Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HDD Encryption vs Evil Maid attack


  • Please log in to reply
3 replies to this topic

#1 Pajajn

Pajajn

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:01:17 PM

Posted 24 February 2013 - 09:55 PM

Looking for a good encryption program to my HDD files and such things so basically the whole partition. Read that Truecrypt got good rating from users but after reading this post i dont know how safe it really is if you got lot's of things you want to be completely hidden.

link
https://www.os3.nl/2011-2012/students/dennis_cortjens/ot_physical_log

"This attack is possible with every key logger like method with full disk
encryption and even with other forms of encryption. The only product
that could prevent this attack is a TPM chip in combination with
encryption software. A TPM chip offers facilities for the secure
generation of cryptographic keys and provides a sealed storage for keys
or passwords.1)

Some encryption software that support TPM are BestCrypt, McAfee
Endpoint Encryption, BitLocker Drive Encryption, FinallySecure, PGPDisk,
SafeGuard and SecureDoc.2)"

What do you guys think, and/or using for the moment and in the past(?)



BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 1,177 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 25 February 2013 - 05:04 PM

If you think you're likely to be the victim of an evil maid attack, then you need a laptop with TPM plus the encryption software that supports it, like BitLocker.

 

I use TrueCrypt and I don't think I'm likely to be the victim of such attack.

It's too bad Joanna released the evil maid image, but never her antidote.

 

And this post on my blog might interest you:

http://blog.didierstevens.com/2012/02/09/quickpost-disassociating-the-key-from-a-truecrypt-system-disk/


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com
Microsoft MVP 2011-2014 Consumer Security
Posted Image

#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 1,177 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 25 February 2013 - 05:40 PM

Or are you worried about the exact evil maid scenario? Leaving your laptop in an hotel room?

 

Put it in the safe. If it's too big for the safe, remove the HD from the laptop and put the HD in the safe.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com
Microsoft MVP 2011-2014 Consumer Security
Posted Image

#4 Pajajn

Pajajn
  • Topic Starter

  • Members
  • 350 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:01:17 PM

Posted 25 February 2013 - 06:01 PM

Thank you Stevens icon_thumb.gif I'll stick to TrueCrypt for the moment and well see later on what's actually needed/or personal preferance ofcourse 

Best regards 
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users