Of Encrypted Hard Drives and "Evil Maids" 376
Schneier has a blog piece about Joanna Rutkowska's "evil maid" attack, demonstrated earlier this month against TrueCrypt. "The same kind of attack should work against any whole-disk encryption, including PGP Disk and BitLocker. ... [A] likely scenario is that you leave your encrypted computer in your hotel room when you go out to dinner, and the maid sneaks in and installs the hacked bootloader. ... [P]eople who encrypt their hard drives, or partitions on their hard drives, have to realize that the encryption gives them less protection than they probably believe. It protects against someone confiscating or stealing their computer and then trying to get at the data. It does not protect against an attacker who has access to your computer over a period of time during which you use it, too."
Re:Fine line between security and paranoia (Score:5, Insightful)
Offhand, i'd say any prominent high-class hotel that might be used by foreign businessmen on a trip.
I mean, you do have a point, bob the middle manager isn't that important. However there are quite a few business people who this really would be that important to. Corporate espionage is high, and you know china has been doing focused attacks over the network.
Sneakernet is always faster, so if they can train up a few pretty women, pay them a decent programmers wage to have them steal stuff that is the work of 10 engineers or even hundreds, that's a pretty sound economic payoff don't you think?
I think stuff like this has it's purpose, and those who really are at risk need to be educated about it. For the other 95% of us, i think it's useful info to be aware about, just like don't leave your purse out visible in your car. Sure it probably won't happen, but there are always people who would.
bootloader checksum (Score:5, Insightful)
If you are the kind of person that are in the danger zone of this happening (not that you would leave a computer with such sensitive information in your hotel room.); You would probably feel a lot better if you were able to checksum the bootloader when returning, maybe from an external usb drive. This would offcourse run it's own OS, not being done from the bootloader(for obvious reasons).
Re:Fine line between security and paranoia (Score:5, Insightful)
You vastly underestimate the number of people traveling internationally and engaged in activities that the host governments find to be of interest.
Bootloader? BitLocker? (Score:5, Insightful)
Re:Fine line between security and paranoia (Score:5, Insightful)
Bob the middle manager isn't that important, but Bob routinely sends email to Dave the director and Charles the CxO. By trojaning Bob's computer you can start to build a pretty decent profile of the corporate activities going on within, and above, Bob's department ... including travel schedules of some other bigger fish in the corporate pond.
Do this to 3 or 4 Bobs, and pretty soon you'll have an understanding of the corporate org chart, upcoming projects, and most importantly you'll be able to target your future EvilMaid attacks with pinpoint accuracy.
Re:surprise (Score:3, Insightful)
Actually one of the points of full disk encryption is that it gives you a measure of protection even when physical security is compromised.
Why on earth would do you do it otherwise?
Easily foiled (Score:5, Insightful)
Evil maids are easy to spot because of their goatees.
Why are we talking about this? (Score:5, Insightful)
You can see why it's called the "evil maid" attack; a likely scenario is that you leave your encrypted computer in your hotel room when you go out to dinner, and the maid sneaks in and installs the hacked bootloader. The same maid could even sneak back the next night and erase any traces of her actions.
Maybe if she's an idiot. Once you've installed your own bootloader, it can neatly remove itself. (After installing malware, or transferring the encryption keys and data it needs over the network.) Why in the world would the maid unnecessarily repeat the riskiest part of the entire attack?
But more to the point, it must be a slow week. Why are "serious" security researchers even wasting time on something this obvious? Of course your software-based hard disk encryption is hosed in the event that an attacker gets hold of your machine and can alter the bootloader. Hell, the really sophisticated bad guys aren't even going to do anything this difficult or risky. After all, the encryption key has to be in RAM somewhere whenever you're using software-based encryption (hardware encryption excluded). A well-engineered piece of malware will recover it, and two-factor authentication isn't going to help you.
Even trusted boot will only get you so far against a motivated adversary with this much sophistication. Don't leave your vital computing equipment behind in your hotel room.
Re:surprise (Score:4, Insightful)
Slow news day?
That article is actually like saying that there is no point to install a very expensive and secure door lock on your front door because it doesn't help you when you go get groceries and leave your door open. Duh. I'm sure most people realize that the point of disc encryption is not to protect your data while it's unencrypted in memory.
Re:At the next defcon... (Score:2, Insightful)
Joanna Rutkowska in a very tiny French Maid outfit? Ohhh yes.
Re:Bootloader? BitLocker? (Score:3, Insightful)
Yes. You can have almost perfect _physical_ security with TPM.
Alas, most of developers are allergic to it, even if it has good uses.
Re:bootloader checksum (Score:2, Insightful)
one client I worked for that had a no thumb drives allowed policy
I've dealt with clients like this too - no thumb drives, no phones with cameras - and in most cases these clients left gigantic vulnerabilities in other areas that made the threat of a few crappy cellphone pictures laughable.
If someone can break in to your hotel room at will (Score:1, Insightful)
you have to assume that they can design a scenario to separate you from your bags for an hour. If you're important enough for someone to devote these kinds of resources to get information from you, you're already boned. This whole thought exercise is pretty silly.
Re:bootloader checksum (Score:3, Insightful)
Wouldn't it be even easier to simply keep all the important data on the USB stick? And run the OS off a R/O CD?
Comment removed (Score:4, Insightful)
Re:Bootloader? BitLocker? (Score:1, Insightful)
Well if you think the price of BitLocker is higher than the value of its protection you are probably not the target of ninja maids.
Re:Bitlocker? (Score:4, Insightful)
The best BitLocker protection is a combination of PIN + TPM + USB flash drive. This way, if a thief rips off your laptop, but you have your USB flash drive with you (either in your wallet, around the neck, or on a keychain), you are pretty much assured that they will not have access to data, no matter what they try.
For additional protection since Windows 7 has been released to everyone, perhaps consider BitLocker To Go for all external drives. With this, you can encrypt your external disks using (I hope) a decent passphrase, have the drives available for mounting automatically, and save the recovery volume key offsite somewhere secure.
Re:surprise (Score:3, Insightful)
Oh, I am soooooo glad... (Score:3, Insightful)
that I got out of that shithole called 'security world'.
It was really fun and interesting until 2003, but these days it's a joke.
Hey, even in year 1997 we all realized that once someone has physical access to your computer - you are fucked.
And here we are, in year 2009, reading "research" telling us things we all already know.
Sigh...
P.S: maid doesn't need to install any fancy shit, a keylogger will do just fine.
TPM not necisarily evil. (Score:3, Insightful)
If I own the machine, and I am the user of that machine - I want the master TPM key and the ability to sign stuff for myself.
Re:surprise (Score:5, Insightful)
Re:My bootloader is on USB (Score:2, Insightful)
You are correct in the gender detail. However, if someone even MENTIONED pliers and my scrotum, I think I'd spill any secrets as soon as I saw the pliers coming toward me.
Re:surprise (Score:4, Insightful)
True. I didn't really see it that way. Thanks for pointing it out.
Still, it's kind of obvious that once someone gains physical access to your device, they can do anything with it. You could swap the keyboard with one that records all keystrokes or simply install a physical key logger device or do whatever you want with it.
Something you have, something you know. (Score:3, Insightful)
For that matter, the guys video taping the room to sell you and your wife's activities to that voyeur site aims the camera at your laptop, watches your keystrokes, and boom - he has all you passwords you type in. Banking? PayPal? E-Mail.
You really need to use both a password and a physical device. Such as RSA tokens. My bank offers this for online banking. I have several for different things.
As wikipedia likes to say (Score:4, Insightful)
"Citation Needed."
Sorry, but I'll need something more than the word of some random guy on the Internet to believe this for a number of reasons, not the least of which being that such a backdoor would be something security testers would notice.
Information wants to be free (Score:4, Insightful)
Well, #1... security measures only serve as deterrents. There will be a way around every security device, the only metric you really need to worry about is whether your:
(cost to circumvent) / (value of assets + cost to secure)
ratio is conveniently higher than your neighbors (ha ha, security people hate any mention of "convenience").
So... #2: by far the best thing you can do is to make sure your assets are relatively worthless compared to what other "target" have. Live a frugal life. Keep offsite backups of your photo albums. Don't keep secrets. And if you do, bury them with enough other crap (maybe using steganography if necessary) to decrease the signal/noise enough to make finding and sorting through the information kind of useless to those not in the know. Maybe you have lots of invalid bank and credit card information lying around. Or put a whole bunch of passwords in your secret password vault, in case it gets compromised (good sites will eventually lock them out for trying them all, and failed attempts will also tip you off and give you time to respond).
Next measure in the equation is to increase the cost of your perpetrator to circumvent security measures or commit crimes, far above what they'd gain by stealing your assets.
Cheap deterrents first: live up a flight of stairs... thieves are inherently lazy and will go for the "low hanging fruit" instead of you. In the context of this article, put your laptop up high in a closet or stash it in a drawer... make them search through dirty laundry for it.
The best society wouldn't need any security at all... if there was enough transparency and free flow of information, all thieves would get caught and reprimanded. So participate in the whole neighborhood watch thing, make sure your perp has to perform his act in very public settings, uniquely tag your stuff, and post warnings to remind them and make them nervous about getting arrested / shot / going to hell etc.
Finally, we get to the part of the equation where you actually have to actively do something for extra security measures.
First, make it a habit to perform the rudimentary simple steps of locking your door and always having your keys on you. Deadbolt is much better than the handle switch, and also helps insure that you remembered your keys. I involuntarily lock my house and car doors now, and always brush my pockets with my hands to check that my keys and wallet are still there. At this point, I usually notice within 5 minutes if something's missing.
Passwords and encryption are just more sophisticated keys and locks. Not uncircumventable, but much better than nothing. But before spending lots of money on more complex 2- & 3-factor keys and locks ... especially those that can completely shoot you in the foot and result in losing all your data... most people invest in other measures ... alarms and security cameras that would increase the chances of the perp getting caught. I haven't seen a whole lot that focuses on this area yet... the phone home mechanisms and stuff like that, but I figure it would be much more productive to concentrate on these kinds of security measures in the near term.
Re:Bitlocker? (Score:3, Insightful)
As somebody who actually worked on BitLocker during an internship at MS, that's bullshit. I was working directly with the metadata and its parser, including the recovery keys. There was absolutely no "TLA Agency" recovery key. The master key for each volume is encrypted and stored on the volume itself (and each volume has a unique key). This is exactly the key used to decrypt the drive, and is never stored in plaintext anywhere. How do you get around this?
You can't store a recovery key for each volume in some secret database - the master keys, and their encryption keys, are unique.
You can't store a secret recovery key on the volume - it would have shown up when the disk was accessed at block device level.
There are probably plenty of other ideas that don't work, but I assure you, there aren't any that do. BitLocker was extensively examined by crypto experts, and no backdoors or methods to break it were discovered.
Re:Bitlocker? (Score:3, Insightful)
If your motherboard crashes and the TPM chip goes pfft, is there a way to recover the drive?
And if your hard drive head crashes and physically destroys your platters if there a way to recover the drive? If you laptop is run over by a steam roller is there a way to recover the drive? If you laptop is stolen is there a way to recover the drive?
Shit happens. If you don't have up to date backups then you're an idiot and deserve to lose your data, plain and simple.