Compare commits
2 Commits
e9b67bd9c4
...
d0962a4db8
Author | SHA1 | Date | |
---|---|---|---|
d0962a4db8 | |||
75f46110dc |
36
README.md
@ -28,7 +28,7 @@ Do not use this app with volumes containing sensitive data unless you know exact
|
|||||||
- Unlocking volumes using fingerprint authentication
|
- Unlocking volumes using fingerprint authentication
|
||||||
- Volume auto-locking when the app goes in background
|
- Volume auto-locking when the app goes in background
|
||||||
|
|
||||||
_For upcoming features, see [TODO.md](https://forge.chapril.org/hardcoresushi/DroidFS/src/branch/master/TODO.md)._
|
For planned features, see [TODO.md](https://forge.chapril.org/hardcoresushi/DroidFS/src/branch/master/TODO.md).
|
||||||
|
|
||||||
# Unsafe features
|
# Unsafe features
|
||||||
Some available features are considered risky and are therefore disabled by default. It is strongly recommended that you read the following documentation if you wish to activate one of these options.
|
Some available features are considered risky and are therefore disabled by default. It is strongly recommended that you read the following documentation if you wish to activate one of these options.
|
||||||
@ -39,30 +39,47 @@ Some available features are considered risky and are therefore disabled by defau
|
|||||||
|
|
||||||
Note: apps with root access don't care about this flag: they can take screenshots or record the screen of any app without any permissions.
|
Note: apps with root access don't care about this flag: they can take screenshots or record the screen of any app without any permissions.
|
||||||
</li>
|
</li>
|
||||||
|
<br>
|
||||||
<li><h4>Allow exporting files:</h4>
|
<li><h4>Allow exporting files:</h4>
|
||||||
Decrypt and write file to disk (external storage). Any app with storage permissions could access exported files.
|
Decrypt and write file to disk (external storage). Any app with storage permissions could access exported files.
|
||||||
</li>
|
</li>
|
||||||
<li><h4>Allow sharing files via the android share menu*:</h4>
|
<br>
|
||||||
|
<li><h4>Allow sharing files via the android share menu⁽¹⁾:</h4>
|
||||||
Decrypt and share file with other apps. These apps could save and send the files thus shared.
|
Decrypt and share file with other apps. These apps could save and send the files thus shared.
|
||||||
</li>
|
</li>
|
||||||
|
<br>
|
||||||
<li><h4>Allow saving password hash using fingerprint:</h4>
|
<li><h4>Allow saving password hash using fingerprint:</h4>
|
||||||
Generate an AES-256 GCM key in the Android Keystore (protected by fingerprint authentication), then use it to encrypt the volume password hash and store it to the DroidFS internal storage. This require Android v6.0+. If your device is not encrypted, extracting the encryption key with physical access may be possible.
|
Generate an AES-256 GCM key in the Android Keystore (protected by fingerprint authentication), then use it to encrypt the volume password hash and store it to the DroidFS internal storage. This require Android v6.0+. If your device is not encrypted, extracting the encryption key with physical access may be possible.
|
||||||
</li>
|
</li>
|
||||||
<li><h4>Keep volume open when the app goes in background:</h4>
|
<br>
|
||||||
Don't close the volume when you leave the app but keep running it in the background. Anyone going back to the activity could have access to the volume.
|
<li><h4>Disable volume auto-locking:</h4>
|
||||||
|
(previously called *"Keep volumes open when the app goes in background"*)
|
||||||
|
|
||||||
|
Don't close open volumes when you leave the app. Anyone going back to the application could have access to open volumes. Cryptographic secrets are kept in memory for an undefined amount of time.
|
||||||
</li>
|
</li>
|
||||||
<li><h4>Allow opening files with other applications*:</h4>
|
<br>
|
||||||
|
<li><h4>Keep volumes open</h4>
|
||||||
|
(Different from the old *"Keep volumes open when the app goes in background"*. Yes it's confusing, sorry)
|
||||||
|
|
||||||
|
Keep the app running as a [foreground service](https://developer.android.com/develop/background-work/services/foreground-services) to maintain volumes open, even when the app is removed from recent tasks.
|
||||||
|
|
||||||
|
This avoid the app from being killed by the system during file operations or while accessing exposed volumes, but this mean cryptographic secrets stay in memory for an undefined amount of time.
|
||||||
|
</li>
|
||||||
|
<br>
|
||||||
|
<li><h4>Allow opening files with other applications⁽¹⁾:</h4>
|
||||||
Decrypt and open file using external apps. These apps could save and send the files thus opened.
|
Decrypt and open file using external apps. These apps could save and send the files thus opened.
|
||||||
</li>
|
</li>
|
||||||
<li><h4>Expose open volumes*:</h4>
|
<br>
|
||||||
Allow open volumes to be browsed in the system file explorer (<a href="https://developer.android.com/guide/topics/providers/document-provider">DocumentProvider</a> API). Encrypted files can then be selected from other applications, potentially with permanent access. This feature requires <i>"Keep volume open when the app goes in background"</i> to be enabled.
|
<li><h4>Expose open volumes⁽¹⁾:</h4>
|
||||||
|
Allow open volumes to be browsed in the system file explorer (<a href="https://developer.android.com/guide/topics/providers/document-provider">DocumentProvider</a> API). Encrypted files can then be selected from other applications, potentially with permanent access. This feature requires <i>"Disable volume auto-locking"</i>, and works more reliably when <i>"Keep volumes open"</i> is also enabled.
|
||||||
</li>
|
</li>
|
||||||
|
<br>
|
||||||
<li><h4>Grant write access:</h4>
|
<li><h4>Grant write access:</h4>
|
||||||
Files opened with another applications can be modified by them. This applies to both previous unsafe features.
|
Files opened with another applications can be modified by them. This applies to both previous unsafe features.
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
\* These features can work in two ways: temporarily writing the plain file to disk (DroidFS internal storage) or sharing it via memory. By default, DroidFS will choose to keep the file only in memory as it's more secure, but will fallback to disk export if the file is too large to be held in memory. This behavior can be changed with the *"Export method"* parameter in the settings. Please note that some applications require the file to be stored on disk, and therefore do not work with memory-exported files.
|
(¹): These features can work in two ways: temporarily writing the plain file to disk (DroidFS internal storage) or sharing it via memory. By default, DroidFS will choose to keep the file only in memory as it's more secure, but will fallback to disk export if the file is too large to be held in memory. This behavior can be changed with the *"Export method"* parameter in the settings. Please note that some applications require the file to be stored on disk, and therefore do not work with memory-exported files.
|
||||||
|
|
||||||
# Download
|
# Download
|
||||||
<a href="https://f-droid.org/packages/sushi.hardcore.droidfs">
|
<a href="https://f-droid.org/packages/sushi.hardcore.droidfs">
|
||||||
@ -103,6 +120,9 @@ DroidFS needs some permissions for certain features. However, you are free to de
|
|||||||
<li><h4>Record audio:</h4>
|
<li><h4>Record audio:</h4>
|
||||||
Required if you want sound on video recorded with DroidFS.
|
Required if you want sound on video recorded with DroidFS.
|
||||||
</li>
|
</li>
|
||||||
|
<li><h4>Notifications:</h4>
|
||||||
|
Used to report file operations progress and notify about volumes kept open.
|
||||||
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
# Limitations
|
# Limitations
|
||||||
|
8
fastlane/metadata/android/en-US/changelogs/373.txt
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
- Reworked UI for adding volumes
|
||||||
|
- New unsafe feature to keep the app running as a foreground service
|
||||||
|
- Allow choosing file export method
|
||||||
|
- Logcat viewer (for easier debugging)
|
||||||
|
- New turkish & chinese-simplified translations
|
||||||
|
- UX improvements
|
||||||
|
- Bug fixes
|
||||||
|
- Translations updates
|
@ -7,6 +7,7 @@ Currently, DroidFS supports the following encrypted containers:
|
|||||||
- Compatible with original encrypted volume implementations
|
- Compatible with original encrypted volume implementations
|
||||||
- Internal support for video, audio, images, text and PDF files
|
- Internal support for video, audio, images, text and PDF files
|
||||||
- Built-in camera to take on-the-fly encrypted photos and videos
|
- Built-in camera to take on-the-fly encrypted photos and videos
|
||||||
|
- Ability to expose volumes to other applications
|
||||||
- Unlocking volumes using fingerprint authentication
|
- Unlocking volumes using fingerprint authentication
|
||||||
- Volume auto-locking when the app goes in background
|
- Volume auto-locking when the app goes in background
|
||||||
|
|
||||||
@ -15,6 +16,7 @@ Currently, DroidFS supports the following encrypted containers:
|
|||||||
<b>Biometric/Fingerprint hardware:</b> needed to encrypt/decrypt password hashes using a fingerprint protected key.
|
<b>Biometric/Fingerprint hardware:</b> needed to encrypt/decrypt password hashes using a fingerprint protected key.
|
||||||
<b>Camera:</b> required to take encrypted photos or videos directly from the app.
|
<b>Camera:</b> required to take encrypted photos or videos directly from the app.
|
||||||
<b>Record audio:</b> required if you want sound on videos recorded with DroidFS.
|
<b>Record audio:</b> required if you want sound on videos recorded with DroidFS.
|
||||||
|
<b>Notifications:</b> used to report file operations progress and notify about volumes kept open
|
||||||
|
|
||||||
All of these permissions can be denied if you don't want to use the corresponding feature.
|
All of these permissions can be denied if you don't want to use the corresponding feature.
|
||||||
|
|
||||||
|
BIN
fastlane/metadata/android/en-US/images/phoneScreenshots/1.jpg
Normal file
After Width: | Height: | Size: 631 B |
Before Width: | Height: | Size: 79 KiB After Width: | Height: | Size: 91 KiB |
BIN
fastlane/metadata/android/en-US/images/phoneScreenshots/2.jpg
Normal file
After Width: | Height: | Size: 631 B |
Before Width: | Height: | Size: 76 KiB After Width: | Height: | Size: 100 KiB |
BIN
fastlane/metadata/android/en-US/images/phoneScreenshots/3.jpg
Normal file
After Width: | Height: | Size: 631 B |
Before Width: | Height: | Size: 90 KiB After Width: | Height: | Size: 133 KiB |
Before Width: | Height: | Size: 116 KiB After Width: | Height: | Size: 144 KiB |
Before Width: | Height: | Size: 2.7 MiB After Width: | Height: | Size: 2.7 MiB |
Before Width: | Height: | Size: 147 KiB After Width: | Height: | Size: 232 KiB |