Edward Snowden’s app lets your smartphone watch your laptop
If you’re like most people, your laptop contains not only your spreadsheets and cat videos, but your entire life: passwords, messages, encryption keys, your trail of Web sites you’ve visited, and your diary.
While you need a password to get in, when it comes down to it, someone can figure out how to. Security experts call these kinds of attacks “evil maid” attacks, a term coined by JoannaRutkowska, founder of the secure Qubes operating system.
Edward Snowden to the rescue. The famed NSA whistleblower and a team of coders have a new, open source Android App, Haven, that you can put on a smartphone and have the phone guard your laptop. Using the mic, light detector, motion detector, and more, the phone can see if someone is in the room, has turned on a light, or more. Haven is now on F-Droid and in the Play Store. The Guardian Project, a worldwide group of mobile security app developers, also are collaborating.
Haven fixes a problem that plagues laotpos. Even a “secure boot” with a tamper-resistant chip that guards the bootloader code’s purity can be be tricked by malicious code. Some computer owners have resorted to painting glitter nail polish on their laptop screws so they;d be able to tell if a tamperer has been there. Also collaborating on Haven is the Guardian Project, a global collective of mobile security app developers.
If you’ve got a phone with Haven, you could lock your computer in, say, a hotel safe, which in itself isn’t that safe. But with the phone monitoring it, you would know if somebody has opened the safe, since light could get in. The mic might hear noises or words, and even take a photo of the villain. And the app will store the evidence.
Haven can send you encrypted, real-time alerts. Naturally, you would need to put Haven on an extra phone that stays with your laptop, and carry your own phone with you. You can use a Tor browser or a Tor onion (darknet) site to view these alerts securely, or easier, you can go a bit less cloak-and-dagger and opt for Signal or SMS notifications.
One issue of course is that not everyone entering a room has any bad intent, so you may experience needless anxiety. Haven is probably not for the paranoid, yet it may appeal to same.
A useful task for Haven is to act as a cheap security system for when you’re away, for instance, it could send you photos of your front door. Or to help wildlife, you could monitor the woods for poachers.
It’s easier to use Haven if you have a phone with a data plan, though there are workarounds. Also, if you’re going away for a long time, you have to leave Haven plugged in, as the battery won’t last that long.
Remember to secure the Haven phone itself from clever evil maids (and butlers!) who might try to hack in. Use a strong password. Encrypt your phone. Turn off unused radios, such as NFC and bluetooth; opt for mobile data over Wi-fi.
Worrying about burglars is probably more common than worrying about hackers breaking in, but then, it depends who you are. If you’re Edward Snowden, burglars may not be the biggest thing your mind.
https://theintercept.com/2017/12/22/snowdens-new-app-uses-your-smartphone-to- physically-guard-your-laptop/