Unplugged has open-sourced their kernel and antivirus - Unplugged Phone

Privacy and Security News
,
8

Brave Leo AI:
Android Phones with Closed Source Kernel

None of the Android phones have a fully closed-source kernel, as the Linux kernel at the core of Android is open-source and licensed under the GNU General Public License (GPL) version 2. However, the kernel used in Android devices can be customized and includes proprietary components known as “binary blobs” which are closed-source. These modifications and additions are made to optimize the kernel for specific hardware and provide additional functionalities

I think from this Unplugged blog announcement about the kernel is that they recently released those proprietary components and are now open-sourced. As you mentioned, the Linux Kernel is open-sourced. Therefore, wouldn’t the open-sourced components they used from the Linux Kernel still have been visible? It was just that they customized the Linux kernel and added those proprietary components. Which they have just now open-sourced? Idk I’m probably wrong.

image
image1440×3120 242 KB

I don’t own an Unplugged phone, so I’m not familiar with its antiviruses functionality. However, from this picture from GitHub it appears the antivirus also scans for trackers. I’m not sure how effective this is, and I don’t know if the scanning is done manually or in the background.

Here is the GitHub for the UP Antivirus:

UP Antivirus includes ‘Hypatia - Malware Scanner”, “TrackerControl - Tracker Scanner", and Unplugged’s own “Unplugged Module: Signature Scanner"

Open Source Details

Hypatia - Malware Scanner

This application incorporates the Hypatia Malware Scanner to:

  • Scan the device for malicious apps and files containing viruses or malware.
  • Provide an in-depth analysis of system files, enabling scans of /system, internal storage, external storage, and installed apps.
  • Operate completely offline: Internet access is only required to download signature databases. No files are ever sent off the device.

Note: The published code in this project points its malware database to Hypatia’s servers. Unplugged’s Antivirus releases use a malware database hosted on Unplugged’s servers.

TrackerControl - Tracker Scanner

This application integrates TrackerControl to:

  • Scan installed apps for built-in trackers and display detailed results.
  • Operate entirely offline: Tracker data is stored locally within the TrackerControl extension and not downloaded from the Internet.

Unplugged Module: Signature Scanner

In addition to the open-source modules, Unplugged has developed its own Signature Scanner to:

  • Identify known infected package signatures on the device.
  • Regularly update the signature database with indicators of compromised or infected apps.
  • Provide detailed insights into detected threats and recommend actions to secure the device.

Note: This published code has an example database for the Signature Scanner. You should use this example to create your own signature database.

Acknowledgments

We extend our gratitude to:

  • The original authors for their foundational work.
  • Contributors and community members for their valuable input.
  • Open-source libraries and tools used in this project.

Contact

For questions or comments about UP Antivirus, contact Unplugged Support.

I would just say wait and see how much more open sourcing they do. You can still be skeptical or critical.

But at the moment, the open sourcing they did do, I think, is good and shows they might be willing to listen to more feedback.

However, I would still exercise caution if they haven’t provided more positive transparency about what would make you feel comfortable trusting the company in the future

3 Likes