In cryptographic and security circles, the "evil maid" problem describes a class of attacks in which a piece of unguarded hardware, is tampered with by someone who gains physical access to it: for example, a hotel chambermaid who can access your laptop while you're out of the room.
The Freedom of the Press Foundation, Edward Snowden, and the Guardian Project have created Haven, an app that tries to solve this problem by turning a spare Android phone into an unobtrusive, networked security device that monitors your laptop (or other belongings) while you're away, recording movement and sound and transmitting it to you over encrypted, anonymized channels.
The idea is that you leave your laptop next to a Haven-equipped burner phone, and if someone comes into your office or hotel room or whatever and starts messing with it, you'll get pictures and audio sent to you over Tor or Signal.
It's an interesting variation of the introspection principle Snowden and bunnie Huang deployed in their device to monitor your cellphone to determine if it has been compromised and is secretly sending out data, pictures, etc: you use a computer to guard another computer, on the theory that the computer you're guarding might be compromised and can't be trusted.
But there are complications to this use-case: as EFF's Eva Galperin points out, it is likely to generate a lot of false positives (because chambermaids have totally legitimate reasons to move things around as they clean). What's more, it requires you to trust your burner phone against an adversary who's willing to compromise a hotel chambermaid to install malware on your laptop — and that adversary could conceivably target your phone in advance of the breakin.
Designed to be installed on a cheap Android burner, Haven uses the phone's cameras, microphones and even accelerometers to monitor for any motion, sound or disturbance of the phone. Leave the app running in your hotel room, for instance, and it can capture photos and audio of anyone entering the room while you're out, whether an innocent housekeeper or an intelligence agent trying to use his alone time with your laptop to install spyware on it. It can then instantly send pictures and sound clips of those visitors to your primary phone, alerting you to the disturbance. The app even uses the phone's light sensor to trigger an alert if the room goes dark, or an unexpected flashlight flickers."Imagine if you had a guard dog you could take with you to any hotel room and leave it in your room when you’re not there. And it’s actually smart, and it witnesses everything that happens and creates a record of it," Snowden said in an encrypted phone call with WIRED from Moscow, where he has lived in exile since 2013. "The real idea is to establish that the physical spaces around you can be trusted."
Haven [The Guardian Project]
Snowden’s New App Uses Your Smartphone To Physically Guard Your Laptop [Micah Lee/The Intercept]
Snowden's New App Turns Your Phone Into a Home Security System [Andy Greenberg/Wired]