Re: [qubes-devel] GSoC Anti Evil Maid improvement project

2017-04-02 Thread Patrik Hagara
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi! You can find and comment on my GSoC proposal for AEM improvement draft at [0]. The proposal is also attached for archival purposes. I encourage you to review it and if you have any questions or suggestions, feel free to either reply to this e-m

Re: [qubes-devel] GSoC Anti Evil Maid improvement project

2017-03-29 Thread Rusty Bird
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Patrik Hagara: > On Wed, Mar 29, 2017 at 1:39 PM, Rusty Bird wrote: > > 1. The TOTP part of the complex scheme. This would be nicely straight- > >forward, I think. > > Agreed. I even saw an implementation [0] of this (seemingly targeted at > dr

Re: [qubes-devel] GSoC Anti Evil Maid improvement project

2017-03-29 Thread Patrik Hagara
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Mar 29, 2017 at 1:39 PM, Rusty Bird wrote: >>> In case you deem the probability of software-based (but requiring prior >>> physical access) multi-stage evil maid attacks much higher than >>> hardware-based ones, I could implement both scheme

Re: [qubes-devel] GSoC Anti Evil Maid improvement project

2017-03-29 Thread Rusty Bird
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Rusty Bird: > Patrik Hagara: > > In case you deem the probability of software-based (but requiring prior > > physical access) multi-stage evil maid attacks much higher than > > hardware-based ones, I

Re: [qubes-devel] GSoC Anti Evil Maid improvement project

2017-03-27 Thread Rusty Bird
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Patrik Hagara: > For such multi-stage attack, it could be be much more effective and > still perfectly feasible to implant a passive hardware device into > the target computer that would silently capture and record relevant > USB traffic. Such device

Re: [qubes-devel] GSoC Anti Evil Maid improvement project

2017-03-26 Thread Patrik Hagara
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sun, Mar 26, 2017 at 6:21 PM, Rusty Bird wrote: > When the attacker is infecting the user's computer, they could add some > code to copy the sealed encrypted keyfile into the nooks and crannies > (firmware, reserved disk sectors, ...) of that com

Re: [qubes-devel] GSoC Anti Evil Maid improvement project

2017-03-26 Thread Rusty Bird
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Patrik Hagara: > I'm thinking about applying to the GSoC program and working on > the Anti Evil Maid shoulder surfing and video surveillance > resistance project idea. Awesome! > However, I've got a question regarding the proposed > solution which

[qubes-devel] GSoC Anti Evil Maid improvement project

2017-03-26 Thread Patrik Hagara
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi! I'm thinking about applying to the GSoC program and working on the Anti Evil Maid shoulder surfing and video surveillance resistance project idea. However, I've got a question regarding the proposed solution which requires implementing both TOT