Near-Field Authentication over Avian Carrier

I read about “chirp” the other day – a new iPhone app that lets you share pictures andChirp
links from your phone with an audible tone that sounds like—surprise—a bird chirp.

Here’s how it works:

  • You open up the chirp app on your iphone or ipad
  • You select a hyperlink, a note, or a picture that you want to share
  • The item is uploaded to chirp’s servers (somewhere in the cloud)
  • You hit the chirp button
  • Anyone else whose phone/tablet: 1) is within audible range, and 2) happens to have the chirp app open – will receive the chirp
  • If they’re online, chirp will automatically download your item for them to see
  • If they’re not online, they can download it later

Chirp starts “listening” for other chirps as soon as you open the app, so if you have a bunch of people chirping away in the same place, you should see a stream of shared items.

It seems like an easy way to share digital items with one or more nearby people, and only those that are physically nearby (as opposed to on a network together). Not that people will be sharing sensitive things necessarily, but it’s an interesting form of authentication – only phones in an audible range with the chirp app open will be able to receive the chirp.

From a functionality standpoint, there’s no need for an email distribution list, no need to pair with Bluetooth or “bump” your phones together, no GPS or cellular location awareness required.  It’s also more aesthetically pleasing and takes less coordination than a QR code.

If your phone is within “earshot”, you can share stuff.

Be careful whose chirps you choose to receive though—it’s conceivable that a chirp could deliver a link to a hijacked website that delivers malicious code to your device. Right now it looks like it’s up to you to authenticate the sender.

Musing a bit on what could come next by extending the idea…

First, a future version of the app could (conceivably) become persistent, meaning your phone might be listening for chirps all the time, and there would be a little queue of chirps waiting for you when you decided to look. Perhaps there will be an app that can merge chirps with tweets.

With a persistent chirp app, you’ll be at a party where people are taking pictures with their phones and they’ll chirp them as they take them so you can view them later without having to be their Facebook friend.

You’ll be walking down the street and stores will chirp you coupons. When everyone starts wearing Google glasses later this year your chirp feeds will fill up with localized information like advertisements, landmark descriptions, public service messages, and a million other things you probably won’t want.

Sounds noisy.

Next innovation:  make chirps inaudible to humans, and/or to people older than 20 (e.g. Stealth Tone). We won’t scare birds, we might stay a little saner, and it’s more mysterious.

If you’re a spy, or doing a scavenger hunt, when you get to your secret drop thingy or have scavenged the right area you’ll just open up chirp to get the next clue.

So next we’ll need little battery-operated chirpers that can be hidden under a park bench or placed on top of a statue somewhere. They’ll either chirp when you press a button or chirp intermittently every few minutes.

For a more practical use, what if the police need to find someone in a busy train station or airport and Eagle Eye is down? They could just chirp a photo or a description over the loud speaker—everyone in the station might aid in the search.

What’s clear is that there is still a lot of innovation going on to share content, as quickly and easily as possible, with the people you want to share it with. In a business meeting in the future, someone might just chirp you a copy of their presentation. Careful though—others might be listening.

Get the latest security news in your inbox.