the GNU General Public License. Debian is one of the most popular Linux distributions. Lil’ Debi is a small version of it for phones. It builds the whole Debian chroot on a device entirely using debootstrap.
Lil’ Debi GitHub code.
GnuPG: OpenPGP Encryption
Gnu Privacy Guard (GnuPG) brings the OpenPGP encryption standard to Android. GnuPG combines hashing, compression, and public-key cryptography for keeping emails and files private, and for verifying that emails and files are from who you think they are. It includes an Android API and an app for keychain management.
Google Play | Direct Download (.apk)| View source code
ffmpeg: Media Privacy Framework
fmpeg is a popular, widespread framework for transcoding and filtering digital videos. It’s being extended to provide a full framework for audio and image redaction, metadata management, and encryption of sensitive parts of the media. The framework is wrapped in a Java API.
ffmpeg source code.