privacyguides/privacyguides.org
1
1
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2026-06-03 00:49:16 +00:00
Code Issues Activity

refactor: Follow Hugo leaf vs branch conventions

Browse Source
This commit is contained in:
Jonah Aragon
2026-05-13 01:14:25 -05:00
parent 757a274ac3
commit 88f1894219
99 changed files with 552 additions and 552 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/tools/advanced/device-integrity/_index.md → content/tools/advanced/device-integrity/index.md
+5 -5
View File
@@ -48,7 +48,7 @@ These tools provide analysis based on the information they have the ability to a
## External Verification Tools
<small>Protects against the following threat(s):</small>
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/_index.md#attacks-against-specific-individuals)
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals)
External verification tools run on your computer and scan your mobile device for forensic traces, which are helpful to identify potential compromise.
@@ -107,8 +107,8 @@ iMazing automates and interactively guides you through the process of using [MVT
## On-Device Verification
<small>Protects against the following threat(s):</small>
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/_index.md#attacks-against-specific-individuals)
[{{< badge content="Passive Attacks" color="amber" >}}](../../../wiki/basics/common-threats/_index.md#security-and-privacy)
[{{< badge content="Targeted Attacks" color="red" >}}](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals)
[{{< badge content="Passive Attacks" color="amber" >}}](../../../wiki/basics/common-threats/index.md#security-and-privacy)
These are apps you can install which check your device and operating system for signs of tampering, and validate the identity of your device.
@@ -131,7 +131,7 @@ These are apps you can install which check your device and operating system for
Auditor is not a scanning/analysis tool like some other tools on this page. Rather, it uses your device's hardware-backed keystore to allow you to verify the identity of your device and gain assurance that the operating system itself hasn't been tampered with or downgraded via verified boot. This provides a very robust integrity check of your device itself, but doesn't necessarily check whether the user-level apps running on your device are malicious.
Auditor performs attestation and intrusion detection with **two** devices, an *auditee* (the device being verified) and an *auditor* (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](../../os/android/distributions.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
Auditor performs attestation and intrusion detection with **two** devices, an *auditee* (the device being verified) and an *auditor* (the device performing the verification). The auditor can be any Android 10+ device (or a remote web service operated by [GrapheneOS](../../os/android/distributions/index.md#grapheneos)), while the auditee must be a specifically [supported device](https://attestation.app/about#device-support). Auditor works by:
- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore) of the *Auditor*.
- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
@@ -143,4 +143,4 @@ It is important to note that Auditor can only effectively detect changes **after
No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
If your [threat model](../../../wiki/basics/threat-modeling/_index.md) requires hiding your IP address from the attestation service, you could consider using [Orbot](../alternative-networks/_index.md#orbot) or a [VPN](../../services/vpn/_index.md).
If your [threat model](../../../wiki/basics/threat-modeling/index.md) requires hiding your IP address from the attestation service, you could consider using [Orbot](../alternative-networks/index.md#orbot) or a [VPN](../../services/vpn/index.md).