Anom Encrypted App Diagnosis

by

ANOM EXPOSED VS CIPHR

I did a comparison between both CIPHR and ANOM after receiving a message declaring ANOM changed into this and this while CIPHR changed into ready to be infiltrated (which is never any longer TRUE) so I made up my mind to ranking some of my rep testing.

To deliberate let’s start with some solutions to one of the most statements made by ANOM:

– Yes Ciphr does exercise UEM nonetheless they’re wrong about an EXPLOIT being made by Blackberry as every replace through UEM that is remotely pushed to the cell tool would must silent be individually signed by the encrypted keys that Ciphr setup for their very rep infrastructure. Only Ciphr has access to those keys

– A Instrument is signed individually with it’s rep achieve of keys derived from Ciphr and delivered through Blackberry UEM working in unison with the Samsung Knox Safety Machine. Not even Blackberry can push updates without this signed key by Ciphr for applications working on Ciphr telephones. Ciphr telephones are additionally locked down with personalized policies to forestall them from doing something without prior authorisation by Ciphr. That is an ENTERPRISE MILITARY GRADE Encrypted setup.

– Correct Ciphr does exercise the Stock Android Running scheme with particular Endeavor diploma Encryption and customisations on their network as smartly as their handsets which additionally consist of hardening making it in point of fact apt one of basically the most stable handsets within the World. Custom-made neighborhood policies implemented by Ciphr additionally prevent access to the rest different than the BLACKBERRY UEM Server which is a tunnel which then connects to the Ciphr Offshore Proxy Server through a stable and Encrypted Defense force Grade Encryption. Updates can solely be authorized by Ciphr making it in point of fact apt one of basically the most stable and locked hardened locked down handsets within the World. All applications will deserve to rep authorisation from both Ciphr & their Endeavor grade coverage diploma settings modified with the Ciphr Entry Keys to access the rest previous the Blackberry UEM Firewall & the Ciphr Encrypted Offshore Servers. Even supposing Blackberry UEM changed into by some means compromised, attributable to Blackberry’s inability to signal with the Ciphr Encrypted Key then it would perchance perchance silent no longer be conceivable to force compromised updates to any Ciphr units in any scheme.

-ANOM this assertion about Rooting is incorrect, Rooting is required to install a personalized android running scheme on any pixel tool or android tool any tool unless it has been signed namely by the handset producer. Anom has within the initiating rooted their tool by simply unlocking the android boot loader which secures file integrity and then installed their very rep personalized android running scheme adopted by locking the boot-loader all all over again with their very rep keys, grand like now we rep our rep signed keys for utilizing Blackberry UEM, ANOM has their very rep keys for the Running Machine. In accordance with my testing ANOM’s personalized android OS sadly has many extra evident flaws within it’s construct and updates lots lower than the customary inventory Android OS making it physically susceptible if it had been to ranking into the unsuitable fingers no longer to demonstrate it has no personalized neighborhood policies or in-built firewall to terminate the android os running scheme from having access to google remotely. Truly upon a visual DISPLAY of all telecommunication connections I changed into moderately concerned to expect the amount of IP addresses referring to to many corporations within the 5 eyes Governments (Australia, USA, Canada, UK, NZ who half data with every other) and to ranking matters worse they had been disclose connections to the right kind proxy servers and so forth giving me the flexibility to discover their a long way-off offshore Romanian Server with an IP of 193.27.15.41:

ip: “193.27.15.41”

metropolis: “Bucharest”

subject: “Bucureşti”

country: “RO”

loc: “44.4180,26.1691”

org: “AS9009 M247 Ltd”

postal: “020331”

timezone: “Europe/Bucharest”

– ANOM is unsuitable to direct that their Android Running Techniques cause is built for Privacy and Safety. Some google providers are no longer removed or blocked by even a VPN or Firewall.

-This setup pale by ANOM affords Google the flexibility to fingerprint their tool and display screen it remotely in a DIRECT scheme with out a safeguards in direct at all throughout the safe. The ANOM tool I tested professionally changed into in actuality in constant contact with Google servers which changed into moderately referring to. The next IP’s 216.58.200.99 & 142.250.70.196 both lead aid to Google servers in both NSW, Australia and California, USA.

– ANOM has a setup extra at likelihood of assault as they don’t even exercise a stable VPN or FIREWALL to even safeguard the exercise of their APPLICATION remotely, that means factor in you had been meeting up with any individual like an EX-LOVER your partner would perchance perchance additionally no longer approve of (grand like a VPN protects you from outdoors entities seeing which cyber websites or messaging systems you exercise) you would possibly perchance perchance perchance presumably ranking this within the aid of closed doors within the confides of a HOTEL room.

– With ANOM’s setup factor in meeting up with that categorical EX-LOVER your partner didn’t approve in plump public glimpse with out a safeguards in direct. Eavesdroppers who would perchance perchance perchance be hunting for to search out ANOM users over the cell telecommunications network. ANOM easily affords this info away when their telephones are repeatedly BROADCASTING without the ANOM utility even being opened on their units to the next IP addresses 99.83.192.129, which leads to anom.io and then while utilizing their provider the next IP’s are leaked repeatedly as packets while utilizing the utility:

75.2.32.148 – amazon web server USA – Proxy

35.171.36.131 – Amazon Web Servers – Proxy

76.223.70.181 – Amazon Web Servers – Proxy

35.176.253.60 – Amazon Web Servers – Proxy

75.2.90.136 – Amazon Web Server USA – Proxy

169.46.82.180 – logs5.papertrailapp.com – A long way flung Logging App

216.58.200.99 – Google Servers

142.250.70.196 – Google Servers

99.83.192.129 – anom.io – That is proven without even opening up the utility within Calculator

13.248.215.128 – Voiceping router (Extinct presumably for their Walkie Talkie Talk Characteristic) – voicepingapp.com

– If for some teach motive an replace server changed into by some means breached and malicious code changed into uploaded, it silent would no longer ranking it to a CIPHR tool as the replace/utility needs to be signed with the CIPHR keys sooner than it’s miles going to even be despatched by Blackberry UEM Encrypted Server.

– Sky ECC can solely be infiltrated from the INSIDE by a rogue employee who gave authorities access to the Sky Signed Certification Keys which gave authorities the flexibility to access the Sky Machine and discover their servers and push rogue updates without the Sky Developers involving till the because it changed into formally signed with their certificates without their data attributable to a rogue employee engaged on the within.

– In accordance with ANOM their assertion “If our replace server changed into hijacked as changed into the case with ENRO and SKY the attacker would no longer be ready to install malicious code on the tool. The an identical can’t be mentioned for providers that exercise client grade running systems managed by Blackberry UEM” is vastly wrong.

— CIPHR runs both the Blackberry UEM VPN and their very rep Ranking Encrypted Offshore Servers alongside Customised Endeavor Grade Work Insurance policies which limits the units functionality for both Endeavor Safety and Safety. Truly grand like what occurred with sadly ENROCHAT when their servers had been infiltrated bypassing the Blackberry UEM altogether the an identical can easily be mentioned for ANOM who don’t even exercise a VPN to safeguard anyone in actuality utilizing ANOM. Whenever you occur to knew a person pale ANOM you would possibly perchance perchance perchance presumably easily be ready to identify all users over the customary telecommunications network without decrypting any of their communications at all, something that you simply can no longer simply ranking with CIPHR let alone know that categorical particular person is de facto utilizing a CIPHR cellphone, true anonymity,

-ANOM rep integrated many choices from already on hand apps similar to the VOICEPING APP which implies you additionally rep to rely on VOICE PING APP for securing your encrypted communications which works with their Walkie Talkie Functionality, there are heaps of similarities between that utility and ANOM, something which appears to be like to dread anyone if PRIVACY and ANONYMITY are your #1 scheme. With ANOM I changed into ready to discover all of their PROXY servers including their MAIN servers with minimal ease, all running within the 5 eyes alliance. About the solely thing ANOM is ultimate at is spreading misinformation without presenting the information.

ANOM makes exercise of the next for their utility:

– JIRA for monitoring duties as smartly as Q & A

– Wire Messenger (Free utility like wickr) for Communication (Their head office is within the United States)

– Agile Construction

– Jenkins for their builds as soon as they push updates (Your counting on ANOM to stable your communications as soon as they’re going to’t even stable their very rep servers from eavesdropping).

– SQL Lite Database for storing USERS Files

– Now if ANOM is so smitten by safety and security I’d repair their complete setup which appears to be like proper as nasty as a customary android handset working WICKR. If the authorities had been to access ANOM’s server of 193.27.15.41 in ROMANIA which is a third world country that would additionally direct they opt privacy seriously nonetheless as the pale pronouncing goes “shit walks, cash talks” they’ll additionally easily infiltrate their Offshore Romanian Server and install particular hardware units on these servers without ANOM’s data.

Authorities would perchance perchance perchance solely infiltrate every users units as smartly as their operations and worse of all authorities would rep the flexibility to decrypt and intercept their messages grand like what occurred with ENROCHAT. . ANOM states they rep the infrastructure nonetheless this couldn’t be extra from the reality, they rent their servers off different entities which implies they invent no longer rep plump regulate over their servers. One more scheme they’ll additionally infiltrate ANOM is by getting access to FIELDX.io who presumably built their customised Android OS as the firm is owned by a person in FRANCE, acquiring a warrant would no longer be refined.

– To total off my testing I did in point of fact ranking the an identical assessments on CIPHR and the solely server I changed into ready to expect changed into the Blackberry UEM Encrypted VPN, nothing roughly. That is completely true and to any outdoors entities monitoring they would no longer even be ready to sing whether or no longer your dialog tool changed into for CIPHR or different Endeavor related choices.

– ANOM additionally states their firm is in PANAMA, that would be the case nonetheless their servers are no longer positioned in PANAMA let alone owned by them that means any realistic authority would be ready to access their servers with relative ease.

More data concerning ANOM:

anom.one 75.2.32.148

anom.one 99.83.192.129

conference.anom.one 75.2.32.148

conference.anom.one 99.83.192.129

half.anom.one 75.2.32.148

half.anom.one 99.83.192.129

logging.anom.one 18.134.176.181

dispute.anom.one 75.2.25.172

xmpp.anom.one 75.2.32.148

xmpp.anom.one 99.83.192.129

genesis.anom.one 18.134.176.181

vpprxy.anom.one 76.223.70.181

vpprxy.anom.one 13.248.215.128

www.fieldx.io (pale to regulate the ANOM DEVICES)

STAY AWAY FROM ANOM IF YOU VALUE YOUR PRIVACY & SAFEY, THEY ARE COMPROMISED, LIARS AND YOUR DATA IS RUNNING VIA USAPassed onto LAW ENFORCEMENT and different Entities