We’ve seen all sorts of Android smartphones released over the years, from the ones that ship with Google’s stock Android or a third-party skin, to the ones that sport two displays, are curved or have heavy security features. There are tons of different smartphones available out there, and a number of different OS' available for those smartphones, and that’s the true beauty of Android. Now, some of you have probably heard of a Tor-enabled smartphone by Tor Project. This smartphone put a huge emphasis on security and privacy, and those of you who are very concerned about such issues should be interested, though do keep in mind that the Tor-enabled smartphone actually references software that can be installed on a smartphone, not the actual hardware smartphone that will be available for sale, just to make that clear.
The envisioned Tor-enabled smartphone is based on Copperhead OS, which is a different version of Android, a more secure one in a way. Tor developer, Mike Perry, actually decided to share some additional insight as to what makes such a phone special in a recent blog post. Mr. Perry said the following: "The prototype is meant to show a possible direction for Tor on mobile. We are trying to demonstrate that it is possible to build a phone that respects user choice and freedom, vastly reduces vulnerability surface, and sets a direction for the ecosystem with respect to how to meet the needs of high-security users". It is obvious that Mr. Perry is putting a huge emphasis on security, and he is trying to make sure that we, consumers, realize that. This prototype smartphone runs OrWall, which is an Android firewall that routes traffic over Tor, and essentially blocks everything is undesirable aka unsafe.
In addition to everything we mentioned, Mr. Perry also added that Apple’s iOS is at a greater risk of being compelled to enable software backdoors, mainly because it’s a closed source platform. He also said that the App Store is at a disadvantage compared to Google Play, why? Well, each app that is deployed on the App Store is re-encrypted for the user by Apple, so it’s not possible to verify that the package you’re installing actually matches the official package that you wanted to install. He also said that Android fragmentation is hurting the platform, as it is making the OS more vulnerable, though Google is doing the best they can and are trying to improve in that regard.
Let’s get back to Copperhead OS, which is also something Mike Perry talked about, and the main reason he talked about Android and iOS security in general. Copperhead is actually the only Android ROM that supports verified boot, which will certainly come as a surprise to some of you. What is 'verified boot'? It is essentially a feature which prevents various third-party exploits, such as modifying the boot, recovery or system. Copperhead also prevents Google Play apps to override system apps, which is yet another layer of security. He seems very convinced that Copperhead OS is the way to go, and that it is the right choice for the Tor-enabled smartphone.
In order to wrap up his thoughts, Mike Perry re-instated that the Tor Project has no plans to get into the hardware business, but is hoping that people will pay more attention to security. He also mentioned the Neo900 smartphone, which is an open source smartphone which puts a huge emphasis on privacy. Anyhow, those of you who are interested in such secure software based on Copperhead OS, do keep in mind that it works only on Nexus and Pixel smartphones, and you'll be able to read more about it if you click on the source link down below.