Of Encrypted Hard Drives and "Evil Maids" 376
Schneier has a blog piece about Joanna Rutkowska's "evil maid" attack, demonstrated earlier this month against TrueCrypt. "The same kind of attack should work against any whole-disk encryption, including PGP Disk and BitLocker. ... [A] likely scenario is that you leave your encrypted computer in your hotel room when you go out to dinner, and the maid sneaks in and installs the hacked bootloader. ... [P]eople who encrypt their hard drives, or partitions on their hard drives, have to realize that the encryption gives them less protection than they probably believe. It protects against someone confiscating or stealing their computer and then trying to get at the data. It does not protect against an attacker who has access to your computer over a period of time during which you use it, too."
surprise (Score:5, Informative)
physical access > digital security
Re: (Score:3, Insightful)
Actually one of the points of full disk encryption is that it gives you a measure of protection even when physical security is compromised.
Why on earth would do you do it otherwise?
Re: (Score:2)
For the thrill of possibly losing all your data if you ever forget your password?
Bitlocker? (Score:3, Informative)
Bullshit.
The bootloader is signed. Use this in combination with the TPM chip (embedded smartcard) on your laptop - AS SPECIFIED BY THE GUIDANCE - and use a PIN. There's no loading the disk or getting at the data without cracking AES. At least once.
So... Start your engines.
Re:Bitlocker? (Score:4, Insightful)
The best BitLocker protection is a combination of PIN + TPM + USB flash drive. This way, if a thief rips off your laptop, but you have your USB flash drive with you (either in your wallet, around the neck, or on a keychain), you are pretty much assured that they will not have access to data, no matter what they try.
For additional protection since Windows 7 has been released to everyone, perhaps consider BitLocker To Go for all external drives. With this, you can encrypt your external disks using (I hope) a decent passphrase, have the drives available for mounting automatically, and save the recovery volume key offsite somewhere secure.
Re:Bitlocker? (Score:4, Interesting)
I like the theory. However one thing to bear in mind is that the integrity of Bitlocker itself is questionable. I know for a *FACT* that "3 letter agencies" have backdoor keys. Ask any IT forensics person. Microsoft even have closed, invite only sessions for enforcement agencies to show them how to bypass bitlocker security.
That in itself means that the government/big brother is guarenteed to be able to bypass MS based secruity. Ask yourself this, can you see Osama Bin laden using bitlocker to protect his stuff ?
Take this further, do you want the government to have access to your files, just a quick phone call to MS and wham, all your shit laid bare.
As wikipedia likes to say (Score:4, Insightful)
"Citation Needed."
Sorry, but I'll need something more than the word of some random guy on the Internet to believe this for a number of reasons, not the least of which being that such a backdoor would be something security testers would notice.
Re: (Score:3, Insightful)
As somebody who actually worked on BitLocker during an internship at MS, that's bullshit. I was working directly with the metadata and its parser, including the recovery keys. There was absolutely no "TLA Agency" recovery key. The master key for each volume is encrypted and stored on the volume itself (and each volume has a unique key). This is exactly the key used to decrypt the drive, and is never stored in plaintext anywhere. How do you get around this?
You can't store a recovery key for each volume in so
Re: (Score:3, Insightful)
If your motherboard crashes and the TPM chip goes pfft, is there a way to recover the drive?
And if your hard drive head crashes and physically destroys your platters if there a way to recover the drive? If you laptop is run over by a steam roller is there a way to recover the drive? If you laptop is stolen is there a way to recover the drive?
Shit happens. If you don't have up to date backups then you're an idiot and deserve to lose your data, plain and simple.
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Re: (Score:2)
Expanding on the other reply - physical access with (sorry for the car analogy) the key in the ignition > all.
Basically, they need physical access with the machine ON (and a way to bypass any locking mechanism that is in place)
Re:surprise (Score:4, Insightful)
Slow news day?
That article is actually like saying that there is no point to install a very expensive and secure door lock on your front door because it doesn't help you when you go get groceries and leave your door open. Duh. I'm sure most people realize that the point of disc encryption is not to protect your data while it's unencrypted in memory.
Re:surprise (Score:5, Insightful)
Re:surprise (Score:4, Insightful)
True. I didn't really see it that way. Thanks for pointing it out.
Still, it's kind of obvious that once someone gains physical access to your device, they can do anything with it. You could swap the keyboard with one that records all keystrokes or simply install a physical key logger device or do whatever you want with it.
Re: (Score:3, Interesting)
Re: (Score:2)
If they can compromise the bootloader or BIOS, then they can do it with the machine off. But I believe that Rutkowska realized the implications after moving from Windows to OS X. OS X does not offer full disk encryption--rather, it encrypts your home directory. Thus it's likely still possible to compromise in this manner.
And of course, she focuses on Truecrypt, which also doesn't do whole disk encryption. However it's a popular geek tool for encryption, and as such it's pretty relevant.
Re:surprise (Score:5, Informative)
My god the mod's today suck. All of these "Then don't leave yourself logged in" responses are getting +mod.
This attack has NOTHING to do with you leaving your session authenticated and open. It's about a boot-loader level phish scheme.
Basically, you come back to your laptop which you left off, you boot it up not noticing anything out of place, and you log in an unlock your drives. Meanwhile, little did you know that the intruder put a very small OS on to your laptop which runs your primary OS as a virtual OS. It's got low level hooks to all the basic INT's and can read any memory without chance of any program within your primary OS (now virtualized) detecting it.
Then you log off and go out to dinner. The maid comes in, boots up, hits a key-sequence, and dumps a log to a USB drive. In that log somewhere is your password to your encrypted drives. Game over dude... game fucking over.
Something you have, something you know. (Score:3, Insightful)
For that matter, the guys video taping the room to sell you and your wife's activities to that voyeur site aims the camera at your laptop, watches your keystrokes, and boom - he has all you passwords you type in. Banking? PayPal? E-Mail.
You really need to use both a password and a physical device. Such as RSA tokens. My bank offers this for online banking. I have several for different things.
Re: (Score:2)
Comment removed (Score:4, Insightful)
Re: (Score:3, Funny)
No no no, the suprise is that -hotel maids- are teh 1337 haxorz.
I guess it couldn't be TOO bad, whenever I forget to put the "do not disturb" sign on my hotel room when I leave, the maids usually don't steal my stuff, they just neatly organize it. If they sneak into my computer, they'd probably defrag the hard drive and that's about it.
Re: (Score:3, Funny)
You forgot Lizard-Spock
At the next defcon... (Score:5, Funny)
Re: (Score:2)
I've met several female geeks I wouldn't mind seeing in a certain type of maid outfit.
Re: (Score:2, Funny)
Re: (Score:3, Informative)
Worse than that. It says the outfit is sold out. I am NOT going outside or answering the door this Halloween.
Re:At the next defcon... (Score:5, Funny)
Re: (Score:2)
I'm imagining the tips being much worse than usual
Re: (Score:2)
Otaku even have Maid cafés [wikipedia.org]
I am sure they wouldn't mind a few a feminine male geeks too.
Gotta watch out for those Traps (NSFW prolly) [encycloped...matica.com]
Re: (Score:2)
You left out tentacles. Got to have tentacles. A maid working for an octopus is what I would have expected.
Re: (Score:2, Insightful)
Joanna Rutkowska in a very tiny French Maid outfit? Ohhh yes.
Fine line between security and paranoia (Score:5, Interesting)
Seriously, if you're worried about some hacker assassin breaking into your house or office and installing a bootloader, you're either doing something REALLY secretive (in which case the computer probably shouldn't even be on a network to upload any data back in the first place) or you're the kind of person who thinks Obama has your name on an "important persons" list and is coming for your guns. If someone has physical access to your machine and has the skills to install a bootloader, you're pretty much boned anyway, encryption or not (encryption isn't going to stop a simple keylogger). That's nothing new. Fortunately, for the vast vast majority of us, there are very few hacker black operatives who are running around breaking into hotel rooms just so they can get a single Visa number from Bob the dipshit middle manager. Newsflash Bob, YOU'RE NOT THAT IMPORTANT!
Oh, and I love how the article calls the prospect of a ninja hacker hotel maid sneaking a bootloader onto your laptop and then sneaking back into your room later to retrieve the data a "likely scenario." What hotels is this guy staying at anyway?
Re:Fine line between security and paranoia (Score:5, Insightful)
Offhand, i'd say any prominent high-class hotel that might be used by foreign businessmen on a trip.
I mean, you do have a point, bob the middle manager isn't that important. However there are quite a few business people who this really would be that important to. Corporate espionage is high, and you know china has been doing focused attacks over the network.
Sneakernet is always faster, so if they can train up a few pretty women, pay them a decent programmers wage to have them steal stuff that is the work of 10 engineers or even hundreds, that's a pretty sound economic payoff don't you think?
I think stuff like this has it's purpose, and those who really are at risk need to be educated about it. For the other 95% of us, i think it's useful info to be aware about, just like don't leave your purse out visible in your car. Sure it probably won't happen, but there are always people who would.
Re:Fine line between security and paranoia (Score:5, Insightful)
Bob the middle manager isn't that important, but Bob routinely sends email to Dave the director and Charles the CxO. By trojaning Bob's computer you can start to build a pretty decent profile of the corporate activities going on within, and above, Bob's department ... including travel schedules of some other bigger fish in the corporate pond.
Do this to 3 or 4 Bobs, and pretty soon you'll have an understanding of the corporate org chart, upcoming projects, and most importantly you'll be able to target your future EvilMaid attacks with pinpoint accuracy.
Re:Fine line between security and paranoia (Score:5, Insightful)
You vastly underestimate the number of people traveling internationally and engaged in activities that the host governments find to be of interest.
Re: (Score:2)
That and if your data is that important then you have your screensaver to be password protected. OS X does it, Windows Does it, Linux Does it, Unix does it....
I don't know about you but if I leave my laptop in my hotel room. I tend to lock it up in the safe. (normally I power it off, etc...) It seems to me this will only work for a very ideal set of conditions. And just posted to make people not secure their laptop.
Re: (Score:2)
Very few of those do so _automatically_. For almost all such systems, you have to manually select password protected screen locking. Also "screen locking" for X servers does not prevent console access on the other virtual terminals, if you've left an active login on them, or simply killing the X session and grabbing the login shell of the user created their shell session manually.
Even more fun is available when careless laptop users run VPN sessions with such clients left unlocked, so anyone visiting their
Re: (Score:2)
Those defenses sound good, until you think about them in a world where this attack might be in play. GP's assertion notwithstanding, there are people who really should be this paranoid in their understanding of the limits of security; to those people, what good is the hotel room safe? You're in a position where you have to worry about an evil maid, but you assume the hotel has really provided you with a box that only you will be able to open? Come on.
As for screensaver locks... at best that's going to fo
Re: (Score:2)
Oh, and I love how the article calls the prospect of a ninja hacker hotel maid sneaking a bootloader onto your laptop and then sneaking back into your room later to retrieve the data a "likely scenario." What hotels is this guy staying at anyway?
French hotels. Never seen "Nikita", have you?
Re: (Score:2)
$10k to another blackhat in prize money is one thing, $Xm from the card details gathered using a zero-day exploit is probably big enough motivation to get a sister or cousing a job in a Vegas hotel for a month prior...
News at eleven (Score:2)
Leave your computer unprotected somewhere where you cant see it and someone can use it.
Encryption doesn't really have anything to with that and anyone not stupid should understand that.
Just another good reason... (Score:2, Informative)
bootloader checksum (Score:5, Insightful)
If you are the kind of person that are in the danger zone of this happening (not that you would leave a computer with such sensitive information in your hotel room.); You would probably feel a lot better if you were able to checksum the bootloader when returning, maybe from an external usb drive. This would offcourse run it's own OS, not being done from the bootloader(for obvious reasons).
Re: (Score:2)
If you are the kind of person that are in the danger zone of this happening (not that you would leave a computer with such sensitive information in your hotel room.); You would probably feel a lot better if you were able to checksum the bootloader when returning, maybe from an external usb drive. This would offcourse run it's own OS, not being done from the bootloader(for obvious reasons).
Wouldn't it be a lot easier simply to use a boot loader from said USB stick?
Re: (Score:3, Insightful)
Wouldn't it be even easier to simply keep all the important data on the USB stick? And run the OS off a R/O CD?
Re: (Score:2, Insightful)
one client I worked for that had a no thumb drives allowed policy
I've dealt with clients like this too - no thumb drives, no phones with cameras - and in most cases these clients left gigantic vulnerabilities in other areas that made the threat of a few crappy cellphone pictures laughable.
Re:bootloader checksum (Score:4, Interesting)
That won't work if the attacker use a hardware keylogger (which can be inserted under a laptop's keyboard - how often do you check there?).
An easier way to checksum bootloader is via a tamper-proof hash stored in the encrypted area. But that require that the computer is actually telling you the truth, which is doubtful if they already went far enough to change the bootloader. But then again, your idea also require that the computer is honest... They could have replaced the bios itself, or made a small bootloader that worked its magic fast and silent, and then proceeded like a normal boot, starting from usb like bios would do..
I was thinking of this a few months ago, actually, and the only solution I found was to either always have it with you (impractical), or store it in a trustworthy safe (could also be slightly impractical to haul around). And still you have to be certain of your environment (spy cameras, tempest type snooping, in some cases recording the sound of your key clicks...).
Also, if you want it connected to a network, well darnit, you got another can of worms.. First, you need to update it, or else its vulnerable fast. Second, you need to trust the OS providers and the actual update. Could someone have stolen the signing key and faked an update? Is the company / employees really trustworthy? Are you sure the developer's machine isn't hacked and is used to spread dangerous code?
I tried to make a system where I (if I had a lot of resources) couldn't possibly find any way around. I just couldn't find any. All of them had a potential loophole.
My conclusion was : Pick an approperiate level of paranoia and go from there. And never expect it to be 100% secure.
And that's the lesser evil (Score:5, Funny)
You could have found the evil bartender.
You leave your laptop at the hotel and you go out to take a beer. There, you meet the evil bartender, who because of a common past becomes your friend and starts inviting you to more and more beer. Then he closes the bar and you both go to a strip club where you meet the evil bartender's girlfriend and her friend who we shall call "Foxette".
The next morning, you wake up in an unknown appartment with Foxette and a guy you don't even know. You quickly get out of there and go to work, with such a massive headache than when asked about the laptop's full disk encription, you answer is "the what?".
Re:And that's the lesser evil (Score:5, Funny)
"Has anyone seen my kidney?"
Bootloader? BitLocker? (Score:5, Insightful)
Re: (Score:2, Informative)
I didn't read the RTFA, but aren't MSFT's BitLocker supposes to validate the boot path (from BIOS code to bootloader up to the BitLocker decrypter) with the help of the TPM chip?
It does, and thus the attack doesn't work here:
"The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified."
Now we'd just need someone to reverse the decision that TPMs are all evil and should not be used.
Re: (Score:2)
Lots and lots of people (on Slashdot and elsewhere) believe that TPM is essentially only useful for locking down a system so that you can't use it how you want to. The belief is that eventually, TPM will be a) in every computer you buy and b) restrict the use of, say, alternate operating systems or software that your vendor doesn't approve of.
TPM not necisarily evil. (Score:3, Insightful)
If I own the machine, and I am the user of that machine - I want the master TPM key and the ability to sign stuff for myself.
Re: (Score:3, Insightful)
Yes. You can have almost perfect _physical_ security with TPM.
Alas, most of developers are allergic to it, even if it has good uses.
Re: (Score:3, Interesting)
A lot of designs do not have the tpm chip implemented. I know, because I am a designer, and most of the design requirements I fill do not include or want a tpm chp. This will only be in all systems when Intel makes it a part of their system chips (what used to be the north bridge / south bridge combination, and is now the PCH or silverthorne).
Re: (Score:2)
The problem with bitlocker is that it's only part of the ultimatextremeultra most expensive version of Windows. Most people would be too cheap to get that version, even if they knew what the benefit was. So your home computer probably doesn't have it. Your company provided laptop probably also doesn't have it, unless you're fairly high up in importance.
Re: (Score:2)
I believe most Centrino laptop have that included. Or is that only Thinkpad?
At any case, if you are that paranoid because you are hiding child porn photo, or the company values the data so much, either you or the company should have study this matter in depth, understand what the hell the TPM is, and pick a suitable solution.
Thinking of this, Windows does provide a pre
Re: (Score:3, Informative)
Windows 7 is different from Vista in the way businesses and enterprises use it. Vista had two editions that were activated via an internal KMS system (very important when you have thousands of PCs and do not want them touching the Internet for activation). Windows 7 has only one edition that has this functionality, the Enterprise edition. This is available via volume license key agreements. Other than the MAK/KMS model of activation, this edition is the exact same as Ultimate which has BitLocker, Branch
Nope, won't work with Bitlocker (Score:2)
Just use a CD (Score:3, Informative)
When you encrypt your system partition with Truecrypt it forces you to make a CD (you actually have to burn and mount it before it will let you continue). This CD contains a copy of the bootloader and encryption key. If you always boot off that CD it won't help to attacker to replace the bootloader on the HDD.
Of course they could target the CD but at least you can keep a mini CD in your wallet at all times.
BIOS passwd might help (Score:2)
It is very hard to prevent compromises when the attacker has physical access to the machine.
One thing that might slow/stop the evil maid is a BIOS boot passwd or BIOS disk passwd. This denies the maid a boot or any disk access (respectively). Of course, she could always pop the disk out and write it on her own machine. Unless key [boot] parts were BIOS encrypted.
As usual, security always has some cost for the user and has to be balanced against benefits [reduced risk of loss].
Best solution - take the darn laptop with you (Score:2)
What brainless clod would leave a laptop with sensitive data on it lying around in a hotel room anyway, encrypted disk or not?
This is a non story - as everyone has known for decades , someone with access to the machine can do what they like. And they probably will.
Re: (Score:2)
The whole point is that people think that encryption is some sort of magic bullet that will prevent them from having to think about security. So if they think that they're secure, they think that there's no need to lug the laptop around. If it gets stolen, who cares? The thieves won't get any information off of it.
This story is trying to promote the fact that there's more to it.
Re: (Score:2)
> What brainless clod would leave a laptop with sensitive data on it lying
> around in a hotel room anyway, encrypted disk or not?
Any "C-level" executive. After all, he played golf with a senior marketing executive of the encryption system vendor just last week and was assured that it was absolutely secure. And he knows that's true because he is such a fine judge of character. Besides, the guy let him win.
Easily foiled (Score:5, Insightful)
Evil maids are easy to spot because of their goatees.
Why are we talking about this? (Score:5, Insightful)
You can see why it's called the "evil maid" attack; a likely scenario is that you leave your encrypted computer in your hotel room when you go out to dinner, and the maid sneaks in and installs the hacked bootloader. The same maid could even sneak back the next night and erase any traces of her actions.
Maybe if she's an idiot. Once you've installed your own bootloader, it can neatly remove itself. (After installing malware, or transferring the encryption keys and data it needs over the network.) Why in the world would the maid unnecessarily repeat the riskiest part of the entire attack?
But more to the point, it must be a slow week. Why are "serious" security researchers even wasting time on something this obvious? Of course your software-based hard disk encryption is hosed in the event that an attacker gets hold of your machine and can alter the bootloader. Hell, the really sophisticated bad guys aren't even going to do anything this difficult or risky. After all, the encryption key has to be in RAM somewhere whenever you're using software-based encryption (hardware encryption excluded). A well-engineered piece of malware will recover it, and two-factor authentication isn't going to help you.
Even trusted boot will only get you so far against a motivated adversary with this much sophistication. Don't leave your vital computing equipment behind in your hotel room.
Re: (Score:2)
There needs to be some generic solution that lets you not worry about the "stick in the USB boot device and press reset" sort of attack. Once you've got that, then all you worry about is it not being physically stolen.. and the hotel safe takes care of that for you. A laptop with NO writable media would do; that is, it uses only external storage. (sure, one could open the laptop and install some sort of keylogger, but that is trivially solvable with the usual tamperproof seals or, if you're really serious,
This is why (Score:2)
Put the boot loader on a stick! (Score:2)
If you are really a paranoid traveler, then you should put the bootloader on a stick (and possibly one half of the key too, the other in your head).
I read a description somewhere how to make it work best. Install a bare bone windows OS on one partition, put on some icons for crap so it does not look too shrink wrapped. Put your real OS (preferably not a Windows one, as this would make security mostly futile anyway) on a second partition.
Then make your stick the primary boot medium, hdd the second one. Maid
TrueCrypt can fingerprint encrypted volume (Score:2)
This means on boot a checker runs from *inside the encrypted volume* to see if anything has changed. It should notice if the bootloader no longer checksums the same (so far as I understand).
Re: (Score:2)
"This means on boot a checker runs from *inside the encrypted volume* to see if anything has changed."
Unless the hacked bootloader deletes or disables the fingerprint checker? Seriously, I can't see how verifying the bootloader *AFTER* you've already provided the password/key to decrypt the volume, offers you *any* protection? At that point, it's pretty much game over, no?
MITM? (Score:2)
So this could be considered a type of maid-in-the-middle attack?
Re: (Score:2)
And how exactly... (Score:2)
...will she install that bootloader, when there in no BIOS, but an encrypted coreboot or EFI system, that is protected against meddling with, by a TPM (chip) under YOUR control? (Something possible with the Lenovo ThinkPads for example. In which case it is a good concept, as opposed to what the media companies planned to do with it.)
Hardware security against hardware meddling. Simple as that.
Now the next level would be physically modifying the motherboard. But even against that you can protect yourself. By
Re: (Score:2)
Could you please point me to a subnotebook with TPM and which is compatible with coreboot? As in, I can already use grub as a coreboot payload by doing nothing but compiling.
Re: (Score:2)
Re: (Score:2)
That you [...] take with you.
That's what I meant. I deleted a sentence after previewing, and forgot to take the "both" out.
Oh, and of course, if someone kicks in the door while you are using the system, you have to rip out the card, lock the system down, and destroy the card, to be actually secure. (The full device-to-device encryption protects against RAM and cache attacks, if it's properly done (= the RAM and cache contents always being encrypted.)
Re: (Score:2)
I think you're right that Trusted Computing could secure against this attack. But an "evil maid" need not mess around with bootloaders. She'll install a hardware keylogger. O
Black bag job (Score:2)
This isn't a new attack; it's just a specific variant of a "black bag" job; same idea as installing a hardware keylogger. I think there's likely a way to use Trusted Computing to defeat this particular variant, basically the TCM wouldn't give out keys to an untrusted bootloader.
Its a plausible attack (Score:2)
And for cases where national security is concerned, probably more a likely attack vector than any other. So the likely defense is some kind of boot-time check of the loader's integrity, which is just as possible. For example, a utility to do this on a USB fob. Then of course the you have to remember to take your fob with you...
xkcd (Score:2)
what is more likely to happen
http://xkcd.com/538/ [xkcd.com]
Oh, I am soooooo glad... (Score:3, Insightful)
that I got out of that shithole called 'security world'.
It was really fun and interesting until 2003, but these days it's a joke.
Hey, even in year 1997 we all realized that once someone has physical access to your computer - you are fucked.
And here we are, in year 2009, reading "research" telling us things we all already know.
Sigh...
P.S: maid doesn't need to install any fancy shit, a keylogger will do just fine.
Information wants to be free (Score:4, Insightful)
Well, #1... security measures only serve as deterrents. There will be a way around every security device, the only metric you really need to worry about is whether your:
(cost to circumvent) / (value of assets + cost to secure)
ratio is conveniently higher than your neighbors (ha ha, security people hate any mention of "convenience").
So... #2: by far the best thing you can do is to make sure your assets are relatively worthless compared to what other "target" have. Live a frugal life. Keep offsite backups of your photo albums. Don't keep secrets. And if you do, bury them with enough other crap (maybe using steganography if necessary) to decrease the signal/noise enough to make finding and sorting through the information kind of useless to those not in the know. Maybe you have lots of invalid bank and credit card information lying around. Or put a whole bunch of passwords in your secret password vault, in case it gets compromised (good sites will eventually lock them out for trying them all, and failed attempts will also tip you off and give you time to respond).
Next measure in the equation is to increase the cost of your perpetrator to circumvent security measures or commit crimes, far above what they'd gain by stealing your assets.
Cheap deterrents first: live up a flight of stairs... thieves are inherently lazy and will go for the "low hanging fruit" instead of you. In the context of this article, put your laptop up high in a closet or stash it in a drawer... make them search through dirty laundry for it.
The best society wouldn't need any security at all... if there was enough transparency and free flow of information, all thieves would get caught and reprimanded. So participate in the whole neighborhood watch thing, make sure your perp has to perform his act in very public settings, uniquely tag your stuff, and post warnings to remind them and make them nervous about getting arrested / shot / going to hell etc.
Finally, we get to the part of the equation where you actually have to actively do something for extra security measures.
First, make it a habit to perform the rudimentary simple steps of locking your door and always having your keys on you. Deadbolt is much better than the handle switch, and also helps insure that you remembered your keys. I involuntarily lock my house and car doors now, and always brush my pockets with my hands to check that my keys and wallet are still there. At this point, I usually notice within 5 minutes if something's missing.
Passwords and encryption are just more sophisticated keys and locks. Not uncircumventable, but much better than nothing. But before spending lots of money on more complex 2- & 3-factor keys and locks ... especially those that can completely shoot you in the foot and result in losing all your data... most people invest in other measures ... alarms and security cameras that would increase the chances of the perp getting caught. I haven't seen a whole lot that focuses on this area yet... the phone home mechanisms and stuff like that, but I figure it would be much more productive to concentrate on these kinds of security measures in the near term.
Re: (Score:2, Funny)
Its funny the levels kiddy porn file sharers have to go to these days to stay 1 step ahead of the police.
Re:My bootloader is on USB (Score:4, Funny)
If someone wants your information that bad, they just need a pair of pliers to succeed with the attack.
1) Step one: apply pliers to target's scrotum.
2) Ask them once to access the laptop.
3) If any resistance is given, squeeze the pliers just a tad.
Now, leave it to a bunch of nerds to come up with technical workarounds and miss the real point.
Re:My bootloader is on USB (Score:5, Funny)
Workaround 1) Make sure only women have the information.
Workaround 2) Preventative castration
Workaround 3) Shoot anyone with pliers who comes within 10 feet
Workaround 4) Duress code which releases false information. (this one's likely practical but only as a delaying tactic; it's going to hurt a lot when the interrogator finds the information doesn't verify)
Re: (Score:2)
If the computer is shut down, and you've a BIOS password enabled - you wouldn't be able to do this, right?
You'd first have to enter the BIOS password to boot the system, then press a key to boot from external media and do your mischief. But, if you had physical access to the machine, I suppose you could take it apart and reset the BIOS password anyway.
Really, if you have physical access to the machine, it's got no chance.
The difference is, if someone took it apart and reset the BIOS password, it would take a lot more time than just the 1-minute boot from USB stick, and more importantly, the next time you boot the machine, you'd see the password was reset, know it had been tampered, and not enter your decryption key. Unless there's a more sophisticated BIOS password attack that I'm unaware of, this would keep your data private.
A bigger issue, though, is if you have information sensitive enough to require a BIOS password and
Re: (Score:2)
If the computer is shut down, and you've a BIOS password enabled - you wouldn't be able to do this, right?
You'd first have to enter the BIOS password to boot the system, then press a key to boot from external media and do your mischief. But, if you had physical access to the machine, I suppose you could take it apart and reset the BIOS password anyway.
Really, if you have physical access to the machine, it's got no chance.
BIOS passwords are easy.. simply remove the harddrive and install in another laptop.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If the computer is shut down, the full-disk encryption will do its job as intended, even if -- as some other replies have suggested -- the HDD is removed and put into another computer.
From TFA:
You're not safe if you shut down, that's the point of the article. In order for your computer to boot it needs something unencrypted to boot from.
Re: (Score:2)
You second point against is the reason I steer clear on permanent whole-disk encryption on working machines.
Even with expensive servers, perfect RAID cards, BBU's and every other possible protection - sometimes the OS will just flip out and either crash or write crap to your filesystem. If not the OS, then the drive itself will do it. And then you have to do a chkdsk/fsck and with any form of encryption the chances are that you just trashed a whole lot more than a recent file entry and whatever open tempo
Re:Bucket List (Score:5, Funny)
And some day I'd like to be hit by the attack you invent, because saying that I've been hit by an "all-knowing frog" attack would simply be cool.
Cheers,
Ian
Re:Bucket List (Score:5, Funny)
The hypnotoad security tool protects against the all-knowing frog attack, but comes with its own drawbac--ALL GLORY TO THE HYPNOTOOL.
Re:Bucket List (Score:4, Funny)
saying that I've been hit by an "all-knowing frog" attack would simply be cool.
That's rather a rude way to describe being beaten by the French.
Re: (Score:2)
Re: (Score:2)
My Mac doesn't have a PS/2 port, so it's 50% more secure than a non-Mac PC!
Re: (Score:3, Informative)