←back to thread

Show HN: Tripwire: A new anti evil maid defense

(github.com)
81 points DoctorFreeman | 2 comments | 11 Dec 25 09:46 UTC | HN request time: 0.619s | source

If you have heard of [Haven](https://github.com/guardianproject/haven), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.

The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.

There is also a presentation of Tripwire available on the Counter Surveil podcast: https://www.youtube.com/watch?v=s-wPrOTm5qo

Show context
sandworm101 ◴[12 Dec 25 12:59 UTC] No.46243708[source]
This isnt a tripwire. This is a canary. You have to actively check a canary. A tripwire would send notifications in real time without the user needing to check.

An evolution of this would be to put a server on a different network, a remote location, and have it pump out warnings the moment movement was detected and/or contact with the "tripwire" system was lost.

But the best way of preventing evil maid attacks remains knowing your hardware. Anyone trying to swap out my laptop, or open it, is going to have a problem replicating my scratch marks, my non-standard OS boot screen, or prying out the glue holding in the ram modules (to prevent cold boot attacks).

replies(4): >>46243982 #>>46244154 #>>46245115 #>>46245449 #
ramses0 ◴[12 Dec 25 13:53 UTC] No.46244154[source]
I was sure I'd made a comment like this before, but I'd love some sort of home-spun setup like this: https://news.ycombinator.com/item?id=2465687 ...hood, tuck, john. (2x local, 1x remote) which constantly rotated roles as to who was primary/secondary.

Basically core "chaos-infra" for your home setup(s). Hood/Tuck switch between primary and secondary, always trying to stay in touch with "John" (offsite), maybe like a primitive etcd for home automation/monitoring/backup/file-serving. Green==3good, Yellow=degraded[local|remote], Red=single-point-of-failure, Black=off/not-serving.

Other funsie to think about is getting a thumbprint/PIN-locked USB-drive to hold/unlock `~/.passwordstore/*.gpg` so that even on power-outage/reboot you'd need to physically "re-auth" to unlock important secrets.

Something like this would fit nicely into this (imaginary) setup!

replies(1): >>46244327 #
sandworm101 ◴[12 Dec 25 14:14 UTC] No.46244327[source]
I had a professor once ask about the strip of duct tape across the back of my brand new laptop. "Well, thieves cannot pawn electronics with cracked cases. So all my laptops have at least some tape so they think it may be cracked." The next lecture, the prof had a strip of masking tape on his laptop too.

But slap a tux logo and an "i l9ve truecrypt" banner on you device and nobody short of the NSA would even attempt a maid attack.

replies(1): >>46244480 #
1. gruez ◴[12 Dec 25 14:31 UTC] No.46244480[source]
>Well, thieves cannot pawn electronics with cracked cases

Can't, or they'll get less money? I'm also not sure if I ever saw a laptop with a cracked case before, not to mention macbooks are the most recognizable and can't have cracked cases (because they're aluminum), and other laptops aren't worth stealing because their value drops sharply.

>But slap a tux logo and an "i l9ve truecrypt" banner on you device and nobody short of the NSA would even attempt a maid attack.

truecrypt is actually very susceptible to evil maid attacks because it doesn't use secureboot/tpm, which means all a baddie has to do is installed a backdoored version of truecrypt and wait for you to enter the password.

replies(1): >>46246115 #
2. sandworm101 ◴[12 Dec 25 17:10 UTC] No.46246115[source]
The stickers are just a statement that the owner is privacy aware. And, physically, stickers are hard to replicate quickly, preventing simple swapping of hardware. A clean iPad that looks brand new is indistinguishable from any other ipad that the maid can swap in.