搜索
  • PlugOS Applications
    • / Introduction
    PlugOS System Services

    PlugOS is not just an isolated operating system, but a service ecosystem built around privacy protection, secure collaboration, and efficient control. It resolves traditional Android privacy concerns and fragmented multi-system experiences, providing a unified, secure, and user-controllable foundation from the system level.

    Virtual Peripherals

    Modern smart devices expose numerous potential privacy risks through hardware interfaces such as cameras, microphones, GPS, SIM cards, sensors, and network adapters. These interfaces, while functional, are often exploited by applications to track user identity, behavior patterns, and real-world context.

    PlugOS redefines peripheral access at the kernel level, introducing a virtualized peripherals layer that is fully controllable, replaceable, and emulatable. Applications running within PlugOS interact exclusively with virtual devices, effectively preventing sensitive data from leaking while preserving full functionality.

    PlugOS intercepts peripherals like camera, GPS, SIM, networks, and sensors at the kernel level, providing each app with an isolated virtual view. Apps running inside PlugOS cannot access real hardware directly, thereby eliminating sensitive data leakage paths without sacrificing functionality.

    Common Virtual Peripherals

    • GPS/Location Simulation: Manually set any location or lock to a fixed region to block real location exposure. Real GPS data can be selectively enabled if needed.
    • Network/Wi-Fi Simulation: Virtualizes MAC addresses, BSSID, SSID, and other identifiers. Apps only see PlugOS-provided isolated data, preventing cross-device tracking.
    • SIM Card Simulation: Simulates IMSI, IMEI, ICCID, carrier, and base station info, preventing SIM-based identity leakage — a unique privacy protection capability.
    • Camera/Microphone Simulation: When apps request photo or audio access, PlugOS can provide default black screens or silent audio, blocking hidden capture or recording.
    • Sensor Simulation: Accelerometer, light, orientation, gyroscope, and others can be system-simulated. Real sensors can be enabled only with user permission.

    Seamless Balance of Privacy & Usability

    PlugOS allows dynamic switching between virtual and real peripherals. Users decide whether to use simulated or real data depending on trust level and app needs — ensuring maximum privacy while maintaining app usability.

    FlashTransfer & Shared Folder

    PlugOS provides two convenient data exchange methods: FlashTransfer and Shared Folders, enabling secure, controlled import/export of data between PlugOS and the host system.

    FlashTransfer: Instant & Offline Data Exchange

    FlashTransfer allows fast, direct transfer of apps, documents, images, audio, and video between the host and PlugOS.
    It requires no network or login, greatly reducing privacy risks — ideal for offline environments.

    Shared Folder: Seamless File-Level Exchange

    Shared Folders act as a neutral bridge between PlugOS and the host, allowing daily file exchange and synchronization.
    For example: saving photos to a shared space or importing files/packages from the host into PlugOS.

    Both features are disabled by default and can be manually enabled, ensuring users remain in full control of data flow.

    Dual-System Collaboration

    PlugOS enhances communication between the host and PlugOS with Clipboard Sharing and Notification Synchronization, solving the traditional inconvenience of dual-system use.

    Clipboard Sharing

    Users can configure one-way or two-way clipboard sharing between PlugOS and the host system, enabling rapid transfer of text, links, and other content without manual input.

    (Note: enabling clipboard sharing may expose PlugOS clipboard data to the host system; activation is recommended only when necessary.)

    Notification Synchronization

    Ensures important notifications are not missed when switching systems.
    Messages can be synced one-way or both ways, so users can respond promptly without switching systems frequently.

    Secure Boot & Pre-Authentication

    PlugOS introduces an industry-first dual authentication + pre-boot security mechanism.
    This ensures PlugOS always runs in a verified, minimized-attack-surface environment, protecting against physical attacks, supply chain vulnerabilities, and unknown chip/system flaws.

    Dual Authentication: Human-and-Device Trust

    PlugOS requires both user and host device authentication before system initialization:

    • User Authentication: Confirms that the operator is an authorized PlugOS user. Authentication executes entirely within TrustKernel’s proprietary TEE (Trusted Execution Environment) embedded in the device.
    • Host Device Authentication: Verifies that the connected device (phone, tablet, or PC) is authorized. Each host device must be registered during the initial connection via TEE, and subsequent connections are rigorously validated to prevent unauthorized or malicious hosts.

    Supply Chain Security: Authenticate First, Boot Later

    Unlike traditional trust chains, PlugOS enforces a strict trust chain: system execution is contingent upon successful authentication. Only after both user and host verification does PlugOS unlock resources, load the kernel, and provide user access. This “authenticate before boot” paradigm fundamentally eliminates traditional vulnerabilities in conventional trust chains.

    Minimized Attack Surface: Single Interface

    PlugOS strictly minimizes potential attack vectors:

    • Single USB-C Port: Handles all power, authentication, and display functions. No other physical interfaces are provided.
    • Secure Communication Channel: All data through the USB-C interface is encrypted, access-controlled, and integrity-verified. PlugOS disables wireless or additional interfaces, eliminating external intrusion vectors.

    This integrated security design ensures protection against physical theft, unknown hardware exploits, and system-level vulnerabilities, providing a truly user-controllable digital fortress.

    Firewall

    The PlugOS Firewall is a system-level network security component, unique in the Android ecosystem, giving users full transparency and control over network access.

    Key Advantages

    • System-Integrated & Privacy-Friendly: Fully integrated at OS level, covering all apps. It has no network permission itself — all logs remain local.
    • Network Visibility: Monitors all network activity per app and detects embedded trackers.
    • Connection Control: Rules by app, IP, domain, and port. Policies apply instantly.

    Main Features

    • Global network switch
    • Traffic filtering
    • Whitelist/Blacklist
    • Logs & Alerts

    This is currently the only known auditable, visual, and user-controllable system-level firewall for Android, providing unprecedented transparency and control.

    Data Self-Destruction

    To mitigate risks from device loss, theft, or brute-force attacks, PlugOS includes an irreversible Data Self-Destruct mechanism:

    • Brute-Force Triggered Self-Destruction: Detects abnormal password attempts (e.g., consecutive failures or brute-force attacks) and securely wipes all internal data, leaving no recoverable traces.
    • Duress Password Self-Destruction: Users can predefine special “duress passwords.” Entering a duress password under coercion simulates normal access while triggering immediate data destruction, silently protecting critical information.

    Data self-destruction serves as the final security barrier, ensuring maximum protection of sensitive information.

    Encrypted Backup & Restore

    PlugOS supports end-to-end encrypted backups, ensuring safety during storage, transfer, and restore:

    • End-to-End Encryption: All backups are encrypted with user-controlled keys, inaccessible even if intercepted.
    • Flexible Storage: Store backups locally, on external storage, or trusted cloud via the host.
    • Secure Restore: Quickly restore all data on a new device after loss, damage, or errors — ensuring digital assets remain intact and under your control.

    System Updates

    PlugOS provides secure OTA (Over-The-Air) updates:

    • Security Patches: Regular releases keep you protected against the latest threats.
    • Feature Enhancements: Continuous improvements in performance and usability.

    Optional GMS

    Unlike many dual-system solutions, PlugOS supports Google Mobile Services (GMS), ensuring compatibility with Play Store, Gmail, Maps, and notifications.
    For privacy, GMS is disabled by default — users can enable it as needed.
    This allows convenience and security to coexist.

    Themes & Personalization

    PlugOS includes a lightweight personalization system:

    • Built-in Themes: Multiple preloaded visual styles to match your preferences.
    • Privacy-Friendly: All themes are processed locally, with no ads, network connections, or recommendations.

    Your customization remains fully private.