Add device integrity/verification tools (#2315)

Signed-off-by: Daniel Gray <dngray@privacyguides.org> Signed-off-by: Freddy <freddy@privacyguides.org>
privacyguides · Nov 12, 2023 · d5a31c8 · d5a31c8 · privacyguides-bot · Nov 13, 2023
1 parent d9ff083
commit d5a31c8
Show file tree

Hide file tree

Showing 24 changed files with 418 additions and 212 deletions.
diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/config/mkdocs-common.yml b/config/mkdocs-common.yml
@@ -93,7 +93,7 @@ theme:
     - search.highlight
 
 extra_css:
-  - assets/stylesheets/extra.css?v=3.15.0
+  - assets/stylesheets/extra.css?v=3.17.0
 extra_javascript:
   - assets/javascripts/mathjax.js
 

diff --git a/config/mkdocs.en.yml b/config/mkdocs.en.yml
@@ -126,6 +126,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - Advanced:
+      - 'device-integrity.md'
   - About:
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/config/mkdocs.es.yml b/config/mkdocs.es.yml
@@ -124,6 +124,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - Advanced:
+      - 'device-integrity.md'
   - Acerca de:
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/config/mkdocs.fr.yml b/config/mkdocs.fr.yml
@@ -124,6 +124,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - "Advanced":
+      - 'device-integrity.md'
   - "À propos":
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/config/mkdocs.he.yml b/config/mkdocs.he.yml
@@ -128,6 +128,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - "Advanced":
+      - 'device-integrity.md'
   - "על אודות":
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/config/mkdocs.it.yml b/config/mkdocs.it.yml
@@ -124,6 +124,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - "Advanced":
+      - 'device-integrity.md'
   - Informazioni:
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/config/mkdocs.nl.yml b/config/mkdocs.nl.yml
@@ -124,6 +124,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - "Advanced":
+      - 'device-integrity.md'
   - Over ons:
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/config/mkdocs.ru.yml b/config/mkdocs.ru.yml
@@ -126,6 +126,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - Advanced:
+      - 'device-integrity.md'
   - О сайте:
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/config/mkdocs.zh-Hant.yml b/config/mkdocs.zh-Hant.yml
@@ -126,6 +126,8 @@ nav:
       - 'android.md'
       - 'desktop.md'
       - 'router.md'
+    - Advanced:
+      - 'device-integrity.md'
   - 關於:
     - 'about/index.md'
     - 'about/criteria.md'

diff --git a/docs/android.md b/docs/android.md
@@ -216,40 +216,6 @@ We recommend a wide variety of Android apps throughout this site. The apps liste
 
     When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
 
-### Auditor
-
-!!! recommendation
-
-    ![Auditor logo](assets/img/android/auditor.svg#only-light){ align=right }
-    ![Auditor logo](assets/img/android/auditor-dark.svg#only-dark){ align=right }
-
-    **Auditor** is an app which leverages hardware security features to provide device integrity monitoring by actively validating the identity of a device and the integrity of its operating system. Currently, it only works with GrapheneOS or the stock operating system for [supported devices](https://attestation.app/about#device-support).
-
-    [:octicons-home-16: Homepage](https://attestation.app){ .md-button .md-button--primary }
-    [:octicons-eye-16:](https://attestation.app/privacy-policy){ .card-link title="Privacy Policy" }
-    [:octicons-info-16:](https://attestation.app/about){ .card-link title=Documentation}
-    [:octicons-code-16:](https://attestation.app/source){ .card-link title="Source Code" }
-    [:octicons-heart-16:](https://attestation.app/donate){ .card-link title=Contribute }
-
-    ??? downloads
-
-        - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.attestation.auditor.play)
-        - [:simple-github: GitHub](https://github.com/GrapheneOS/Auditor/releases)
-        - [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
-
-Auditor performs attestation and intrusion detection by:
-
-- Using a [Trust On First Use (TOFU)](https://en.wikipedia.org/wiki/Trust_on_first_use) model between an *auditor* and *auditee*, the pair establish a private key in the [hardware-backed keystore](https://source.android.com/security/keystore/) of the *Auditor*.
-- The *auditor* can either be another instance of the Auditor app or the [Remote Attestation Service](https://attestation.app).
-- The *auditor* records the current state and configuration of the *auditee*.
-- Should tampering with the operating system of the *auditee* happen after the pairing is complete, the auditor will be aware of the change in the device state and configurations.
-- You will be alerted to the change.
-
-No personally identifiable information is submitted to the attestation service. We recommend that you sign up with an anonymous account and enable remote attestation for continuous monitoring.
-
-If your [threat model](basics/threat-modeling.md) requires privacy, you could consider using [Orbot](tor.md#orbot) or a VPN to hide your IP address from the attestation service.
-To make sure that your hardware and operating system is genuine, [perform local attestation](https://grapheneos.org/install/web#verifying-installation) immediately after the device has been installed and prior to any internet connection.
-
 ### Secure Camera
 
 !!! recommendation