Skip to content

Preventing the Evil Maid Attack on FDE

The attack referred to as the ”Evil Maid Attack”, or the “Cleaning Maid Attack” against full disk encryption (FDE), is considered as one of the serious attacks concerning people who travel with laptops full of confidential information. This attack involves an attacker, who can obtain physical access to an FDE-protected laptop. The attacker boots the laptop from a second drive, and modifies the boot-sector so that subsequent boot-ups, e.g., by the owner, will cause the execution of malicious code that will capture the passphrase and/or key that is used to boot the system. Then, the attacker should get the laptop again to collect his loot. This attack was discussed everywhere, including in the PGP Blog, LWN.net, ZDNet, and the blog of Bruce Schneier.

Some people claimed that there are no feasible countermeasures against this attack, other than making sure your laptop is never left alone for too long. A while ago, I traveled to a place where laptops were not allowed; I had to leave it at the hotel every day for two weeks. This made me devise a practical solution which can be dubbed as:
be the cleaning maid yourself.

Continue reading "Preventing the Evil Maid Attack on FDE"

The Inevitable Collapse of the Certificate Model

Many had high expectations from the SSL/TLS certificate model. At least on paper it sounded promising and worthwhile. Keys are used to protect traffic; for this to be effective, keys shall be bound to business entities; for the binding to be trustworthy by the public, binding will be signed by Certification Authorities (CAs), which the public will recognize as authoritative. Once the trusted CA signs the binding between a business entity (represented by a domain name) and a key — every user can tell he is communicating securely with the correct entity.

In practice, it got all messed up. It is difficult to form authorization hierarchies on the global Internet, this is one thing. However, the model failed also due to the economics behind it.

Continue reading "The Inevitable Collapse of the Certificate Model"