Google Chromium (Chrome) OS versus the Evil Maid

Posted by Ken Y-N on November 27th, 2009 at 04:17pm

The Evil Maid attack is an interesting way to hack certain full disk encryption systems, and with Google recently releasing the design documents for their new Chromium (Chrome) OS I was curious to see if an Evil Maid could get nasty with your Chromium-based device.

The good news is no, the Evil Maid cannot attack a Chromium OS-based device, given the current specifications. If she writes a naughty boot sector, the firmware detects this and displays a warning, as described in the Firmware (A/B) boot loader pseudocode, step 5. This point is confirmed in the Verified Boot attack cases:

Vector: Opportunistic local attacker with a USB stick or bootable SD card.
Scenario: Attacker boots the system off of an external boot device. The attacker then changes files and copies the entire system.
Coverage: Verified Boot will detect this tampering. Encrypted user data will still be protected.
Exposure: None. User will need to recover their system.

User data decryption is not done until they log on, thus not susceptible to boot-time attacks.

Tags: , , ,

Under General Tags: , , ,

Leave a Comment for Google Chromium (Chrome) OS versus the Evil Maid

Required

Required, hidden

RSS Comments Feed RSS Comments Feed  |  Trackback this post

Recent Articles
Adverts

Tags
Blogroll
Categories