Christmas may have come a few days early this past December for security advocates with the introduction of the Haven app, bringing with it a fair amount of excitement, criticism, and an excellent opportunity to explore some of the less often discussed aspects of working with open source.
For those who have been off of Twitter since the coverage started since Friday, the Haven app has been proposed as a solution for protecting your physical space from surveillance (or worse). Built for Android by the good folks over at the Guardian Project, the makers of great anonymity apps that help protect their users from surveillance, the app makes use of the phone’s sensors to detect intruders that might attempt to creep on your personal space.
On the face of it, the app sounds like it is pretty well put together. The designers have figured out a way to turn features from the phone like the microphone, accelerometer, and other hardware that are normally deemed to be security threats, and turn them into a reportedly high level safety device. They have even incorporated code from Signal and Tor for added security and anonymity.
Looking at their attributions, as well as some comments from other observers, it would seem that the app was built on top of another open source app called SecureIT that was developed back in 2012 under a BSD license.
For a more comprehensive review of the app, read the ever-talented Andy Greenberg’s write up in Wired.
So why has this app come under so much controversy? It sounds like a pretty good idea, helping activists and journalists to watch the watchers.
In short, famed leaker Edward Snowden has attached his name to this project, attracting all kinds of bad juju from the interwebs. Whether one is a fan of the former National Security Agency contractor, viewing him as a hero, or has some less flattering description for him, probably has an impact on how they view this app.
Instead of rehashing this argument for a hot minute, there were a number of intriguing questions for the open source community that are more directly tied to the app that are worthy of further exploration.
Haven, like the rest of the Guardian Project’s apps, is built using open source code, and the code itself has been made public for review. Full transparency — like only open source can provide — is a must for anyone producing software for the activist and journalist communities that use the apps for sending sensitive communications, often under the watch of repressive regimes. Users need to feel certain that there is not a hidden snippet of code that is siphoning out their information to authorities that could do them harm. Being able to examine the code yourself, or have trusted experts sift through it to give it the stamp of approval is essential for the app being adopted.
The Open Whisper Systems team that built Signal understands this need, and it is this transparency that has helped to make their app the gold standard for the folks who depend on it for their security.
For many security conscious users, the open source mantra of it being checked over by a thousand eyes is reassuring, giving them added confidence that the apps that they are using are safe to use and do not contain any malicious elements. Check out the code for yourself on GitHub.
The interesting question that has come up here, is this: if an app is totally open source but comes from a developer that you believe might be compromised, can you still trust it?
For those Snowden fans out there, the release of this app was the latest in a series of ringing endorsements for apps aimed at improving privacy and protection from surveillance. They trust him and are happy to get their hands on this app. For others, the situation is a bit more complicated. The fact that Snowden is living under the protection of the Russian government is a bit disturbing to say the least.
One can only imagine how thrilled the security forces like the FSB or GRU would be to have a way to spy on activists and journalists, both of whom they have violently targeted extensively in recent history.
The Russian government, ever the expert level trolls, has not helped calm the situation with their promotion of the app through Twitter and other sources like the state-baked RT news channel.
So far, the defenders of the app have pointed to the fact that it has been released as open source (under a GNU license) as the primary reason to trust the software, even if folks do not have much credence in Snowden.
(This was an interesting thread for those that care to check it out)
As one security expert recently pointed out to me in a conversation about this app, “If the KGB sent a recipe for cake, you could see if it has poison in it.” Basically, he was calling me an idiot for even thinking to question the security of this app because it is open source.
This strong reaction, and that of plenty of others in the Twitterverse took me a bit aback.
Even as I consider myself to be an advocate of the power of the open source ecosystem, the fact that so many in the security and cyber community showed that they were willing to trust in an app because it was open source was surprising.
What it says to me is that the security philosophy underpinning open source has become a mark of trust in an otherwise highly skeptical community. As Snowden says,”It works.”
At the same time, there are still some concerns. Even if an app’s code is made public on GitHub for review by others, app developers still need to work hard if they want to maintain the public’s trust. This means working responsibly with open source components, sticking to best practices that include not using components with known vulnerabilities. Moreover, they need to stay on top of new vulnerabilities that pop up in their components as they are discovered by the community. This can be a colossal effort without an automated solution.
You can be sure that those performing surveillance will be working hard to find flaws in the code and the components that it is built on. If this project and others like it are to be successful, users will have to feel confident that the code is being protected as best as possible. The power of open source is only as strong as the community that is willing to keep developers honest by checking over their code, looking out for the non-technical users among us.
Whether or not one should trust and download this new app is a snakepit that I will avoid. I can’t take that kind of noise. The reality is though that most of us probably have no real need for this kind of app as we are not at risk of attackers attempting to violate our personal space.
However for those who do face this risk, no matter how we feel about Snowden, we should be grateful that folks like Nathan Freitas and his team at the Guardian Project are using open source and developing apps to protect those who need it most.
About the Author
Rami Sass is CEO and Co-Founder of WhiteSource , the leading open source security and compliance management platform. Rami is an experienced entrepreneur and executive with vast experience in defining innovative products, leading technology groups and growing companies from seed level to business maturity.