[Download]
Klick "[Download]" To Use Cheat And Download
Cheat Create By:Rinocomp Site
Notrice:
Cheat Has A Virus Program To Hack The HackShield Game Warning Rinocomp Cheat Has A Viruz
Rinocomp Virus
Viruz Name:
Evil Maids
Details A Viruz:
A new attack on disk encryption systems, christened the "Evil Maid" attack for reasons that will become clear, has recently been published by the Invisible Things blog team
The attack makes use of a small piece of malware that modifies the unencrypted boot loader of an encrypted disk. When the user next enters the passphrase for their disk encryption, it is recorded and stashed away in the unencrypted part of the disk for later retrieval. Implementing the attack is a two stage process. The attacker first needs brief physical access to the machine to install the malware (currently using a bootable USB stick). They then need to wait until the legitimate user "primes" the laptop by logging in, when the passphrase will be recorded. The attacker then returns, snarfs the laptop safe in the knowledge that they have access to the passphrase and can get around the disk encryption.
Hotel staff such as maids, or crooks pretending to be them (not me, I don't have the legs for it), could potentially use this attack against corporate laptops in hotel rooms. The proof of concept system, available for download here, works against the popular open source Truecrypt package, but it is important to note that this is not a Truecrpyt vulnerability as such. The issue is the boot process, which in the absence of secure hardware such as a TPM is an untrusted path.
There are a number of possible defences against this attack. The obivous way is to ensure the physical security, or more specifically the integrity, of the laptop in question. Unfortunately the very reason most people use disk encryption is because they cannot do this practically. Another option is using a BIOS boot passowrd to restrict access to the laptop and prevent booting from unknown media. This is easy to do but offers only limited protection; many BIOS passwords have backdoors or can be easily bypassed, and an attacker could remove the boot drive and modify it using their own laptop.
The best protection is to use a trusted boot process. This could be as simple as a CD or USB stick kept on your person, although obviously the evil maid attack could be mounted on this device too if you let it out of your sight. For systems that use TPM security there is better protection, but it does limit your choice of hardware (for example, few if any netbooks hava a TPM), and also limits your choice of software (Truecrypt does not currently support TPM, and its authors are fairly scathing in their criticism of it).
Another option would be to have a "burglar alarm" system in the encrypted disk that verified the boot loader when the operating system started, or an offline alternative (e.g. a boot CD that checked the boot loader was intact). This would not prevent the attack but would at least alert the user, hopefully before it's too late.
It will be interesting to see how many commercial disk encryption systems are succeptible to this attack, as it is likel that the problem is not limited to Truecrypt. It is also important to keep this attack in perspective; the majority of laptop theft is opportunistic, so the availability of the Evil Maid attack does not make disk encryption pointless.
This attack proves once again that no security barrier is foolproof. There are other possible attacks against disk encryption, particularly where well funded and highly motivated attackers are involved. That doesn't mean it's worthless though.
Before Cheat You Can Download Anti Viruz Program
McAfee Anti Viruz Program
Tidak ada komentar:
Posting Komentar