Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'every found a hardware keylogger' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
every found a hardware keylogger
Authored by: lincd0 on Feb 05, '10 11:25:57AM

You should have no expectation of privacy when using a computer of which you aren't the sole administrator. Never do any personal business on a public machine. Carry your own laptop or smart phone around.

For your own system, to be as secure as you can be from physical attack you have to use either whole-disk encryption or some sort of tripwire, with the ability to boot from a separate storage device such as a USB key to verify that the state of the device hasn't changed unexpectedly. Before PGP whole-disk encryption was available, I used mtree for this purpose, but it was awkward. Even PGP isn't completely safe, because of the Evil Maid attack (replacing the bootloader with a trojan.)

The real issue is not to defeat any possible attack, but to defeat the easy attacks. Hardware keyloggers are as easy as it gets, and not very easy to beat.



[ Reply to This | # ]
great advice
Authored by: alec kinnear on Feb 05, '10 11:36:33AM

but every time I've tried disk encryption I've ended up losing my data to disk corruption or some such thing.

physical security is important. i think the next step is to be careful what you write into a computer which ever touches the Internet or leaves home.

thanks for sharing your experiences though.

---
Moving the world to freedom, one Typepad weblog to Wordpress at a time.



[ Reply to This | # ]