Evil Maid! Does the name sounds familiar to? Have you faced any issues related to this? This is a new sort of assault to the system of disk encryption. The attack is made with the motive to make it clear. This has been published recently by the great efforts of a blog team named as, Invisible Things
This attack utilizes a small piece of malware for altering the un-encrypted boot loader for an encrypted disk. After this when the user next makes the entry of the pass phrase needed for the disk encryption, and then it is stashed away and recorded in the un-encrypted fraction of the disk for recovery to be done afterwards. The process of implementing the attack includes couple of stages. At first the attacker requires physical access to the particular machine for installing the malware. Currently, it uses a bootable USB stick for the purpose. After this there is need to wait till the legitimate user initializes the laptop by means of logging in, whilst the pass phrase getting recorded. Then the attacker returns back to make the laptop safe with the knowledge of having access to the pass phrase.
Employees or hotel staff like crooks or maids could make use of this kind of attack against several corporate laptops that are used in hotel rooms or company. The big issue with this is the boot process. In the nonexistence of secure hardware like a TPM can be an un-trusted path giving rise to a big issue.
There are numerous probable defenses for this attack. The most apparent way to guarantee the integrity as well as physical security of the laptop can be in big question. Surprisingly, the most obvious reason people go for disk encryption is their inability to do this practically. Another possible way to defense this attack is use of a BIOS boot password for prohibiting access of the laptop to restricted members only. This will protect any booting from any kind of un-known media. This is simple however, offers limited protection only. An attacker is can remove the boot drive for modifying it by using own laptop.
If you are facing any such problems then you can surely rely upon Save my systems for trustworthy solution. We offer all kind of computer repair, security services and laptop support services at reasonable prices. For more information you can visit our London computer repair service website.
