Skip to content

mission-impossible-android/mission-impossible-android

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

404 Commits
docs
docs
 
 
mia
mia
 
 
test
test
 
 
tools
tools
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
MANIFEST.in
MANIFEST.in
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
TODO.md
TODO.md
 
 
setup.py
setup.py
 
 
templates
templates
 
 

Repository files navigation

MIA: Hardening Android for Security and Privacy

Build Status #guardianproject on Freenode IRC

This project is an attempt to streamline the process of following the guidelines from Mike Perry's post "Mission Impossible: Hardening Android for Security and Privacy" on the Tor Project Blog.

It is currently a collection of scripts that require developer tools, that will build and deploy an update.zip file to your connected device. It aspires for be the basis for an installer for a custom Android ROM based on CyanogenMod.

Please keep in mind that this is experimental, and may not be functional at any given moment. Also, it will likely wipe your Android device, and this is by design!

These tools come with absolutely no warranty. Test them on your own risk.

Requirements

  • A supported device - see the compatibility table bellow.
  • A linux/unix operating system - tested on: openSUSE and Ubuntu
  • Android SDK Tools - with adb working globally.
  • Team Win Recovery Project bootloader installed onto your device.
  • Developer Options enabled on your device.
  • USB debugging enabled on your device.
  • The MIA CLI tool - follow the setup instructions bellow.

MIA CLI Tool setup instructions:

  1. Install Python if not already installed. Test using: python --version

    NOTE: If you want to use Python 3 you will need to install the Python 3 versions of the dependencies.

  2. (optional) Install development files for libyaml and libpython if you want to use LibYAML bindings for pyyaml:

    • Using apt-get on Ubuntu: apt-get install libyaml-dev libpython-dev

    • Or using zypper on openSUSE: zypper install libyaml-devel python-devel

    NOTE: If you skip this step you'll see some warnings on the next step.

  3. Install the docopt and PyYAML modules:

    • Using Python Package Index pip: pip install docopt pyyaml

    • Or using apt-get on Ubuntu: apt-get install python-docopt python-yaml

    • Or using zypper on openSUSE: zypper install python-docopt python-PyYAML

  4. Clone the repository:

    git clone https://github.com/mission-impossible-android/mission-impossible-android.git

  5. (optional) Add the tools folder to the PATH environment variable. This will let you run the tool from any folder in your system. export PATH=$PATH:$HOME/mission-impossible-android/tools

    • Make sure to replace $HOME/mission-impossible-android/tools with the actual path of the tools folder.
    • If you skip this step you will need to use an absolute or relative path to the CLI Tool. Eg: ./tools/mia or ~/mission-impossible-android/tools/mia instead of mia

  6. (optional) Enable Bash or Zsh completion.

    • For Bash:
      • Either by copying the Bash/Zsh file to /etc/bash_completion.d/ cp ~/mission-impossible-android/tools/mia_completion.sh /etc/bash_completion.d/
      • Or by sourcing it from your your .bashrc: source ~/mission-impossible-android/tools/mia_completion.sh
    • For Zsh:
      • Copy this file into the site-functions folder as _mia: cp mia_completion.zsh /usr/share/zsh/site-functions/_mia
      • Or you can use a symbolic link: ln -s ~/mission-impossible-android/tools/mia_completion.zsh /usr/share/zsh/site-functions/_mia

  7. Test if the tool is working properly.

    mia --help

Usage

  1. Connect your device via USB, authorizing as necessary.

  2. Provide temporary root access via ADB, can be revoked later.

  3. Create a definition, customizing as necessary, see the template specific README.md, build a custom update.zip file and install onto the device:

    mia definition create my-phone
mia build my-phone
mia install my-phone

  4. After the installation completed open F-Droid and update the applications list.

  5. Open the My App List app, and install any desired applications from misc-apps.xml.

Compatibility

Devices currently available for testing:

Device Codename Testers Actively tested?
LG Nexus 4 mako patcon no
LG Nexus 4 mako SchnWalter yes
Asus Nexus 7 (wifi, 2012) grouper patcon yes
Asus Nexus 7 (wifi, 2013) flo mikeperry-tor yes
Motorola Moto G 4G peregrine mikeperry-tor no
Samsung Galaxy S II i9100 SchnWalter no
OnePlus One bacon SchnWalter no

NOTE: Other devices supported by CyanogenMod might also be compatible. If you test one, please report it in the issue queue.

Links

About

An attempt to streamline the Android hardening process from the Tor Blog.

blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy

Resources

Readme
Activity
Custom properties

Stars

48 stars

Watchers

10 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages