Why is it that the more we come to depend on our mobile phones as our lifeline to the the world, the more willingly we give up privacy and control?
Earthmouse: Mobile Guardian (E:MG) aims to change that by providing regular people with the tools they need to protect their privacy, anonymity and communications with friends, family and colleagues.
Built on the Google Android OS, E:MG will provide both applications and a completely new secure distribution that will run on low cost mobile phone hardware available throughout the world.
We are looking for users, developers, causes and partner organizations to contribute to, inform and guide our work.
7. A movement is already underway
to create custom versions of
Android for a wide variety of
phones and purposes.... we just
need to tap into that!
8. Why Android?
• Dominant open-source smartphone OS
• Easy to convert commercially available handsets
• Linux-based with modern development tools
• Rich connectivity, location, and sensor features
• Backed by Google’s resources and finances
9. Android Features
• Dalvik virtual machine optimized for mobile devices
• Integrated browser based on the open source WebKit engine
• SQLite for structured data storage
• Media support for common audio, video, and still image formats
(MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, GIF)
• GSM Telephony (hardware dependent)
• Bluetooth, EDGE, 3G, and WiFi (hardware dependent)
• Camera, GPS, compass, and accelerometer (hardware
dependent)
12. Existing Solutions
• Providers: CryptoPhone, SecureGSM,
NanoPhone Suite
• Analog GSM solutions almost entirely
for Windows Mobile Smartphones
• Corporate focus, poor quality audio,
out of date OS and very expensive
• Products are not for covert use - they
advertise their existence putting user
at risk
14. Early Efforts on Android Need Work!
A password safe for Android that protects your passwords with AES encryption. All encrypted
information is stored in a database on the phone. No information is kept online. The only way
to backup currently is through the export feature.
http://code.google.com/p/android-passwordsafe/
16. a.e.i.o.u.’s of Guardian
anonymous Able to be used without revealing the user
encrypted All communication and data is secured and protected
invisible Doesn’t reveal itself to be anything out of the ordinary
obfuscated Hides itself within the noise and traffic of the network
ubiquitous Widely available, easy to use, cheap and open-source
17. User Requirements
• Be hidden and invisible from • Offer “emergency” features
the casual observer that are quick to active
• Provide secure • Open-source and able to run
communication without on cheap, common hardware
complexity
• Internationalized & Localized
• Don’t incriminate the user or
owner
19. Android O.S. + Guardian Security Layer
1) Enhance existing & develop new secure applications
2) Wrap or replace Application
Framework, while adding new libraries
and core security services
3) ensure kernel, runtime and
virtual machine are “snoop” proof
4) Secure or remove drivers to secure the hardware layer
20. Build on Existing Projects
• The Tor Project
Tor is a software project that helps you defend against traffic
analysis, a form of network surveillance that threatens
personal freedom and privacy, confidential business activities
and relationships, and state security
• Psiphon
psiphon is a human rights software project developed by the Citizen
Lab at the Munk Centre for International Studies that allows citizens
in uncensored countries to provide unfettered access to the Net
through their home computers to friends and family members who
live behind firewalls of states that censor.
• Zfone
ZfoneTM is a new secure VoIP phone software product which lets
you make encrypted phone calls over the Internet. Zfone uses a new
protocol called ZRTP, which has a better architecture than the other
approaches to secure VoIP.
21. Guardian Application Suite
•Anonymous •Encrypted Data
Browser Storage
•Media+Location •Remote Poison Pill
Reporting Tool
•“911” Alert
•Encrypted Email Mechanism
•Secure Voice •Secure Data Auto-
Communications Sync
22. gReporter
open-source, geotagging
media capture report client
http://openideals.com/greporter
23. gReporter
Records Records Audio, Transmits to
Location Photo, Video Secure Server
25. Routing via Stenography
authoritarian state
Gmail
YouTube “Safe”
Amazon Service
Skype
Route encrypted data exchange through common services
(Gmail, YouTube, Amazon, etc), as to not stand out