The Guardian Project is an open source initiative which aims to take advantage of Google's Android operating system to bring smartphones the same sort of security and privacy that savvy users have come to expect from laptops and desktops. Featuring capabilities like full-disk encryption, secure instant messaging, and anonymous Web browsing, the project hopes to give people better control of their personal information on mobile devices.

For years, security professionals and researchers have been advising users to encrypt everything. Data storage, communications, removable media—keep everything locked down. (As recently as two months ago, California's Supreme Court ruled that police officers can lawfully search the phones of persons they arrest.) However, this sort of security has long been unavailable for mobile devices.

Many of the mobile operating systems lack robust communications and storage encryption systems. Blackberry is the notable exception, providing ostensibly strong security on all its enterprise products. But Blackberry is not necessarily a developer-friendly platform, making further privacy modifications a challenge. Google has announced encryption support for version 3.0 of Android, but this code is not yet available for public review.

The Guardian Project hopes to address many of the vulnerabilities inherent in mobile devices, even taking advantage of unique features in mobile gadgets to make security easier.

Mo' mobile, mo' problems

Smartphones present a particular security challenge, since it's most useful when it stores lots of data and connects regularly to the network. A smartphone also has a camera, a microphone, and a variety of ways of working out where it is, like GPS and network-based location methods. Wonderful features, all of them.

However, all this data and all of these inputs makes a mobile device a privacy and security nightmare. A smartphone may store as much personal information as a laptop or desktop, and they're eminently portable; unlike a laptop, you'll carry it with you pretty much wherever you go. It's also far more likely to be on your person if you're arrested.

When you consider a phone's recording hardware and network connection, things become even more dangerous. The spies of the Cold War would have seen smartphones as the best bugs ever invented: a tracking device which records its location down to a few feet, with a camera and microphone, and which the target actively tries to carry around with them. It's a covert operative's dream come true. In fact, it's quite possible to activate a phone's microphone and use it as a bug. The target doesn't have to know, and the phone doesn't even have to be on to start recording. The only current defense is to remove the battery.

When not in use, the act of connecting to cellular towers allows a service provider to build up a quite precise history of where a user has been. In densely populated areas, this can be accurate to street level. Such location data can be used to determine where you live, where you work, where your significant other lives, and so on, with intimidating accuracy. Law enforcement agents don't even need to obtain a warrant to get this data from a service provider; they simply need to assert that it will assist their investigation. It happens more than 8 million times per year to Sprint customers alone.

Protection in your pocket

Guardian's mission is to mitigate these and many other security risks and vulnerabilities, letting security/convenience tradeoffs favor the "security" side of the equation, should users so desire. Currently. Guardian ships a selection of individual apps designed to provide specific types of security. They're working with the author of CyanogenMod, the most popular alternative firmware for Android devices, in an effort to provide a version of Android which is secure from the outset.

Some Guardian apps are ready to download and use right now. Gibberbot is a replacement for the built-in Google Talk app, and it uses the Off-the-Record [OTR] standard to allow for encrypted instant messaging that's compatible with many other IM clients. Encrypted voice communication is offered through csipsimple, using the secure ZRTP standard, which is far harder to break than Skype's weak encryption. Anonymous mobile Web browsing is provided through a mobile version of Tor and is compatible with the built-in browser app and with Mobile Firefox 4.

But Guardian doesn't just want to take everyday activities and harden them against attacks. It also wants to make users more aware of privacy tradeoffs, so that they can learn to make good privacy decisions. At the recent Guardian hackday in NYC, Guardian's n8fr8 coded UpOnApp which switches all network communication on or off depending which way up a phone is placed in a pocket or on a surface. If it faces up, the phone is online, and its location can be tracked and recorded. Turn it face down to disable all network connections, the microphone, and the camera. The idea is to make being tracked a conscious decision rather than the default behavior.

Another great feature for mobile devices is in-person key exchange. Most modern encryption systems require you to know the public key of the person with whom you wish to communicate. The trouble is that public keys are just long strings of numbers, and it's very important that you're sure which key belongs to which person. Systems like GPG's web of trust (PDF) allow you to learn who owns what keys based on people your friends have met, but it still requires a chain of trust between you and your would-be correspondent. This makes in-person meetings important for confirming and sharing keys.

Currently, this process is rather inefficient: when a number of security geeks meet for the first time, there's a complex flurry of laptops, drivers' licenses, and incomprehensible military-style code-speak. Smartphones can make this a lot easier: just use your phone to scan a QRcode from another person's screen. Guardian already implements this for Off-the-Record keys, and it hopes to bring this functionality to bear for more types of unified key-exchange in future.

Although the Guardian Project is still in its early stages, privacy-conscious users can get started by downloading some or all of the Guardian apps. Technically-savvy users can get more functionality by rooting their phones. The adventurous can sign up to be test subjects for new and upcoming Guardian releases, while coders can take a look at the Guardian apps on GitHub.