(github.com)

81 points DoctorFreeman | 3 comments | 11 Dec 25 09:46 UTC | HN request time: 0.019s | source

If you have heard of [Haven](https://github.com/guardianproject/haven), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.

The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.

There is also a presentation of Tripwire available on the Counter Surveil podcast: https://www.youtube.com/watch?v=s-wPrOTm5qo

Show context

neuralkoi ◴[12 Dec 25 13:44 UTC] No.46244062[source]▶

>>46229437 (OP) #

The author did an excellent job explaining what an evil maid attack is, but a very poor job of explaining how their proposal mitigates such attack.

I think the classic "Detecting unauthorized physical access with beans, lentils and colored rice" [0] approach is simpler to understand and simpler to implement. It doesn't rely on any hardware, such as a Raspberry Pi or otherwise technology which can be more easily subject to scrutiny via Ken Thompson's "Reflections on Trusting Trust".

[0] https://dys2p.com/en/2021-12-tamper-evident-protection.html

replies(4): >>46244395 #>>46245475 #>>46245903 #>>46251916 #

1. IncreasePosts ◴[12 Dec 25 16:10 UTC] No.46245475[source]▶

>>46244062 #

With beans and colored rice, a smart evil maid will just wait until they next earthquake to compromise your devices.

replies(1): >>46245782 #

2. alias_neo ◴[12 Dec 25 16:38 UTC] No.46245782[source]▶

>>46245475 (TP) #

It's vacuum packed so movement such as that of an earthquake would have no effect.

replies(1): >>46248504 #

3. ignoramous ◴[12 Dec 25 20:31 UTC] No.46248504[source]▶

>>46245782 #

I'm surprised vaccum packing a Laptop with lentils/rice doesn't crack its screen.

↑

Show HN: Tripwire: A new anti evil maid defense