Snowden’s Haven - A New Surveillance App

Uploaded on 2018-01-02 in NEWS-Cybersecurity News, FREE TO VIEW

NSA Whistleblower Edward Snowden is among the backers of a new surveillance app that helps guard against computer hijackings.

Haven is an open source app that will run on any Android phone, particularly inexpensive and older devices. It operates like a surveillance system, using the device’s camera, audio recording capability and even accelerometer to detect movement and notify a user. 

The idea is that, even with the best encryption in the world, a device is vulnerable, to physical in-person tampering, also known as “evil maid” because literally a hotel maid could access it. The app was developed by The Guardian Project, Freedom Of The Press and Snowden to offer eyes and ears to prevent, or at least increase awareness, of whether a device has been tampered with.

For example, you’d set up a burner Android device in a hotel safe alongside your laptop. Haven could then be set to broadcast any audio or movement, basically if anyone opened the safe it will snap a photo, record audio and detect motion. Alerts can be sent via SMS, Signal or to a Tor-based website.

Writing for The Intercept, Micah Lee, a member of Freedom Of The Press who help set up and test the app, admitted that the app does have some shortcomings, such as maintaining constant internet access for notifications, preventing battery drain and false positives, but it offers something new for those who would welcome the peace of mind from additional surveillance. While beyond helping keep hardware secure, it could also have other uses.

“Haven can also be used as a cheap home or office security system to detect break-ins or vandalism while you’re away, positioning the phone to send you photographs when someone walks within range. Or you can use it to monitor for wildlife in rural areas, or to capture evidence of human rights violations and disappearances,” Lee wrote.

Haven can be downloaded via Google Play and open source Android app store F-Droid.

Snowden, who remains exiled in Russia, previously helped develop an iPhone case that detects when a device is transmitting data that can put users at risk of detection, and he’s been very vocal about services that he believes are problematic for privacy. 

He previously advised that people get rid of Dropbox and avoid using Google and Facebook and has spoken at length on why data collection is “the central problem of the future.”

Techrunch:

You Might Also Read: 

NSA Should Thank Edward Snowden:

Snowden Criticises Russian Decision To Ban VPNs:

 

« Chinese Hacker Groups Shift Focus To India
When Terrorists Learn How to Hack »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CyTech Services

CyTech Services

CyTech provides unique services and solutions complemented with professional subject matter experts to both the Federal and Commercial sectors.

CSO

CSO

CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks.

SAMATE

SAMATE

The Software Assurance Metrics And Tool Evaluation project is an inter-agency project between the US Department of Homeland Security and NIST.

Nixu

Nixu

Nixu is the largest Nordic specialist company in information security consulting.

Tymlez Software & Consulting

Tymlez Software & Consulting

Tymlez Software and Consulting is a start-up specialised in blockchain technology for enterprises.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

Trulioo

Trulioo

Trulioo is a leading global identity and business verification company providing secure access to data sources worldwide to instantly verify consumers and businesses online.

Araxxe

Araxxe

Araxxe delivers Revenue Assurance, End-to-End Billing Verification and Interconnect Fraud Detection solutions to communication companies worldwide.

BlackCloak

BlackCloak

BlackCloak provides Concierge Cyber Security for high-net-worth individuals and corporate executives to protect them from cybercrime, reputational risks, hacking and identity theft.

MSPAlliance

MSPAlliance

MSPAlliance is the world’s largest industry association and certification body for cloud computing and managed service professionals.

Trail of Bits

Trail of Bits

Trail of Bits combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

KETS Quantum Security

KETS Quantum Security

KETS harnesses the properties of quantum mechanics to solve challenging problems in randomness generation and secure key distribution and enable ultra secure communications.

Proximity

Proximity

Proximity is a leading professional services organisation providing consulting, legal and commercial advisory solutions with a focus on government and regulated industries.

Fenix24

Fenix24

Fenix24 is an industry leader in the incident-response space. We ensure the fastest response, leading to the full restoration of critical infrastructure, data, and systems.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

CoreStack

CoreStack

CoreStack helps enterprises overcome cloud challenges such as ever growing security risks, stringent regulatory compliance needs and operational complexities.