The OpSec Blog

Security and privacy information and advice at home and abroad.

“Panic Button” App Under Construction by State Department

leave a comment »

As reported by TechCrunch, the State Department is funding an Android app that would delete contact lists and personal data as well as send out an alert when activated.  The idea behind the app is that it would make it harder on law enforcement agencies worldwide to use the contact list stored on a cell phone to perform nodal analysis to crack down on dissent.  It’s not unreasonable to assume that the app would also have options to make the “distress” post to Twitter or Facebook before performing the wipe.

This announcement comes on the heels of a year in which unprecedented unrest in the Middle East has brought social media’s role in dissent to the center stage.  While there are a lot of good ideas at work here, I’m curious about a couple of things:

Why only Android?  While Android has a very large global distribution, it seems strange to me that the app won’t even run on the Blackberries issued to Department employees.  Perhaps Android was chosen for initial development because distribution is not as restricted as it is for iOS and Blackberry OS.

Will it only delete contact lists?  It seems to me that e-mails or text messages could potentially be a lot more damaging than just a contact list.  How about app data?  Since Android is the chosen development platform, the “free for all” nature of what apps can store makes it difficult to remove what is sensitive.

Will it actually delete data?  Time and time again research has shown that “deleting” something often leaves the data readable by specialized programs and equipment and only erases the end-user links to that data.  In countries with advanced technical capabilities this becomes very important.

How will this be different from the other “data wipe” apps already out there?  I guess it’s nice to have the “beacon” feature and data wipe all in one piece, but is it really worth $22 million?

From the technical side, how secure will the app itself be?  If a malicious hacker finds an exploitable bug in an app officially sponsored by the US State Department you can be sure it’ll be plastered on the front page of the Times.

Those are just a few of the issues I have with this idea, but the final decision is obviously well above my pay grade.  I’ll keep watching out for news related to this story; if you see any interesting tidbits feel free to send them my way!

Advertisements

Written by OSB

04/04/2011 at 07:38

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: