Protect yourself against hackers, spyware and surveillance. Armadillo Phone can stop advanced cyber attacks. Prevent theft and illegal searches. Cameras or microphones can be removed. Accessories further enhance your security. Trusted by businesses worldwide for 10+ years.
Armadillo Phone is a secure smartphone + operating system + apps + accessories.
ARMADILLO PHONE
Armadillo Phone can stop advanced cellular, Wi-Fi or forensic attacks. Armadillo Phone is resistant to vulnerabilities that can hack other smartphones. If an Armadillo Phone is compromised you have many ways to erase it, or reveal fake decoy data instead.
NETWORK
Armadillo Phone is decentralized. Use a public server or your own private server. The network isn't trusted. Multiplexing hides your metadata, to bypass surveillance and firewalls. Strong multi-layered encryption protects your traffic. Your sensitive data never leaves your device.
Armadillo Phone is a hardened Google Pixel 8A using Armadillo OS software. Cameras or microphones can be removed. Devices are inspected for tampering. Shipments use tamper-evident packaging. Included accessories help prevent attack.
ARMADILLO BEACON HARDENED SYSTEM
Armadillo OS is a hardened fork of Graphene OS. The operating system and apps have been modified to improve security. Unsafe features have been removed, such as a web browser. The memory allocator has been tuned for security over performance. LEARN MORE
SECURE INTERFACE
Armadillo Phone is designed to prevent mistakes. The interface is simple and consistent. All Armadillo software uses the same colors: red is insecure, orange is dangerous and green is secure. Apps are labeled "insecure" or "secure" to prevent confusion. You can whitelabel or customize the primary color, boot animation, wallpaper, sounds to match your business.
DESTRUCTION
Enter a "wipe password" to erase your Armadillo Phone, erase other Armadillo Phones remotely, or have your Armadillo Phone erase itself if it's not unlocked after a certain time. "Incognito mode" creates a user that's erased when you logout.
ACTIVE DEFENSE
Detect and prevent attacks in real-time:
Armadillo Protect: Detect and prevent mobile attacks from compromising your Armadillo Phone.
Armadillo Beacon: Prevent theft by pairing with your Armadillo Beacon.
ARMADILLO PROTECT Armadillo Protect detects and prevents cyber attacks against your phone. Armadillo Protect uses new techniques pioneered by our team. It can look for attacks against your device and stop them automatically, more accurately than any other app. LEARN MORE
CELLULAR PROTECTION Armadillo Protect can detect 5G threats including fake cell towers, IMSI catchers, silent SMS, binary SMS, SS7 attacks and roaming attacks. Armadillo Protect's cellular attack detection has been tested worldwide by cybersecurity experts.
WI-FI PROTECTION Stop hackers from breaking into your Wi-Fi network, intercepting your data or disconnecting you. Automatically detect Wi-Fi threats like deauthentication, KARMA, ARP Poisoning, Dragondoom and Bl0ck attacks using Armadillo Protect.
FORENSIC PROTECTION Armadillo Protect monitors your phone's acceleration to prevent unlocked phones being snatched. It will shutdown or erase itself if too many unlock attempts are triggered. Armadillo Protect monitors your Armadillo's temperature to prevent cold-boot attacks. It will block USB debugging if allowed.
COMMUNICATION Armadillo Chat is a secure instant messaging app. It uses OMEMO end-to-end encryption, so your messages are safe even if the server is compromised. You can use multiple methods to verify your friend's encryption identities. Armadillo Chat automatically warns you about potential impostors in your contacts list and other devices logged into your account. Set automatic self-destruction timers, remotely erase messages or whole conversations. LEARN MORE
THEFT PROTECTION The Armadillo Beacon app pairs with your Armadillo Beacon over Bluetooth to prevent theft. If your Armadillo Phone and Armadillo Beacon become separated they will both trigger an alarm. Unless they're reconnected or your phone is unlocked, your Armadillo Phone will eventually shut down.
INSTALL Install allows you to securely install new apps. After downloading an app, it's decompiled and scanned for security threats. To prevent installing fake apps, the keys for popular apps are embedded. Updates to apps must be done with the same key, so a server can't send a malicious update.
Armadillo Chat 
Armadillo Chat 
Calendar 
Armadillo Control 
Armadillo Control 
Install 
HARDENED SYSTEM AOSP's build process has been strengthened, including improvements for stack probes, bounds checking, frame pointers and automatic variable initialization. The compiler toolchain and libc have been hardened. hardened_malloc has been tuned to increase entropy, quarantine space and overall security at the expense of performance.
HARDENED SETTINGS Safe default settings have been set, such as requiring strong passwords, hiding notification content and disabling biometrics. If your Armadillo Phone is remotely wiped, it won't indicate it's erasing your data. The ability to toggle Wi-Fi, Bluetooth or airplane mode from a locked phone has been disabled.
HARDENED MEDIAHistorically, the Android media stack has been very vulnerable, so Armadillo has hardened it to resist attacks. The oldest, least used and riskiest codecs ( such as H263 and software codecs ) have been removed. Scudo has been expanded in scope and hardened. The mediadrmserver and drmserver have been removed.
HARDENED All Armadillo apps uses TLS multiplexing with pinned TLS certificates. TLS multiplexing prevents leaking protocol metadata and bypasses firewalls. Network time is synchronized using TLS, instead of NTP. Name resolution is done using DoT ( DNS over TLS ) instead of plaintext DNS. TLS session tickets are disabled to prevent tracking across connections.
HARDENED MMS auto-retrieval is permanently disabled in the SMS app to mitigate remote attacks.
Dangerous permissions (like internet or location access) given to the Camera and Contacts apps have been removed.
All apps are clearly coloured and labeled as either "insecure" or "secure" to prevent user confusion.
REDUCED Unsafe software components have been removed to prevent vulnerabilities. This includes tracking software used by Google and third-parties. .
There is no web browser app installed by default.
Armadillo Phone uses multiple layers of redundant encryption to protect your data. TLS certificates are pinned to prevent MitM attacks. TLS session tickets are disabled to prevent tracking across connections. TLS multiplexing prevents leaking protocol metadata and bypasses firewalls.
STORAGE ENCRYPTION
Protocol: Deniable multi-user FBE
Purpose: Protect the data stored on an Armadillo Phone.
Content encryption: AES-256-XTS
Metadata encryption: AES-256-XTS
KDF: Scrypt 19:4:1
SECURE BOOT
Protocol: Android Verified Boot 2.0
Purpose: Protect the integrity of the operating system.
Key: RSA-4096
Checksum: SHA-256
NOTEPAD ENCRYPTION
Protocol: SQLCipher
Purpose: Protect the notes used by the Notepad app.
Content encryption: AES-256-CBC
KDF: Scrypt 13:8:1
HMAC: SHA-512
CELLULAR ENCRYPTION
Protocol: 4G LTE
Purpose: Protect the connection between an Armadillo SIM and the cell tower.
Key: SNOW-128
Content encryption: SNOW
CONNECTION ENCRYPTION
Protocol: Pinned TLS 1.3
Purpose: Protect the connection between an Armadillo Phone and Armadillo Server.
Handshake: ECDHE
Key: RSA-4096
Content encryption: AES-256-GCM
HMAC: SHA-512
END-TO-END ENCRYPTION
Protocol: OMEMO
Purpose: Protect the messages between Armadillo Phones.
Handshake: X3DH ( Curve25519 )
Authentication: ECC-256
Key: ECC-256
Content encryption: AES-256-CBC
HMAC: SHA-256
AUTHENTICATION
Protocol: Zero-knowledge password proof
Purpose: Authenticate your Armadillo Phone to an Armadillo Server.
Token: JWT
KDF: Scrypt 15:10:1
Digest: SHA-256
DECENTRALIZED
Instead of trusting us to host your accounts, you can run your own Armadillo Server. Your Armadillo Server can host secure communications, new apps to download and encrypted internet infrastructure ( DNS and NTP ). You can run Armadillo Phones on your own offline network using an Armadillo Server.
LEARN MORE
MULTIPLEXED
Armadillo Phones connect all protocols ( HTTP, XMPP, DNS, etc. ) to the Armadillo Server on the same port, with the same domain, and encrypt all connections identically. To an attacker intercepting the connection, everything looks like encrypted HTTPS traffic. This prevents leaking protocol metadata, which could be used to identify users with timing attacks. It also allows connections to bypass some firewalls and mitigate passive metadata surveillance.
