Git-Mirrors/anarsec.guide
1
0
Fork 0
mirror of https://0xacab.org/anarsec/anarsec.guide.git synced 2025-07-31 02:18:50 -04:00
Code Issues Projects Releases Packages Wiki Activity

header hrefs relative

Browse source
This commit is contained in:
anarsec 2024-04-15 14:27:12 +00:00
parent 022d014abc
commit 6679c65ba9
No known key found for this signature in database
5 changed files with 24 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

8
content/posts/tamper/index.md
View file

@ -47,13 +47,13 @@ For this reason, it is preferable to apply nail polish directly to the screws ra
Glitter nail polish was successfully bypassed during a Tamper Evident Challenge in 2018 — the winner [explained](https://hoodiepony.medium.com/bypassing-the-glitter-nail-polish-tamper-evident-seal-25d6973d617d) how they managed to do it. Notably, a brand of nail polish with relatively large pieces of glitter in only two colors was used. It would be difficult to apply this bypass to inset screw holes; if the glitter was applied with a high density of elements, but not too thick, this would also increase the difficulty. Finally, [using an adhesive](https://dys2p.com/en/2021-12-tamper-evident-protection.html#glitzer-nagellack-mit-klebstoff) would also make the bypass less feasible.
Verification that the random pattern hasn't changed can be done manually with what astronomers call a "blink comparison". This is used in astronomy to detect small changes in the night sky: you quickly flick between the original photo and the current one, which makes it easier to see any changes. Alternatively, if you have an Android smartphone (either [GrapheneOS](/posts/grapheneos/) or a cheap one for [intrusion detection](#physical-intrusion-detection) that has an inferior camera), you can use an app called [Blink Comparison](https://github.com/proninyaroslav/blink-comparison), which makes it less likely to miss something. It can be installed like any other [app that doesn't require Google Services](/posts/grapheneos/#how-to-install-software), i.e. not through F-Droid.
Verification that the random pattern hasn't changed can be done manually with what astronomers call a "blink comparison". This is used in astronomy to detect small changes in the night sky: you quickly flick between the original photo and the current one, which makes it easier to see any changes. Alternatively, if you have an Android smartphone (either [GrapheneOS](/posts/grapheneos/) or a cheap one for [intrusion detection](/posts/tamper/#physical-intrusion-detection) that has an inferior camera), you can use an app called [Blink Comparison](https://github.com/proninyaroslav/blink-comparison), which makes it less likely to miss something. It can be installed like any other [app that doesn't require Google Services](/posts/grapheneos/#how-to-install-software), i.e. not through F-Droid.
The Blink Comparison app encrypts its storage to prevent an adversary from easily replacing the photos, and provides a helpful interface for comparing them. The app helps you take the comparison photo from the same angle and distance as the original photo. Blink Comparison then switches between the two images when you touch the screen, making direct comparison much easier than manually comparing two photos.
## Getting Started
Now that you understand the nuances of applying nail polish to the screws of your laptop case, let's actually do it — if you are going to [install HEADS](#tamper-evident-software-and-firmware), do that first so the nail polish doesn't have to be removed and repeated. Before you start, you can also take a picture of the inside of the laptop in case you ever need to check if the internal components have been tampered with despite the nail polish protection (keep in mind that not all components are visible). Use a nail polish that has different colors and sizes of glitter, like the one shown above.
Now that you understand the nuances of applying nail polish to the screws of your laptop case, let's actually do it — if you are going to [install HEADS](/posts/tamper/#tamper-evident-software-and-firmware), do that first so the nail polish doesn't have to be removed and repeated. Before you start, you can also take a picture of the inside of the laptop in case you ever need to check if the internal components have been tampered with despite the nail polish protection (keep in mind that not all components are visible). Use a nail polish that has different colors and sizes of glitter, like the one shown above.
* First, take a photo of the bottom of the computer and use a program like GIMP to number the screws to make it easier to verify. For example, the ThinkPad X230 shown above has 13 screws that need to be numbered so that in the future you know which screw the photo `3.jpg` refers to.
* Apply the glitter nail polish directly to each screw, making sure there are enough glitter elements without being too thick.
@ -63,7 +63,7 @@ If you ever need to remove the nail polish to access the inside of the laptop, y
# Tamper-Evident Storage
Now that you understand the concept, you need a tamper-evident storage solution for all sensitive electronics when you are away from home (laptops, external drives, USBs, phones, external keyboards and mice). Safes are often used to protect valuable items, but they can be bypassed in several ways, and some of these bypasses are difficult to detect (see [below](#appendix-cracking-safes)). It is not trivial or inexpensive to make a safe tamper-evident, if it can be done at all.
Now that you understand the concept, you need a tamper-evident storage solution for all sensitive electronics when you are away from home (laptops, external drives, USBs, phones, external keyboards and mice). Safes are often used to protect valuable items, but they can be bypassed in several ways, and some of these bypasses are difficult to detect (see [below](/posts/tamper/#appendix-cracking-safes)). It is not trivial or inexpensive to make a safe tamper-evident, if it can be done at all.
<p>
<span class="is-hidden">
@ -82,7 +82,7 @@ A better and cheaper solution is to implement [dys2p's guide](https://dys2p.com/
Several colorful mixtures are described: [red lentils & beluga lentils](https://dys2p.com/en/2021-12-tamper-evident-protection.html#rote-linsen-und-belugalinsen), [yellow peas & white beans](https://dys2p.com/en/2021-12-tamper-evident-protection.html#gelbe-erbsen-und-wei%C3%9Fe-bohnen), etc. For a box that is transparent on all sides and fits a laptop, a small fish tank works well. For longer-term storage, [vacuum seals](https://dys2p.com/en/2021-12-tamper-evident-protection.html#laengerfristige-lagerung-oder-versand) can be used.
This excerpt assumes that we take the cell phone with us, but [as discussed elsewhere](/posts/nophones/#do-you-really-need-a-phone), this has its own security issues and is not recommended. So the smartphone we use to take a picture of the storage will have to stay in the house outside of the storage. [In the next section](#physical-intrusion-detection), we recommend that you get a cheap Android phone that only runs an app called Haven when you are out of the house. This device will stay out of storage anyway, so you can use it to take pictures of the storage. Alternatively, if you don't have a dedicated Haven phone but do have a [GrapheneOS](/posts/grapheneos/) device (or if the Haven phone's camera is too low quality), you can use it to take photos of the storage and then hide it somewhere in your house while you're away. If you don't have a phone, you can use a camera. However, cameras don't have encryption, so it's much easier to modify the photos, and you won't be able to use the Blink Comparison app.
This excerpt assumes that we take the cell phone with us, but [as discussed elsewhere](/posts/nophones/#do-you-really-need-a-phone), this has its own security issues and is not recommended. So the smartphone we use to take a picture of the storage will have to stay in the house outside of the storage. [In the next section](/posts/tamper/#physical-intrusion-detection), we recommend that you get a cheap Android phone that only runs an app called Haven when you are out of the house. This device will stay out of storage anyway, so you can use it to take pictures of the storage. Alternatively, if you don't have a dedicated Haven phone but do have a [GrapheneOS](/posts/grapheneos/) device (or if the Haven phone's camera is too low quality), you can use it to take photos of the storage and then hide it somewhere in your house while you're away. If you don't have a phone, you can use a camera. However, cameras don't have encryption, so it's much easier to modify the photos, and you won't be able to use the Blink Comparison app.
<details>
<summary>