So that's what the 5 a day looks like!!
Dutch researchers have developed an Android app for dissidents and crims-on-the-go, that can not only protect sensitive data behind encryption but make a phone appear as if it has nothing to hide. The app was developed to pass the casual inspection a non-technical copper would give a device when looking for encrypted data that …
I also like the idea of an invisible icon you have to tap more than the usual number of times to make it activate.
I am willing to bet, though, that the first support request they get will be for that the app "doesn't work". However, I don't think lawmakers will be too worried:
Secret data would be encrypted using Facebook's Conceal API
Call me picky, but I would not trust anything that has been near either Facebook or Google for my privacy.
"It's not just me that sees this as vaguely lacking in credibility, is it?"
You are certainly not alone.
Beyond the Conceal API this all seems rather pointless to me. I mean, is it really possible to take this at all seriously when the authors state, "our approach provides an added step of obfuscation that increases security of the data". Well, so now obfuscation increases security? Hmmm. Does not compute.
DroidStealth relies on a simple PIN for decryption and the APK is distributed though untrusted sources? This is looking like good, secure logic - not.
To be honest, I should have stopped reading at their claim that 'obfuscation... increases security of the data' and gone back to doing something worthwhile.
.> 'obfuscation... increases security of the data' .... Well, so now obfuscation increases security? Hmmm. Does not compute.
It isn't intended to defeat a forensic IT specialist with the proper kit, it's just intended to hide stuff if an untrained copper takes a quick once-over.
It's akin to the difference between leaving an ounce of botanical narcotics unwrapped on your kitchen table, and having it doubly sealed and hidden out of sight. The latter scenario is not *secure* - especially against a four-legged police officer - but it is still preferable to being blatant.
Side note: I did hear of one weed dealer who was so paranoid about writing down accounts that he instead committed them to memory and calculated figures in his head... he became so adept at quick mental arithmetic that he realised he could make far more money by trading in legal goods. He stopped peddling dope, got a VAT number and has never looked back.
"It isn't intended to defeat a forensic IT specialist with the proper kit, it's just intended to hide stuff if an untrained copper takes a quick once-over."
I did read that bit but, well, I was just a little surprised to see the claim that obfuscation increases (data) security coming from within a uni. (I'm pretty certain that the students involved would have gained some useful knowledge/experience from the project, notwithstanding).
I could see the school-aged me making use of this just to piss off mum/dad/sibling, but alas I'm now old, withered and grumpy and see such an app causing more headaches than it allegedly solves - if used in ignorance.
When you unlock it using one password it unhides everything so you can use the phone normally, when you unlock it using another ("1234") it leaves everything hidden and shows only benign stuff to make the phone look used, but not suspicious.
You could designate certain contacts to be hidden by adding something to the contact info. Then all texts/calls to/from those numbers are hidden, and only the calls to your grandma are shown.
It'll be in the apps list even though it won't be in the Google Play list so much for a special black ninja stealth app.
Also it's Android, use a file manager to move an encrypted file to some sub sub directory and it's never going to be found in a casual inspection by a non-techy cop either. If you're a suspect in a crime then of course all bets are off.
Finally, I hope we never get to the stage where police can legally casually inspect people's phones to see what they can find. That leads to photos being sent around.
Biting the hand that feeds IT © 1998–2019