onsecret
FREN

Our approach

We do not invent cryptography. We assemble and document hardware on top of published, auditable open-source projects — GrapheneOS, coreboot, Heads, OpenWRT — and we state precisely what each build does and does not change.

What we do

  • Replace the stock firmware/OS with a hardened, open build and verify it boots as expected.
  • Document every choice and link to the upstream project so you can verify it yourself.
  • Ship from a sober threat model: we describe the adversary a build helps against, not a vague promise of safety.

What we will not say

  • No device is « unbreakable ». Every product page lists its limits with the same weight as its features.
  • A VPN is not anonymity. Disk encryption does not protect an unlocked, running device.
  • Cellular basebands and most internal radios are proprietary and not audited by us.
  • Hardware can be physically attacked given time and resources. We reduce attack surface; we do not eliminate it.

Every security claim on this site is caveated and, where possible, points to an upstream source you can read.