privacyguides/i18n
1
0
Fork 0
mirror of https://github.com/privacyguides/i18n.git synced 2025-06-23 11:14:21 +00:00
Code Activity

New Crowdin translations by GitHub Action

Browse Source
This commit is contained in:
Crowdin Bot
2024-01-15 09:32:16 +00:00
parent c8c47f04a6
commit 198bf9673e
29 changed files with 2025 additions and 1445 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
i18n/cs/device-integrity.md
View File

@ -7,11 +7,12 @@ cover: device-integrity.webp
These tools can be used to validate the integrity of your mobile devices and check them for indicators of compromise by spyware and malware such as Pegasus, Predator, or KingsPawn. This page focuses on **mobile security**, because mobile devices typically have read-only systems with well-known configurations, so detecting malicious modifications is easier than on traditional desktop systems. We may expand the focus of this page in the future.
!!! note "This is an advanced topic"
<div class="admonition note" markdown>
<p class="admonition-title">This is an advanced topic</p>
```
These tools may provide utility for certain individuals. They provide functionality which most people do not need to worry about, and often require more in-depth technical knowledge to use effectively.
```
</div>
It is **critical** to understand that scanning your device for public indicators of compromise is **not sufficient** to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on these publicly-available scanning tools can miss recent security developments and give you a false sense of security.
@ -46,23 +47,23 @@ These tools provide analysis based on the information they have the ability to a
External verification tools run on your computer and scan your mobile device for forensic traces which are helpful to identify potential compromise.
!!! danger
<div class="admonition danger" markdown>
<p class="admonition-title">Danger</p>
```
Public indicators of compromise are insufficient to determine that a device is "clean", and not targeted with a particular spyware tool. Reliance on public indicators alone can miss recent forensic traces and give a false sense of security.
Reliable and comprehensive digital forensic support and triage requires access to non-public indicators, research and threat intelligence.
Such support is available to civil society through [Amnesty International's Security Lab](https://www.amnesty.org/en/tech/) or [Access Nows Digital Security Helpline](https://www.accessnow.org/help/).
```
</div>
These tools can trigger false-positives. If any of these tools finds indicators of compromise, you need to dig deeper to determine your actual risk. Some reports may be false positives based on websites you've visited in the past, and findings which are many years old are likely either false-positives or indicate previous (and no longer active) compromise.
### Mobile Verification Toolkit
!!! recommendation
<div class="admonition recommendation" markdown>
```
![MVT logo](assets/img/device-integrity/mvt.webp){ align=right }
**Mobile Verification Toolkit** (**MVT**) is a collection of utilities which simplifies and automates the process of scanning mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT was developed by Amnesty International and released in 2021 in the context of the [Pegasus Project](https://forbiddenstories.org/about-the-pegasus-project/).
@ -70,17 +71,22 @@ These tools can trigger false-positives. If any of these tools finds indicators
[:octicons-home-16: Homepage](https://mvt.re/){ .md-button .md-button--primary }
[:octicons-code-16:](https://github.com/mvt-project/mvt){ .card-link title="Source Code" }
??? downloads
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
- [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
```
- [:simple-apple: macOS](https://docs.mvt.re/en/latest/install/)
- [:simple-linux: Linux](https://docs.mvt.re/en/latest/install/)
!!! warning
</details>
</div>
<div class="admonition warning" markdown>
<p class="admonition-title">Warning</p>
```
Using MVT is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
```
</div>
MVT is _most_ useful for scanning iOS devices. Android stores very little diagnostic information useful to triage potential compromises, and because of this `mvt-android` capabilities are limited as well. On the other hand, encrypted iOS iTunes backups provide a large enough subset of files stored on the device to detect suspicious artifacts in many cases. This being said, MVT does still provide fairly useful tools for both iOS and Android analysis.
@ -98,9 +104,8 @@ MVT allows you to perform deeper scans/analysis if your device is jailbroken. Un
### iMazing (iOS)
!!! recommendation
<div class="admonition recommendation" markdown>
```
![iMazing logo](assets/img/device-integrity/imazing.png){ align=right }
**iMazing** provides a free spyware analyzer tool for iOS devices which acts as a GUI-wrapper for [MVT](#mobile-verification-toolkit). This can be much easier to run compared to MVT itself, which is a command-line tool designed for technologists and forensic investigators.
@ -109,11 +114,15 @@ MVT allows you to perform deeper scans/analysis if your device is jailbroken. Un
[:octicons-eye-16:](https://imazing.com/privacy-policy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://imazing.com/spyware-analyzer){ .card-link title=Documentation}
??? downloads
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-windows11: Windows](https://imazing.com/download)
- [:simple-apple: macOS](https://imazing.com/download)
```
- [:simple-windows11: Windows](https://imazing.com/download)
- [:simple-apple: macOS](https://imazing.com/download)
</details>
</div>
iMazing automates and interactively guides you through the process of using [MVT](#mobile-verification-toolkit) to scan your device for publicly-accessible indicators of compromise published by various threat researchers. All of the information and warnings which apply to MVT apply to this tool as well, so we suggest you also familiarize yourself with the notes on MVT in the sections above.
@ -121,17 +130,17 @@ iMazing automates and interactively guides you through the process of using [MVT
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
!!! warning
<div class="admonition warning" markdown>
<p class="admonition-title">Warning</p>
```
Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
```
</div>
### Auditor (Android)
!!! recommendation
<div class="admonition recommendation" markdown>
```
![Auditor logo](assets/img/device-integrity/auditor.svg#only-light){ align=right }
![Auditor logo](assets/img/device-integrity/auditor-dark.svg#only-dark){ align=right }
@ -143,12 +152,16 @@ Using these apps is insufficient to determine that a device is "clean", and not
[:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
[:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
??? downloads
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
```
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
- [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
- [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
</details>
</div>
Auditor is not a scanning/analysis tool like some other tools on this page, rather it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
@ -170,17 +183,17 @@ If your [threat model](basics/threat-modeling.md) requires privacy, you could co
These are apps you can install on your device which scan your device for signs of compromise.
!!! warning
<div class="admonition warning" markdown>
<p class="admonition-title">Warning</p>
```
Using these apps is insufficient to determine that a device is "clean", and not targeted with a particular spyware tool.
```
</div>
### Hypatia (Android)
!!! recommendation
<div class="admonition recommendation" markdown>
```
![Hypatia logo](assets/img/device-integrity/hypatia.svg#only-light){ align=right }
![Hypatia logo](assets/img/device-integrity/hypatia-dark.svg#only-dark){ align=right }
@ -191,18 +204,21 @@ Using these apps is insufficient to determine that a device is "clean", and not
[:octicons-code-16:](https://github.com/divested-mobile/hypatia){ .card-link title="Source Code" }
[:octicons-heart-16:](https://divested.dev/pages/donate){ .card-link title=Contribute }
??? downloads
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
```
- [:simple-android: F-Droid](https://f-droid.org/packages/us.spotco.malwarescanner/)
</details>
</div>
Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors/) for advice.
### iVerify (iOS)
!!! recommendation
<div class="admonition recommendation" markdown>
```
![iVerify logo](assets/img/device-integrity/iverify.webp){ align=right }
**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus.
@ -211,10 +227,14 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
[:octicons-eye-16:](https://www.iverify.io/privacy-policy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://www.iverify.io/frequently-asked-questions#iVerify-General){ .card-link title=Documentation}
??? downloads
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
```
- [:simple-appstore: App Store](https://apps.apple.com/us/app/iverify/id1466120520)
</details>
</div>
Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is _specifically_ designed to bypass iVerify's checks would likely succeed at doing so.