Author: me

Combating “Fake News” With a Smartphone “Proof Mode”

Reposted from the Guardian Project blog

We have been working for many years with our partners at WITNESS, a leading human rights media training and advocacy organization, to figure out how best to turn smartphone cameras into tools of empowerment for activists. While it is often enough to use the visual pixels you capture to create awareness or pressure on an issue, sometimes you want those pixels to actually be treated as evidence. This means, you want people to trust what they see, to know it hasn’t been tampered with, and to believe that it came from the time, place and person you say it came from.

Enter, ProofMode, a light, minimal “reboot” of our more heavyweight, verified media app, CameraV. Our aim was to create a lightweight (< 3MB!), almost invisible utility (minimal battery impact!), that you can run all of the time on your phone (no annoying notifications or popups), that automatically adds extra digital proof data to all photos and videos you take. This data can then be easily shared, when you really need it, through a “Share Proof” share action, to anyone you choose over email or a messaging app, or uploaded to a cloud service or reporting platform.

  

 

On the technical front, what the app is doing is automatically generating an OpenPGP key for this installed instance of the app itself, and using that to automatically sign all photos and videos at time of capture. A sha256 hash is also generated, and combined with a snapshot of all available device sensor data, such as GPS location, wifi and mobile networks, altitude,  device language, hardware type, and more. This is also signed, and stored with the media. All of this happens with no noticeable impact on battery life or performance, every time the user takes a photo or video. We have been running it for months on fairly old, low end phones, and you just forget it is happening.

 

   

While we are very proud of the work we did with the CameraV and InformaCam projects, the end results was a complex application and proprietary data format that required a great deal of investment by any user or community that wished to adopt it. Furthermore, it was an app that you had to decide and remember to use, in a moment of crisis. With ProofMode, we both wanted to simplify the adoption of the tool, and make it nearly invisible to the end-user, while making it the adoption of the tool by organizations painless through simple formats like CSV and known formats like PGP signatures.

The source and direct APK downloads are available on Github: https://github.com/guardianproject/proofmode

The beta release is also available today for Android phones on Google Play. We hope to have an iPhone version in beta in the next few months.

We have also published a sample batch proof data set on Github here: https://github.com/guardianproject/proofmode/tree/master/samples/sample-proof-1

Our design goals included the following:

  • Run all of the time in the background without noticeable battery, storage or network impact
  • Provide a no-setup-required, automatic new user experience that works without requiring training
  • Use strong cryptography for strong identity and verification features, but not encryption
  • Produce “proof” sensor data formats that can be easily parse, imported by existing tools (CSV)
  • Do not modify the original media files; all proof metadata storied in separate file
  • Support chain of custody needs through automatic creation of sha256 hashes and PGP signatures
  • Do not require a persistent identity or account generation

We also were able to take advantage of the new Android “Quick Settings” developer API, to add a ProofMode toggle button right along side other system functions like Wifi, Location, Bluetooth and more. This fulfills a vision that WITNESS has had for a while in mainstreaming the concept of our prototype into mainstream adoption, giving every citizen journalist a quick mode to activate when their moment arrives.

 

You can read a bit more in the project README on the workflow we imagine being used for all of this. What we hope is that the ProofMode app is simple and low impact enough that potential users will install and forget that it is there. It will go along doing its business quietly without fuss, until the users realizes they have taken a photo or video that might have some value as digital evidence. Then, using the SHARE PROOF action, send their proof data set off to an organization, journalist, lawyer, or other advocate that would be able to verify the chain of custody and integrity of the files and proof using off the shelf OpenPGP and CSV visualization tools. While we have a bit more work to do on the last part, we already have many partners in the human rights world who are skilled and capable of doing just that.

If you’d like to learn more about the CameraV app and our collaboration with WITNESS and Coletivo Papo Reto video activist group in Brazil, please watch this video below from the Al Jazeera “Rebel Geeks” documentary.

Message me on Keybase

I’ve started using Keybase Chat, and I am really enjoying it. It combines Slack and Dropbox, with end-to-end encryption, all without needing a phone number or “real name”. Send me a message and say hello!

At Keybase we collectively use and love WhatsApp, Signal, Slack, and iMessage, to name a few. However, in all those apps: recipients are looked up by phone number or email.That works ok with friends and coworkers.But it sucks with people you know on the Internet. First off, they have to give you their phone number in a preliminary back and forth. That takes time and prevents you from sending your message until you hear back.Then, to make sure you’re really secure, you’re supposed to compare special codes by meeting in person. That’s impossible in most cases.Keybase is different. For example, in Keybase chat, I can simply use my Hacker News name, malgorithms, as my secure address; no phone number or email needed. My Twitter username would work, too. Or even my Reddit username.

Source: Introducing Keybase Chat

Getting Signal on a PocketCHIP

I’m a big fan of the NextThingCo and their $9 CHIP computer for the simultaneously radical and practical approach to hardware manufacturing and low cost computing. Being a fairly early backer of their crowdfunding effort, I was able to get the super fun PocketCHIP dock/case/shell, as well, which looks like a cross between a Blackberry and a Gameboy, with all the circuitous guts exposed. The PocketCHIP is an open-source, handheld, portable computing device, with built-in Wifi and Bluetooth, a hilariously difficult keyboard, and a not so terrible battery. While I have tried to find legitimate uses for it in my day to day toolkit, including as an IoT monitoring terminal for a car’s ODB2 port, I have mostly just carried it to remind myself that the future of mobile computing could be one based on open-source hardware, software and an infinite variety of 3D-printed form factors.

Now, in the last few days, I have become a big fan of Signal-CLI, a Java-based command line interface to the Signal Messenger service. On this very blog, I wrote post on how you can easily send batched encrypted broadcast messages from a terminal shell using it. Then, tonight, I was looking at my PocketCHIP, and I had a moment of inspiration, when I realized that I could easily “apt-get install” java onto it, and by extension run Signal-CLI. This means that I could turn my underused PocketCHIP into a portable, open device upon which to send and receive encrypted messages to anyone in the world who also had Signal.

To make a long story short, it works! I installed Java (“apt-get install openjdk-7-jre-headless”), I downloaded the latest Signal-CLI releases (“wget https://tinyurl.com/signalcli035”), unpacked it (“tar xzvf… ” yada yada), and then ran the signal-cli command line. From there, you just follow the simple instructions provided on Github for registering and verifying, and away you go! I used a Google Voice number to handle receiving the SMS verification code. You could also use any landline or payphone – you just need something that can receive a text or voice call. Make sure to follow all the Signal safety tips, as well!

With Signal-CLI, you can send and receive messages, create and manage groups, and even list and verify safety number “keys”. The limited processing power and memory on the PocketCHIP does cause each command to take a few seconds, but that can be worked around. I can easily imaging an ELM or PINE style user interface for this, that would hide all of that fetching and receiving in a background process.

So, now my PocketCHIP is on Signal, and it has become infinitely more useful. Oh, and did I mention, it also runs Tor? Who is up for writing Ricochet-CLI?

Building Welcoming Communities – Open Source Guide

A welcoming community is an investment into your project’s future and reputation. If your project is just starting to see its first contributions, start by giving early contributors a positive experience, and make it easy for them to keep coming back.

Make people feel welcome

One way to think about your project’s community is through what @MikeMcQuaid calls the contributor funnel:As you build your community, consider how someone at the top of the funnel (a potential user) might theoretically make their way to the bottom (an active maintainer). Your goal is to reduce friction at each stage of the contributor experience. When people have easy wins, they will feel incentivized to do more.

Source: Building Welcoming Communities – Open Source Guide

Published
Categorized as General

Four Browsers for Defending Your iPhone from Evildoers, Spiders and Snoops

Note: I’m trying to blog more, just get any useful thoughts or recommendations I have down in public, on paper, so to speak. While I have developed, contributed to and promote various formal digital security guides and curriculum, sometimes these can be overwhelming to people just looking for some quick advise.

Why do you need a safer browser than the Safari app your phone comes with? Well, it is true, that Safari is pretty good, and Apple’s track record on security and privacy is solid. That said, Safari is configured by default to work for the most general needs of all iPhone users, many of whom prioritize convenience over privacy and security. While you might not notice day to day, there are a lot of sneaky, suspicious spiders out there in the infrastructure of the net, looking to suck all the value of your data, information and communication, for a wide variety of reasons.

You may have some desire to have more security and privacy when browsing the web, because of work that you do, places you travel, or topics that you are searching for or researching. Perhaps you want to keep your personal browsing separate from other browsing. Some may be worried about browsing on insecure wifi networks when you are at a cafe, hotel or traveling abroad. Whatever your reason, it only takes a few minutes to try these browsers out, which could save hours and days of headaches down the road.

Here then, is my list of browsers to use on your iPhone or iPad, if you want more security and privacy controls than just what the built-in Safari browser offers.

  • Brave Browser: Brave is an open-source browser for mobiles and desktop that increases security and privacy primarily through blocking all advertisements by default. They are open-source, block ads and tracking pixels, and default to using HTTPS on sites that support it. Their business model is focused on reintroducing safe, quality advertisements for content creators, which hopefully leads to both sustainability and a safer, faster web experience.
  • Endless Browser: Endless is another open-source browser, with an amazing array of secure and private by default configurations. It blocks all kinds of bad network behavior like unexpected iframes, popups, and cookies and weak SSL/TLS encryption ciphers. It also includes HTTPS Everywhere, so like Brave and Tor Browser on the desktop, it defaults to secure HTTPS connections if the site supports it. Endless was made by an independent developer who has been working hard to keep it up to date, and doing a great job of it.
  • Onion Browser: This is the best option for browsing through the Tor network on iOS, that gives you maximum privacy of your IP address, increased defense against network surveillance and intrusions, and solid secure default settings. While it has a simple user interface, the guts of it are built on great code, audited components, and incorporates the latest Tor engine and Pluggable Transport support (to get through the most unfriendly firewalls!). Onion Browser v2 is coming soon, based on Endless Browser, which will really bring two of the best open-source iOS browser projects together.
  • Chrome Browser: While Apple limits the ability for Google to port the entire Chrome browser stack to iOS, you still get a bump in security by trusting Google with your web browsing needs. This includes “Safe Browsing” malware protection and stronger HTTPS security through certificate pinning, If you aren’t a Google fan, and care more about privacy than security, then this might not be your best choice, since more of your browsing history data will likely end up in their algorithm.

All of these browsers can be paired with an iOS system wide ad blocker and VPN. I will cover my recommendations for those in another post.

If you feel I have missed a browser, configuration or other complementary option, please let me know!