Libreo

https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy

The future is here, and ahead of schedule. Come join us, the weather's nice.
This blog post describes the installation and configuration of a prototype of a secure, full-featured, Android telecommunications device with full Tor support, individual application firewalling, true cell network baseband isolation, and optional ZRTP encrypted voice and video support. ZRTP does run over UDP which is not yet possible to send over Tor, but we are able to send SIP account login and call setup over Tor independently.
The SIP client we recommend also supports dialing normal telephone numbers, but that is also UDP+ZRTP, and the normal telephone network side of the connection is obviously not encrypted.
Aside from a handful of binary blobs to manage the device firmware and graphics acceleration, the entire system can be assembled (and recompiled) using only FOSS components. However, as an added bonus, we will describe how to handle the Google Play store as well, to mitigate the two infamous Google Play Backdoors.

Libreo is the name I have settled on for my "freedom book" tablet reference design project. On the Dev site, you can see the existing notes under the "Libre" or "LibroLibre" name. Libreo is a made up word that combines both (obviously!) in a cross language Latin sounding base.

The goal is to have an answer to the question of "what device should we use?" and we will have an answer. This is especially for human rights projects that need to buy and deploy 100s of devices. My goal is for this to be a key component of our next five year strategy, bringing in more grant funding, crowd funding and sustainable commercial revenue. We will also incorporate selling in services and support when asked or relevant. This is not to say we won't support other devices still, but we will have our own ideal configuration and use that as our model system.

For 0.1, the Libreo will be built on the Nexus 7 2nd gen hardware, with either Cyanogen or Omni ROM as the foundation along with the kernel improvements made by the Guardian ROM community project. We will also support MultiROM bootloader for booting from USB or different internal OSes.

Of course the whole experience will be built on all of our apps and services, and not utilize any Google services. ChatSecure, Linphone/Csip, Orbot, Fdroid/Kerplapp, GnuPG, Orweb + FirefoxPrivacyEnhanced, InformaCam, Courier and StoryMaker. Perhaps this becomes the Libreo Suite. It will also include things like OpenStreetMaps, Commotion, K9, Bitmask and other useful third party free software apps and services.

The end game is to build an open-hardware tablet with Bunny Huang or from the Rasp Pi running Ubuntu or Debian mobile flavor, but that will take a few years... For now Nexus and AOSP are our starting points, and we can deliver a lot of value and security on that.

My target is to deliver 1000 devices by the end of 2014. Under promise, over deliver!