{"id":103954,"date":"2017-12-25T12:00:19","date_gmt":"2017-12-25T12:00:19","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=103954"},"modified":"2017-12-25T10:39:52","modified_gmt":"2017-12-25T10:39:52","slug":"edward-snowdens-new-app-uses-your-smartphone-to-physically-guard-your-laptop","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2017\/12\/edward-snowdens-new-app-uses-your-smartphone-to-physically-guard-your-laptop\/","title":{"rendered":"Edward Snowden\u2019s New App Uses Your Smartphone to Physically Guard Your Laptop"},"content":{"rendered":"
\"\"<\/a>

Illustration: The Intercept<\/p><\/div>\n

22 Dec 2017 – <\/em>Like many other journalists, activists, and software developers I know, I carry my laptop everywhere while I\u2019m traveling. It contains sensitive information; messaging app conversations, email, password databases, encryption keys, unreleased work, web browsers\u00a0 logged into various accounts, and so on. My disk is encrypted<\/a>, but all it takes to bypass this protection is for an attacker \u2014 a malicious hotel housekeeper, or \u201cevil maid<\/a>,\u201d for example \u2014 to spend a few minutes physically tampering with it without my knowledge. If I come back and continue to use my compromised computer, the attacker could gain access to everything.<\/p>\n

Edward Snowden and his friends have a solution. The NSA whistleblower and a team of collaborators have been working on a new open source<\/a> Android app called Haven<\/a> that you install on a spare smartphone, turning the device into a sort of sentry to watch over your laptop. Haven uses the smartphone\u2019s many sensors \u2014 microphone, motion detector, light detector, and cameras \u2014 to monitor the room for changes, and it logs everything it notices. The first public beta version of Haven has officially been released; it\u2019s available in the Play Store<\/a> and on F-Droid<\/a>, an open source app store for Android.<\/p>\n

Snowden is helping to develop the software through a project he leads at the Freedom of the Press Foundation, which receives funding from The Intercept\u2019s parent company. I sit on the FPF board with Snowden, am an FPF founder, and lent some help developing the app, including through nine months of testing. With that noted, I\u2019ll be forthright about the product\u2019s flaws below, and have solicited input for this article from people not involved in the project.<\/p>\n

Also collaborating on Haven is the Guardian Project, a global collective of mobile security app developers.<\/p>\n

Haven is an external solution to a problem computer makers traditionally attempted to handle from within their devices. Some laptops, for example, offer \u201csecure boot\u201d through a special tamper-resistant chip called a Trusted Platform Module, which tries to ensure that the computer\u2019s bootloader code hasn\u2019t been modified to be malicious. But there are various ways this could go wrong: there can be bugs in the code that does the verification, attackers could connive to get their code marked as trustworthy, or malicious code could be inserted after the bootloader. Some computer users have tried the low-tech solution of painting glitter nail polish<\/a> on their laptop screws, creating a sort of seal that would be broken during a tampering attempt.<\/p>\n

\u201cDue to how current laptops, and probably most other computing devices, are made today, it is virtually impossible to systematically check later if the laptop has been compromised or not,\u201d said Joanna Rutkowska, founder of the secure Qubes operating system, who invented the term \u201cevil maid\u201d in 2009 as part of her work as a security researcher.<\/p>\n

httpv:\/\/www.youtube.com\/watch?v=Fr0wEsISRUw<\/p>\n

Here\u2019s how Haven might work: You lock your laptop in a hotel safe \u2014\u00a0 not a secure move<\/a> on its own \u2014 and place your Haven phone on top of it. If someone opens the safe while you\u2019re away, the phone\u2019s light meter might detect a change in lighting, its microphone might hear the safe open (and even the attacker speak), its accelerometer might detect motion if the attacker moves the laptop, and its camera might even capture a snapshot of the attacker\u2019s face. The Haven app will log all of this evidence locally on the Android device.<\/p>\n

\"\"<\/a>

Intrusion events in the Haven app.<\/p><\/div>\n

You can configure Haven to send you real-time encrypted alerts of what it detects to your other phone, the one you carry with you, when an intrusion is detected. You can choose to get encrypted Signal<\/a> notifications, and you can also configure Haven to run a Tor onion service website (that is, a darknet site), and use Tor Browser on another device to connect in and view all of the alerts \u2014 all without giving anyone else access to these evidence logs unless you choose to share them. Haven also supports SMS text notifications, which can be intercepted but which might be more reliable in some situations.<\/p>\n

\"\"<\/a>

Real-time encrypted Signal notifications of intrusion events from Haven.<\/p><\/div>\n

Protecting my laptop against evil maid attacks is my primary use-case for Haven, but it isn\u2019t the only reason people might be interested in using the app.\u201dI can imagine this might be useful to victims of domestic abuse who are worried about their abusers spying on them in some way,\u201d Eva Galperin, director of cybersecurity for Electronic Frontier Foundation, said. Galperin is familiar with the security challenges of evil maid attacks, but has not tested out Haven herself. \u201cThis might be useful for teenagers who are concerned about their parents, or who are concerned about nosy partners, or friends [spying on them]. Or if you\u2019re in college and you\u2019re worried about your roommate,\u201d she added.<\/p>\n

Galperin\u2019s main concern about Haven is false positives. \u201cIf you\u2019re concerned about people coming into the room and moving things, it doesn\u2019t necessarily mean that they have ill intent. Or you could be setting things up on a hair trigger, and then you end up with a bunch of false positives and get paranoid for no reason,\u201d she said. \u201cMaybe the maid isn\u2019t evil. Sometimes the maid is just a maid.\u201d<\/p>\n

Haven can also be used as a cheap home or office security system to detect break-ins or vandalism while you\u2019re away, positioning the phone to send you photographs when someone walks within range. Or you can use it to monitor for wildlife in rural areas, or to capture evidence of human rights violations and disappearances.<\/p>\n

Based on my experience testing Haven so far, here are some of the things to consider.<\/p>\n

You definitely need a separate Android device to use Haven effectively, but you don\u2019t actually need to pay for phone service for that device if you don\u2019t want to. Without phone service, here are your options for using Haven:<\/p>\n