"Evil Maid" attack against disk encryption
Posted Nov 26, 2009 19:07 UTC (Thu) by mcortese
Parent article: "Evil Maid" attack against disk encryption
I read the original article, and found the comments particularly interesting. I also think Joanna was a little too severe with those proposing alternative protection schemes against the attack.
For example, keeping the
/boot partition in a removable media that you carry with you all the time, does help. Nonetheless such proposal was dismissed as ineffective because it still allows for a BIOS infection.
Now, if I correctly understood the aim of the article, it was not to prove that your hardware is prone to attacks if left unattended, but rather how simple and quick these can be. Re-flashing a BIOS is in no way comparable to plugging in a USB drive and pressing the power button!
Before Joanna's article and proof of concept, we were tempted to overestimate the security level that Full Disk Encryption could grant us. Thank her for the enlightenment. Does this mean that FDE is useless? I don't think so. Alone it is not enough, but with appropriate side measures (like removable
/boot) it can secure our system to a reasonable level.
to post comments)