SilverLABS/SilverMetal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
SilverMetal/ios/README.md
SysAdmin 0a0075ce66 docs(naming): adopt OS / Enhanced product-line framing + align with existing repos 
Two product lines, named to make scope obvious to buyers:
- 🔒 SilverMetal OS — we ship the operating system or ROM
  (Linux, Pixel, Samsung-unlocked, Motorola-unlocked)
- 🛡️ SilverMetal Enhanced — we harden the OS the device already runs
  (Windows, macOS, iOS, generic Android)

Repo alignment:
- SilverVPN already exists as a SilverLABS product (server + MAUI client +
  Linux client + tunnel service). stack/vpn/ is now an integration pointer
  rather than a re-scaffold; per-platform READMEs reference it.
- SilverApple is deprecated; SilverMetal Enhanced — iOS supersedes it.
  Migration step added as roadmap milestone 3I.1.
- SilverDROID name clash explicitly noted as unrelated (it's the SilverSHELL
  AppStore Android client, not an Android ROM).
- SilverChat may overlap with SilverVPN.Client.Chat; alignment decision
  added as roadmap milestone 1.1.1.

Roadmap restructured: phases now track the OS/Enhanced split.
Platform matrix re-sectioned and decision flowchart updated.
README rewritten around the two-product-line framing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 03:30:45 +01:00

65 lines
2.7 KiB
Markdown
Raw Permalink Blame History

# SilverMetal Enhanced — iOS
**Status**: Phase 3I (planning, post-Linux v1)
🛡️ **SilverMetal Enhanced product line** — we harden iOS in place. We cannot modify iOS itself.
Tier D — profile-layer only. Weakest tier in the family; labelled as such. We ship MDM profiles, App Store apps, and a setup guide.
## Supersedes SilverApple
This flavour replaces the earlier prototype [`SilverLABS/SilverApple`](https://git.silverlabs.uk/SilverLABS/SilverApple) ("Privacy-first iOS hardening suite"). Per Phase 3I.1 of the roadmap:
- Inventory SilverApple's existing artefacts (MDM enrolment flow, SilverVPN onboarding, CalDAV/CardDAV setup)
- Migrate any reusable parts into this directory
- Archive the SilverApple repo on Gitea once migration is complete
## Scope (v1)
- Signed `.mobileconfig` MDM-style profile that:
- Enforces device passcode policy
- Disables analytics uploads, Siri suggestions
- Restricts iCloud to absolute minimum (Find My, OS update only — sync-replaced services point at SilverSync)
- Enables Lockdown Mode guidance
- Default-app changes where iOS 18+ allows (Browser, Mail, etc.)
- Stack ports via App Store:
- SilverBrowser (subject to Apple WebKit constraints — fall back to a hardened-defaults wrapper if pure custom engine is forbidden)
- SilverVPN — already exists as a MAUI-based App Store candidate via [`SilverLABS/SilverVPN`](https://git.silverlabs.uk/SilverLABS/SilverVPN)
- SilverSync (file/contact/calendar/photos providers)
- SilverChat (post-v1.1)
- SilverKeys (post-v1.1)
- Setup guide:
- Disposable Apple ID guidance
- Hardware-key 2FA (YubiKey via Lightning / NFC)
- Recommended app curation
- eSIM privacy guidance
## Out of scope
- Anything requiring jailbreak (we do not support, recommend, or distribute jailbreaks)
- Anything bypassing Apple's review for Stack apps
- Eliminating Apple ID — it is required for App Store and we say so
## Directory layout
To be populated in Phase 3I:
```
ios/
├── profile/ # .mobileconfig sources, signing
├── stack/ # iOS-specific Stack app builds (Xcode projects)
├── from-silverapple/ # migrated artefacts from the deprecated SilverApple repo
└── docs/ # setup guide, recommended apps, threat-tier disclaimer
```
## Verification gates
- Profile signature verifies on iOS install
- Lockdown Mode guidance verified across iOS 17+
- Stack apps pass App Store review and behave per spec
- Telemetry capture documents minimum-feasible Apple contact (we cannot reach zero)
## Honest framing
This is the weakest SilverMetal tier. iOS is the most restrictive consumer platform; users who pick this tier are typically users who *must* stay on iPhone. The product page must say so prominently.
Reference in New Issue View Git Blame Copy Permalink