Former National Security Agency (NSA) contractor and government whistleblower Edward Snowden is collaborating with well-known hacker Andrew "Bunnie" Huang to create an iPhone add-on device designed to alert users when they are being spied on.
The research was announced this week at an invitation-only video webcast featuring Snowden that was produced by the MIT Media Lab for a conference entitled Forbidden Research, according to a report by the New York Times. Snowden spoke via a video connection from Russia, where he is living in exile.
Snowden said that he was concerned that cellphones and smartphones serve as tracking devices that automatically create electronic dossiers that give third parties, such as governments, detailed information on the owner's location.
That's likely how Syrian forces located and killed journalist Marie Colvin, alleges a lawsuit filed by Colvin's family against the Syrian government.
Snowden's presentation included the story of Colvin, a journalist from New York, who entered the city of Homs, Syria, while reporting for The Sunday Times of London. Colvin reported from inside this city, but Syrian forces bombed her base there, killing her and another journalist and injuring two others.
A report in the Intercept, the news site startup spawned by Snowden's work with The Guardian journalist Glenn Greenwald and others, noted that a lawsuit filed by Colvin's family says that Syrian forces may have found Colvin by tracing her phone.
In the Forbidden Research webcast, Snowden said it's become increasingly difficult for users to trust their smartphones. These devices may even be carrying malware that transmits location information, even when the user thinks the phone has been placed into a safe "airplane mode."
That's particularly dangerous for journalists, and should be an issue at the top of mind for the IT departments that protect them.
"One good journalist in the right place at the right time can change history," Snowden told the MIT Media Lab audience, according to a report in WIRED. "This makes them a target, and increasingly tools of the trade are being used against them."
To protect them, Huang and Snowden designed the device. The work aims to give journalists the ability to know when their smartphones are tracking or disclosing their location when the devices are supposed to be in airplane mode, according to a detailed document written by Huang and Snowden.
"We propose to accomplish this via direct introspection of signals controlling the phones' hardware," they wrote. "The introspection engine will be an open source, 'user-inspectable' and field-verifiable module attached to an existing smart phone that makes no assumptions about the trustability of the phone's operating system."
[Should corporations side with government on breaking encryption? Read Tim Cook vs. FBI: Why Apple Is Fighting the Good Fight.]
For their research, Snowden and Huang focused on the 4.7" iPhone 6 design by Apple.
From the outside, the introspection engine looks and behaves like a typical battery case for an iPhone 6, but inside it also includes independent electronics and an independent screen to provide the user with updates on radio status.
Huang and Snowden said in their paper that they hope to prototype and verify the introspection engine's abilities in the year ahead. The techniques used to develop the design for this prototype may also be applied to other makes and models of smartphones.
What This Means for IT
IT organizations have a vested interest in being able to track end-user devices and monitor how those devices are used. For instance, a trucking company may include dispatch apps on its drivers' iPhones.
But if an iPhone is issued to an employee in the field in a war zone, that phone's own tracking and monitoring features can be used against the worker and perhaps even endanger his or her life.
In that case, IT would most likely want to enable technology to disable tracking and monitoring. The idea takes mobile device monitoring to a whole new level.