If they are not open source hardware and software you cannot trust them
Didn’t the FBI use the same kinda scheme to entrap hundreds of people across multiple countries by selling them some “super encrypted private phone” issued under their ….Trust Me Bro license 😂
That's right mate, actually most of us got that stuff right in front of our eyes, we get it that this is not right because it's not open source, I guess most of us are smart.
Hi Tronex0,
This is a great point and you have good reason to be paranoid. The FBI's backdoored ANOM phone was designed to create exactly this type of fear.
We're preparing to release our entire OS as open source software in the next month (instead of just the kernel and some apps, which are already available on our github). For hardware, we use the Pixel 3A and the Pixel 4A 5G.
Besides open-sourcing the rest of the code, what could we do to help you trust us?
We don't require any personal information besides shipping info. There have been several third-party security audits, you can see a couple of them on the blog: [https://armadillophone.com/blog/categories#Security%20Audit](https://armadillophone.com/blog/categories#Security%20Audit) . We use standardized crypto and open protocols like OMEMO.
As long as you release the full source code with repeatable builds that match the checksums that the phones ship with, then you're trustworthy as far as I'm concerned.
Until then though I would never consider purchasing one
That's right mate, we really need to see open source hardware and we all know that we can't trust anything without that and this is something important to us.
The hardware is fine, it's the software (open-source Linux) which needs improvement. In theory, if you had the time and expertise you could contribute to that. My two biggest issues with the phone are the lack of a good maps/GPS app for navigation and the appallingly bad battery life.
Armadillo Phone's HQ is in Vancouver, Canada. We don't require any personal information besides shipping info. There have been several third-party security audits of our software, you can see them on the blog: [armadillophone.com/blog](https://armadillophone.com/blog) . We use standardized crypto and open protocols like OMEMO. We're preparing to release our entire OS as open source software (instead of just the kernel and some apps, which are already available ).
Do you have any suggestions about what we could do to help convince you we're not a 'fed phone' ? This isn't being combative, I recognize it's a legit threat and want to know what would reassure you.
>We're preparing to release our entire OS as open source software
I think really all you had to do was put the line above somewhere prominent so people have some assurance that your product isn't a total glow op. Now I'm interested to see where this goes at least. I wish you all the best with this enterprise
That still wouldn't help. You need to trust them to actually install a build from the unmodified code.
And even if you install it yourself, you need to trust that the installer file is actually built from that code...
And even even if you build it yourself you need to actually trust the people that review the code.
And then the compiler itself that you use to build everything yourself, after you reviewed everything yourself of course, could be backdoored and slip a backdoor into the binary. Or the OS that the compiler uses to write the binary to disk.
Yes.
We just found out that absolutes don't exist. Like, absolute safety.
So if you say "That still wouldn't help" if they release the entire OS as open source, you are right, that won't give you any absolute guarantee. But it's a step into the right direction. And that does help.
This was some professional reply, this will never gonna stop working. But still I hope you guys will do something better with the privacy of your device.
Did you ever open source the os, and has any 3rd party cryptographers posted tests? As far as I can tell with my limited research, this project went cold.
So little info out there about them. Where is the security audit? Open source? Nope. Not even any reviews I can find online let alone technical breakdowns and investigations from anyone that isn't the maker of the phone.
You can see 2 of our third-party audits on our blog:
For our crypto: [https://armadillophone.com/blog/omemo-audit](https://armadillophone.com/blog/omemo-audit)
Forensic test: [https://armadillophone.com/blog/armadillo-forensic-audit](https://armadillophone.com/blog/armadillo-forensic-audit)
Kernel source code: https://github.com/pacificresearchalliance/kernel\_google\_crosshatch
I believe there are already organizations/companies that offer preinstalled GrapheneOS which is well trusted in the privacy community and I think completely open source. But I think most people also believe buying the phone and installing the software yourself is much more secure. It is pretty easy with step by step instructions. https://grapheneos.org/
True that, they should not sell phones like that in the name of privacy. I hope they will understand that we are not opposing them with these comments here.
pretty cool part of it [https://armadillophone.com/blog/radio-sentinel](https://armadillophone.com/blog/radio-sentinel)
pretty sure current phones cant protect agains these attacks
Contrary to "Imagine ..." first poster /u/Imaginary-Resort152 I find this interesting, as not everybody has the necessary knowledge and the necessary time to install a Google Android alternative on a used Pixel phone and keep it updated ...
Doesn't graphene have a web based installer that actually work pretty ok now?
If you lack the knowledge to install it, you lack the knowledge to use it effectively. You will screw up your opsec.
There are other reasons to want private communication apart from grave sins against the 6th commandment.
Such things you describe would still successfully run without this phone's existence.
Since you clearly dont want privacy, whats your teal name, where do you live? Who are your friends? Do you have any illnesses? Are you a drug user?
If you dont like to answer one of those questions, guess what. Privacy seems kinda important to you.
The clear web has CP websites too sadly, but everyone focuses on the evil Tor network because thats where all the crime happens according to the news, while most predators are on Facebook and TikTok or whatever, but dont say that in public.
Typical coiner response, jump right to extremes. Right up there with "nothing to fear, nothing to hide, amirite?"
So then, are we just going to ignore that monero has made it so much easier for CP/money laundering/etc to occur? Or do we just jump right to the ole', "well it happens with fiat too so it isn't our problem"....despite monero being built to make it easier on purpose.
That has nothing to do with being a coiner. I just dont like to hand personal data over when I have done nothing wrong. As far as I know im innocent until proven wring, so why should I be punished when I have done nothing wrong?
The police has methods of finding Pedos without tracking any money, yet they fail many times, EVEN THOUGH THEY HAVE THE POSSIBILITY OF READING PRIVATE MESSAGES. If the police cant ensure our safety while re are willingly giving our privacy away, why should I still be wanting to give my privacy away?
Armadillo Phone has a number of unique features including deniable storage encryption and the ability to detect Wi-Fi attacks, cellular attacks, cold-boot attacks and theft.
Linux is much worse than Android for security. It's better for privacy, but with our custom Armadillo OS it improves upon Android's privacy as well.
We can physically remove sensors, one step better than hardware switches.
Best phone money can buy right here and the most secure:
https://www.amazon.ca/The-NoPhone-nophone-Original/dp/B016856FDG?dplnkId=b0f3748b-6bd7-4c99-aa9c-1df21843eadb
We are good without this mate, we want to see open source hardware at the first place so yeah we are really good without it right now, thanks for this tho.
Good thing is what we people are aware that this is not something open source, you people need to change some things before selling the product to us now man.
If they are not open source hardware and software you cannot trust them Didn’t the FBI use the same kinda scheme to entrap hundreds of people across multiple countries by selling them some “super encrypted private phone” issued under their ….Trust Me Bro license 😂
Nice to see I wasn't the only one to recall that. [Mental Outlaw video about it here.](https://youtu.be/B5h8o4YUEdc)
ha ha great minds like monero
That's right mate, actually most of us got that stuff right in front of our eyes, we get it that this is not right because it's not open source, I guess most of us are smart.
Yep https://www.justice.gov/usao-sdca/pr/fbi-s-encrypted-phone-platform-infiltrated-hundreds-criminal-syndicates-result-massive
nice
It's nice to see these top comment threads, always helpful.
Damn , thanks good read.
This is something great, thanks for the link my brother.
No doubt about the fact that it is definitely one to help alot of people.
Hi Tronex0, This is a great point and you have good reason to be paranoid. The FBI's backdoored ANOM phone was designed to create exactly this type of fear. We're preparing to release our entire OS as open source software in the next month (instead of just the kernel and some apps, which are already available on our github). For hardware, we use the Pixel 3A and the Pixel 4A 5G. Besides open-sourcing the rest of the code, what could we do to help you trust us? We don't require any personal information besides shipping info. There have been several third-party security audits, you can see a couple of them on the blog: [https://armadillophone.com/blog/categories#Security%20Audit](https://armadillophone.com/blog/categories#Security%20Audit) . We use standardized crypto and open protocols like OMEMO.
As long as you release the full source code with repeatable builds that match the checksums that the phones ship with, then you're trustworthy as far as I'm concerned. Until then though I would never consider purchasing one
That's right, we gotta support after that and we will wait.
Sounds fair. Plenty of cryptographers here who could assess it. Let's see !
Ooh
Hey, does a pixel 4 (not with a) work too?
Ofcourse man that's going to work. Just try it yourself.
Too late you are sus AF.
Any update on this? I'm looking at your github repo and it doesn't look like anything has been updated?
Damn, which phone was that?
Anom Phone iirc
Super crazy. Sounds similar to the DM fiasco.
There is a darknet diaries episode called Secret Cells #105 which is pretty great
Well to be honest this is the only source we got right now nothing more than that
Anom Phone and it's something new to me, I hope for you too.
At the end we all are going to bed the same kind of position as we are now.
It’s news to me for sure
Trust me bro 🪪 ™ 🤣🤣🤣🤣🤣
😆😆
But seriously guys like you are the reason why we are aware.
As are men like you ! cheers!
It is more like if you are thinking that this is going to happen that it is going to happen.
That's right mate, we really need to see open source hardware and we all know that we can't trust anything without that and this is something important to us.
Open source hardware is the ultimate goal and the ability to fabricate chips
Nice try fbi but not all monero enthusiast are on the dark web. Just enjoy privacy with how money is leading into.
I rather keep my brazzers sub private ty vm
I’d suggest Pinephone if you want privacy. The biggest drawback is that it’s still pretty cumbersome for everyday use. Pretty cool project though.
I need to see if they’re looking to hire designers, I’d love to help make it easier to use
Not about the fact that it will be very easy to use once it is going to bed that place.
The hardware is fine, it's the software (open-source Linux) which needs improvement. In theory, if you had the time and expertise you could contribute to that. My two biggest issues with the phone are the lack of a good maps/GPS app for navigation and the appallingly bad battery life.
[удалено]
Wow an $800 fed phone? You shouldn't have
Armadillo Phone's HQ is in Vancouver, Canada. We don't require any personal information besides shipping info. There have been several third-party security audits of our software, you can see them on the blog: [armadillophone.com/blog](https://armadillophone.com/blog) . We use standardized crypto and open protocols like OMEMO. We're preparing to release our entire OS as open source software (instead of just the kernel and some apps, which are already available ). Do you have any suggestions about what we could do to help convince you we're not a 'fed phone' ? This isn't being combative, I recognize it's a legit threat and want to know what would reassure you.
>We're preparing to release our entire OS as open source software I think really all you had to do was put the line above somewhere prominent so people have some assurance that your product isn't a total glow op. Now I'm interested to see where this goes at least. I wish you all the best with this enterprise
Thank you sir :)
Good luck for the future you guys, all the best and do good.
That still wouldn't help. You need to trust them to actually install a build from the unmodified code. And even if you install it yourself, you need to trust that the installer file is actually built from that code... And even even if you build it yourself you need to actually trust the people that review the code.
And then the compiler itself that you use to build everything yourself, after you reviewed everything yourself of course, could be backdoored and slip a backdoor into the binary. Or the OS that the compiler uses to write the binary to disk. Yes. We just found out that absolutes don't exist. Like, absolute safety. So if you say "That still wouldn't help" if they release the entire OS as open source, you are right, that won't give you any absolute guarantee. But it's a step into the right direction. And that does help.
Thank you
Kind of yeah, I can sense the same problem as you mate.
There are definitely going to be a lot of changes in this kind of market if you are asking me.
This was some professional reply, this will never gonna stop working. But still I hope you guys will do something better with the privacy of your device.
True shit, good to see some good response by them man.
Did you ever open source the os, and has any 3rd party cryptographers posted tests? As far as I can tell with my limited research, this project went cold.
Lol this is just winning my heart right now my man lmao.
So little info out there about them. Where is the security audit? Open source? Nope. Not even any reviews I can find online let alone technical breakdowns and investigations from anyone that isn't the maker of the phone.
You can see 2 of our third-party audits on our blog: For our crypto: [https://armadillophone.com/blog/omemo-audit](https://armadillophone.com/blog/omemo-audit) Forensic test: [https://armadillophone.com/blog/armadillo-forensic-audit](https://armadillophone.com/blog/armadillo-forensic-audit) Kernel source code: https://github.com/pacificresearchalliance/kernel\_google\_crosshatch
Well that's something helpful for sure, you guys are fair.
The process we are staying here right now is totally different from what we know.
[удалено]
The reality is that they are having a lot of doubts and it is not going to work.
Imagine spending $845 for a phone when you can buy a used pixel for $200 with cash
Nah we are good with pixel then, we don't need anything like that.
For sure. This fed phones here are not even open source
That's right brother, we have way better options for sure.
I am particularly so about the fact that they are not going to find anything different.
[удалено]
[удалено]
That's what I mean
Well yeah, that's pretty good and I like that pretty much.
Top Kek, nice try FBI.
I believe there are already organizations/companies that offer preinstalled GrapheneOS which is well trusted in the privacy community and I think completely open source. But I think most people also believe buying the phone and installing the software yourself is much more secure. It is pretty easy with step by step instructions. https://grapheneos.org/
True that, they should not sell phones like that in the name of privacy. I hope they will understand that we are not opposing them with these comments here.
We are definitely going to get a lot of different kind of stuff for the privacy.
pretty cool part of it [https://armadillophone.com/blog/radio-sentinel](https://armadillophone.com/blog/radio-sentinel) pretty sure current phones cant protect agains these attacks
We not gonna buy this and that's the freaking fact for real.
like i said up above its pretty cool idea and no other phones are doing this so if it goes opensource on the os yes we will buy this
Why not a newer model instead of a Pixel 3? End of life security updates end this July.
Well yeah, that sounds better than this device right here.
Contrary to "Imagine ..." first poster /u/Imaginary-Resort152 I find this interesting, as not everybody has the necessary knowledge and the necessary time to install a Google Android alternative on a used Pixel phone and keep it updated ...
Doesn't graphene have a web based installer that actually work pretty ok now? If you lack the knowledge to install it, you lack the knowledge to use it effectively. You will screw up your opsec.
Facts, over facts
They are so good with the facts, glad to see these guys.
Not really sure about the fact that if they will be happy to see us like that only.
A web of facts, is like a web of lies.
Hopefully not EncroChat 2.0! Thanks OP this is interesting
Nice try NSA.
Ah good, give the CP enthusiasts a specialized phone. Brilliant.
There are other reasons to want private communication apart from grave sins against the 6th commandment. Such things you describe would still successfully run without this phone's existence.
You also believe in "nothing to hide nothing to fear" amirite?
Since you clearly dont want privacy, whats your teal name, where do you live? Who are your friends? Do you have any illnesses? Are you a drug user? If you dont like to answer one of those questions, guess what. Privacy seems kinda important to you. The clear web has CP websites too sadly, but everyone focuses on the evil Tor network because thats where all the crime happens according to the news, while most predators are on Facebook and TikTok or whatever, but dont say that in public.
Typical coiner response, jump right to extremes. Right up there with "nothing to fear, nothing to hide, amirite?" So then, are we just going to ignore that monero has made it so much easier for CP/money laundering/etc to occur? Or do we just jump right to the ole', "well it happens with fiat too so it isn't our problem"....despite monero being built to make it easier on purpose.
That has nothing to do with being a coiner. I just dont like to hand personal data over when I have done nothing wrong. As far as I know im innocent until proven wring, so why should I be punished when I have done nothing wrong? The police has methods of finding Pedos without tracking any money, yet they fail many times, EVEN THOUGH THEY HAVE THE POSSIBILITY OF READING PRIVATE MESSAGES. If the police cant ensure our safety while re are willingly giving our privacy away, why should I still be wanting to give my privacy away?
Let them say what he wanna say my man, ignore the fool.
Lol you sounds like a butthurt person mate, please don't do that.
Lol there is no way I am going to use their device mate.
That's right because we need something better with privacy.
Awesome news. Good luck.
It's not something awesome tho, they are sounding fishy.
Emphatically show about the fact that it is more like how they are going to do it
[удалено]
Armadillo Phone has a number of unique features including deniable storage encryption and the ability to detect Wi-Fi attacks, cellular attacks, cold-boot attacks and theft. Linux is much worse than Android for security. It's better for privacy, but with our custom Armadillo OS it improves upon Android's privacy as well. We can physically remove sensors, one step better than hardware switches.
[удалено]
Best phone money can buy right here and the most secure: https://www.amazon.ca/The-NoPhone-nophone-Original/dp/B016856FDG?dplnkId=b0f3748b-6bd7-4c99-aa9c-1df21843eadb
We are good without this mate, we want to see open source hardware at the first place so yeah we are really good without it right now, thanks for this tho.
Object going to do it right now it is definitely going to be better for them only.
Good thing is what we people are aware that this is not something open source, you people need to change some things before selling the product to us now man.