Anyone knows any free end to end encrypted to-do list, calendar and contacts app for Android? It doesn’t need to have all three in one app, even I prefer to be separate app for each. I couldn’t find 4096-bit RSA zero access information grade one. Maybe you guys know anything?
I’m a privacy fan and looking for these just to be safe!
The problem is that all of your Android contacts already have you in their Google could. Algorithm can easily connect the dots and locate you by any bit of private information.
That being said, end to end encryption is done only while you’re transmitting that data somewhere, and by default, communication with Google servers is encrypted, as would be any other where you’re required to enter your credentials.
My point is that it’s easier to get your device physically and get the contacts out than it is for someone to hack your account and/or intercept your data. And even if you hide your stuff well, your personal data is still floating around dozens if not hundreds of phones.
My device is from secure brand. And it’s encrypted by 16 digital alpha numeric and special characters, so even it’s protected from boot, if password doesn’t entered. Also my sdcard as well. Sooo anyone tries to access device is selfie taken and will emails to me(even if they break the 16 digit pass, that I have doubt with its possible). Sooo I need to save my contact, calendar and to-do list encrypted locally, even if they are not end to end encrypted, I need a way to get a backup from them and thereafter a hard reset(possible virus or malware because 24h/7d web browsing), restore them back. Is this make sense and do you know unbreakable encryption with 4096bit RSA key that stores locally only in device. How can I do this?
There you go. As your local storage is secure you can save all the contacts into the phone memory (not SIM, not Google cloud and not your device maker cloud). That’s half of the problem solved.
Exporting them using your built in contacts app is possible into VCF file for example. Then you can move the file to your computer, which probably has encrypted disk as well.
Thanks. But as my info, the Android and iOS both is vulnerable to attack by Authority they are not 100% safe place to save. Most ridiculous part about Android encryption is that ‘you can’t backup encryption key’ without a third-party application that only works on Rooted Android OS’s, while Rooting Android decrease the security of it, also most bank applications won’t work on Rooted devices. So practically this smells fishy for me that how this phone companies acting dishonesty with all their customers. No hope for privacy fans…
Thanks. This phone and it’s private OS is not lunched yet. Not sure how secure it could be compared to blackphone. If they don’t know enough security knowledge, phone will not be a complete solution. There is similar projects but non of them was match for blackphone who is rumored getting banckrupt and no hope for new version soon.
Magisk root the boot partition and leave system partition untouched, so then we can use rooted phone and have bank apps working at same time. But I heard a lot that rooting Android decrease it’s security so badly, and make it vulnerable to hack. How to prevent this?
Encryption key is that can be used to restore the dmcrypt header, this is for fail-safe in every standard encryption procedure.
uhh… what?? This is very unclear. Can you explain what you mean. What do you need to do with your “exported encryption key”?? decrypt your encrypted device? what do you mean “is that can be used to restore…”?
AFAIK the password you enter only decrypts your encryption key, i.e. your password is not your encryption key. Exporting it would suggest that if your encrypted keystore partition or whatever gets corrupted, you can still use your password to decrypt your data.
Thanks. I try the End to end to-do lists and come back with feedback. For calendar, Tutanota is only privacy-minded when you use the free tier(payment by untraceable crypto or cash is not accepted), and if you don’t log in it gets locked up in 6 months forever, for unlocking the account you shall pay by traceable currencies that defeat the purpose. Tutanota is in Germany, and Germany’s privacy law is not as bad as the UK after this unfortunate act happened Investigatory Powers Act 2016 - Wikipedia
Whatever data Tutanota has is on Germany and Germany is on the 14-eyes intelligent collection countries list. Thus it defeats the purpose.
The mandatory recovery key issue is a suspicious act for breaking in by the backdoor method in Tutanota as I discussed before here in my posts related to Tutanota.
I tried to set up an encrypted mail server a while ago but nothing worked fine, while I tried to make an end-to-end encryption email for my personal use, the project messed up as it become too a time-consuming process. It’s on my to-do list but only if I find a robust privacy-minded and secure and reliable solution for the state-of-the-art encrypted personal mail servers.
For contact apps, and SMS, I trust Signal and Telegram but I will try Coverme and come back with feedback. How do you compare the privacy-minded and security and journalist protection requirement in these apps to the Session app?