From Whonix

Anti Evil Maid (AEM) notes.

Adversary capabilities:

  • physical access
  • remove disk
  • re-fash BIOS
  • exfiltrate TPM

Anti Evil Maid (AEM) alternatives:

  • BIOS password
    • attack requires removal of disk
    • there might be a BIOS master password
  • boot partition on USB
    • attack on BIOS required
    • or USB persistent modifications
  • disk hasher → attack on BIOS required

Anti Evil Maid security issues:

  • download binary file SINIT without verification and hope the processor will correctly verify it
  • rely on closed source TPM

Anti Evil Maid (AEM)

  • authenticates machine to the user (not user to machine)
  • change in BIOS → reseal required
  • another complicated password?
  • picture support was deprecated?
  • one time password support OTP TOTP ("google authenticator) (2FA)
  • measurement of Xen, kernel, and initrd versions
  • only compatible with legacy boot
  • not compatible with UEFI
  • not compatible with USB 3.0
  • hide USB from dom0 (more secure but also more fragile) (BadUSB attack) vs not-hide (able to use USB AEM)
  • AEM on USB encourages to boot from USB → makes it easier for an evil maid (no need to change settings in BIOS)
  • a reason for AEM on USB → as a keyfile (second factor) → better yubikey

text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png Iconfinder Apple Mail 2697658.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Please help us to improve the Whonix ™ Wikipedia Page. Also see the feedback thread.

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2021 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.