(github.com)

81 points DoctorFreeman | 1 comments | 11 Dec 25 09:46 UTC | HN request time: 0s | source

If you have heard of [Haven](https://github.com/guardianproject/haven), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.

The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.

There is also a presentation of Tripwire available on the Counter Surveil podcast: https://www.youtube.com/watch?v=s-wPrOTm5qo

Show context

sandworm101 ◴[12 Dec 25 12:59 UTC] No.46243708[source]▶

>>46229437 (OP) #

This isnt a tripwire. This is a canary. You have to actively check a canary. A tripwire would send notifications in real time without the user needing to check.

An evolution of this would be to put a server on a different network, a remote location, and have it pump out warnings the moment movement was detected and/or contact with the "tripwire" system was lost.

But the best way of preventing evil maid attacks remains knowing your hardware. Anyone trying to swap out my laptop, or open it, is going to have a problem replicating my scratch marks, my non-standard OS boot screen, or prying out the glue holding in the ram modules (to prevent cold boot attacks).

replies(4): >>46243982 #>>46244154 #>>46245115 #>>46245449 #

1. mlyle ◴[12 Dec 25 16:08 UTC] No.46245449[source]▶

>>46243708 #

> A tripwire would send notifications in real time without the user needing to check.

c.f.

> > If any motion is detected by RPi's camera module or motion sensor, the server will delete those secrets immediately, in addition to sending push notifications to the web client.

It sends notifications in real time and tries to stay irrevocably tripped.

↑

Show HN: Tripwire: A new anti evil maid defense