PRIVACY FOCUSED
SECURE PHONE
Safetyr revolutionizes mobile security.
The first line of defense is reducing the attack surface, minimizing exposure to threats.
SafetyR designed to counteract real-world risks and uses sophisticated techniques to protect your data from unauthorized access. An Integrated firewall provides precise network control, tailored firewall rules, and blocks suspicious activities.
By incorporating anti-exploitation features, SafetyR adds an extra layer of defense against vulnerabilities. With no invasive Google services, SafetyR ensures a clean, secure user experience.
Attack Surface Reduction
SafetyR reduces the attack surface by disabling unnecessary
code and features, including USB-C port and pogo pin control
with five modes to secure USB connections
Exploit Mitigations
Safetyr employs advanced techniques to harden the system against vulnerabilities:
-
Hardened Memory Allocation: Ensures safer memory management to prevent corruption
-
Kernel Fortification: Implements measures like random canaries and zeroed memory allocation
-
Application Runtime Protection: Restricts dynamic code execution and uses seccomp-bpf for better sandboxing
Advanced Firewall Protection
Firewall control with dynamic rules and threat prevention allows precise control over network access, tailoring firewall rules to specific needs, and blocking suspicious activities to enhance security
Improved Sandboxing
Enhanced SELinux policies and isolated environments
strengthen the app and system sandboxing
Anti-persistence/Detection
Enhanced verified boot and hardware-based attestation
prevent tampering and ensure system integrity
Encryption Layer
Full disk encryption with AES-GCM ensures robust data protection, with each user profile having a unique encryption key
PIN Scrambling
The layout of the PIN entry screen is randomized to
prevent shoulder surfing attacks
Security Features
Main Features
And Strengths
Wi-Fi Privacy
SafetyR implements per-connection MAC address randomization and IPv6 privacy features
Private Images/Screenshots
Ensures images and screenshots do not contain sensitive metadata
Closed Device Identifier Leaks
Vulnerabilities that could expose hardware and software identifiers are fixed, preventing unauthorized access to device-specific data
Location Data Access Indicator
An indicator shows when apps access location data, enhancing transparency
Contact Scopes
Controlled access to specific contacts ensures privacy
Network Permission Toggle
SafetyR blocks apps from network access, enhancing user privacy
Sensors Permission Toggle
Access to sensors not covered by existing permissions is disallowed
Storage Scopes
Selective storage access for apps limits data exposure
Aurora OSS
open-source platform that allows users to install and
manage apps without relying on Google Play Services. It offers features like anonymous login,
device spoofing, and app filtering to enhance privacy and control for users
Privacy Features
Hardened Browser
A hardened web browser with advanced security features that reduces fingerprinting and tracking.
Sandboxed Google Play
Google Play services run without privileged access, ensuring they operate within the app sandbox
User Installed Apps Can Be Disabled
Users can disable apps they have installed,
enhancing control over app management
Camera and PDF Viewer
Privacy-focused camera and PDF viewer apps are
offered to enhance security
Profiles
Supports multiple user profiles with isolated data and unique encryption keys, ensuring separation of personal and work environments
USB Hardening
SafetyR provides advanced control over USB connections to reduce the risk of USB-based attacks, including disabling USB data access while allowing charging
Disabling App Installation per Profile
Administrators can disable app installation for specific user profiles, ensuring tighter control over app management and security
LTE-only Mode
Disables 2G, 3G, and 5G to reduce the cellular radio attack surface
Other Features
Stripping Unnecessary Code
Reduces the attack surface by removing unneeded code.
USB-C and Pogo Pins Control
Limits port access to prevent exploitation.
Block Native Debugging Access
Prevents debugging tools from accessing the device.
Hardened App Runtime
Enhances security for running apps.
Secure Application Spawning System
Secures the process of starting apps
Hardened libc and Memory Allocator
Strengthens core system libraries against attacks.
ARMv9 Features
Uses advanced security features like BTI and PAC.
Hardened Kernel
Improves kernel security with features like canaries and memory wiping.
Prevention of Dynamic Native Code Execution
Blocks runtime code injection.
Filesystem Access Hardening
Strengthens filesystem permissions and access controls.
Hardening SELinux and seccomp-bpf Policy
Enhances sandboxing of applications.
Exploitation Defense/Patching