CopperheadOS

Features of Copperhead and CopperheadOS

Copperhead and CopperheadOS

Corporation

  • Experienced in managing service-based and product-based offerings
  • 5+ years of experience working with high-threat model clients in the field
  • Hires the best talent from Open-Source projects and industry leading companies
  • Fully remote since 2015
  • Transitioned from donation-based to fully sales-based model in 2018
  • Fully founder-owned and operated -- No external investors, no state-owned assets
  • Security-clearance and NATO approved
  • Based in Canada and follows all global privacy policies
  • Successfully recovered from persistent adversaries and misinformation warfare
  • Has never received any warrant, backdoor request, supeona or gag order regarding product activities

Client Projects

  • Deployed and developed a closed-loop, fully Open-Source PKI system for a major NGO
  • Trained local journalists on best data-hygiene practices and current mobile threats
  • Created custom JTAG interfaces to connect to Pixel kernel debugger
  • Integrated automatic malware scanning inside of F-Droids build system
  • Developed a Proof-Of-Concept CopperheadOS Android device for collection and protection of biometric data at high-traffic areas
  • Researched and developed a FUSE physical tampering defense mechanism for a custom device
  • Built a fully-automated software versioning system without Google Play for technology partners
  • Setup multiple CopperheadOS deployments using on-premise infrastructure in conjunction with ATAK
  • Ported and maintains CopperheadOS for various custom MediaTek and Qualcomm phones/tablets
  • Developed a Proof-Of-Concept custom CopperheadOS device for high net-worth individuals
  • Provides and maintains various organizations with rebranded and forked CopperheadOS deployments

Privacy-enabled Device Licensing

Copperhead partners license their customer device through a privacy-enabled mechanism that provides zero-knowledge between Copperhead and the customer. LicenceChecker randomizes each license from various dynamic properties, not hard coded items (such as IMEI or Serial Number), ensuring the anonymity of each licensed device. Licensing enables multiple benefits for not only Copperhead but also Copperhead's Partners.

Copperhead cannot track CopperheadOS users and cannot be coerced to serve a malicious update.

Business Model Advantages

Running a business on donations and crowdfunding is not always, but often, impossible. Copperhead has experience with this method of revenue generation. It is common for most Open-Source based projects to require a corporate sponsorship to succeed or rely on sporadic donations to keep the lights on. Most projects have volunteers that end up working in the corporate space which splits their devotion between making money during the day and helping Open-Source projects during their downtime. Some projects have the benefit of being run by resource-rich personnel which inherently benefits the privacy space. For the rest of us who have to make a living to pay bills, we have to generate revenue.

Copperhead started as and continues to be a sales-funded, bootstrapped, founder owned and operated company.

We answer only to our customers and have been in operation since 2014. We have no external investors and rely solely on our sales to keep our lights on. We feel this is the best method to have a legitimate, privacy-based corporation that can compete against the multi-billion dollar global surveillance apparatus.

Partner Benefits

  • Recurring revenue to sustain and expand operations
  • Customers return to Partners for license renewals and OS feedback
  • Partners can shut off active licenses if criminal activity is detected
  • Provide revenue to technology partners who don't have a recurring revenue model
  • Ensure sustainability to enable long-term operations
  • MSRP prevents low-ball pricing between partners
  • Support requests and customer feedback closely integrated for rapid response

Copperhead Benefits

  • Copperhead can scale operations based on growth for
    • Hiring and paying employees
    • Developing innovative privacy and security technology
    • Operating as a legitimate corporation, serving corporate and enterprise customers alongside retail
    • Compete against multi-billion dollar surveillance and exploit companies
  • Legitimate users provide scalability for additional finance-based funding
    • Copperhead does not have to sell out equity or shares to raise capital
  • Legal resources can be focused on protecting our customers privacy
  • Engineering resources can be focused on top-priority projects based on customer interaction, rather than guessing

CopperheadOS - Secure Android

CopperheadOS

  • Established in 2014
  • Considered to be the leader in Secure Android since public release in 2015
  • Combines the best-in-class features from various Open-Source projects
  • In use by Fortune 50 companies, military units, intelligence personnel and NGOs worldwide
  • Has went through multiple code and organization transitions
  • Secured against physical, remote and insider attack
  • Redundancy procedures on signing-keys and other critical elements
  • Can be fully detached from Copperhead with on-premise deployment

Privacy Features

UX enhancements

  • Enhanced Dialer options
    • Offers to call contact with Signal or WhatsApp
    • Warns user of location/audio leaks on unencrypted calls
  • Indicators for microphone and location when used by an application
  • Sensitive notifications are hidden on the lock screen
  • PIN number layout scrambled
  • Device information is removed from Settings menus (IMEI, Serial Number and more)
  • Permissions Hub
    • Visually represents how often applications request permissions
  • Panic app available -- toggle panic button and change application (ie: Signal) behavior based on function

Browser

  • Hardened Chromium has all analytics removed by default (ie: suggestions, 'safe' browsing)
  • All sensors are off by default
  • Permissions are opt-in by default

Network

  • Privacy-based DNS (Cloudflare) used by default
  • Enhanced VPN support
    • Device hotspot can route clients through VPN
    • Apps can use specific network types or only through VPN
  • Optionally restrict cleartext network traffic across all connections

Bluetooth

  • Bluetooth turns off automatically in a set interval when disconnected
  • Bluetooth scanning is off by default

WiFi

  • Device randomizes Mac address (hardware information) upon scanning and connection
  • Wi-Fi turns off automatically when disconnected from high-powered network (ie: home)
  • Permissions Hub
  • System-apps (keyboard, Updater) have proprietary libraries removed

Security Features

Device Security

  • Firewall
    • Per-app configurations for background, VPN, mobile data and WiFi access
  • Device kernels are upstream LTS and built from source each release
  • Hardened allocator to protect from unknown and known vulnerabilities
    • More memory is available to the allocator to prevent various overflows
  • Hardened Browser
    • Device WebView (any component/application using a website) is fully hardened from attack
    • Uses 64-bit only for maximum security
    • Updated bi-weekly to patch known bugs
  • Copperhead follows multiple bug trackers to port and/or backport fixes not found in AOSP
  • Enhanced SELinux prevents privilege escalation
  • Applications are sandboxed from each other and cannot steal data

UX enhancements

  • Security Flags in Settings provide information regarding device security
  • Lockout setting for number of maximum fingerprint attempts
  • Users cannot enable or disable mobile data or WiFi on the lockscreen

Additional Features

  • Robust SetupWizard provides easy integrations and customization for user
  • Bluetooth displays battery percentage
  • Modification of the Device Theme is available -- change icons, accents, overlay corners etc
  • CopperheadOS License Management screen provides easy-to-use license management tool
  • Pure-black mode
  • Active edge
  • Uses maintained Open-Source apps instead of obsoleted AOSP apps
    • Calculator
    • Calendar
    • SMS
    • Gallery
  • 2-button gesture
  • Android live wallpapers
  • Fully compatible with Data SIMs and worldwide carrier coverage

Applications

These are Copperhead specific applications developed for the OS

Bug Reporter

PDFViewer

Updater

Partner Integrations

  • App stores:

    • Aurora Store
    • F-Droid
  • Cloud and mobile services

    • Nextcloud
    • Samourai Wallet

Aurora Store

Aurora Store is a free and Open-Source frontend for the Google Play Store. Access Google's vast repository of free and paid Apps through your Google account, or go anonymous and get the apps you need discretely.

F-Droid

F-Droid is a free and Open-Source App repository and package manager. Enjoy the freedom to choose where you download your apps from. Get apps from repositories managed by the Guardian project, F-Droid.org, or host your own repository to track official releases at the source and know where your data is going.

Nextcloud

Nextcloud is the Open-Source solution to cloud providers like Google and Apple. Sync your files, contacts, calendars. Back-up your CopperheadOS device on your self-hosted Nextcloud server, and be certain that your back-ups are encrypted and safe in your control without the hassle of a USB flash drive.

Samourai Wallet

Samourai Wallet lets you manage your digital currencies securely, and privately.