- Inferencium-
-
- - - - - -
I am Jake Winters, also known by my pseudonym "Inference", a cybersecurity researcher based in
- United Kingdom.
- I am the founder, lead developer, and administrator, of Inferencium.
- All opinions are my own, and are not necessarily shared with projects or people I am
- affiliated with.
-
- I write about my research and experience in cybersecurity and also physical security.
- Most of my postings are security-related, but I occasionally post about other aspects of my
- life.
-
- I am an open source advocate for the preservation and modifiability of source code. I
- believe source code should be considered human knowledge as much as past knowledge and
- teachings were; it is how modern humanity survives and runs.
- Source code being modifiable allows it to be adapted for use by anyone, whether to add
- features, harden it for increased security and/or privacy, or provide accessibility for
- disabled users.
- I am also a modular design advocate for the ability to securely and robustly make changes to
- hardware and software without the entire system being affected.
-
- If you want to contact me for any reason, you can use my
- contact methods.
-
- I run the public Systems Hardening XMPP channel dedicated to systems security and privacy
- hardening at sys-hardening@muc.xmpp.inferencium.net, and its respective
- off-topic channel at sys-hardening-ot@muc.xmpp.inferencium.net.
Inferencium cares about upstreaming and sharing code, strongly preferring licenses which
- have high license compatibility in order to permit sharing code with as many other projects
- as possible; for this reason, permissive licenses are our preferred choice, while avoiding
- copyleft licenses and other licenses which place restrictions on how our code may be used,
- and prevent us from including important proprietary code, such as firmware, which can patch
- security vulnerabilities, privacy issues, and stability issues. All Inferencium code is and
- will be permissively licensed unless specific circumstances make it impractical or
- infeasible to do so. Our goal is to share code which has the least amount of restrictions as
- possible, to allow wider propagation of our code and allow more use cases and possibilities,
- as well as ensuring proprietary code, whenever required, is permitted to be included.
-
- ISO 5962:2021 is used for licensing, in the format
- SPDX-License-Identifier: <license>; see the
- SPDX license list for the full list of available licenses under this standard.
SPDX-License-Identifier: BSD-3-Clause-Clear
- Type: Permissive
-BSD 3-Clause Clear License is a highly permissive license which allows content licensed
- under it to be used in any way, whether in source or binary form, and allows sublicensing
- under a different license, with the only restrictions being the original copyright notice
- must be kept in order to attribute the original creator of the licensed content, and the
- name of the project and/or its contributors may not be used to endorse or promote products
- derived from the original project.
- BSD 3-Clause Clear License is a derivative of BSD 3-Clause "New" or "Revised" License, which adds an explicit statement clarifying
- that patent rights are not granted by the license alone, and must be granted separately by
- the copyright and/or patent holder(s). We prefer this license over the BSD 3-Clause "New" or
- "Revised" License due to this explicit statement which removes any possibility of debate and
- misunderstanding in regards to patents applied to code using the BSD 3-Clause "New" or
- "Revised" License.
SPDX-License-Identifier: MIT
- Type: Permissive
-MIT License is a highly permissive license which allows content licensed under it to be
- used in any way, whether in source or binary form, and allows sublicensing under a different
- license, with the only restriction being the original copyright notice must be kept in order
- to attribute the original creator of the licensed content.
- Due to this license allowing the original project's name and/or contributors to be used to
- endorse or promote products derived from the original project, unless an explicit statement
- is made alongside this license, increasing complexity and deviating from the standard
- license text, we prefer BSD 3-Clause Clear License; however, MIT License is a great choice when derivatives
- using the name of the original project and/or its contributors is a non-issue.
SPDX-License-Identifier: GPL-2.0-only
- Type: Copyleft
-GNU General Public License v2.0 is a strong copyleft license which restricts use of
- content licensed under it by requiring all source code of the content to be publicly
- available, making binary-only form and inclusion of proprietary code impossible, requiring
- all derivatives to be licensed under the same license (allowing sublicensing under only
- newer GPL licenses if GPL-2.0-or-later is specified in the
- SPDX-License-Identifier), and requiring the original copyright notice to be kept in order to
- attribute the original creator of the licensed content.
- Due to the restrictive and invasive nature of this license, it is avoided unless such
- restrictions would be beneficial to Inferencium code; whenever this is the case, the GNU
- General Public License v2.0 will be used, rather than the more restrictive
- GNU General Public License v3.0, and relicensing derivatives under the GNU General
- Public License v3.0 will be disallowed.
SPDX-License-Identifier: CC-BY-4.0
- Type: Permissive
-Creative Commons Attribution 4.0 International is a highly permissive license which - allows content licensed under it to be used in any way, in any medium, with the only - restriction being the original copyright notice must be kept in order to attribute the - original creator of the licensed content.
-SPDX-License-Identifier: GPL-3.0-only
- Type: Copyleft
-GNU General Public License v3.0 is a strong copyleft license which restricts usage of
- content licensed under it by requiring all source code of the content to be publicly
- available, making binary-only form and inclusion of proprietary code impossible, requiring
- all derivatives to be licensed under the same license (allowing sublicensing under only
- newer GPL licenses if GPL-3.0-or-later is specified in the
- SPDX-License-Identifier), requiring the content to be made available only on systems which
- allow modifying the content, such as systems with unlocked/unlockable bootloaders and/or
- which are unsigned by the OEM, and requiring the original copyright notice to be kept in
- order to attribute the original creator of the licensed content.
- Due to the restrictive and invasive nature of this license, and the fact it requires code to
- be included only on specific systems, further restricting usage of Inferencium code, it is
- avoided completely.
SPDX-License-Identifier: CC-BY-NC-4.0
- Type: Permissive non-commercial
-Creative Commons Attribution Non Commercial 4.0 International is a permissive license - which allows content licensed under it to be used in any way, in any medium, with the - restrictions being commercial usage is prohibited, and the original copyright notice must be - kept in order to attribute the original creator of the licensed content. - Due to the non-commercial restriction of this license preventing Inferencium code from being - used for any purpose, specifically preventing commercial usage we do not want to prevent, it - is avoided completely.
-| Type | -Hardware | -Description | -Source model - - (License - SPDX) |
-
| Smartphone | - - - Google Pixel |
- Google Pixel devices are the best Android devices available on the market for
- security and privacy. - - They allow locking the bootloader with a - custom Android Verified Boot (AVB) key in order to preserve security and privacy - features when installing a custom operating system, such as - verified boot which verifies that the OS has not been corrupted or tampered with, - and - rollback protection which prevents an adversary from rolling back the OS or - firmware version to a previous version with known security vulnerabilities. - - They also include a - hardware security module (Titan M2, improving on the previous generation - Titan M) which is extremely resistant to both remote and physical attacks due to - being completely isolated from the rest of the system, including the operating system. - Titan M2 ensures that the device cannot be remotely compromised by requiring the side - buttons of the device to be physically pressed for some sensitive operations. Titan M2 - also takes the role of - Android StrongBox Keymaster, - a hardware-backed Keystore containing sensitive user keys which are unavailable to - the OS or apps running on it without authorisation from Titan M2 itself. - Insider attack resistance ensures that Titan M2 firmware can be flashed only if the - user PIN/password is already known, making it impossible to backdoor the device without - already knowing these secrets. - - Google Pixel device kernels are compiled with - forward-edge control-flow integrity and - backward-edge control-flow integrity to prevent code reuse attacks against the - kernel. MAC address randomisation is - implemented well, along with minimal probe requests and randomised initial sequence - numbers. - - Google releases - guaranteed monthly security updates, ensuring Google Pixel devices are up-to-date - and quickly protected against security vulnerabilities. - - Pixel 6-series and 7-series devices are a large improvement over the already very - secure and private previous generation Pixel devices. They replace ARM-based Titan M - with RISC-V-based Titan M2, reducing trust by removing ARM from the equation. Titan M2 - is more resiliant to attacks than Titan M, and is - AVA_VAN.5 certified, the highest level of vulnerability assessment. Google's - in-house Tensor SoC includes Tensor Security Core, further improving device security. - - Pixel 6-series and 7-series devices are supported for a - minimum of 5 years from launch, an increase from previous generations' - support lifecycles of 3 years. |
-
| Type | -Software | -Description | -Source model - - (License - SPDX) |
-
| Operating system | - - - Gentoo Linux |
- Gentoo Linux is a highly modular, source-based Linux-based operating system which
- allows vast customisation to tailor the operating system to suit your specific needs.
- There are many advantages to such an operating system, with the most notable being the
- ability to optimise the software for security, privacy, performance, or power usage;
- however, there are effectively unlimited other use cases, or a combination of multiple
- use cases. - - I have focused on security hardening and privacy hardening, placing performance below - those aspects, although my system is still very performant. Some of the hardening I - apply includes - stack protection, - signed integer overflow wrapping, and GrapheneOS' - hardened_malloc memory allocator. - - You can find my personal Gentoo Linux configurations in my personal - configuration respository. |
- Open source - - (GPL-2.0-only) |
-
| Web browser | - - - Chromium |
- Chromium is a highly secure web browser which is often ahead of other web browsers - in security aspects. It has a dedicated security team and a very impressive - security brag sheet. - Chromium's security features include a strong - multi-layer sandbox, - strong site isolation, - Binding Integrity memory hardening, and - control-flow integrity (CFI). | -Open source - - (BSD-3-Clause) |
-
| Type | -Software | -Description | -Source model - - (License - SPDX) |
-
| Operating system | - - - GrapheneOS |
- GrapheneOS is a security-hardened, privacy-hardened, secure-by-default
- Android-based operating system which implements extensive, systemic security and privacy
- hardening to the Android Open Source Project used as its base codebase. Its hardening
- includes closing gaps for apps to access sensitive system information, a secure app
- spawning feature which avoids sharing address space layout and other secrets AOSP's
- default Zygote app spawning model would share,
- hardened kernel, hardened memory allocator
- (hardened_malloc) to protect against common memory corruption vulnerabilties,
- hardened Bionic standard C library,
- stricter SELinux policies, and local and remote hardware-backed attestation
- (Auditor) to ensure the OS has not been corrupted or tampered with. - - GrapheneOS only supports - high security and well-supported devices which receive full support from their - manufacturers, including firmware updates, long support lifecycles, secure hardware, and - overall high security practices. - - For an extensive list of features GrapheneOS provides, visit its - official features list which provides extensive documentation. |
- Open source - - (MIT) |
-
| Web browser | - - - Vanadium |
- Vanadium is a security-hardened, privacy-hardened Chromium-based web browser which
- utilises GrapheneOS' operating system hardening to implement stronger defenses to the
- already very secure Chromium web browser. Its hardening alongside Chromium's base
- security features includes
- disabling JavaScript just-in-time (JIT) compilation by default,
- stubbing out the battery status API to prevent abuse of it, and
- always-on Incognito mode as an option. - - Vanadium's source code, including its Chromium patchset, can be found in its - official repository. |
- Open source - - (GPL-2.0-only) |
-
| Messenger | - - - Molly |
- Molly is a security-hardened, privacy-hardened
- Signal client which hardens Signal by using a variety of
- unique features, allowing
- locking the database when not in use, and
- utilising Android StrongBox to protect user keys using the device's hardware
- security module. - - Molly is available in - 2 flavours: + + + About++ + + + + Table of Contents
- |
- Open source +
+ + + + + About Me+I am Jake Winters, also known by my pseudonym "Inference", a cybersecurity researcher
+ based in United Kingdom. |
-
| Messenger | - + I write about my research and experience in cybersecurity and also physical security. + Most of my postings are security-related, but I occasionally post about other aspects of + my life. - Conversations |
- Conversations is a well-designed Android - XMPP client which serves as the de facto XMPP reference client and has great - usability. | -Open source + I am an open source advocate for the preservation and modifiability of source code. I + believe source code should be considered human knowledge as much as past knowledge and + teachings were; it is how modern humanity survives and runs. + Source code being modifiable allows it to be adapted for use by anyone, whether to add + features, harden it for increased security and/or privacy, or provide accessibility for + disabled users. + I am also a modular design advocate for the ability to securely and robustly make + changes to hardware and software without the entire system being affected. - (GPL-3.0-only) |
-
sys-hardening@muc.xmpp.inferencium.net, and its
+ respective off-topic channel at
+ sys-hardening-ot@muc.xmpp.inferencium.net.
+ Inferencium cares about upstreaming and sharing code, strongly preferring licenses which
+ have high license compatibility in order to permit sharing code with as many other projects
+ as possible; for this reason, permissive licenses are our preferred choice, while avoiding
+ copyleft licenses and other licenses which place restrictions on how our code may be used,
+ and prevent us from including important proprietary code, such as firmware, which can patch
+ security vulnerabilities, privacy issues, and stability issues. All Inferencium code is and
+ will be permissively licensed unless specific circumstances make it impractical or
+ infeasible to do so. Our goal is to share code which has the least amount of restrictions as
+ possible, to allow wider propagation of our code and allow more use cases and possibilities,
+ as well as ensuring proprietary code, whenever required, is permitted to be included.
+
+ ISO 5962:2021 is used for licensing, in the format
+ SPDX-License-Identifier: <license>; see the
+ SPDX license list for the full list of available licenses under this standard.
SPDX-License-Identifier: BSD-3-Clause-Clear
+ Type: Permissive
+BSD 3-Clause Clear License is a highly permissive
+ license which allows content licensed under it to be
+ used in any way, whether in source or binary form, and
+ allows sublicensing under a different license, with the
+ only restrictions being the original copyright notice
+ must be kept in order to attribute the original creator
+ of the licensed content, and the name of the project
+ and/or its contributors may not be used to endorse or
+ promote products derived from the original project.
+ BSD 3-Clause Clear License is a derivative of
+ BSD 3-Clause "New" or "Revised" License, which adds
+ an explicit statement clarifying that patent rights are
+ not granted by the license alone, and must be granted
+ separately by the copyright and/or patent holder(s). We
+ prefer this license over the BSD 3-Clause "New" or
+ "Revised" License due to this explicit statement which
+ removes any possibility of debate and misunderstanding
+ in regards to patents applied to code using the BSD
+ 3-Clause "New" or "Revised" License.
SPDX-License-Identifier: MIT
+ Type: Permissive
+MIT License is a highly permissive license which
+ allows content licensed under it to be used in any way,
+ whether in source or binary form, and allows
+ sublicensing under a different license, with the only
+ restriction being the original copyright notice must be
+ kept in order to attribute the original creator of the
+ licensed content.
+ Due to this license allowing the original project's name
+ and/or contributors to be used to endorse or promote
+ products derived from the original project, unless an
+ explicit statement is made alongside this license,
+ increasing complexity and deviating from the standard
+ license text, we prefer BSD 3-Clause Clear License; however, MIT License is
+ a great choice when derivatives using the name of the
+ original project and/or its contributors is a non-issue.
SPDX-License-Identifier: GPL-2.0-only
+ Type: Copyleft
+GNU General Public License v2.0 is a strong
+ copyleft license which restricts use of content licensed
+ under it by requiring all source code of the content to
+ be publicly available, making binary-only form and
+ inclusion of proprietary code impossible, requiring all
+ derivatives to be licensed under the same license
+ (allowing sublicensing under only newer GPL licenses if
+ GPL-2.0-or-later is specified in the SPDX-
+ License-Identifier), and requiring the original
+ copyright notice to be kept in order to attribute the
+ original creator of the licensed content.
+ Due to the restrictive and invasive nature of this
+ license, it is avoided unless such restrictions would be
+ beneficial to Inferencium code; whenever this is the
+ case, the GNU General Public License v2.0 will be used,
+ rather than the more restrictive GNU General Public License v3.0, and relicensing
+ derivatives under the GNU General Public License v3.0
+ will be disallowed.
SPDX-License-Identifier: CC-BY-4.0
+ Type: Permissive
+Creative Commons Attribution 4.0 International is a + highly permissive license which allows content licensed + under it to be used in any way, in any medium, with the + only restriction being the original copyright notice + must be kept in order to attribute the original creator + of the licensed content.
+SPDX-License-Identifier: GPL-3.0-only
+ Type: Copyleft
+GNU General Public License v3.0 is a strong
+ copyleft license which restricts usage of content
+ licensed under it by requiring all source code of the
+ content to be publicly available, making binary-only
+ form and inclusion of proprietary code impossible,
+ requiring all derivatives to be licensed under the same
+ license (allowing sublicensing under only newer GPL
+ licenses if GPL-3.0-or-later is specified
+ in the SPDX-License-Identifier), requiring the content
+ to be made available only on systems which allow
+ modifying the content, such as systems with
+ unlocked/unlockable bootloaders and/or which are
+ unsigned by the OEM, and requiring the original
+ copyright notice to be kept in order to attribute the
+ original creator of the licensed content.
+ Due to the restrictive and invasive nature of this
+ license, and the fact it requires code to be included
+ only on specific systems, further restricting usage of
+ Inferencium code, it is avoided completely.
SPDX-License-Identifier: CC-BY-NC-4.0
+ Type: Permissive non-commercial
+Creative Commons Attribution Non Commercial 4.0 + International is a permissive license which allows + content licensed under it to be used in any way, in any + medium, with the restrictions being commercial usage is + prohibited, and the original copyright notice must be + kept in order to attribute the original creator of the + licensed content. + Due to the non-commercial restriction of this license + preventing Inferencium code from being used for any + purpose, specifically preventing commercial usage we do + not want to prevent, it is avoided completely.
+| Type | +Hardware | +Description | +Source model + + (License - SPDX) |
+
| Smartphone | + + + Google Pixel |
+ Google Pixel devices are the best Android devices
+ available on the market for
+ security and privacy. + + They allow locking the bootloader with a + custom Android Verified Boot (AVB) key in order to + preserve security and privacy features when installing a + custom operating system, such as verified boot which verifies that the OS has not + been corrupted or tampered with, and + rollback protection which prevents an adversary + from rolling back the OS or firmware version to a + previous version with known security vulnerabilities. + + They also include a + hardware security module (Titan M2, improving on + the previous generation Titan M) which is extremely resistant to both + remote and physical attacks due to being completely + isolated from the rest of the system, including the + operating system. Titan M2 ensures that the device + cannot be remotely compromised by requiring the side + buttons of the device to be physically pressed for some + sensitive operations. Titan M2 also takes the role of + Android StrongBox Keymaster, + a hardware-backed Keystore containing sensitive user + keys which are unavailable to the OS or apps running on + it without authorisation from Titan M2 itself. + Insider attack resistance ensures that Titan M2 + firmware can be flashed only if the user PIN/password is + already known, making it impossible to backdoor the + device without already knowing these secrets. + + Google Pixel device kernels are compiled with + forward-edge control-flow integrity and + backward-edge control-flow integrity to prevent + code reuse attacks against the kernel. MAC address + randomisation is + implemented well, along with minimal probe requests and + randomised initial sequence numbers. + + Google releases + guaranteed monthly security updates, ensuring + Google Pixel devices are up-to-date and quickly + protected against security vulnerabilities. + + Pixel 6-series and 7-series devices are a large + improvement over the already very secure and private + previous generation Pixel devices. They replace + ARM-based Titan M with RISC-V-based Titan M2, reducing + trust by removing ARM from the equation. Titan M2 is + more resiliant to attacks than Titan M, and is + AVA_VAN.5 certified, the highest level of + vulnerability assessment. Google's in-house Tensor SoC + includes Tensor Security Core, further improving device + security. + + Pixel 6-series and 7-series devices are supported for a + minimum of 5 years from launch, an increase from + previous generations' + support lifecycles of 3 years. |
+
| Type | +Software | +Description | +Source model + + (License - SPDX) |
+
| Operating system | + + + Gentoo Linux |
+ Gentoo Linux is a highly modular, source-based,
+ Linux-based operating system which allows vast
+ customisation to tailor the operating system to suit
+ your specific needs. There are many advantages to such
+ an operating system, with the most notable being the
+ ability to optimise the software for security, privacy,
+ performance, or power usage; however, there are
+ effectively unlimited other use cases, or a combination
+ of multiple use cases. + + I have focused on security hardening and privacy + hardening, placing performance below those aspects, + although my system is still very performant. Some of the + hardening I apply includes + stack protection, + signed integer overflow wrapping, and GrapheneOS' + hardened_malloc memory allocator. + + You can find Inferencium's Gentoo Linux configurations + in Inferencium's + configuration respository. |
+ Open source + + (GPL-2.0-only) |
+
| Web browser | + + + Chromium |
+ Chromium is a highly secure web browser which is + often ahead of other web browsers in security aspects. + It has a dedicated security team and a very impressive + security brag sheet. + Chromium's security features include a strong + multi-layer sandbox, + strong site isolation, + Binding Integrity memory hardening, and + control-flow integrity (CFI). | +Open source + + (BSD-3-Clause) |
+
| Type | +Software | +Description | +Source model + + (License - SPDX) |
+
| Operating system | + + + GrapheneOS |
+ GrapheneOS is a security-hardened,
+ privacy-hardened, secure-by-default, Android-based
+ operating system which implements extensive, systemic
+ security and privacy hardening to the Android Open
+ Source Project used as its base codebase. Its hardening
+ includes closing gaps for apps to access sensitive
+ system information, a secure app spawning feature which
+ avoids sharing address space layout and other secrets
+ AOSP's default Zygote app spawning model would share,
+ hardened kernel, hardened memory allocator
+ (hardened_malloc) to protect against common memory
+ corruption vulnerabilties,
+ hardened Bionic standard C library,
+ stricter SELinux policies, and local and remote
+ hardware-backed attestation
+ (Auditor) to ensure the OS has not been corrupted or
+ tampered with. + + GrapheneOS only supports + high security and well-supported devices which + receive full support from their manufacturers, including + firmware updates, long support lifecycles, secure + hardware, and overall high security practices. + + For an extensive list of features GrapheneOS provides, + visit its + official features list which provides extensive + documentation. |
+ Open source + + (MIT) |
+
| Web browser | + + + Vanadium |
+ Vanadium is a security-hardened, privacy-hardened
+ Chromium-based web browser which utilises GrapheneOS'
+ operating system hardening to implement stronger
+ defenses to the already very secure Chromium web
+ browser. Its hardening alongside Chromium's base
+ security features includes
+ disabling JavaScript just-in-time (JIT) compilation by
+ default,
+ stubbing out the battery status API to prevent abuse of
+ it, and
+ always-on Incognito mode as an option. + + Vanadium's source code, including its Chromium patchset, + can be found in its + official repository. |
+ Open source + + (GPL-2.0-only) |
+
| Messenger | + + + Molly |
+ Molly is a security-hardened, privacy-hardened
+ Signal client which hardens Signal by using a
+ variety of
+ unique features, allowing
+ locking the database when not in use, and
+ utilising Android StrongBox to protect user keys
+ using the device's hardware security module. + + Molly is available in + 2 flavours: +
+ |
+ Open source + + (GPL-3.0-only) |
+
| Messenger | + + + Conversations |
+ Conversations is a well-designed Android + XMPP client which serves as the de facto XMPP + reference client and has great usability. | +Open source + + (GPL-3.0-only) |
+
For a curated list of music I enjoy, visit my + music page.
+