Hufu is a next generation encrypted messenger that combines best-in-class message encryption seamlessly with an intuitive user interface. Unlike the mainstream encrypted messaging applications, Hufu encrypted messages pass from your mailbox directly to the recipient's mailbox, removing the possibility for the software provider to compromise your communication security directly, by, e.g., MITM attack, or blocking your IP from accessing the server, or indirectly by collecting your metadata.
__________________________________________
HIGH STRENGTH END- TO-END ENCRYPTION
All messages are encrypted before they leave your phone and not decrypted until they reach the receiver's phone, encryptions are implemented using highly secure and efficient industry-standard algorithms(128 bits AES-GCM for symmetric encryption, and 2048 bits RSA for public key encryption ). Keys are stored locally in an encrypted database, with each page encrypted using a separate key. Additionally, connections to the mail servers are protected with SSL/TLS whenever possible.
__________________________________________
COMPLETE AND PROVABLE PRIVACY PROTECTION
Ciphertexts or plaintexts, all of your data belong to you! Hufu never connects to any server run by us(which can be easily proven by wiretapping your own connection or scrutinizing the code), thus there is no
possibility we collect or store your data without your permission, or violate your privacy in any other way. All private chat messages are deleted from your mailbox 24 hours after they are received/sent.
__________________________________________
MINIMALISTIC DESIGN AND INTUITIVE UI
Completely private chat has never been easier as Hufu makes encrypted messaging a seamless experience in a decentralized environment. The UI is designed under the principle of KISS(keep it simple, stupid), the number of UI elements are kept to a minimum but tuned to improve user's operational security awareness. Setting up is a breeze, all cryptographic processes happen under the hood and are unnoticeable. It should take less than minutes for a user completely new to Hufu to set up his Email account and start using Hufu.
__________________________________________
ROBUSTNESS
Any IMAP-supported mailbox can in theory be used with Hufu, making it nearly impossible to censor all Hufu encrypted messages, and the serverless and open source nature of Hufu allows it to function independent of the status of our business.
__________________________________________
MINIMUM PERMISSIONS
Device & app history
* retrieve running apps
Identity
* find accounts on the device
Photos/Media/Files
* access USB storage filesystem
* modify or delete the contents of your USB storage
* read the contents of your USB storage
__________________________________________
OTHER
* close other apps
* full network access
* view network connections
* control vibration
* use accounts on the device
__________________________________________
Precautions:
1. Avoid using on rooted devices, rooting could potentially allow malicious memory snapshotting/key recording programs to be installed without the user's consent, and breach Hufu's security.
2.If you are using any third-party software to manage your processes, please make sure that Hufu is allowed to run in the background, otherwise the retrieval of your messages may be delayed.
Related
play.google.com/store/apps/details?id=com.kstych.SecureIM
Do you care if your messages are scanned/read/provided to the highest bidder or the authorities without ever asking or even notifying?
SecureIM is the first Secure-Chat application which is built to protect you from any possible or potential leak of privacy. These days organizations spy on our chats to target ads and Governments in the name of security, however there is no excuse of not demanding and having access to privacy when we want.
SecureIM secures your communication in 2 ways
1. Secure Transmission :- A chat message will be encrypted and only readable on the device it is sent to/from.
2. Single Use Keys :- The Keys generated while messaging are discarded when the application is closed, which means it is impossible to decode a message once the app is reloaded.
The application is extremely simple to use, no need to bother about the complexities of encryption and underlying privacy details, rest assured your messages will always be out of reach from snoopers.
This app uses Public Key Cryptography, each session generates its own private/public keys.
Keys are never stored but kept in memory until the app is running.
So it'll support XMPP?
Or just gtalk?
supports xmpp
Sleepy! said:
So it'll support XMPP?
Or just gtalk?
Click to expand...
Click to collapse
yes, the app uses XMPP below the encryption layer, and so any XMPP server is supported, however this version is binded to login to Google talk server
Thanks
The Internet was designed to be a free network. “Don’t be evil” is the formal corporate motto of Google.However a subjective good from Internet institutions can't guarantee Internet freedom.What the true freedom? The true freedom is assuming all the participators are evil, get rid of all the participators capacity for evil through architectural design.
Apps often used to deliver sensitive data or used for personal and corporate communications, so the data stored by the service provider should be encrypted end-to-end, There are many App messaging applications like Line, WeChat, KakaoTalk, and many more, but they are not end-to-end encrypted messengers. Time is loudly announcing the need to shift to some alternates who provide end-to-end encryption for communication between two devices and respect your Privacy. There are a number of solutions available includes for privacy like, Telegram offers end-to-end encryption and have a 'Secret Chat' feature, that self-destruct messages after the conversation, Sure spot allows you to send and receive text messages, pictures and audio clip with end-to-end encryption, Threema use end-to-end encryption and gives you all features like text messaging, image sharing, and voice chat as well, Text Secure and Red Phone also provides end-to-end encryption for messaging and voice calls respectively. Red Phone allows you to upgrade a normal call to secure call whenever it senses the possibility to fulfill the requirements.
Therefore we have developed a complete decentralized, third-party End to End encrypted communication APP.
What is “a complete decentralized” concept?
IMAP/SMTP are standard communication protocol for retrieving and sending emails from mail server, our APP users communicate via the protocols, as if they are sending emails.
What is “third-party End to End encrypted communication”?
Since we are using zero-server solution, the developer themselves can't read the communication information from users at all. We encrypt the E-mail communication. The advantage of third-party encryption is no one can read APP user's communication information without permission, include APP official, operator, E-mail service provider and so on.
Why “APP”?
We used smart phone longer than sitting in front of a PC. We hope to develop a 100% free of charge future-proof secure communication app that is convenient and suit for long-hour usage.
After completing the APP, as long as there is user, nobody include us can prohibit this product from being used. As in nobody can prohibit the use of email protocol. Furthermore there will be no server deployed to manage this APP. It enables free flow of APP in conformity with the spirit of free Internet environment.
freedom is only an illusion. Your never free, I'll never be free, no living thing can ever be truly free, as every action is determined (or can be seen as determined a posteriori) by various factots. So, as the Internet is constructed by humans, logically it won't be free as well.
Stop talking about freedom and give us a secure App
this is not meant negatively.
Regards
Needs to be idiot proof, lightweight and versatile. Good luck.
Sent from a stolen phone!
gday folks
intro
i'm planning an app that will hide valid/ private calendar data within a larger body of fake data, such that any calendar u.i could be used to view & edit these data, and any of the standard android synch tools would also function as expected
the design would work in such a way that any copy of the calendar data could be de-obfuscated by any implementation of the algo combined with the shared secret
this must work without root, and would be nice to appear to the casual observer as a valid calendar
tech. specific
my limited understanding is that a custom calendar provider would act as a suitable intermediary between the stored data and the de-obfuscated data that should be displayed in the (/ any) calendar u.i.
android api: calendar-provider
i envisage a bunch of patsi... err, notable people's names could also be scraped from wikipedia on a per-key basis which maybe a grand datasource for 'attendees'
phone numbers could be scrambled to uselessness if the data model's allowance for string length isn't too restrictive
times could be stretched and skewed
the number of events could be increased by a factor of 3 or more to give enough junk data without raising any eyebrows, or imposing too excessively on synch adaptors or service providers
wikipedia: steganography
please share any thoughts you might have, from the thoughts on using 'calendar provider', to the security, to any existing functionality like this or even just answer the poll!
https://play.google.com/store/apps/details?id=com.wikimediacom.clipboard.encrypt
1. Why do I need to encrypt?
I often need to transmit sensitive information, personal information on the network. But often SMS, eMail is not encrypted transmission, that is, this information will be exposed to the transmission.
In addition, my common Messenger, Facebook, WhatsApp, Wechat, Line, Telegram dialogue information is operator control, that is, personal conversation information is a risk of leakage.
I often need to store sensitive information and personal information on my mobile phone. But these files are stored in plain text, that is, they will be exposed to risk.
2. What is Clipboard Encrypt
A tool to encrypt and decrypt sensitive information, all apps can use it when editing text.
3. How to use Clipboard Encrypt
The usage is very simple, set the password for encryption and decryption, after opening the function:
* If it is plain text: long press text -> select text -> copy -> paste to achieve encryption
* If it is ciphertext: long press text -> select text -> copy -> paste to achieve decryption
* The ciphertext looks like {{ciphertext}}
4. When to use Clipboard Encrypt
* The SMS sender and receiver agree on the password, the sender encrypts when composing, and the receiver decrypts after receiving the message.
* The eMail sender and receiver agree on the password, the sender encrypts when composing, and the receiver decrypts after receiving the message.
* The sender and receiver of the Messenger agree on the password, the sender encrypts when composing, and the receiver decrypts the message after receiving it.
* Encrypt when composing text, decrypt when restoring text
5. Is Clipboard Encrypt safe?
Clipboard Encrypt uses the standard AES encryption algorithm.
It uses AES with a random salt and random IV. The salt and IV (which are not considered sensitive information) are saved at the beginning of the data.
6. What is AES
AES is based on a design principle known as a substitution–permutation network, and is efficient in both software and hardware. Unlike its predecessor DES, AES does not use a Feistel network. AES is a variant of Rijndael which has a fixed block size of 128 bits, and a key size of 128, 192, or 256 bits.
Millions flock to other messenger apps as fears grow over Big Tech.
SignalSignal uses Open Whisper System to automatically end-to-end encrypt all conversations.
Encryption keys are stored on users’ phones and computers, minimising the risk of them being spoofed. You will also be notified if any of your contacts’ encryption key changes.
Users can verify each other using either a passcode of numbers or by scanning a QR code, which means Signal holds almost no data about you.
The app does not store metadata, logs, or information on its users. It also does not store a record of your contacts, conversations, locations, profile name, avatar, group memberships or group titles.
Your chats do not get backed up by default, but you can choose to back them up to a secure cloud if you wish.
There is also a setting which allows you to receive “sealed” messages from non-contacts with whom you have not shared your profile, an option that hides your IP address, and a self-destructing messages option that disappear completely after a set time.
Telegram
Telegram uses its own end-to-end encryption service called MTProto. However, it is not entirely open source.
Its default cloud chat messaging system is not end-to-end encrypted, with chats stored on Telegram’s servers and backed up to a cloud. This means Telegram can gain access to your messages.
However, it also has a secret chat option, which is encrypted. Messages sent through secret chat can only be read on the device you sent them to.
BatChat
BatChat is a private & secure messaging app with end-to-end encryption which provides the highest level of data security.You can use it FREE to voice or video call families, friends, colleagues anytime and anywhere without worrying about data leakage.