Snowden’s Haven - A New Surveillance App

Uploaded on 2018-01-02 in NEWS-Cybersecurity News, FREE TO VIEW

NSA Whistleblower Edward Snowden is among the backers of a new surveillance app that helps guard against computer hijackings.

Haven is an open source app that will run on any Android phone, particularly inexpensive and older devices. It operates like a surveillance system, using the device’s camera, audio recording capability and even accelerometer to detect movement and notify a user. 

The idea is that, even with the best encryption in the world, a device is vulnerable, to physical in-person tampering, also known as “evil maid” because literally a hotel maid could access it. The app was developed by The Guardian Project, Freedom Of The Press and Snowden to offer eyes and ears to prevent, or at least increase awareness, of whether a device has been tampered with.

For example, you’d set up a burner Android device in a hotel safe alongside your laptop. Haven could then be set to broadcast any audio or movement, basically if anyone opened the safe it will snap a photo, record audio and detect motion. Alerts can be sent via SMS, Signal or to a Tor-based website.

Writing for The Intercept, Micah Lee, a member of Freedom Of The Press who help set up and test the app, admitted that the app does have some shortcomings, such as maintaining constant internet access for notifications, preventing battery drain and false positives, but it offers something new for those who would welcome the peace of mind from additional surveillance. While beyond helping keep hardware secure, it could also have other uses.

“Haven can also be used as a cheap home or office security system to detect break-ins or vandalism while you’re away, positioning the phone to send you photographs when someone walks within range. Or you can use it to monitor for wildlife in rural areas, or to capture evidence of human rights violations and disappearances,” Lee wrote.

Haven can be downloaded via Google Play and open source Android app store F-Droid.

Snowden, who remains exiled in Russia, previously helped develop an iPhone case that detects when a device is transmitting data that can put users at risk of detection, and he’s been very vocal about services that he believes are problematic for privacy. 

He previously advised that people get rid of Dropbox and avoid using Google and Facebook and has spoken at length on why data collection is “the central problem of the future.”

Techrunch:

You Might Also Read: 

NSA Should Thank Edward Snowden:

Snowden Criticises Russian Decision To Ban VPNs:

 

« Chinese Hacker Groups Shift Focus To India
When Terrorists Learn How to Hack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Snort

Snort

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging.

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

WireX Systems

WireX Systems

WireX is an innovative network intelligence and forensics company that is changing the way businesses resolve cyber-attacks.

Red Canary

Red Canary

Red Canary continuously monitors and analyzes your endpoints, users, and network activity in search of threatening behaviors, patterns, and signatures.

Hivint

Hivint

Hivint is a new kind of Information Security professional services company enabling collaboration between our clients to reduce unnecessary security spend.

ICTSecurity Portal

ICTSecurity Portal

The ICTSecurity Portal is an interministerial initiative in cooperation with the Austrian economy and acts as a central internet portal for topics related to security in the digital world.

Keynetic Technologies

Keynetic Technologies

Keynetic focuses on developing cybersecurity solutions for Industry 4.0.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

Ensighten

Ensighten

Ensighten is a leader in Website Security & Privacy Compliance. Protect your website from malicious attacks, monitor & detect vulnerabilities, protect consumer data.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Mobilicom

Mobilicom

Mobilicom is an end-to-end provider of cybersecurity and smart solutions for drones, robotics & autonomous platforms.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

Aquia

Aquia

Aquia are on a mission to enable innovation and drive transformative change to solve the world’s most pressing and complex cybersecurity challenges.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

CoGuard

CoGuard

CoGuard is a patented solution that uses AI driven automation to provide fast, cost effective white-box penetration testing, infrastructure audits and infrastructure design services.