By gravax on Oct 23, 2009
So, I've been reading Bruce Schneier's blog on the Evil Maid Attack. He's falling to one of the behaviors he usually criticizes. Just a new holywood industry plot for something not really new, not really changing the world.
The thing is... The assumption is that thee attacker has access to your laptop.
Which has always been an issue. Inserting a keylogger into your
hardware (keyboard cable on a desktop, or a bit more subtle on a
laptop, but nothing beyond the capabilities of your typical spooks) and
you get the same access to all keystrokes, including those for the
passwords to the encrypted disks, firefox datastores, and pretty much
So appart from having a fancy name... nothing new.
It's like Java... If you let an attacker change your bytecode loader / verifyer... yeah, they break your system. But then again... it's not really running java anymore at this point.
Same here... if you let an attacker change the behavior of your machine (hardware or software) then you're not really running your machine anymore at this point either.
Sure, multi-factor authentication is the solution. But "Evil Maid Attack" is just a fancy name for something not really new.