On 22nd December, Edward Snowden (President, board of Freedom of the Press Foundation) announced a new project called Haven, which is built in collaboration between The Guardian Project and Freedom of the Press Foundation. Haven is an Android app which will turn any Android phone into a monitoring system to watch over your laptop, or your house.
The problem Haven is trying to solve is an old one. How do you make sure that no one is tampering with your hardware (or secretly searching your house) while you are away? There is no easy and 100% secure solution, but Haven enables us to see and record what is happening. It uses all the available sensors including microphones (generally there are 3 of them), accelerometer, and camera.
You start Haven, a greeter window will welcome you. Swipe left to move to the next windows of the configuration wizard.
In the first configuration window, you will have to setup which noise level should fire up an alert. This totally depends on where you want to keep your phone (on watch). You can start with the default value and then tweak it from there if you’re not getting the alerts you want.
Then you will have to set the motion level. This will detect if someone moves the phone. For example, if you keep the phone on top your laptop, or a document file, there is no easy way to access the laptop or document without moving the phone first.
Next, you can provide a phone number where you may want to receive notifications, either over SMS or Signal messenger.
After the initial configuration wizard, you can click on the settings button in the application. The first thing to do here is to set which number Haven should use to send Signal notifications.
You will need two phone numbers with Signal enabled. One is your primary number, where you will receive the notifications. You will put this number in the Notification Number (Remote). The second number is which Haven will use to send notifications. Put this number to the Signal Number (Local). Best way is to put the second SIM into the same phone of Haven.
Next, click on the REGISTER button. The Signal app on that number will receive a verification code over SMS, you will have to enter that after clicking the VERIFY button.
You can also enable remote access over Tor, just click on the checkbox. This will open the Orbot app, and then come back to the settings screen after Orbot connects to the Tor network.
Remember, you can always come back to the settings and change the values as required. Soon you will find that you will have to do that so that app can adjust to various environmental noises etc.
How to use the app?
By default the app has a 30 second timer so you can make sure that the phone is in a stable place, and then click on the START NOW button. When the timer runs out, the app will start monitoring for any noise, light, movement or vibration to trigger the alarm.
Next time if you start the app, you will find the log entries, and you can click on the play button at the right-bottom corner to start it again. Below is a photo taken by the app while a person trys to enter an office room.
Can Haven solve all of my physical security issues?
No, but it will record whatever it sees or hears. There are ways to block radio signals (to make sure that Haven can not send out any notification), but that is an expensive step for an attacker to make. You can keep the phone inside of your hotel locker to record if anyone opens up the locker or make it watch your hallway at the house. Government agencies love to see what is inside of our computers/house(s), but they don’t like get recorded while doing so.
How can I help?
Haven is an Open Source application, the source code is hosted on Github. Feel free to submit issues, write blog posts, make people aware about the application. If you can write Android code, you are most welcome to submit patches to the project. Every form of contribution counts, so don’t hesitate.