Dear LibTech, I'm glad to announce that today we're releasing Panic Button in public beta on the Play Store. Panic Buttin is an open source Android app which allows individuals at risk of being arrested to discretely send SMS alerts with their location to their trusted contacts. It's been a long road and many have helped bring the app to where it is now. The project was born with an Amnesty International Open Ideo challenge. Thoughtworks put together the software building blocks and hackathons were organised around the world including with the developers of Hancel in Mexico city. iilab then took the relay baton to bring the app to launch.
A lot of the work that has happened in the past 6 months together with Amnesty International, Frontline Defenders, the engine room and iilab has revolved around ensuring that the application's user experience reinforced the security goals. We conducted frequent user testing during development, rolled out pilot trainings during our private beta and continued to work on the software based on this feedback. It's still in Beta and there's a lot more to do, but we feel it's ready for a larger number of users to test it, and for the lib tech community to take a good look at it and ask the difficult questions. The installation Wizard in the app is meant to not just help with understanding the functionality but also to reaffirm the security aspects related to using the app, most importantly the preparation that needs to be done offline with a network of trusted contacts that is able to act in case of an alert. We've put online materials that reinforce this point and tried to also present this content in an easy to digest form (with cartoons and a simple question answer widget and a checklist in the app itself). We can't completely prevent users from endangering themselves of course, but we're trying to make sure that they are as informed as possible. It is also obvious that making security trade-offs are part and parcel of human defenders' daily decision-making in the face of many types of threats. We've also drafted a document which presents the security goals of the app for a slightly more technical audience and as a basis for a threat model document which would guide further development. The main trade off from a security standpoint is that the ability of the app to alert a user's trusted contacts rapidly is more relevant/important than the privacy of the user or their contacts. The disguise and discreet activation methods are only there to delay discovery, to allow a network to act and to mitigate harm. With no network ready to act, or no possibility to influence the outcomes, then using SMS alerts could reveal a user's contact and do more harm than good. Hopefully, this will be clear to the user with our efforts put towards educational communication. Hopefully, individuals and organisations who adopt or promote the application, will also relay this message clearly. Working with organisations like Amnesty International can help enable rich feedback loops which are invaluable when they can be integrated in the software development cycle. As there are more android apps targeting individuals and risk, such as the amazing work of Whisper System and Guardian Project or more recently Security First, there'll be also more opportunities to create more reusable building blocks (both functional and educational) to help others build great apps, with different type of users in mind, and facilitating the reuse of security functionalities and content. I hope there'll be more chances to hang out more with Nathan and Moxie and other developers of mobile apps. It's always good to be around great human beings. Cheers, Jun -- Jun Matsushita Founder, CEO mobile: +44 7429 144 691 skype: junjulien iilab.org @iilab information innovation lab
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
