Snowden’s Haven - A New Surveillance App

Uploaded on 2018-01-02 in NEWS-Cybersecurity News, FREE TO VIEW

NSA Whistleblower Edward Snowden is among the backers of a new surveillance app that helps guard against computer hijackings.

Haven is an open source app that will run on any Android phone, particularly inexpensive and older devices. It operates like a surveillance system, using the device’s camera, audio recording capability and even accelerometer to detect movement and notify a user. 

The idea is that, even with the best encryption in the world, a device is vulnerable, to physical in-person tampering, also known as “evil maid” because literally a hotel maid could access it. The app was developed by The Guardian Project, Freedom Of The Press and Snowden to offer eyes and ears to prevent, or at least increase awareness, of whether a device has been tampered with.

For example, you’d set up a burner Android device in a hotel safe alongside your laptop. Haven could then be set to broadcast any audio or movement, basically if anyone opened the safe it will snap a photo, record audio and detect motion. Alerts can be sent via SMS, Signal or to a Tor-based website.

Writing for The Intercept, Micah Lee, a member of Freedom Of The Press who help set up and test the app, admitted that the app does have some shortcomings, such as maintaining constant internet access for notifications, preventing battery drain and false positives, but it offers something new for those who would welcome the peace of mind from additional surveillance. While beyond helping keep hardware secure, it could also have other uses.

“Haven can also be used as a cheap home or office security system to detect break-ins or vandalism while you’re away, positioning the phone to send you photographs when someone walks within range. Or you can use it to monitor for wildlife in rural areas, or to capture evidence of human rights violations and disappearances,” Lee wrote.

Haven can be downloaded via Google Play and open source Android app store F-Droid.

Snowden, who remains exiled in Russia, previously helped develop an iPhone case that detects when a device is transmitting data that can put users at risk of detection, and he’s been very vocal about services that he believes are problematic for privacy. 

He previously advised that people get rid of Dropbox and avoid using Google and Facebook and has spoken at length on why data collection is “the central problem of the future.”

Techrunch:

You Might Also Read: 

NSA Should Thank Edward Snowden:

Snowden Criticises Russian Decision To Ban VPNs:

 

« Chinese Hacker Groups Shift Focus To India
When Terrorists Learn How to Hack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

Sage Designs

Sage Designs

Sage Designs is a provider of SCADA, Security & Industrial Automation products and training programs.

KLC Consulting

KLC Consulting

KLC Consulting offers information assurance / Security, IT Audit, and Information Technology products and services to government and Fortune 1000 companies.

SecuLution

SecuLution

SecuLution is an Antivirus product using Application Whitelisting which offers much more protection than Virus Scanners ever can.

BigWeb Technologies

BigWeb Technologies

BigWeb Technologies is dedicated to provide its clients with ICT related services including Infrastructure Solutions, Consultancy and Security.

CETIC

CETIC

CETIC is an applied research centre in the field of ICT. Key technologies include Big Data, Cloud Computing, the Internet of Things, software quality, and trust and security of IT systems.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Dathena

Dathena

Dathena is a company developing data governance software based on machine learning algorithms.

Elemental Cyber Security

Elemental Cyber Security

Elemental is a game changing cyber security compliance automation and enforcement technology provider.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

Cyber Command - Romania

Cyber Command - Romania

Cyber Command represents the military authority responsible for the development, protection and resilience of military IT networks and services that support the Romanian Force Structure.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

IgmGuru

IgmGuru

Igmguru offers certification online training courses for IT professionals and students. Get certified with high-in-demand job-oriented professional courses.

ThreatNG Security

ThreatNG Security

ThreatNG is redefining external attack surface management (EASM) and digital risk protection with a platform of unmatched breadth, depth, and capabilities in thwarting technical and business threats.

CERT.ar

CERT.ar

CERT.ar is the national Computer Emergency Response Team for the technical-administrative management of computer security incidents in the National Public Sector of Argentina.

Apexanalytix

Apexanalytix

Apexanalytix is a leading provider of supplier onboarding, risk management and recovery solutions.