Of Encrypted Hard Drives and "Evil Maids" 376
Schneier has a blog piece about Joanna Rutkowska's "evil maid" attack, demonstrated earlier this month against TrueCrypt. "The same kind of attack should work against any whole-disk encryption, including PGP Disk and BitLocker. ... [A] likely scenario is that you leave your encrypted computer in your hotel room when you go out to dinner, and the maid sneaks in and installs the hacked bootloader. ... [P]eople who encrypt their hard drives, or partitions on their hard drives, have to realize that the encryption gives them less protection than they probably believe. It protects against someone confiscating or stealing their computer and then trying to get at the data. It does not protect against an attacker who has access to your computer over a period of time during which you use it, too."
surprise (Score:5, Informative)
physical access > digital security
Bucket List (Score:1, Informative)
Just another good reason... (Score:2, Informative)
Just use a CD (Score:3, Informative)
When you encrypt your system partition with Truecrypt it forces you to make a CD (you actually have to burn and mount it before it will let you continue). This CD contains a copy of the bootloader and encryption key. If you always boot off that CD it won't help to attacker to replace the bootloader on the HDD.
Of course they could target the CD but at least you can keep a mini CD in your wallet at all times.
Re:Bootloader? BitLocker? (Score:2, Informative)
I didn't read the RTFA, but aren't MSFT's BitLocker supposes to validate the boot path (from BIOS code to bootloader up to the BitLocker decrypter) with the help of the TPM chip?
It does, and thus the attack doesn't work here:
"The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified."
Now we'd just need someone to reverse the decision that TPMs are all evil and should not be used.
Re:At the next defcon... (Score:3, Informative)
Worse than that. It says the outfit is sold out. I am NOT going outside or answering the door this Halloween.
Bitlocker? (Score:3, Informative)
Bullshit.
The bootloader is signed. Use this in combination with the TPM chip (embedded smartcard) on your laptop - AS SPECIFIED BY THE GUIDANCE - and use a PIN. There's no loading the disk or getting at the data without cracking AES. At least once.
So... Start your engines.
Re:bootloader checksum (Score:1, Informative)
If you are the kind of person that are in the danger zone of this happening (not that you would leave a computer with such sensitive information in your hotel room.); You would probably feel a lot better if you were able to checksum the bootloader when returning, maybe from an external usb drive. This would offcourse run it's own OS, not being done from the bootloader(for obvious reasons).
Which is why you want a blackberry. One of the common complaints about blackberries is that they take a very long time to turn on after a power cycle. Five minutes or longer to boot isn't uncommon. Compared to most cellphones which boot in a few seconds, this is very irritating.
The reason is that the blackberry is verifying the boot ROM, boot loader, OS, and firmware for signs of tampering.
Re:surprise (Score:1, Informative)
Version 6.0+ of Truecrypt does do full disk encryption. In fact, the original attack [blogspot.com] was against Truecrypts full disk encryption mode.
Re:Bitlocker? (Score:3, Informative)
Re:Bootloader? BitLocker? (Score:3, Informative)
Windows 7 is different from Vista in the way businesses and enterprises use it. Vista had two editions that were activated via an internal KMS system (very important when you have thousands of PCs and do not want them touching the Internet for activation). Windows 7 has only one edition that has this functionality, the Enterprise edition. This is available via volume license key agreements. Other than the MAK/KMS model of activation, this edition is the exact same as Ultimate which has BitLocker, BranchCache, and the other items.
So, if a company is using a volume license of Windows 7, they will have access to BitLocker functionality. Server-wise, Windows Server 2008 and Windows Server 2008 R2 both have BitLocker functionality built in.
This way, if a corporation that is running Windows 7 orders a bunch of laptops, they would be fools not to order ones with TPM chips because their OS will easily support this functionality. If they have an Active Directory infrastructure and no existing encryption product (PGP, PointSec), getting BitLocker deployed enterprise wide wouldn't be too difficult with AD holding recovery keys to machines.
I'm glad Microsoft did this. No worry if a company has Business or Enterprise editions for features (like the issues with Vista). Now, if a company has a VLK and uses a key management server for internal activations [1], they have BitLocker available with W7.
[1]: I'm not a fan of activation at all. Personally, my wish is they would have gone back to how XP VLK editions handled this. Businesses are not going to be pirating Windows because the BSA will come for a visit. Pirates will crack any activation. So, there is no real antipiracy benefit to Microsoft in forcing businesses to have an activation infrastructure.
Re:surprise (Score:1, Informative)
Well, they only added FDE on the boot partition for Windows. OS X and Linux FDE is only supported in the sense you can encrypt a full partition on a separate drive. So if you want a FDE on the boot drive for those OS's, you'd need to look into something else (AES-Loop for Linux, and I don't know what for OS X).
Actually, now that I think about it, a way that you could get around this attack would be to make the hard drive non bootable, and always boot from a trusted medium and keep that medium on your person at all times. For Windows (or Linux) that could be a thumb drive; for OS X, you could boot off your iPod.
Re:surprise (Score:5, Informative)
My god the mod's today suck. All of these "Then don't leave yourself logged in" responses are getting +mod.
This attack has NOTHING to do with you leaving your session authenticated and open. It's about a boot-loader level phish scheme.
Basically, you come back to your laptop which you left off, you boot it up not noticing anything out of place, and you log in an unlock your drives. Meanwhile, little did you know that the intruder put a very small OS on to your laptop which runs your primary OS as a virtual OS. It's got low level hooks to all the basic INT's and can read any memory without chance of any program within your primary OS (now virtualized) detecting it.
Then you log off and go out to dinner. The maid comes in, boots up, hits a key-sequence, and dumps a log to a USB drive. In that log somewhere is your password to your encrypted drives. Game over dude... game fucking over.
Re:Missing the point (Score:3, Informative)
In addition, there were reports that had to be filled out to inform management if a laptop was lost or stolen. There were disclosures to the entities that were supervised. The consequences of losing a laptop were so painful that no one wanted to lose one.
Re:Bitlocker? (Score:1, Informative)
+ TPM + USB flash drive
Wheee! Not 1, not 2 but 3 factor authentication courtesy of the checkboxes sold with every copy of Windows 7. Of course, has bitlocker been independently verified not to have a backdoor? Hmm? If your motherboard crashes and the TPM chip goes pfft, is there a way to recover the drive? Hmmm? How much do you have to pay to get this protection?
There is a better way that addresses all of these issues and uses industry standard encryption algorithms and you don't even have to trust anyone at all if there is a backdoor, you can see for yourself! Tada! [wikipedia.org]
Without walls... Who needs Windows?
3 Words... (Score:2, Informative)