The two say they plan for the module to be open-source (“You don’t have to trust us.”), user-inspectable, field verifiable and to operate independently of the phone’s operating system or CPU, which could be compromised. Huang added that they want the module to be essentially invisible to the operating system and not to have a signature that could be detected, since governments would then be likely to target those using it.
The stakes are high – very high – Snowden said, because, “one good journalist, in the right place at the right time, can change history,” including possibly changing the outcome of an election or of a war. “That makes them a target,” he said.
But, of course, every tool for the good guys could be attractive to bad guys as well. If terrorists or other criminals got access to such a module, they could “go dark” more effectively as well.
The Department of Homeland Security had nothing to say on the matter. Spokeswoman Marsha Catron said, “we wouldn’t comment on pending matters.”
But privacy experts note that any technology can be used for good or bad purposes. “It is dangerous to impugn the ethics of a project like this,” said Dan Cornell, CTO and principal at the Denim Group. “Pretty much any useful technology will have applications that are both ‘good’ and ‘evil.’ Google Maps provides tremendous benefits but could also be used by terrorists to help plan attacks.”
Parker Higgins, director of copyright activism at the Electronic Frontier Foundation (EFF), has a similar view. “It's possible for bad actors to use infrastructure, but that doesn't stop us from building it,” he said.
Higgins added that he doubts that a module like this would be widely used by criminals or terrorists. While the perception may be that they are highly sophisticated, he said, “in practice, those groups tend not to be very advanced in their communications technology.”
Still the effort by Snowden and Huang to monitor a phone’s RF emissions raises the question of why the makers of the phones don’t deliver what they essentially promise – that if the phone is in Airplane Mode, it is not broadcasting location data.
Cornell said putting public pressure on phone manufacturers to give users more control over whether their device is communicating, “is a more interesting approach.” He likened it to how relatively easy it is to block the camera on a laptop with a piece of tape, but not so easy to block the microphone from being turned on without the user’s knowledge.
“A better approach for laptops would be to have a hardware ‘off’ switch’ for privacy impacting sensors like the microphone and camera that would physically break the connection and make it impossible for the sensor to operate,” he said.
Sign up for CIO Asia eNewsletters.