Pavol Luptak
CEO of Nethemba - Slovak IT security company founded in 2007, primarily focused on web application security and various penetration tests.
My Top 30 Sovereignty Apps
pavol.luptak@paralelnipolis.cz
About me
- Crypto-anarchist and voluntaryist focused on technology and society hacking.
- Global citizen and perpetual traveller (with the residency in Panama and Paraguay)
- Involved in IT security more 20 years (founder of IT security companies nethemba.com and hacktrophy.com)
- Digital privacy activist and Internet freedom fighter
- Co-founder of hackerspace Progressbar, Paralelní Polis and Parallel Polis
- The organiser of the best HCPP conference in the world :-)
Firstly, why Android I?
Why yes:
- It is open-source - easily and completely auditable what is crucial for security (iOS, Blackberry, Windows Mobile are proprietary closed-source platforms) - you know there isn't anything hidden that might violate your privacy (e.g. Carrier IQ)
- There is a "privacy-aware" Android distribution - Lineage OS / Replicant that has removed any Google spying functionality & includes incognito mode, torification etc.
- It supports all advanced Linux security features (e.g. SELinux, full disk encryption, etc.)
Why not:
- iOS marketplace is more conservative, it may contain less malware/trojans than Android app repositaries
Why Android II?
Privacy-aware Android distributions
- Lineage OS for microG https://lineage.microg.org/#
- mainly old smartphones are supported
- 100% Free Software distribution https://replicant.us/
- mainly old smartphones are supported
- An opensource version of Google Play services https://microg.org/
- Opensource package manager with a lot of opensource applications https://f-droid.org/
- Hardened Android https://copperhead.co/android/ (Google Pixel and Pixel 2 are only supported) - replaced by https://grapheneos.org/ with Android 11 support now!
Password managers:
Dashlane (1)
- Of course, the best opensource is KeePass
- Dashlane is a commercial application, but with
- great user experience
- supporting all operating systems and browsers
- password sharing
- password analysis
- Dark Web Monitoring and VPN
Two-factor authenticators
Authy (2)
- Commercial reliable app
FreeOTP Authenticator (3)
- Open-source available at F-Droid
Privacy-aware browsers
Brave (4)
- Mobile version doesn't support Tor private window
- It blocks effectively most advertisements
- BAT tokens and related ads can be disabled
Fennec F-Droid (5)
https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/
- The latest Firefox with removed all proprietary bits found in official Mozilla's builds
Decentralized mesh network apps
Bridgefy (6)
-
Communicate & work using decentralized mesh networks (wifi & Bluetooth) instead of the Internet, during large events, natural disasters, schools, and much more
-
Used during demonstrations by Hong Kong / Belarus protesters
Privacy-aware search engines
DuckDuckGo (7)
-
Unlike Google, the DuckDuckGo never store your personal information or display ads. No tracking at all
-
It is not so powerful like Google, but highly usable in these days
Opensource privacy-aware Facebook and Twitter front-ends
Face Slim (8)
https://f-droid.org/en/packages/org.indywidualni.fblite/
- FaceSlim is free of spyware, unlike what is built into the official Facebook and Facebook Messenger applications
Twidere (9)
https://f-droid.org/en/packages/org.mariotaku.twidere/
- Twitter/Mastodon/StatusNet/Fanfou app free of ads
Open-source Android application repository
F-Droid (10)
- F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform.
- Thanks to F-Droid you can completely stay out of Google services (including Google Play) if you use Lineage OS or Graphene OS
Anonymous mobile number service provider
Hushed (11)
- Using BTC you can buy an anonymous mobile number in many countries (including the US/UK/Canada/Puerto Rico)
- Some countries (e.g. the Czech Republic or Slovakia) require a proof-of-address verification
- With DualSpace you can create a separate instance of your favourite messenger app associated with your anonymous Hushed number and route all traffic through Tor (thanks to Orbot)
Anonymization networks
I2P(12)
Orbot (13)
https://guardianproject.info/apps/orbot/
- Both apps allow you to connect to Tor/I2P anonymization network (including Onion/I2P addresses)
- You can explicitly choose apps you want to torify (e.g. DualSpace cloned apps - secure messengers associated with an anonymous number)
Privacy-aware crypto wallets
Incognito Wallet(14)
https://we.incognito.org/t/wallet/336
- Multi-currency, multi-purpose privacy wallet. Send and receive assets anonymously.
- Buy and sell confidentially without KYC. Enable privacy for all your cryptocurrencies and all your crypto activities.
Phoenix (15)
-
Phoenix runs natively on Lightning, non-custodial, easy to use
Privacy-aware crypto wallets II
Monerujo(16)
- Monero wallet with the power of the XMR.to service
- Monerujo can be used to make both XMR / BTC payments - just scan the given QR code or paste the BTC address into the send field, and the magic happens seamlessly in the background.
Samourai(17)
- modern bitcoin wallet hand forged to keep your transactions private your identity masked and your funds secured
- thwart blockchain based surveillance and censorship
Secure Video Calls
Jitsi Meet(18)
- Probably the best open-source video conference system
- You can host it on your own server and therefore make secure video calls without any 3rd parties!
- Using Jibri recording or streaming services, you can record all your video calls (and/or store them in Dropbox)
SSH and VPN secure access services
JuiceSSH (19)
- The top free SSH client for Android (for those who still use a command line :-)
- Can be used for SSH tunnels, SOCKS procies
ProtonVPN (20)
- A lot of supported countries, Secure Cores (two nodes), Tor exit nodes, very fast, can be bought anonymously by crypto
Privacy enhancers
Jumbo (21)
- Increase the security of your Google, Facebook, and other internet and social media account, monitor the dark web for data breaches, reduce the number of unwanted robocalls
- Reduce your digital footprint (Delete old Tweets from Twitter, remove old Facebook posts, delete voice recordings from Alexa , Remove old photos from Instagram)
- Limit tracking- turn off Facebook’s facial recognition feature, limit Google’s use of your search history, protect your data from being used by Google and Facebook for ads and advertisers
- Prevent data leaks, restrict what info your Facebook profile shows to the public, restrict who can tag you on Facebook, etc.
Open-source offline maps
MAPS.ME / Osmand+ (22)
- Both apps use OpenStreetMaps maps and do not track you
- MAPS.ME has a better usability, OsmAnd+ is more geek
- There are a lot of modules to both apps
Host-based firewalls
NetGuard (23)
-
NetGuard provides simple and advanced ways to block access to the internet - no root required.
-
Applications and addresses can individually be allowed or denied access to your Wi-Fi and/or mobile connection.
-
Blocking access to the internet can help
-
reduce your data usage
-
save your battery
-
increase your privacy
-
Ad-free YouTube app
NewPipe (24)
- Original YouTube experience on your smartphone without annoying ads and questionable permissions
- Unlike the official YouTube app, NewPipe can run on the background (and playing music)
- It is definitely a reason why to install F-Droid open-source repository
Google services open-source alternatives
Nextcloud (25)
-
The self-hosted productivity platform that keeps you in control
-
Share and collaborate on documents, send and receive an e-mail, manage your calendar and have video chats without data leaks
-
As a fully on-premises solution, Nextcloud Hub provides the benefits of online collaboration without compliance and security risks.
Secure mail clients
r2mail2 (26)
- The most robust secure e-mail client with full PGP and S/MIME support (unlike K9-Mail), fully encrypted storage
ProtonMail (27)
- The secure webmail service hosted in Switzerland
- Can be paid by Bitcoins
- Natively support of PGP (all emails inside of ProtonMail are PGP end-to-end encrypted, non-PGP non-ProtonMail users can still use passphrases to decrypt their emails)
Secure messengers
Signal (28)
Threema (29)
Status (30)
- All the above projects are modern, open-source, secure messengers with end-to-end encryption
- Signal requires a phone number, Status is decentralized
Thanks for your attention!
My Top 30 Sovereignty Apps
By Pavol Luptak
My Top 30 Sovereignty Apps
Apps that can make your life more independent, private and secure. In this demo session, we will fly over the best two-factor authenticators, privacy browsers, decentralized and encrypted messengers, password managers, opensource privacy-aware Facebook and Twitter front-ends, alternative opensource repository, anonymous number service provider for crypto, anonymization networks, anonymous crypto mixers, privacy-aware crypto wallets, secure video calls, SSH and VPN services, privacy enhancers, offline OpenStreetMaps, secure firewall, secure YouTube frontend, opensource Google services alternatives, secure email client with PGP and S/MIME support.
