This resource is intended to point student programmers to the wealth of existing security software. The software here targets a variety of platforms, is built with a variety of languages, and covers a variety of uses.
Errors and omissions belong to Samir Nassar. Correct them via:
- email: samir@samirnassar.com
- Twitter: https://twitter.com/samirnassar
- GitHub: https://gist.github.com/snassar/9175867
Web、Android、iPhone、Windows、iPadなどの gpg4usb の代替。 ライセンスでフィルタリングして、無料またはオープンソースの代替のみを発見します。 このリストには、gpg4usb に類似した合計 3 個のアプリが含まれています。. Gpg4usb is an easy to use, small portable editor with the possibility to encrypt and decrypt any text-message or -file you want. For encryption it acts as a gpg-frontend (Its intend is to be used from an usb-stick, running on Windows (TM) and Linux. Providing a mac-binary is on our TODO-list.
Learning
Google Summer of Code is a global program that offers student developers stipends to write code for various open source software projects. GSOC work with many open source, free software, and technology-related groups to identify and fund projects over a three month period. Since its inception in 2005, the program has brought together over 7,500 successful student participants from 97 countries and over 7,000 mentors from over 100 countries worldwide to produce over 50 million lines of code. Through Google Summer of Code, accepted student applicants are paired with a mentor or mentors from the participating projects, thus gaining exposure to real-world software development scenarios and the opportunity for employment in areas related to their academic pursuits. In turn, the participating projects are able to more easily identify and bring in new developers. Best of all, more source code is created and released for the use and benefit of all.
Security-related projects
coreboot
coreboot is a Free Software project aimed at replacing the proprietary BIOS/UEFI (firmware) found in most computers. coreboot performs a little bit of hardware initialization and then executes additional boot logic, called a payload.
Crypto Stick
The Crypto Stick project develops Open Source USB keys for secure login in the Web and to enable high secure encryption of e-mails and data. It includes an One Time Password feature which can be used with Google and many other popular websites. The project has been founded in 2006. Core developers come from Germany, Poland, Singapore and Vietnam. Secret keys are always stored securely inside the Crypto Stick.
Debian
The Debian Project is an association of individuals who have made common cause to create a free operating system. The Debian Project was founded in 1993 by Ian Murdock to be a truly free community project. Since then the project has grown to be one of the largest and most influential open source projects.
GNOME
GNOME offers an easy to understand desktop and applications for your GNU/Linux or UNIX computer.
KDE
KDE is an international technology team that creates Free Software for desktop and portable computing. Among KDE's products are a modern desktop system for Linux and UNIX platforms, comprehensive office productivity and groupware suites and hundreds of software titles in many categories including Internet and Web applications, multimedia, entertainment, educational, graphics and software development.
LEAP
LEAP is a non-profit dedicated to giving all internet users access to secure communication by making encryption technology easy to use and widely available.
Mozilla
The mission of the Mozilla Project is to preserve choice and innovation on the Internet. We are the producer and provider of the award-winning Firefox web browser, Firefox OS mobile operating system and Thunderbird email software, and are also expanding into Identity (with Mozilla Persona) and Open Web Apps.
Nmap
Nmap ('Network Mapper') is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
OWASP
OWASP is the Open Web Application Security Project. It is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted.
Tor & EFF
The Tor Project is a free-software non-profit project to build an anonymity toolkit used by individuals, companies, governments, and law enforcement around the world.
Jitsi
The jitsi.org community develops applications and libraries for real-time audio/video communication (RTC).
Software
Pidgin
Pidgin is a chat program which lets you log in to accounts on multiple chat networks simultaneously. This means that you can be chatting with friends on MSN, talking to a friend on Google Talk, and sitting in a Yahoo chat room all at the same time.
Pidgin runs on Windows, Linux, and other UNIX operating systems.
- Languages used: C
- Website: https://pidgin.im/
- Code: https://hg.pidgin.im/pidgin/main/
- Issues: https://developer.pidgin.im/wiki/BugTracking
GPG4USB
To say it straight in only one sentence: gpg4usb is a very easy to use portable-application, which combines a simple text-editor with a GnuPG-frontend to write, encrypt and decrypt your text-messages and files. gpg4usb should work on almost any computer you're working on, should it be a Linux-machine or even one with a Microsoft-OS running.
- Languages used: C++
- Website: http://www.gpg4usb.org/
- Code: http://cpunk.de/svn/src/gpg4usb/
- Issues: http://cpunk.de/svn/src/gpg4usb/trunk/TODO & http://gpg4usb.org/development.html
CryptoCat
Cryptocat is an experimental browser-based chat client for easy to use, encrypted conversations. It aims to make encrypted, private chat easy to use and accessible. We want to break down the barrier that prevents the general public from having an accessible privacy alternative that they already know how to use. Cryptocat is currently available for Chrome, Firefox and Safari. It uses the OTR protocol over XMPP for encrypted two-party chat and the (upcoming) mpOTR protocol for encrypted multi-party chat.
- Languages used: Objective-C, JavaScript
- Website: https://crypto.cat/
- Code: https://github.com/cryptocat/cryptocat
- Contributing: https://github.com/cryptocat/cryptocat/blob/master/CONTRIBUTING.md
- Issues: https://github.com/cryptocat/cryptocat/issues?milestone=23&state=open
KeePassX
KeePassX is an application for people with extremly high demands on secure personal data management. It has a light interface, is cross platform and published under the terms of the GNU General Public License.
KeePassX saves many different information e.g. user names, passwords, urls, attachments and comments in one single database. For a better management user-defined titles and icons can be specified for each single entry. Furthermore the entries are sorted in groups, which are customizable as well. The integrated search function allows to search in a single group or the complete database. KeePassX offers a little utility for secure password generation. The password generator is very customizable, fast and easy to use. Especially someone who generates passwords frequently will appreciate this feature.
- Languages used: C++
- Website: https://www.keepassx.org/
- Code: https://github.com/keepassx/keepassx
- Issues: https://www.keepassx.org/dev/projects/keepassx/issues
Insecurity Demos
A packaged, graphical user interface for demonstrating various digital security threats and mitigations in a training room context.
- Languages used: Python
- Website: https://github.com/schloss/insecurity-demos
- Code: https://github.com/schloss/insecurity-demos
- Issues: https://github.com/schloss/insecurity-demos/issues
Enigmail
Enigmail is a security extension to Mozilla Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard.
Sending and receiving encrypted and digitally signed email is simple using Enigmail.
- Languages used: JavaScript
- Website: https://www.enigmail.net/
- Code: https://www.enigmail.net/download/source.php
- Issues: http://sourceforge.net/p/enigmail/bugs/search/?q=!status%3Awont-fix+%26%26+!status%3Ainvalid++%26%26+!status%3Afixed
TrueCrypt
Free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux.
- Website: http://www.truecrypt.org/
- Code: http://www.truecrypt.org/downloads2
- Issues: https://www.truecrypt.org/bugs/
GnuPG for Android
A port of the whole GnuPG 2.1 suite to Android.
If you are using these tools in your own apps, we'd love to hear about it. Email us at support@guardianproject.info.
Gnu Privacy Guard (GPG) gives you access to the entire GnuPG suite of encryption software. GnuPG is GNU’s tool for end-to-end secure communication and encrypted data storage. This trusted protocol is the free software alternative to PGP. GnuPG 2.1 is the new modularized version of GnuPG that now supports OpenPGP and S/MIME.
- Languages used: Java, C
- Website: http://gnupg.org/ & https://guardianproject.info/code/gnupg/
- Code: https://github.com/guardianproject/gnupg-for-android
- Issues: https://dev.guardianproject.info/projects/gpgandroid/issues
Gpg4usb On Macbook Air
ChatSecure for Android
ChatSecure for Android, also known as Gibberbot, an Android app to support XMPP Jabber chat using OTR encryption.
It includes OTR4J: https://code.google.com/p/otr4j/
and BouncyCastle for Java: http://www.bouncycastle.org/java.html
and SQLCipher for Android: https://guardianproject.info/code/sqlcipher/
- Languages used: Java, C
- Website: https://guardianproject.info/apps/chatsecure/
- Code: https://github.com/guardianproject/ChatSecureAndroid
- Issues: https://dev.guardianproject.info/projects/gibberbot/issues
Surespot
surespot is a secure mobile messaging app that uses exceptional end-to-end encryption for every text, image and voice message returning your right to privacy
- Languages used:
- Website: https://www.surespot.me/
- Code: https://github.com/surespot/surespot-ios & https://github.com/surespot/android
- Issues: https://github.com/surespot/surespot-ios/issues & https://github.com/surespot/android/issues
Reading Material
- Bert Hubert: The C++/Programming books I recommend
Lately I been using PGP more and more… and I wanted to have my portable application on a flash drive where I could carry all of the private and public keys (of course that if I loose my flash drive, I am at risk – I know that). But, there is really not good documentation that walks through a first time user on how to accomplish this. So, here is my attempt to those first time users on how to do it.
- You need a Windows machine (physical or virtual)
- Download Gpg4Win -> http://www.gpg4win.org/
In my case, I tested this with version 2.2.4 - When installing Gpg4Win, make sure that you have enable all of these options
GnuPG 2.0.27
Kleopatra 2.2.0-git945878c
GPA 0.9.7
GpgOL 1.2.1
GpgEX 1.0.1
Claws Mail 3.9.1
Kompendium (de) 3.0.0
Compendium (en) 3.0.0 - Once you are done with the installation, then you can run the following command in order to make your own Gpg4Win portable application. Keep in mind that you can go two different routes. Full or Lite. In my example, I will show you how to have it fully loaded.
- Open command prompt (CLI)
- cd to the path where GPG4Win is located
If you use the defaults it will be at “C:Program Files (x86)GNUGnuPG” - Run “mkportable.exe –full –verbose TARGETDIR”
where TARGETDIR in this case will be “E:gpg4winapp” - Then once the program runs, you will be able to open Kleopatra and there you have it
- Enjoy!!!