CopperheadOS: rebooting

Re: https://firmwaresecurity.com/2018/07/12/copperheados-continuing-with-new-team/

https://github.com/copperheados

There’re also a series of tweets to show the current perspective of open source software (”source-available software’):

AndroidHardening’s Auditor app for Android

Re: https://firmwaresecurity.com/2018/06/13/copperheados-and-androidhardening-project/

 Hardware-based attestation app for select Android devices. It can do either local verification with another Android device via QR code or scheduled server-based verification. It primarily relies on Trust On First Use using the hardware-backed keystore and key attestation. The initial unpaired verification relies on key attestation root.

https://github.com/AndroidHardening/Auditor/releases/tag/1

https://github.com/AndroidHardening/Auditor

https://play.google.com/store/apps/details?id=app.attestation.auditor

CopperheadOS: continuing with new team

Re: https://firmwaresecurity.com/2018/06/04/copperheados-company-problems/ and https://firmwaresecurity.com/2018/06/21/canebrakeos-based-on-copperheados/

it looks like CopperheadOS is continuing:

https://copperhead.co/android/

https://github.com/copperheados

copperheadOS: Samsung missing security features needed for Android Verified Boot

Tweets from CopperheadOS, a security-centric Android-based distribution, are a good source of Android security news, since they’re stretching the boundaries of the open source android release.

CopperheadOS on Android Verified Boot 2.0 docs

https://android.googlesource.com/platform/external/avb/#device-specific-notes

https://android-review.googlesource.com/c/platform/external/avb/+/582100

CopperheadOS: business model concerns

CopperheadOS is “A security and privacy focused mobile operating system compatible with Android apps.“.

It appears the company is having problems trying to monetize an open sourced operating system. I hope they can solve things, they’re doing interesting security things with Android.

https://copperhead.co/android/
https://github.com/copperheados/

Copperhead OS blocked by missing Google Nexus blobs

Copperhead OS is a hardened verison of Android, including PaX and other security features beyond ASOP, mainly targetting Google Nexus devices. It appears they’re having some problems with availability of ASOP blobs from Google on some new Nexus devices:

https://copperhead.co/android/
https://copperhead.co/docs/technical_overview
https://github.com/copperheados