Qubes: Anti Evil Maid (AEM): improved TPM support

Anti Evil Maid is an implementation of a TPM-based dynamic (Intel TXT) trusted boot for dracut/initramfs-based OSes (Fedora, Qubes, etc.) with a primary goal to prevent Evil Maid attacks. In short, AEM relies on TPM and a feature found in Intel’s vPro CPUs (TXT) to detect tampering of various boot components.

Even if you don’t use Qubes, this is a good read:

[…]To recap — you need to fully trust:
* CPU (Intel, since we’re depending on TXT)
   + sometimes over-optimizes for performance at the cost of security, see eg. Meltdown/Spectre, cache attacks against SGX enclaves, …
* TPM (various vendors)
   + few known attacks sniffing and injecting commands on the LPC bus; differential power analysis; buggy RSA key generation code
   + note that any potential TPM exploits (should) have no means of compromising your system directly — a TPM under attacker’s control can only be used to hide the fact that a compromise has occurred (ie. defeating the whole AEM feature)
* BIOS (a few vendors)
   + it’s full of holes!
* that the attacker cannot get physically inside your laptop without you noticing (see the glitter hint above)




Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s