Basically turning your $500 cell phone into a $100 Nest cam...cool...
Improved Edward Snowden Haven App Test Results
***** ********** **** ************* ******** *** application, **** **** * **** ***** IPVM's ******** **** ******, **** ***** now ****** ****** ********* *** ******** issues.
****** ******** ******** *********** **** ************ **** ****** ********** ******* * **** ***************, ** *** "************* **-****** ******* ** ******* ********** and ********** ** ******** ******" (*** *******'* ***** *****).
***** *** *** ********* ** ** * low-cost *** ** ******* ****** ******** security ****** ***'* ***** *** ***********. But *** **** **** ** **** and *** ****** ** ***** **?
**** *** ****** *** *** ** well ** ******** *********** *** ************ with *** **********.
Recommend *** ** ********
**** *** ************ ***** *** ****, our **** ******* **** ***** ** be ****** ** * ***-**** *** to ******* ******** **********. *** ******* ********** we ***** **** ** **** ***** installing **** **** ** **** * moderate ****** ** ********* ********* ***** could ** * ******* *** ***-****/***-**** users.
********, *** **** ** ********** ******* on *** ******* (******* ****** ******************* ***** *******) *** ********* *************, ********* ** answering ********* *** ********* *** ***. As ****, ** ****** ********* ************ for *** ***.
Early **********, *** *****
** *** ******* ********, *** *** *** two *** ****** ** *** ***** which **** **** ***** ** ***** betas (********* *****). ** *** ****** builds, ** *** *******, ***** ** longer *** ****** **** ******* ** sensitivity (******** ***** *************).
- *********** ******: ***** **** **** ******* ** notifications *** ***** ****** *********, **** when ** * ***** ** ******* dark *****.
- ******** *******: *** *** ********** ******* **** performing ***** *****, **** ** *********** sensors ** ******.
************, **** ************ ******** *** ****** challenging *** ***-********* ***** (******* ** Tor ******, *********** ****** ******, ***.).
Haven ******
***** ** ** ******* ****** ***** *** which ****** ***** ** ******* ****** based ** ******* ******* ** *** phone, ********* ***** ******, *********, ******* light, *****, ***. ****** *** **** *** SMS/MMS ******** ** *** **** ***** the ************************.
*** *** **** *** **** ** be ******* ** ***** ** ********, and *** *** ** *** ********** or **** *** ***** ** ******.
***** ** ********* **** ** *** Android **** ***** ** *** ** downloaded ******** **** *** *********.
Alerts ****: ** **** *****/*****
**** **** ***** **** *** ***** live ******* ** ********* ** *****/*****. Only *****-***** ****** *** *********. **** rules *** *** *** ** * surveillance ****** *********** *** **** *****.
***** ***
** *** *****, ***** ********* **** need ** **** *** *** *** hit "********", ***** **** *** *** and *** ** *** *******, ***** here:
***** *** ********* *********** *** ******** functions, **** ** ***** *********, *********, ***., by ******** ***** ** *** ****** of *** ***, **** ** **** configuration *** ***** ********/********* *********:
Alert **** ********
****** ****** ****** ** *** **** of *********** **** **** * **** to **** *** ***** *** *** (discussed *****):
* ***** ****** *** ********* (****: Motion (******)) ****://***************.*****:****
************* **** ******* ********** *****, **** as * ********** ** ***** ******:
** ** ***** **** ** ******** noise:
Bump/Motion ******
***** **** ***** *** *****, ***** distinguishes ******* *** ***** ***** "******" (slight ********) *** ** ***** ***** or ******:
Remote ******
***** ***** ******* *** ** ****** remotely ***** *** *** ******* (** anonymous *******/*****). ****** *** ****** ***** in * ****, **** ***********, ***** clips, ***. ********* **** ******** * specific *****. ***** ** ** ****** to ****** ******.
** ********* *****, ***** ** ** option ** **** **** ***** ** listen ** ***** **** *** ****** via **** ****** ******.
Configuration *********** ********* *** *** ****
***** ********* *** *** **** ***** a ***** ****** ** ******* **** alerts *** **** ** ** *** as ***** **** ** ******* ****** the ****** ** *** ****** ** the *** ******* ** **** *** receive *************. **** ***** *********** ** a ******* *** ***** *** ******** with *** *** ******* ** ****** but ***** **** ** **** ********* of the ***'* ********. ***** ** *** ******** tab ** ***** ****** **** ****** or ******* ** ****** ******* *** Tor *******:
*** ***** *** **** **** *** make ** ***** **** *** **** need *** ***** *** ******* *** an ***** ******* *** ****** *******. Below ** ** ******* ** *** Orbot *** ********* ****** ****** ***** enabled ** *** ***** ***:
UPDATED: ***** ******* ******
** *** ******** ***** ** *****, the *** ******** **** ****** ******** alert ************* ** **** ** ******** crashes. *******, ** *** ****** ***** (beta **), ******* ** ***** ****** are ******* ** *** *** **** devices.
***** ****** ** ***** **** ***** still ** ****** ** ******, ** Android ****** **** ****** ** ********, capabilities, *** ** *******.
Early *****: ******** ****** ******
*** ***** ***** *********** ** *** early ******* *** ******** ****** ****** on **** ***** *******. *** *******, in *** **** *****, *** ***** app ***** ******** ****** *** ****** over *** ****** ** * *******, with ** ****** ****** ** *** scene. **** *** ****** ********** ** light ***** ***** *** *****'* **** camera, *** **** ******* ** ******* model. **** **** *** ***** ** a ****** ******, ** ******** ~*** motion ************* ** ***** * ******* of *******.
*****'* ********** *** **** ** *** to ************ **** *********** ** **** newer ***** *******, *** **** **** be ****** *********** **** ******** ** upcoming ********. ** ** ***, ***** is ** *** ******* ***** ******.
Early *****: ******** *******
***** ******* ********** ****** *** ******** testing. **** *** ****** ****** ******** **********, including when ******* *** ***, ********** *** camera, ** ************ **** ***** ******* of ******/******* ***** ****** ********.
App ******* *** ******* ****
******* *** ********* ***** *** ********* devices *** *** *******:
- ** **: ******* *.*
- ** ******* *: ******* *.*
- ******** ****** ***** ********: ******* *.*.*-****-* (105)
- ******* ****** ***** ********: ******* *.*.*-****-** (111)
****: **** *** ********** ******** ** Jan **** *** **-*********, ************* ************ on *** **, ****.
Comments (9)
Michael Gonzalez
Jan 16, 2018JH
John Honovich
Jan 17, 2018Well, in fairness, Haven is expecting people to use cheap sub $100 Android phones. And Nest cams are $200 (and up) plus a monthly subscription to get alerts. Also, Nest requires using Google's infrastructure / monitoring while the target market for Haven want their privacy / distance from such companies.
Michael Gonzalez
Jan 17, 2018Did anyone check the app for unwanted inbound/outbound comms? It seems to me like the best way to lure someone into a false sense of security is to provide them with a security app with built in badness. Our friends at Hik taught us that one.
JH
John Honovich
Jan 17, 2018We have not checked it for cybersecurity issues. Given the app is open source (one can review and download the source code here) and given Snowden's fame/infamy, it would be very hard for them to hide anything in there without causing an international incident.
Michael Gonzalez
Jan 17, 2018Possibly, I just thought maybe his new Russian masters told him his rent was due, so he made an app for them.
Rob Kilpatrick
Jan 25, 2018Update:
Our original report was based on an older release of the Haven app, the app was recently updated to 0.1.0-beta-11 (111) which brought fixes to many issues that the app had.
In our earlier testing, a key issue the Haven app had was constant crashing. The new version of the Haven app remedied this and we saw no crashes during testing.
Another issue in our earlier testing of the Haven app was constant spamming of motion alerts. The developers (proving that they are a key strength of the Haven app) took the feedback and added a way to configure sensitivity for the cameras motion detection, seen below:
Also, in another effort to combat spamming of motion events, Haven developers added a notification time interval setting, seen below:
Our earlier tests noted that using Tor or Signal would be confusing to users that were not familiar with them. The developers now made it clear when enabling remote access that the Orbot app is needed with a popup notification, but that is as far as configuration will go, leaving the user to figure out how remote access is setup and how to use the Tor browser. Seen below is an example of the notification:
The developers also attempted to clarify Signal setup, still likely to be confusing for someone not familiar with Signal:
UI
Undisclosed Integrator #1
Jan 26, 2018Does it buffer? Can it be easily foiled by using a gsm / wifi jammer?
Rob Kilpatrick
Jan 26, 2018Does it buffer?
It does not buffer, as it does not have live video, it only sends images of detected motion.
Can it be easily foiled by using a gsm / wifi jammer?
I suppose you could use a jammer to stop it from sending motion events but the images are also stored locally, making it so that the phone would have to be found / stolen / destroyed to get rid of images of the intruder being there.
Robert Batten
Jan 30, 2018I wouldn't trust it without cyber security testing. I'm thinking Snowden was more of a black hat than others realize.