remote screen output sniffing: I would consider this to be much more difficult than remote capturing of keystrokes (e.g. One solution here would be to use the unsealed secret as a keyfile for disk encryption (as discussed above), which would make it impossible to decrypt the user disk (and so generally proceed with the boot) without successfully unsealing the secret from the TPM. Thus, it would make no sense to use negative indicators, as they would likely not work in case of a real attack. The only thing the attacker would not be able to display would be the secret message. The user should keep in mind that if somebody compromised their computer, then the attacker would be able to display whatever she wants on the screen, and especially to skip displaying of any warning messages. a big scary warning) when the unseal process fails?Ī: The lack of negative indicators is intentional. Q: Why there are no negative indicators (e.g. Q: Are you going to answer 'no' for each question I ask? Q: Does it make any sense to use Anti Evil Maid without a full disk encryption? Q: But, two-factor authentication can also be used to prevent Evil Maid, right? Q: Bitlocker implemented this already several years ago, right?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |