Collaborate Disseminate
If you are using an encrypted APFS container, for example, to encrypt the Time Machine, whenever the physical disk is plugged in, MacOS asks for a decryption password with an option to store it ("remember the password") in the ke… Continue reading Storing APFS password in Apple’s Keychain for Time Machine
Suppose you need a laptop repair, so you bring it to
A big box store where you have some sort of coverage (who will have the computer for 2-3 weeks)
A small chain of repair shops
a small independent repair shop
All in the United States. … Continue reading Laptop Repair vs. Evil Maid
I’ve gone through a related question on how to protect data in case of unauthorized physical access to a server, where the consensus seemed to be that preventing data access when someone has physical access to the server (the machine is tu… Continue reading How to protect a local server if someone has physical access to it?
Context
I’m working to make an embedded devices safe against physical access. (publicly accessible device and can be easily stolen)
I already made the following action :
secure boot is enabled on cpu, bootloaded is signed
Image is also si… Continue reading How to safely use dm-crypt as overlayfs uper partition?
Security threat: physical theft of a laptop and a server that use TPM2 auto unlock FDE with LUKS. In both cases the TPM checks against some PCRs before unsealing the key. The laptop prompts for a TPM PIN, the server doesn’t. The attacker i… Continue reading PCR to prevent TPM2 key unsealing in case of rogue DMA devices connected?
I can think of multiple ways to surveil a logged out computer with temporary physical access. The first is installing a hardware keylogger which would enable one to get all the keystrokes from it; however, hardware keyloggers on laptops ar… Continue reading Surreptitiously surveil a logged out laptop AD workstation’s keyboard with temporary physical access?
I’m trying to understand how shim is considered secure.
Shim is a signed bootloader that allows to load any image (at a fixed path in the EFI System Partition) as long as its hash is added to a MOK (machine owner’s key) list, which is stor… Continue reading Is shim secure if new MOK entried can be added without a password?
I gave my laptop for repair to a technician now I suspect he might have copied my files to another pc by probably plugging in my SSD to other devices. I already tried checking the properties but idk why my access time is getting set to the… Continue reading Is there a way to find the devices my SSD was plugged in?
What can I do to check a potential "evil maid attack"?
Continue reading How to check if someone used my desktop or any other device
I’m in the process of figuring out an encryption strategy for a personal Linux system.
My laptop is almost always on, or in sleep mode, except for longer travels.
My main threats are theft of my laptop while powered on, and evil maid.
It i… Continue reading How to protect files in use on a system powered on from physical theft or tampering?