alt Hacker NewsThis isnt a tripwire. This is a canary. You have to actively check a canary. A tripwire would send notifications in real time without the user needing to check.
An evolution of this would be to put a server on a different network, a remote location, and have it pump out warnings the moment movement was detected and/or contact with the "tripwire" system was lost.
But the best way of preventing evil maid attacks remains knowing your hardware. Anyone trying to swap out my laptop, or open it, is going to have a problem replicating my scratch marks, my non-standard OS boot screen, or prying out the glue holding in the ram modules (to prevent cold boot attacks).
Replies
I was sure I'd made a comment like this before, but I'd love some sort of home-spun setup like this: https://news.ycombinator.com/item?id=2465687 ...hood, tuck, john. (2x local, 1x remote) which constantly rotated roles as to who was primary/secondary.
Basically core "chaos-infra" for your home setup(s). Hood/Tuck switch between primary and secondary, always trying to stay in touch with "John" (offsite), maybe like a primitive etcd for home automation/monitoring/backup/file-serving. Green==3good, Yellow=degraded[local|remote], Red=single-point-of-failure, Black=off/not-serving.
Other funsie to think about is getting a thumbprint/PIN-locked USB-drive to hold/unlock `~/.passwordstore/*.gpg` so that even on power-outage/reboot you'd need to physically "re-auth" to unlock important secrets.
Something like this would fit nicely into this (imaginary) setup!
new CPUs have built in memory encryption with random key. activate it for an additional layer on top of your glue
it's called TSME on AMD
> A tripwire would send notifications in real time without the user needing to check.
c.f.
> > If any motion is detected by RPi's camera module or motion sensor, the server will delete those secrets immediately, in addition to sending push notifications to the web client.
It sends notifications in real time and tries to stay irrevocably tripped.