Re: [Hackmeeting] Digest di Hackmeeting, Volume 223, Numero …

Delete this message

Reply to this message
Author: P@sKy
Date:  
To: hackmeeting
Subject: Re: [Hackmeeting] Digest di Hackmeeting, Volume 223, Numero 10
Il 16/05/2023 09:14, Amedeo Racanati ha scritto:
> Ciao a tutt*,
>
> a proposito delle registrazioni del Gabrio, volevo sapere se ci fossero dei
> file sulle presentazioni che sono state tenute all'Hack del 2022. Devo fare
> una presentazione sulla difesa digitale e mi servirebbe avere qualche
> spunto in piu.


Non so nulla delle registrazioni sulla difesa digitale,
ma voglio condividere alcuni tools di "mobile security" suggeriti dal
gruppo "GhostSec" che mi sembrano interessanti anche se non li ho
mai provati, ma ho uno smarthphone vecchio con cui "giocarci" appena
riesco a liberarmi da qualche impegno... se qualcuno li ha già provati
attendo qualche commento nel merito e come sempre.. happy hacking!

Sentry
https://f-droid.org/packages/me.lucky.sentry/

It is a minimalist application that allows you to protect your Android
phone. It supports functions such as:

• Setting a maximum number of unsuccessful PIN attempts, and after
exceeding it, destroying all data on the phone.
• Disabling USB data connections.
• Disabling safe boot mode.

Wasted https://f-droid.org/packages/me.lucky.wasted/

It is a simple panickit type application that allows you to remotely
wipe your device. All you need to do is send an SMS with a specially
generated code from another device, and the app will destroy all data.
Other activation methods include:

•  When the device has not been unlocked for a certain amount of time.
•  When someone connects a device via USB and the screen is locked.
•   Creating a honeypot, which means the app can create an icon on the 
messenger   screen such    as Session, Signal, Threema, Telegram, and 
when this dummy app is opened, the phone automatically destroys all data.


Invizble Pro https:
https://f-droid.org/packages/pan.alexander.tordnscrypt.stable/
This app contains everything you need for securing your mobile device.
It offers many possibilities for securing traffic and mainly supports:

• Tor
• DNScrypt
• Purple I2P
• ARP spoofing detection
• Built-in firewall

Haven
https://guardianproject.github.io/haven/#install
This app is mainly designed for people who need a simple way to
protect their devices from Evil Maid attacks, such as in hotels or
other places with limited trust. Haven turns any Android phone into a
motion, sound, vibration, and light detector that detects unauthorized
persons and alerts you to a potential "Evil Maid" attack. If a threat
is detected, the app can send a notification using the Signal
messenger. It is particularly useful for people such as activists,
lawyers, investigative journalists, and human rights defenders, but
can also help ordinary users who want to ensure greater security for
their devices.

Summary
The use of applications such as Sentry or Wasted allows for better
control over mobile devices, as well as faster and more effective data
removal in case of threat. Invizble Pro, on the other hand, offers
advanced tools for securing internet traffic, which can be
particularly useful in situations where the government suspects
individuals of illegal activities. Haven, in turn, provides an
interesting solution for people who need protection against "Evil
Maid" attacks.

--

P@sKy

Makkinista - Fuokista

GPG/PGP keys available via keyservers http://pgpkeys.mit.edu:11371/
         DSA: 6CBE 6982 5C10 CFF0 D676  6420 C1C5 B8EC 8690 0F88
         RSA: 40 6B 54 8C 20 A0 F6 0B  4C 96 AA 34 D3 FB DC 8C