Lvl4Sword
commented
5 years ago I'm not sure how a hidden service would work with Killer, and don't see it as beneficial for the project as a whole. Would require far more dependencies, and Killer has to run as root to start with. So the attack surface would increase significantly.
Keepalive signals would require a huge rework, and I don't feel there's much of a reason to have them anyway.
What would be better is making issues for custom commands to support paying attention to what is available on the systen, such as the sound threshold for the mic ( there's already one dubbed "ScreamLock" in the issues ) and other things. Not too sure if light/gyroscope/gps is available on a lot of devices though.
@GhostOfGoes - Your input?
HulaHoopWhonix
Hi! Whonix dev here. We've recently come across "killer" [0] on Linux, a system tamper detector that shuts down a system when it detects unexpected actions. My first thought was that there is a potential opportunity for collaboration between the two projects. The rich input from mobile sensors can provide further options for a tripwire that protects a running machine when the owner is away.
Thoughts:
I'm not sure about the details of how it works, but Haven could have a text event protocol that other programs like killer can standardize around and understand.
Besides the wifi means of communication, Haven can support USB in case an attacker tries wifi jamming to prevent its killswitch from triggering.
On the killer side, it would need to support a listening daemon that runs a an ephemeral onion service. Add support for the Haven protocol. Make use of a keep alive signal between it and Haven and shut off the device if there isn't a ping after a preset amount of time.
Feel free to discuss this in more detail and I hope something exciting can come from it! :-)
[0] https://github.com/Lvl4Sword/Killer
cc/ @Lvl4Sword @adrelanos