Hypatia App from DivestOS

@SkewedZeppelin

I downloaded your Hypatia app on my 10+ devices, and I noticed your app connect to your server for downloading signatures.

Could you please provide a .sh or script file on gitlab*, to let people download/mirror your signature on their WW server? I don’t want to create tons of connection to your server**, and this will benefit both of us - you will receive less traffic*** (save internet cost) and I can feel safe (by not letting connect to any server but mine).

Also, could you please add an option to:

  1. Remove “Lookup” button on detected notification; because virustotalcom is a CloudFlare site which is a MITM spyware site.
  2. Set a HTTP proxy (F-droid have this setting), unlike Tor
  3. Change Language
  4. Add notification to add the app to battery optimizer exception list

* Oh hell no don’t mirror definitions to gitlab, it is Cloudflare MITMed

** because it would be a fool if one don’t assume the server always log access_log, which includes user’s device(UA) and IP address (GDPR)

*** just a thought;

  1. GET https://divested.os/update-signature/updates.json
  2. JSON contains {files:[files,files,files]}
  3. Any scripter read and GET JSON.files once a day

@antimalwareuser

The scripts to generate your own database are here: https://codeberg.org/divested-mobile/hypatia/src/branch/stable/scripts

If you want to mirror them you can give me a hostname or IP address and I’ll grant you rsync access.
Or you can just make your own script to download them.
Just use a download client that checks for 304 not modified to prevent redownloading and let it run eg. daily.
The directory needs these files:

https://divested.dev/MalwareScannerSignatures/gpg.key
https://divested.dev/MalwareScannerSignatures/hypatia-domains-bloom.bin
https://divested.dev/MalwareScannerSignatures/hypatia-domains-bloom.bin.sig
https://divested.dev/MalwareScannerSignatures/hypatia-md5-bloom.bin
https://divested.dev/MalwareScannerSignatures/hypatia-md5-bloom.bin.sig
https://divested.dev/MalwareScannerSignatures/hypatia-md5-extended-bloom.bin
https://divested.dev/MalwareScannerSignatures/hypatia-md5-extended-bloom.bin.sig
https://divested.dev/MalwareScannerSignatures/hypatia-sha1-bloom.bin
https://divested.dev/MalwareScannerSignatures/hypatia-sha1-bloom.bin.sig
https://divested.dev/MalwareScannerSignatures/hypatia-sha256-bloom.bin
https://divested.dev/MalwareScannerSignatures/hypatia-sha256-bloom.bin.sig

Then put them on any webserver and point the app to your mirror.

user’s device(UA)

The User-Agent is “Hypatia”.
This is documented here:

No. It is already behind a confirm button.

This is out of scope.

It already uses the device language when possible.

This shouldn’t be needed since it runs a foreground service.

The databases are from over 70 different sources, not just Cisco.
Stats are here: https://divested.dev/MalwareScannerSignatures/

Hypatia is available via:

The app has Tor support which would prevent the server or your ISP knowing of the connection.

It uses the system provider, and only Android 10 or higher supports TLS1.3

Please fork the app if you need such network config.

It uses HEAD and GET.

This goes against the whole point of the app which is to do lookups on device in a private manner.

This is not an array, but a highly optimized probabilistic Bloom Filter: Bloom filter - Wikipedia
The database would be gigabytes if it wasn’t.

Why would I provide unauthenticated hashes when I already provide GPG signatures?

This makes sense, I’ll try to add a language override.

The one disappointment with this app is that it can’t automatically download new signatures etc.

Really wish that was added.

I have no idea what you want to tell me and still ask you to remind that this is a Fairphone forum and your discussion about one special App developed by DivestOS developer (not even used on Fairphones) is not to be discussed in the topic about DivestOS on Fairphones, if you get a response in the new topic or not or whatever is linked on the DivestOS page (which btw clearly states its a Fairphone forum topic).

And maybe you want to click on your link provided and re-read

1 Like