How to verify boot firmware integrity if you prioritize neutralizing Intel ME?
when you use me_cleaner to neutralize intel ME, it also removes TPM. TPM is required for boot verification technologies like Heads or AEM. So you can't use Heads/AEM and me_cleaner, you have to choose one and in this case we choose to prioritize me_cleaner.
Heads: https://osresearch.net/ me_cleaner: https://github.com/corna/me_cleaner
Then the question becomes, what do you personally do to protect your computers boot firmware? There are many ways you can do that such as the popular glitter nailpolish technique. The problem with that technique is you need a good camera with a firm stand so you can take the before and after pictures at the exact same distance and place to compare them. It's also quite a lot of work to do that every single time you leave your computer which could be several times every day. AEM is also most popular to use when traveling and when traveling, having all that extra equipment with you is a problem.
What else? Maybe a secret camera without any internet connection capability which you can place somewhere in the room with the computer and that way you can know if someone was inside the room and if they did anything with the computer. The camera would have to record to a local storage like a micro sd card and you overwrite all data on that card every day so you won't need too much storage capacity. And maybe the camera only activates on movement triggered then its even easier to quickly check if there's any video when you come back to your computer. You would also need to be sure that the adversary doesnt replace the camera so you dont know its not your camera anymore or if they can erase the video files before they leave like hackers who erase logs. What do you think about that?
Another idea is a container for the computer. The container can of course be destroyed easily but then you will at least know they did something with the computer. But you would need a container that the evil maid can't go get a duplicate of or have one manufactured so they can replace the container after destroying original one.
Same problem with a sticker on the screws to open up the laptop, they could get a duplicate sticker to replace yours. I also heard there are ways to remove a sticker and then put it back again.
Practically I think camera technique is best to use on daily basis because its effective and relatively simple but maybe in some situations you have to gamble by using a container or sticker.
And then you also need to check your firmware once in a while even if you don't suspect anything. I'm not sure the best way to do that because I've read it is practically impossible to know if rom has been maliciously modified. So its probably not enough to simply dump the rom and do a diff against the rom you flashed. Maybe you just have to redo the flash again not knowing if it was necessary or not.
31 comments
[ 3.1 ms ] story [ 69.7 ms ] threadI'd recommend taking a very high res photo of the welds so you can compare later if tampering is suspected.
Buy a random older computer with cash. Nothing critical needs more than 512mb anyway.
Faraday caged, WIFI/Bluetooth/EM sensitive heartbeat monitors, decentralized fail-safe Live feeds,full air gapped setup with UPS, white-noise machines, and only transmit data via QR codes.
Hope the monitor you chose to display QR and the web-camera are also faraday'd.
Hope the computer you are using to display the QR never gets compromised, and the QR-code reader, at the same time.
It's easier to send a squid-team with a $5 wrench.
What's the goal here? Why can't the same super-powered evil maid just create a visually-identical replica of your entire computer, login UI included, then MITM your password / unlock sequence ?
Then go through your original computer at their leisure with the captured password, while you ponder why "your" computer just crashed after login...
Or do you mean to do everything on my computer without having access to any hardware/firmware? You would just simply boot up the computer and somehow hack it? How?
Tbh, I for myself would not care for physical intrusion. If someone (private or state sponsored) has the willingness to intrude into my home, them tampering with my PC is the least of my concerns. As someone else also mentioned: A $5 wrench will be more effective than any measures you can do by modifying your pc.
Regarding tamper evidence, there have been multiple Defcon / Blackhat talks about tamper evidence. One thing that comes into mind is vacuum sealing a notebook into a bag with colored beans and taking a photo. This way, it will be impossible to access the pc without disturbing the pattern of beans surrounding the PC. You just need the software to compare photos to know if the sealed bag has been tampered with.
That methods goal is to be tamper evident. You are referring to tamper proofing which opens up another whole can of worms.
There was an article [0] posted some days ago, they reccomended a transparent container and a mixture of red and brown lentils, and work just as with the glitter nail polish.
[0] https://www.anarsec.guide/posts/tamper/
s/TPM/fTPM/
Some laptops have a discrete pTPM in addition to the ME's firmware TPM, which can be used for firmware validation, disk encryption, etc.
Some OEMs can detect when the chassis is opened, e.g. HP TamperLock, https://h20195.www2.hp.com/v2/getpdf.aspx/4AA7-8167ENW.pdf
I have a multi-stage strategy.
First and most important, physical security. My computer is valuable enough that if I left it unattended in public, someone would probably nick it and put it on ebay. So I only leave it unattended in places with good enough physical security.
Secondly, I avoid doing anything that would impose spy-thriller-movie-level security requirements on my equipment. My employer wants to secure a critical code signing key? I'll be happy to sort them out with their own HSM in their own properly secured data centre, or their own USB stick in a bank vault, or whatever their requirements dictate. My personal security research? I anonymously publish anything interesting I find right away. And I strictly avoid going to countries where I think the government ought to be overthrown.
Therefore, the chances of an attack targeting my boot firmware are exceptionally small.
Finally, I embrace the reality that the TPM wouldn't have helped me anyway. Firstly the security the TPM offers depends on the security of the BIOS, and we all know that's a joke. Secondly, even if the TPM worked perfectly and the BIOS was secure and so on, an attacker in a position to mess with my firmware could just as easily install a physical keylogger, or a hidden camera pointing at my keyboard, or just have masked goons hit me with a $5 wrench until I tell them the password.
"just don't do risky stuff on it" doesn't cut it for those who need it.
Leave room for real discussion about the topic.
I'm saying you shouldn't do things so risky that a squad of spies would get sent to monitor you, learn your routine, pick your house's locks while you're at work, sneak in, dismantle your computer, image your encrypted hard disk, overwrite the bootloader with a special version that will record the FDE password next time you enter it and send it to them, reassemble your computer and sneak out undetected.
Because that's what an "evil maid attack" means, once you've got basic physical security in place.
As I'm not Ross Ulbricht or Julian Assange, I'm willing to take my chances.
It's also common knowledge that all adversaries view people who have higher security than the average person as a person of interest or a mark. If they are spies they think you don't need privacy if you have nothing to hide and if you are trying to hard to hide then you must have something important to hide. Criminals think if you have security then you must have something valuable to protect.
Also some of the methods described her this thread seem impractical and extreme but one you go down this rabbit hole of security and privacy, you become used to gradually putting in a little more extra effort for better security and privacy. Normal users can't understand how someone can survive with having to toggle scripts on/off with the noscripts extension but for most people who are interested in security and privacy that is easy and effortless like breathing air.
Or do you mean to encrypt your data and upload to the cloud? Then download the data when you need to use it? And how are you managing all the passwords and encryption keys? I think you would need to keep quite a bit of sensitive data on that travel computer so you would need tamper evidence on it as well.
Or I think I must be completely missing out on something here what you are saying. Maybe you can elaborate a bit? It sounds interesting.