The X-Telecom Secure Mobile application and server solution was developed by an international team of cryptographers and programmers. Our leading experts regularly participate in international exhibitions, conferences and symposia on cryptography, such as CRYPTO and CHES, which are attended by leading engineers and scientists from more than 30 countries.

To encrypt data in our cryptophones, several different crypto-algorithms are used, including those with a cascade (overlapping) encryption mechanism, the main ones being AES and Twofish, the rest of the algorithms and protocols are auxiliary and exist for secure user authentication.

Our system for voice calls and file transfers has an encryption feature called Perfect-forward-secrecy. This means that the encryption keys are unique for each conversation or file sent and are destroyed when the session ends.

Features of X-Telecom cryptophone

Cryptophone X-Telecom uses the AES encryption algorithm with a 256-bit key. In addition, all blocks of information encrypted with the AES-256 algorithm are additionally encrypted by X-Telecom cryptophones with the TwoFish algorithm, which is also invulnerable to hacking. This is done to ensure the reliability of the cipher. For example, the AES-128 encryption algorithm is used by US government agencies to encrypt information marked SECRET, and for documents marked TOP SECRET, the AES-256 encryption algorithm is used. That is, the use of one AES-256 encryption algorithm already makes the information transmitted over our cryptophones secure, and the additional imposition of the Twofish algorithm and auxiliary algorithms gives perfect 100% protection.

The encryption keys of the conversation session are randomly generated in the cryptophones themselves and after the end of the conversation they are automatically destroyed by the system, then new keys are generated randomly, that is no one knows the keys.

Scheme of operation of a cryptotelephone

The operation of X-Telecom cryptophones requires an Internet connection via WI-FI, or through any operator cellular communication by inserting a SIM card into the phone.

Call security

For signaling (for example, about the beginning of a call), the SIP TLS protocol is used. The audio channel is protected using a symmetric AES/Twofish cipher with a key length of 256 bits, which is derived using ZRTP. The ICE protocol decides which method to use to connect subscribers: if the connection through STUN passed, then P2P with ZRTP is used, if the connection does not go through directly due to a proxy, then TURN with ZRTP is used.

The ZRTP protocol is used to assign the key. ZRTP initializes a unique encryption key for each conversation. The keys are generated on the phones and are securely transmitted over the Diffie-Hellman protocol to another subscriber.

ZRTP is well protected from the so-called "man-in-the-middle" attack using the SAS hash value. SAS is a short text string that is verbally witnessed by both parties at the time the conversation starts. After such verification, both parties can be sure that there is no hacker between them.

Text messages work like PGP - end-to-end encryption is used. A type of AES-256 mod GCM cipher that simultaneously guarantees the authenticity and validity of a message.

Text messages are delivered using the SIP TLS protocol. Offline messages and confirmations of reading messages are also supported.

The app also provides another layer of security for messaging. If both parties have a previous call session (ZRTP), then a secondary layer key will be used, adding an additional layer of security.

That is, messages will also be encrypted with the generated SAS key, and then transmitted over TLS. So if your server is compromised and someone is watching your message, they won't be able to read it because the message is encrypted with your own SAS code.

File transfer

When transferring files (audio recordings, photos and videos), RFC 5245 (ICE, NAT bypass mechanism) and RFC 5766 (TURN helper servers for bypassing NAT or, in the worst cases, TURN server is used as a relay) are used - in this case, p2p turns in a client-server-client relationship).

First, information is collected about available IP addresses, as well as information about configured IP addresses on the network interfaces of subscribers from which they can receive network traffic. The ICE protocol combines the received information about available IPs and builds the most convenient routes to these IP addresses.

When transmitting packets, the "Pseudo TCP" technology is used, which is superimposed on sending packets over UDP. After the data is transferred, the integrity of the file and the recipient is checked, thus ensuring that the file was transferred in its entirety and for its intended purpose.

The crypto phone works stably in any communication networks, even with a weak signal

Encryption of voice and messages from point to point

Robust member verification process

Complete protection to prevent the intrusion of intruders and malicious code

Our encrypted VoIP networks are by design unable to capture or record your phone calls, so all your conversations will remain completely anonymous.

If you are looking for easy-to-use, inexpensive and mobile conversation protection, this article will help you learn about three modern and easily accessible ways to reliably protect the entire communication line from eavesdropping, as well as the pros and cons of each of them. In order not to bore the reader, complex technical terms and concepts are left out of the article, and some processes are described at an abstract level.

Introduction

First, let's go through the "dark side" of modern communication in order to better understand the strengths and weaknesses of the considered conversation protection solutions.

1. There is an “intermediary” in voice communication

In conversations between subscribers there is always an “intermediary” that connects calls or through which conversations pass - this is software placed in equipment of various types and types (colloquially referred to as “hardware”). An example of intermediaries: office or city PBX, Skype / Whats App / Viber servers, base stations or voice gateways of mobile operators.

The owners of "intermediaries" have access to conversations, messages and all kinds of information passing through their equipment.

2. Telecom operators analyze the information transmitted through them

Calls through mobile operators, calls over the Internet, visiting websites or reading mail is a flow of information that passes through wired (wireless) channels and equipment of telecom operators (intermediaries). Thanks to this, they can analyze the information passing through them for each of their clients.

A home (office, hotel, restaurant) router is also an intermediary, having access to which, you can secretly analyze the information passing through it!

The work of information analyzers is similar to the work of MRI medical equipment, which looks into any area of ​​the human body without surgical intervention. In this way, logins and passwords from the "victim's" mail typed by him are recognized. phone numbers, addresses of visited sites, parameters of mobile devices and computers.

3. Trojans (spyware)

Recently created for smartphones a large number of spyware that secretly record and secretly transmit to intruders the location of the device, everything that is said into the microphone, everything that is transmitted through the speaker or camera, the test being typed, and much more, even when the smartphone is in standby mode.

A spy Trojan can record conversations before they are encrypted (recording the microphone and video from the camera) and after they are decrypted (recording the speaker). Perhaps this is one of the most effective ways to bypass the protection of conversations.

4. Locating and personal identification

Use of mobile phone services or mobile access on the Internet gives the user's location and information about the devices from which calls and access to the Internet are made.

Knowing the location of the mobile device, you can also:

• see what other mobile devices were near the "victim" and identify their owners;
• connect the city video surveillance system to the search and see the face of the “victim”, the car in which he arrived, or people standing next to him.

5. Telecom operators transfer information of their subscribers to the state

In almost every country in the world, telecom operators (intermediaries) are forced to transfer to the state information about their customers at the request of special services or law enforcement agencies: which sites they visited, the date and time of the visit, information about the devices from which they accessed the Internet, from which IP addresses they received information, who is texting and calling, location, etc.

Mobile and wired communications are thousands of kilometers of wires and thousands of pieces of equipment throughout the country. It is like a large forest with long roots in the form of communications that cannot be moved to another territory if the requirements of the authorities do not suit. Therefore, telecom operators constantly "surrender" their customers to government agencies.

6. Illegal-legal wiretapping

Illegal wiretapping is carried out not only by hackers, specialists with expensive equipment, but also by representatives of government agencies. In almost all CIS countries, corruption is deeply rooted in law enforcement agencies, special services and the prosecutor's office, whose employees, in their personal interests or "on order", using their official position, organize listening to all types of communications that the "victim" can use: mobile communications, wireless and wired Internet access, city telephone connection.

The law considers wiretapping only as one of the varieties of operational-search activities that do not require a court order. The “victim” is made a defendant in a criminal case, at least as a witness, and he can already be legally tapped. And the “victim” may never know about it.

Having a fake case in hand, a request is sent to mobile and wired telecom operators, in which it is required to give out all the available information on their client (call history, SMS, MMS, conversation records) or not interfere with the work of state technical specialists who connect to the "victim" line to collect information.

In this case, it is impossible for the subscriber to detect surveillance if it occurs on the side of the telecom operator (intermediary).

7. Substitution of the base station

Government agencies and attackers use special equipment to listen in on mobile conversations, which wedged into the “victim's” wireless mobile communications. For this, so-called "mobile dummy base stations" are used, which are placed in close proximity to the "victim".

Recently, this method is gaining more and more popularity. No further than 500 meters from the "victim" there is a listening complex the size of a small suitcase, which pretends to be a base station mobile operator. All phones within range connect to it due to the stronger signal.

The actions of the false base station remain invisible to the “victim”, since the overheard signal is redirected to the real station, while the conversation proceeds as usual.

For smartphones, there are applications that help determine the presence of "wiretapping" mobile communications not by telecom operators, but by third parties: GSM Spy Finer, Android IMSI-Catcher Detector. Unfortunately, the use of such programs to detect rogue base stations does not guarantee that conversations are not tapped on the other side of the interlocutor.

We are done with the realities of modern communications. We turn to an overview of ways to protect conversations based on smartphones. In the article, only those solutions were considered that:

• work for at least two popular mobile phones operating systems: iOS and Android;
• do not belong to companies that have been exposed in cooperation with the special services or the courts for "good purposes".

Three ways to secure conversations

Calls through own voice server: BlackBox

BlackBox buyers get their own powerful conversation protection tool, which is ideal for use by a small group of people, in a company or organization.

Principle of operation:

1. BlackBox software is installed on the buyer's server, which manages calls and secures conversations;
2. users are given individual short numbers (for example, 003, 055, 111) to which they can call each other and nowhere else;
3. a calling application is installed on users' smartphones, which connects to the BlackBox server via the Internet and encrypts conversations.

The main advantage of using BlackBox is secure voice communication without third-party intermediaries, in which the buyer independently controls who to connect to the “closed club”, who to disconnect and who to give rights to service his conversation system.

Pros:

• intelligence agencies do not have the tools to listen to the type of encryption used;
• there is no link to a mobile phone number, email address or bank card;
• voice communication between interlocutors is encrypted from phone to phone (end-to-end);
• the buyer has unlimited access to the server, thanks to which he can organize an independent security audit to identify Trojans in the system;
• the server does not store personal information of subscribers and records of conversations, because it works as an intermediary that connects calls between subscribers and encrypts conversations;
• centralized management of all users.

Minuses:

• a server is required for communication to work (personal or rented in a data center);
• a technical specialist (administrator) is required, to whom the owner of the system will entrust the configuration of smartphones for their connection to the server and further maintenance of voice communications;
• paid conversation app.

Calls through a paid voice service: Silent Phone

Silent Circle's call protection service has gained great popularity around the world after the scandal with the mass wiretapping of conversations by intelligence agencies thanks to Edward Snowden's documents. Voice communication works through Silent Circle servers, to which users connect using the Silent Phone application. It uses the same conversation protection technology as BlackBox.

Principle of operation:

iOS	Android

Protection of conversations of the entire communication line (end-to-end) works only with those who have installed Silent Phone for themselves and have also passed the registration procedure. After the interlocutors exchange their logins, they can call each other.

iOS	Android
iOS	Android

On a note!

1. Silent Circle, which owns the Silent Phone, was founded by Mike Janke, a former Navy SEAL. After the army, he worked as a contractor for the implementation of orders in the field information security for the army. It is Mike Jenkey's close cooperation with the United States that makes many people distrust the services of his company.
2. Silent Phone collects location data (geodata) of the user's smartphone. To organize confidential conversations, such data is absolutely not needed!

iOS	Android

It is naive to believe that if the user forbids the application to use the location data of the smartphone, this will hide its location. Silent Circle can still see where users connect to from other parameters.

Pros:

• powerful conversation encryption protocol;
• no link to mobile phone number;
• combines the functions of secure video calls and text chat;
• allows you to quickly organize the protection of conversations between a group of people.

Minuses:

• voice and video communication works through servers and equipment of "intermediaries";
• Silent Circle (intermediary) sees the location of its users;
• when paying for services, users “shine” with their banking data.

Calls via free voice service: Signal (RedPhone)

Open Whisper Systems' call protection services have also gained a lot of popularity following the mass wiretapping scandal by world powers' intelligence agencies. Voice communication works through the Open Whisper Systems servers, to which users connect using the Signail (iOS) and RedPhone (Android) applications. It uses the same call protection technology as BlackBox and Silent Phone.

Principle of operation:

1. You need to install the application on iOS or Android and go through the procedure of registering your phone number on the server so that other users of this connection can call it:

iOS	Android
iOS	Android

1. After completing the registration procedure, the application accesses the contacts on the user's phone and displays in its list those who also installed Signal or RedPhone for themselves:

iOS	Android

1. Protection of conversations of the entire communication line (end-to-end) works only with those who have installed Signal or RedPhone for themselves:

iOS	Android
iOS	Android

On a note!

1. To avoid confusion, a little clarification: until 2015, there was a single calling application for iOS and Andorid called "RedPhone". Since 2015, iOS developers have been announcing an app under the new name "Signal".
2. Judging from Google Play, the RedPhone app for Android is not being developed. At the time of this writing, updates to the application have not been released for more than a year, while there are many comments on the operation of the application that are not corrected by the developers.

Pros:

• free communication;
• strong voice encryption system;
• combines the functions of a secure text chat.

Minuses:

• binding to a mobile phone number;
• Open Whisper Systems (intermediary) sees the location of its users;
• calls pass through servers of "intermediaries";
• the RedPhone app for Android is not being developed.

Total

A summary table of the pros and cons of each of the ways to protect conversations is rated on a five-point scale:

Protection from	black box	silent phone	red phone
Listenings by special services	✪✪✪✪✪	✪✪✪✪	✪✪✪✪
Listening by intruders	✪✪✪✪✪	✪✪✪✪✪	✪✪✪✪
"Intermediaries" in connection	✪✪✪✪✪	✪✪✪	✪✪✪
Mobile base station replacements	✪✪✪✪✪	✪✪✪✪✪	✪✪✪✪✪
Caller ID	✪✪✪✪✪	✪✪	✪✪✪
Caller location detection	✪✪✪✪	☆	☆
Trojan software on a smartphone	☆	☆	☆

From the presented table it is clearly seen:

• own voice server provides the greatest protection;
• encryption of conversations is not effective if a spy trojan has got onto the smartphone.

Those who value the privacy of their conversations, but are not strong in the information security of mobile devices and do not want to constantly worry about whether their smartphone is infected with viruses, spyware or keyloggers, can use the recommendations that allow them to protect their device without deep knowledge.

• do not use software unlocking of the smartphone using jailbreak operations (jailbreak), which reduces the number of security levels of device protection;
• refuse to view Internet pages on your smartphone, Email and video;
• disable receiving MMS messages;
• install applications on your smartphone only from Google Play or Apple Store;
• it is advisable to refuse to install games;
• do not give your smartphone into the wrong hands;
• do not try to download files from the Internet to your smartphone;
• do not transfer files from a computer to a smartphone;
• do not connect to free Wi-Fi in cafes, restaurants, airports, hotels and other public places;
• turn off access to the microphone, speaker and camera for all programs except those used to protect conversations.

That's all. I wish that your conversations always remain safe.

New details published almost daily regarding the work of the PRISM electronic intelligence program of the US National Security Agency (NBA) caused a quite predictable reaction in society.

Citizens of the United States and other countries began to be massively interested in various alternative search engines, social networks and other online services that provide for an increased level of confidentiality of communication and anonymity of their users, and in particular encryption.

And given the fact that both Apple and Google have been convicted of involvement in the PRISM program (at least in terms of collecting metadata from Verizon Wireless's clients), many mobile users are puzzled by finding ways to protect their smartphones and tablets from excessive attention of special services, and simply from prying eyes.

Of course, everything is quite complicated: switching to another website, renewing an agreement with a different provider company and buying a new mobile device are not measures that allow you to hide from PRISM.

To protect your personal information, let's say, at the household level, experts recommend using online data encryption in smartphones and tablets.

This method means that before sending, the data is first encoded on the outgoing device, and after sending, it is decrypted on the receiving device. It sounds a bit like a spy. But in practice, online encryption looks less mysterious, works quite efficiently and looks like ordinary mobile applications that allow you to transfer data bypassing servers controlled by PRISM.

There are quite a lot of software products that use online encryption, although they are not among the super popular ones. Here is a small list of mobile apps and services that will make your smartphone and/or tablet much more successful against PRISM and other equally nasty data-gathering tracking systems.

Encryption of telephone conversations

• red phone (for Android): a free open source program source code, which can encrypt telephone conversations. Of course, RedPhone is effective only when it is installed on both (or all) participants in the conversation. mobile devices. RedPhone works through Wi-Fi or mobile Internet, and not through telephone connection, so the mobile operator cannot access the metadata of the call.

• silent phone (for iOS and Android): provides for a certain subscription fee, however, unlike RedPhone, it allows cross-platform calls. In Silent Phone, the user is provided with a unique 10-digit number that can be used in parallel with the regular operator company number. For an additional fee, Silent Phone customers can also use their numbers to call third-party subscribers, however, in this case, the encryption of the conversation will be one-way.

• ChatSecure (for iOS) encrypts the data transmitted by the participants in the conversation, works with Google Chat and Jabber (* you can download Jabber ), can also be used in cross-platform data transfer.

• TextSecure (for Android) is developed by the authors of RedPhone and can be used as a replacement for the standard Android application for sending SMS/MMS messages. To protect data, TextSecure must also be installed on all mobile devices participating in the correspondence. It is also worth noting that in its present form, TextSecure allows mobile operators to receive conversation metadata, but the developers promise to solve this problem in the next version of the application.
• Ekboo (for BlackBerry) is a BlackBerry BBM encryption plugin with a separate TextBomb feature that allows you to send text messages that are automatically deleted after a user-specified amount of time.

Encrypt mobile data

• Orweb (for Android) - the program was created by the Guardian Project and recommended for use by the human rights Foundation Electronic Frontier (Electronic Frontier Foundation). Orweb is a web browser that uses the free Tor software to bypass network restrictions and encrypt the user's network activity. In other words, Orweb allows you to hide which device you use to surf the web, control cookies and block Flash. In addition, Orweb does not store browsing history. For more efficient work with Orweb, its developers advise using Orbot .
• Onion Browser (for iOS): For just $1, an iOS user is given access to the Tor network, as well as the ability to hide their IP address and web activities.

Email Encryption

• unlocked (for iOS, Android and other operating systems) can be downloaded and installed as a regular application on any iOS or Android device, where it will function as a plugin for a regular web browser. Enlocked allows you to send and receive encrypted emails in Gmail, Yahoo, AOL and Outlook. Enlocked is distributed free of charge, the only condition for using the program is that it must be installed on the mobile devices of all participants in the correspondence.

How can you listen to conversations on mobile phones, is it possible to protect yourself from such attacks, and how can a subscriber determine that his phone is being tapped?

GSM technology was initially developed and implemented taking into account the requirements of government agencies in terms of security level. To maintain this security, most governments in the world prohibit the use and sale of powerful scramblers, scramblers, cryptographic equipment, as well as highly secure public communications technologies. The telecom operators themselves protect their radio channels by encryption, using rather complex algorithms for this. The choice of cryptoalgorithm is carried out at the stage of establishing a connection between the subscriber and the base station. As for the likelihood of a subscriber's information leaking from the operators' equipment, MTS claims that it is reduced to zero due to the complexity and controllability of access to facilities and equipment.

How can you listen to phones

There are two methods of listening to subscribers - active and passive. Passive listening of the subscriber will require the use of expensive equipment and specially trained personnel. Now on the "gray" market you can buy complexes with which you can listen to subscribers within a radius of 500 meters, their cost starts from several hundred thousand euros. They look like the picture on the right. On the Internet, you can easily find a description of such systems and the principle of their operation.

Manufacturers of such equipment claim that the system allows real-time monitoring of GSM conversations based on access to the facility or the mobile operator's database. If there is no such access, then conversations can be listened to with a delay, depending on the level of encryption used by the operator. The system can also be part of a mobile complex for tracking and listening to moving objects.

The second method of listening is active intervention on the air on control and authentication protocols using special mobile complexes. Such equipment, despite its apparent simplicity (in fact, it is a couple of modified phones and a computer), can cost from several tens to hundreds of thousands of dollars. Working with such complexes requires highly qualified service personnel in the field of communications.

The principle of operation of such an attack is as follows: the mobile complex, due to its closer location to the subscriber (up to 500 m), “intercepts” signals to establish a connection and transmit data, replacing the nearest base station. In fact, the complex becomes an "intermediary" between the subscriber and the base station with all the ensuing security problems.

Having "caught" the subscriber in this way, this mobile complex can perform any function to manage the subscriber's connection, including linking it to any number the attackers need, setting a "weak" encryption algorithm or canceling encryption altogether for this communication session, and much more.

As an example of such listening, we can cite the events of the beginning of this year in the center of Kyiv. During the mass protests against the Yanukovych regime, the crowd seized the car with the SBU officers, from which the frequencies of the walkie-talkies and phones of the protesters were “wired”. What such equipment looks like is clearly visible in the picture.

There is a third possibility for listening to conversations and intercepting the traffic of a mobile subscriber. To do this, you need to install virus software on the victim’s smartphone. When installing malware software malefactors can "on their own" choose or cancel the encryption algorithm altogether, transfer (or destroy) the subscriber's confidential information without authorization, and much more.

How to determine that the phone is tapped

It is impossible to directly determine whether the phone is currently being tapped, but it is possible to obtain indirect confirmation of some probability of this. Many old models push-button phones they even displayed a special icon (closed or open padlock) that showed whether the conversation was encrypted at the moment or not.

Modern phones do not have this feature. However, there are special applications for smartphones that can inform the user about the configuration of the settings of the current communication session, including whether his speech is transmitted openly or using an encryption algorithm. Here are some of them:

EAGLE Security

A powerful program to protect phones from listening. It allows you to prevent connection to a false base station by checking the signatures and identifiers of the base stations. In addition, it monitors the location of stations, and if a base station moves around the city, or periodically disappears from its place, it is marked as suspicious and the program notifies the user about it. You can also use the program to get full list applications that have access to the phone's microphone and video camera, as well as block unwanted software from accessing the camera.

The program helps to track any suspicious activity cellular network, including SMS that are sent without the user's knowledge. The program also evaluates the security of the network in real time, shows which algorithms are used to encrypt the conversation, and much more.

Android IMSI-Catcher Detector

Another software package, which allows you to protect your smartphone from connecting to false base stations. True, he has a small minus - the application is not available on Google Play and you will have to tinker a bit with its installation.

CatcherCatcher

CatcherCatcher, like the Android IMSI-Catcher Detector, allows you to distinguish a real base station from a false one.

In addition, MTS recommends using applications for security, including for encrypting conversations. For example, among anonymous web browsers, Orbot or Orweb can be noted. There are also applications for encrypting phone conversations, photos, and many secure messengers.

In June last year, a scandal erupted in Ukraine around the mobile operator MTS-Ukraine, connected with the illegal "wiretapping" of telephone conversations of Ukrainian subscribers. As it turned out, the MTS-Ukraine network was subjected to an unprecedented hack. Using a vulnerability in the GSM protocol, FSB agents switched some of the operator's subscribers to a server belonging to the Russian subsidiary of Tele2, as a result, the conversations of Ukrainian MTS subscribers were available to Russian special services.

In addition, as recently as yesterday, Kyivstar turned off a segment of the mobile communications network in the part of the Donetsk and Lugansk regions captured by the militants. The network was shut down due to freelance work that arose for unspecified reasons. The press service explained that since part of the Donbass is temporarily not controlled by the Ukrainian authorities, there is no possibility of physical control of the network. In other words, Kyivstar specialists suspected a physical intrusion into the network, that is, an attempt to establish a “wiretapping”. Who tried to install it is easy to guess, at least not homeless people and not bandits who proudly call themselves “militia”. The trail leads all the same way - to the northern neighbor.

Thanks to the revelations of Edward Snowden, we have learned that it is not difficult for the secret services to tap the phones of even the highest leaders of the state. And although most subscribers have absolutely nothing to hide (“Do you want to hear how my friends and I drank beer yesterday? So listen, we don’t mind”), sometimes you still want privacy. Of course, you are unlikely to be of interest to any special service (be it the SBU, FSB, NSA or CIA), but caution will not hurt. Moreover, it is not difficult to achieve a completely sufficient level of privacy if you turn to the following applications for smartphones on Android.

Orbot: proxy bundled with Tor

Orbot is a free proxy server that provides a secure Internet channel for various applications. To encrypt Internet traffic, Orbot uses the Tor anonymous network, which helps protect against network snooping. According to the New York Times, “when a connection comes from the Tor network, there is no way to know from whom or where it was activated.”

According to experts, Orbot does create a completely private connection and is the safest way to surf the web on Android platform. Orbot repeatedly redirects encrypted user traffic through computers around the world instead of connecting directly, as it happens in VPN networks. Of course, traffic delivery in this case is somewhat longer, but confidentiality and protection of the user profile are guaranteed.

In generic mode, Orbot can be configured to transparently pass all traffic through Tor. Also, the user can select specific applications whose traffic needs to be passed through Tor.

Orweb: private web browser

The Orbot proxy server is paired with other applications, such as Orweb, a private web browser that supports proxy connections. When used in conjunction with Orbot, the Orweb web browser protects against network traffic analysis by supervisory authorities, blocks cookies, deletes your web browsing history and disables Flash for more security.

ChatSecure: encrypting chat messages

The free application provides unlimited exchange of encrypted private messages in GoogleChat (GChat), FacebookChat, VKontakte, Yandex, Hyves, Odnoklassniki, StudiVZ, Livejournal and Jabber. The application works on Android, iPhone, Mac, Linux and Windows platforms.

OTR encryption is used to protect messages. As a result, no one can intercept or view your messages. It's worth noting, however, that all of these security measures only work if your interlocutors are using a compatible OTR client such as ChatSecure, Adium, or Pidgin.

Ostel: encryption of telephone conversations

The free Ostel utility is designed for full end-to-end encryption of phone calls. This public test application of the Open Secure Telephony Network (OSTN) project aims to promote free, open protocols, standards and software designed for highly secure voice communications on mobile devices and desktop computers. The utility is fully integrated with the CSipSimple app for Android. Includes OSTN Configuration Wizard. To make calls, just enter your name, password and ostel.co!

DuckDuckGo Safe Search

According to the developers, the DuckDuckGo search service does not collect information about the user at all. The app provides true privacy, no matter what you're trying to find.

The smart search feature helps you quickly find what you're looking for. For this, instant responses from hundreds of sources are used, as well as requests to thousands of other sites.

CSipSimple: VOIP telephony encryption

CSipSimple is a free and open source SIP client for Android that provides end-to-end encryption using the TLS crypto algorithm for SIP and SRTP/ZRTP for media files. It features a simple setup, the ability to record calls, and an attractive interface.

TextSecure: SMS protection

The utility, developed by Whisper Systems programmers, provides reliable encryption of SMS text messages. It goes without saying that both subscribers conducting SMS correspondence must install this program on their Android smartphones.

K-9 and APG: Email Encryption

The open-source K-9 Mail app is based on the built-in Android email utility. The project allows you to simplify the management of various accounts and large volumes of email, and also supports OpenPGP encryption when using Android Privacy Guard.

PixelKnot: Steganography

Steganography involves the covert transmission of information by keeping the very fact of transmission secret. With a secret message you can hide in graphic image, moreover, none of those around will guess that this is not just a picture, but a “container with a secret”.

NoteCipher: secure DBMS

The free NoteCipher app is easy to use Notebook, which stores records in encrypted form in the SQL Cipher for Android DBMS. All records created and saved with this application are encrypted using a powerful industrial algorithm - 256-bit AES. Moreover, NoteCipher never transfers information in clear text to disk; when working with records, all of them are stored in decrypted form only in RAM.