This is why your decryption boostrap should never be on the hard drive. It should be on a usb stick along with your encrypted keys. This is elementary "something you have + something you know" security. The evil maid can't patch a bootloader that isn't there. And if he installs a keylogger, he's still out of luck because he only has your passphrase, not your decryption keys. He would also have to install a device that copies your key file somehow.
Sure, there are plenty of other attack vectors, but this takes the problem out of the evil maid category.
If you're assuming the attacker has physical access to your laptop, you can also assume they have access your USB stick. Even the article admits this is a problem:
"somebody who can get access to my Disk Hasher USB (e.g. when I’m in a swimming pool), can infect it"
Are we talking about maids or spies? Compared to a laptop, USB sticks are easier to keep in your wallet, lock in a safe, hide, swallow, etc. So I disagree with that assumption. A maid would need quite a lot more resources to track down both the laptop and the usb stick than the laptop alone.
I agree. People are still thinking of 'USB Sticks' as the actual pen drives out there. Think of how small microSD cards are. There are USB microSD readers that barely the size of the USB connector itself. That's so small it's scary... and take the actual microSD card out of the reader and it's even smaller. I could probably hold it in the side of my mouth while swimming in the pool if I was really paranoid.
What is of interest here is the small window of time required. You pretty much have to be in constant possession of your laptop (or a USB key that you religiously use to verify your boot record) in order to have any confidence that it has not been compromised.
The reality is, nobody is going to physically attack your laptop (just don't bring your work machine to Black Hat). But there is an unacceptably high probability that your laptop will get stolen; for instance, you will often leave it in your car, where anyone with a cinderblock can get it in under a minute.
TrueCrypt is about the guy with the cinderblock, not about stopping Joanna Rutkowska from installing a keylogger.
For almost any given scenario to protect a system (even the one you mentioned), there's still likely to be a way to circumvent it if you can surreptitiously tinker with the machine for 30 minutes. This is a minuscule subset of the general rule: There is no such thing as perfect security.
That is the premise you should start with IMO; which is why this is not interesting. Absolutely you need to avoid releasing physical control of your machine.
Just keep it in a lock case. This solves the problem of Evil Maids, but not of Evil Maids-financed-by-the-NSA-with-lockpickers. I have to imagine that if those types of people were after your encrypted info,you'd know and you'd probably keep it handcuffed to your wrist.
This is the crux of the problem. Physical (and network) access can always break any security because you have a million vectors of attack - physical hardware, software, etc.. . And how secure is your laptop when its in your possession? As laptops become smaller (i.e. netbooks) they'll be as easily stolen as one's wallet.
Frankly, most people's data is really not that important and the cinderblock attack is what truecrypt and similar crypto systems prevent. Every time you see a news item about "a million social security numbers have been compromised " - its always due to the cinderblock attack.
The "only" way to secure your data is to put your computer it in a vault (unplugged from AC outlet and no network access) with multiple physical security and surrounded by people with guns. If your data is that important and you can afford this sort of security...then the evil maid attack is irrelevant.
> As laptops become smaller (i.e. netbooks) they'll be as easily stolen as one's wallet.
On the flipside it's easier to keep a netbook always on your possession than it is even a 12" laptop. So yea, smaller computing devices could be 'easier to pick-pocket' or it could mean 'harder to separate from the user.'
It seems like the easiest poor-man's solution would be to disable booting from external devices, set a strong BIOS password, and fill the laptop's screw holes with epoxy.
At that point, you only have to worry about the strength of the BIOS's password-protection. Any other attempt at circumvention would be self-evident thanks to the destroyed case or epoxy.
Works on all OSs and only takes a few minutes: replace the laptop keyboard with your own keylogging version. Or insert a device where the serial port connects inside the laptop. Typical 'stealth' hardware based keylogging.
Full drive encryption is meant to protect against theft or loss, not against trojan horses (be that hardware or software).
To protect against trojan horses you need an external validation mechanism or a physical protection (be that a safebox or TPM, by the way the Truecrypt team is wrong about TPM, it's much more difficult to temper than bytes on a hard disk).
Whenever I suspect I might be somewhere where there's a keylogger running (public terminal etc) and I absolutely have to enter a password anyway, I just use the mouse to enter it out of order (and click away to throw in some random junk) while typing it in. Thwarts screen grabbers and keyloggers.
"There are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government." -- Bruce Schneier.
Doesn't the OP sort of invalidate this? Any government should find it reasonably easy to install this kind of a keylogger on your computer. It would be quite easy to get a few minutes alone with your laptop.
As the article points out, this is easy to circumvent by removing the hard drive from your laptop. It adds a few minutes to the attack, and requires that the attacker bring a laptop, but you're still hosed.
Not my hard drive, the disk itself is fully encrypted and won't work in other laptops without that bios password (I also use a truecrypt-like thing at the filesystem level). The main attack I need to worry about is someone replacing the keyboard, etc.
Are you using a hard drive password? Those are easily crackable as well as they usually have a vendor supplied master password. Do you mind giving more details?
Most corporate laptops support it, IBM/Leonova do.
The problem is how do you know there isn't a master password (for AMI's bios it used to be "AMIBIOS") how do you know their encryption is any good (there was an enterprise tape vendor that advertised DES encryption but actually just XORed the data with your password)
And finally how do you know they haven't done exactly the same trick but replaced your bios with one that includes a keylogger?
> Sigh - privacy in the age of information seems to be an impossible dream.
Well, it's better than before: Non-electronic documents are arguably much easier to steal. At least with encryption, breaking into your house isn't necessarily enough to get your data.
The problem with this is you're assuming the target will actually access his encrypted data while in the hotel room.
If you really want to cut it in half, just kidnap him and hit him with this $5 wrench until he tells us the password. We're breaking laws, but hey, whose counting?
There must be laptops out there with the feature that they lock closed and require some physical opening token (key, combination, etc). Given a sufficiently strong and tamper-evident locking mechanism, you wouldn't need an external lockbox and this attack would be difficult or impossible. (Emphasis on the "sufficiently", of course.)
Am I the only one who feel that trucrypt dev is just running away from answer here.
Joanna Rutkowska: If I could arrange for a proper lock or an impenetrable strongbox, than why in the world should I need encryption?
TrueCrypt Developer: Your question was: "And how can you determine that the attacker has or has not worked with your hardware?" My answer was a good safety case or strongbox with a good lock. If you use it, then you will notice that the attacker has accessed your notebook inside (as the case or strongbox will be damaged and it cannot be replaced because you had the correct key with you). If the safety case or strongbox can be opened without getting damaged & unusable, then it's not a good safety case or strongbox. ;-)
I don't think so. If the attacker got physical access to the hardware there is very little you can do via software, given the architecture of normal computers. So the only thing that makes sense is to find a way to detect physical access, and currently the only one is to physically protect the computer itself.
Edit: still there are a few tricks that can be done in theory. For instance to flash a new bios modified in order to write some data in a given sector of the disk if after the power up you don't press a special sequence of keys. This makes the owner able to detect if there was access to the PC, and because it's done in the BIOS even starting a different operating system from the CD will not avoid the detection.
This is security by obscurity, but can work against Maids.
Another simpler, less effective, but still better than nothing approach is to set a password in the BIOS. Unfortunately if I remember correctly a lot of BIOSes used to have backdoors.
I remember coming across machines with BIOS passwords... I'd groan as I realized I had to open up the computer, and remove the little battery to reset the password. Took a few minutes.
It's very simple. If your laptop is unencrypted, could even possibly contain Protected/Personal/Patient-Health Information, and is stolen, you are very likely legally required to formally disclose the loss. That's a legal and PR nightmare.
If your laptop is encrypted, contains PI, and is stolen, you probably don't need to disclose the loss.
No matter what Joanna Rutkowska does with her (very slick) USB key, things like TrueCrypt are very cheap, very very effective insurance.
That makes sense, although I was already aware of it. I suppose I was wondering if there was anything else to it, really, though I haven't a clue what "anything else" would look like, or (for that matter) if the question (when phrased as such) even makes sense.
The way I understand it and correct me if I'm wrong, but as shin_lao pointed out above:
"Full drive encryption is meant to protect against theft or loss, not against trojan horses (be that hardware or software)."
This is a good point with regard to the Maid scenario, so I don't think the developers of TC were running away from the question at all.
And from the article: "After some 1-2 minutes, the target's laptop gets infected with Evil Maid Sniffer that will record the disk encryption passphrase when the user enters it next time." -- so the attacker is depending on the user reentering the system, and they are depending on confiscating the system afterwards. Loss and theft scenarios where an attacker has not utilized EMS, or is just out to steal the laptop, still protects the data.
So in summation, you need encryption to protect against loss or theft, which may be sufficient for your vulnerability level (maybe you don't travel a lot but one day you simply lost your laptop), but you need to go further to protect against what looks to me to be a more advanced version of a keylogger (EMS - frequent traveler with sensitive information).
This is like countless other social engineering attacks, getting people to unwittingly enter their passwords (e.g. phishing) has a high ROI and physical access just makes this very easy (e.g. ATM skimming).
How is this a social engineering attack in any way? The point of interest here is how rapidly an encrypted laptop can be compromised by an untrained person, in a way that evades easy detection.
You get/let someone to trust the physical situation of their machine. In this case of the "maid" getting to play the maid is the engineering part. Once you have physical access to a machine, cracking is usually guaranteed (this is not new or of much interest). This is no different than a complicated "Sneakers" movie style social engineering attack to get physical access to something... it's just easier in a hotel.
That's no more social engineering than installing a hardware keylogger is. It's a technical solution. Social engineering would be convincing the user person-to-person to give up their password (as with a phone call).
Phishing scams and virus emails are social engineering in that they are conning the user into taking an action. You're not 'conning' the user into entering their password, you are just making it look like the system is normal and the user is entering their password on their own (because they are looking for access to the system). It would no more be a social engineering hack if you were to make a duplicate laptop with only a keylogger on it, and then burst into the room guns-blazing once they tried to log in with the password.
Maybe I'm off here but most social engineering has to do with convincing the user to trust 'you' where 'you' can be an unsolicited email telling them to send money to Nigeria, or a person on the phone claiming to need their password to 'reset their account.' In the case of this attack (or a keylogger), they are trusting something that they already trust, their laptop. You're not 'convincing' them to trust their laptop. You're just covering up the fact that it's been compromised.
You seem to want to limit the definition of social engineering to actually coming into social contact with the password-giver.
The victim trusts the hotel, the social engineering I saw here is getting into the position of being a maid (who is trusted to not mess with your stuff (well, not by me but apparently by some)). Just like you can social engineer yourself into any company in order to get at the machines and install a keylogger.
In my original statement I did not do a very good job at how I am dismissing the interestingness of the original blog post, but a keylogger insertion (either software or hardware based) is a time tested technique,there is nothing new here with the attack "payload."
So all I see is "how did the attacker get physical access" but did not flesh this viewpoint out at all, and I apologize.
Think of it in terms of remote exploits and their payloads. Why discuss the subtle differences between rootkit #1 vs. rootkit #2 and how each will screw you: the problem is actually in the attack vector, not the payload. Once you're in, the details are somewhat boring (relatively speaking).
Evil maid is modifying the boot record with a hook to their own code. If the boot record where this function is located is hashed and verified at the next boot, couldn't truecrypt alert the user to the compromise?
Even easier to get around.
Truecrypt uses your passphrase to decrypt the key which is then used to decrypt the disk.
With a ID tag it would just match the tag generated number with it's own algorithm and then decrypt the disk .
All the evil maid would then have to do is add a line to the Truecrypt loader that said if key=999 unlock anyway.
Sure, there are plenty of other attack vectors, but this takes the problem out of the evil maid category.