Privacy-First Apps

Open Source
Android Apps

JusDots develops secure, privacy-focused Android applications. All apps are open source, locally-stored, and designed with your privacy in mind.

Download Apps GitHub

Our Apps

JusBrowse NEW

Privacy

Privacy-first Android browser with fingerprint protection, tracker blocking, and minimal memory footprint.

--

Stars

25+

Releases

~25MB

APK Size

Learn More Download

💬

JusChatz NEW

Encrypted

Anonymous encrypted chat with no registration required. End-to-end encryption for all messages.

--

Stars

5+

Releases

~15MB

APK Size

Learn More Download

DotNotes NEW

Productivity

Modern note-taking app with folder organization, secret notes, and checklist support.

--

Stars

9+

Releases

~8MB

APK Size

Learn More Download

Why JusDots?

🔒

Privacy First

All data stored locally. No tracking, no telemetry, no accounts required.

📱

Open Source

All apps are open source. Inspect the code, contribute, or fork.

⚡

Lightweight

Minimal APK sizes. Built with modern Android architecture.

🎨

Material Design

Clean, modern UI following Material Design 3 guidelines.

🛡️

Secure

Biometric authentication, encryption, and secure storage.

🌐

No Internet Required

Core features work offline. Your data stays on your device.

Get Started

Download any app and experience privacy-first Android applications.

View All Releases Read Docs

Privacy Browser

JusBrowse

A privacy-first Android browser featuring advanced fingerprinting protection, tracker blocking, and minimal memory footprint.

Download APK GitHub

Key Features

🛡️

Fingerprint Protection

Advanced Fake Mode with hardware spoofing, canvas noise, WebRTC shielding.

🚫

Tracker Blocking

Built-in ad/tracker blocking using EasyList with DNS-level filtering.

🔒

Privacy Mode

Incognito browsing with data isolation and automatic storage clearing.

⚡

Lightweight

Built on Android WebView. ~25MB APK size, low memory usage.

🔐

DNS over HTTPS

Custom DoH URLs with secure DNS resolution.

📺

Fullscreen Video

Enhanced media playback with fullscreen support.

App Showcase

Technical Specs

Min Android	API 29 (Android 10)
APK Size	~25MB
Engine	Android WebView
Language	Kotlin
License	GPL-3.0

Recent Releases --

Loading...

View All Releases

Encrypted Chat

JusChatz

Anonymous encrypted chat app. No registration, no tracking, no data retention. Your conversations stay private.

Download APK GitHub

Key Features

🔐

E2E Encryption

AES-256-GCM encryption. Only you and your partner can read messages.

👤

No Registration

No phone, no email, no account. Just install and chat.

🚫

No Data Retention

Messages not stored on servers. Exist only on devices.

💾

Local Storage

SQLCipher encrypted local storage. Clear anytime.

🌐

Anonymous Rooms

Create/join rooms with unique codes. No participant tracking.

📱

Material Design

Modern UI following Material Design 3.

Technical Specs

Min Android	API 24 (Android 7.0)
APK Size	~15MB
Encryption	AES-256-GCM
Key Exchange	Diffie-Hellman
Protocol	WebSocket / MQTT

Recent Releases --

Loading...

View All Releases

Note Taking

DotNotes

A modern, privacy-focused note-taking app for Android. Organize with folders, secure with biometrics, and create rich checklists.

Download APK GitHub

Key Features

📂

Folder Organization

Group notes into custom folders with rename/remove support.

🔒

Secret Notes

Biometrically secured private notes. Your sensitive data stays protected.

✅

Dynamic Checklists

Create and reorder items with smooth drag-and-drop support.

🖼️

Image Integration

Attach images to notes for better visual context.

📌

Pin & Share

Keep important notes at top and easily share content.

🎨

Customization

Dark, Light, and System themes with animation controls.

App Showcase

Technical Specs

Min Android	API 24 (Android 7.0)
APK Size	~8MB
UI Framework	Jetpack Compose
Database	Room Persistence
Architecture	MVVM
License	GPL-3.0

Recent Releases --

Loading...

View All Releases

All Releases --

All --

JusBrowse --

JusChatz --

DotNotes --

Loading...

Fetching releases...

▾

Technical Documentation

In-depth engineering guides for JusBrowse and the JusDots ecosystem.

1. Core Mission

JusBrowse is an ultra-hardened Android browser designed to survive the "infinite war" against modern tracking (FingerprintJS v4, etc.). It treats privacy not just as a setting, but as a system-level engineering problem.

Module 01The "Network Surgeon" (Layer 4/7)

▾

Standard browsers reveal themselves via HTTP headers. JusBrowse implements a custom interception layer to sanitize outgoing traffic:

X-Requested-With Stripping: Removes the identifying header that flags the app as a WebView.
Protocol Alignment: Uses Google Cronet and OkHttp to support QUIC, HTTP/3, and Brotli, matching the network signature of a standalone Chrome browser.
Surgical Interception: Manually re-executes requests without identifying markers, ensuring sites see a "clean" browser stack.

Module 02Hardware Emulation (Pixel 8 Pro Identity)

▾

To prevent "Uncanny Valley" leaks where the device reports a mismatching identity, JusBrowse spoofs the hardware characteristics of the Google Pixel 8 Pro (Tensor G3):

CPU	Spoofs `navigator.hardwareConcurrency` to report 8 cores.
RAM	Spoofs `navigator.deviceMemory` to report 12GB.
GPU	Overrides WebGL `getParameter` to report "Google" as vendor and "Mali-G715" as renderer.
APIs	Blocks or spoofs Battery/Vibration APIs that could leak hardware health.

Module 03Dynamic Fingerprint Resistance (Layer 7)

▾

Extensive JavaScript injection occurs at Document-Start to neuter tracking scripts:

Canvas Jitter

Injects seeded noise into ImageData to break persistent canvas hashes while maintaining visual quality.

Audio Hardening

Adds imperceptible jitter to AudioContext and Oscillator outputs to prevent acoustic fingerprinting.

WebRTC Shielding

Prevents IP leaks and identity probes by occluding candidate enumeration.

Font/Screen Protection

Limits fonts to a "safe subset" and buckets dimensions to standard mobile resolutions.

ArchitectureArchitecture & Isolation

▾

OS-Level Isolation: Uses WebView.setDataDirectorySuffix linked to personas, ensuring that cookies, cache, and LocalStorage are physically separated at the file system level.
MVVM Architecture: Built with Jetpack Compose for a modern, reactive UI that manages multiple isolated WebView instances ("Tabs").
Persistence: Uses Room and DataStore for secure, performance-conscious state management.

DataEngine Effectiveness (Protection)

▾

Surgical Blocking

Advanced sub-resource interception using shouldInterceptRequest to scrub tracking headers.

Detection Resistance

By aligning headers (sec-ch-ua) JusBrowse avoids common "Version Mismatch" flags.

Common Questions & Answers (FAQ)

Q: Why use WebView instead of a custom Chromium fork?

A full Chromium fork adds ~300MB to the binary and massive RAM overhead. WebView allows us to use the system's security patches while the "Network Surgeon" removes markers.

Q: Does "Seeded Noise" break websites?

No. The jitter is mathematically calculated to be imperceptible to humans but sufficient to change the checksum (hash) that trackers look for.

Q: Is this browser 100% untraceable?

No browser is 100% untraceable, but JusBrowse removes the "Low Hanging Fruit" and many mid-level fingerprinting vectors standard browsers ignore.

Q: What is "Boomer Mode"?

it booms the UI elements (popups are annoying)

Research Notes

Technical notes from JusDots development.

🔐 JA4 Fingerprinting

Modular, human-readable method for identifying clients based on TLS handshakes. Designed to replace JA3.

🛡️ Fake Mode Research

Digital identity hijacking protection via hardware spoofing, canvas noise, and WebRTC shielding.

📊 WebView Performance

Native Rendering vs. Custom Chromium Engines. Analyzing the 15-22% speed gap.

🚫 Tracker Blocking

Effectiveness of the "Surgical" Engine. ~85% tracker reduction analysis.

Back to Research

JA4 Fingerprinting — Deep Technical Breakdown

JA4 Fingerprinting is a modular, human-readable method for identifying clients (like browsers, bots, or malware) based on how they initiate a secure connection. Unlike its predecessor, which produced a single fragile hash, JA4 splits the fingerprint into three distinct parts (a_b_c)—sorting and simplifying the data to remain stable even when technical details change randomly.

Section 1The Anatomy of a JA4 Fingerprint

▾

A JA4 fingerprint is a 36-character string divided into three sections: a_b_c.

(Image 1: JA4 Fingerprint Structure Overview)

Part A: The Readable Header (Plaintext)

Captures high-level behavior. For example: t13d1516h2

(Image 2: Part A Header Segments)

Segment	Meaning
t	Protocol (t=TCP, q=QUIC)
13	TLS Version (13=TLS 1.3, 12=TLS 1.2)
d	SNI Type (d=Domain, i=IP)
15	Number of Cipher Suites (2 digits)
16	Number of Extensions (2 digits)
h2	ALPN — e.g., "h2" for HTTP/2

Part B: Cipher Hash (Truncated SHA256)

A 12-character hash of the sorted list of Cipher Suites.

Critical Improvement: Unlike JA3, JA4 sorts the ciphers before hashing. This prevents "Cipher Stunting" or randomization (common in Chrome) from changing the fingerprint.

Part C: Extension Hash (Truncated SHA256)

A 12-character hash of the sorted list of TLS Extensions. This section often acts as the true "signature" of the client's SSL stack (e.g., OpenSSL vs. Windows SChannel).

Section 2Evolution: Why JA3 Failed

▾

Modern browsers like Chrome began randomizing the order of their TLS extensions (Grease), causing a single browser version to generate millions of different JA3 hashes, making detection pipelines unusable.

Feature	JA3 (Legacy)	JA4 (Modern)
Format	Single MD5 Hash (32 chars)	Modular a_b_c String (36 chars)
Readability	Opaque (Unreadable)	Transparent (Part A is plaintext)
Ordering	Exact order (Fragile)	Sorted (Resistant)
False Positives	High	Low (Fuzzy matching possible)

The "JA4+" Suite

JA4 is part of a larger suite designed to correlate data across different layers of the OSI model:

(Image 3: JA4+ Suite Ecosystem Visualization)

JA4S (Server): Fingerprints the server's response to identify server software.
JA4H (HTTP): Fingerprints HTTP headers and cookie structures.
JA4L (Latency): Measures latency to infer physical distance or detect proxies.
JA4X (X.509): Fingerprints the SSL certificate itself.

Section 3Security Use Cases

▾

1. Bot & Scraper Detection

User-Agents can lie, but TLS handshakes rarely do. If a request claims to be Chrome but the JA4 matches a Python library, it is an immediate red flag.

2. C2 (Command & Control) Identification

Malware families (like Cobalt Strike) often use hard-coded TLS libraries. Security teams block based on JA4 signatures that persist across IP rotations.

3. Session Hijacking Prevention

Platforms detect if a session cookie is used by a different JA4 fingerprint, implying account compromise or cookie theft, triggering immediate invalidation.

Sources & Further Reading

Back to Research

🛡️ Fake Mode: Digital Identity Hijacking & Fingerprint Protection

JusBrowse's Fake Mode provides multiple layers of defense against advanced browser fingerprinting. By spoofing hardware signatures, injecting canvas entropy, and shielding network vectors, it ensures that your digital identity remains unique to you and unlinked by third-party trackers.

Strategy	Implementation in JusBrowse	Effectiveness & Industry Research
Hardware Spoofing	Manual overrides of `navigator.hardwareConcurrency` and `navigator.deviceMemory`.	High. Essential for blending in. Research shows that reporting anomalous hardware is a primary flag for "Bot/WebView" detection. JusBrowse aligns these to Pixel 8 Pro specs.
Canvas Noise	Seeded pixel manipulation in `getImageData` to break static canvas hashes.	High (Dynamic). Static canvas fingerprinting can uniquely identify ~90% of users. JusBrowse's seeded noise prevents global tracking while maintaining session stability.
WebGL/GPU Spoofing	Interception of `getParameter` to report Mali-G715 (Tensor G3).	Critical. Modern fingerprinting (like FingerprintJS v4) relies on GPU renderers. By spoofing the Mali-G715, JusBrowse eliminates common "Generic GPU" giveaways.
WebRTC Shielding	API Occlusion / IP Leak protection.	Mandatory. WebRTC is the #1 vector for IP leaks behind VPNs. Industry standard for 2025 is proxy-bound candidates, which JusBrowse implements.

Open SourceAndroid Apps

JusBrowse NEW

JusChatz NEW

DotNotes NEW

Privacy First

Open Source

Lightweight

Material Design

Secure

No Internet Required

Get Started

JusBrowse

Fingerprint Protection

Tracker Blocking

Privacy Mode

Lightweight

DNS over HTTPS

Fullscreen Video

JusBrowse on GitHub

JusChatz

E2E Encryption

No Registration

No Data Retention

Local Storage

Anonymous Rooms

Material Design

JusChatz on GitHub

DotNotes

Folder Organization

Secret Notes

Dynamic Checklists

Image Integration

Pin & Share

Customization

DotNotes on GitHub

1. Core Mission

Canvas Jitter

Audio Hardening

WebRTC Shielding

Font/Screen Protection

Surgical Blocking

Detection Resistance

Q: Why use WebView instead of a custom Chromium fork?

Q: Does "Seeded Noise" break websites?

Q: Is this browser 100% untraceable?

Q: What is "Boomer Mode"?

🔐 JA4 Fingerprinting

🛡️ Fake Mode Research

📊 WebView Performance

🚫 Tracker Blocking

Part A: The Readable Header (Plaintext)

Part B: Cipher Hash (Truncated SHA256)

Part C: Extension Hash (Truncated SHA256)

The "JA4+" Suite

1. Bot & Scraper Detection

2. C2 (Command & Control) Identification

3. Session Hijacking Prevention

🏎️ Rendering Speed

⚖️ Resource Footprint

⚡ JusBrowse Optimization

Proactive Blocking

Sub-resource Scrubbing

Performance Gain

Open Source
Android Apps