All the software security in the world won’t protect your laptop if someone swipes it, compromises it with malware and then returns it to you without you ever noticing.
So if you must travel with your laptop in places you don’t feel 100 percent secure, you should consider traveling with glitter nail polish.
Yes, it must be glitter nail polish. Here’s why.
A few years back, two security researchers presented a tactic to combat what’s known as “An Evil Maid attack” that’s more effective than simply applying a tamper-proof sticker on your laptop, since those stickers aren’t as “tamper-proof” as you might imagine.
“The idea is to create a seal that is impossible to copy,” Wired‘s John Borland writes. “Glitter nail polish, once applied, has what effectively is a random pattern. Once painted over screws or onto stickers placed over ports, it is difficult to replicate once broken.”
Then you take a picture before you leave your machine and another when you return. It would be ideal if you don’t take any other pictures while you’re out so you can easily do a side-by-side comparison. It’s a technique the researchers borrowed from astronomers who study the night sky.
Of course, this isn’t a fail-safe system that keeps hackers out. It lets you know if they’ve been in, so you don’t exacerbate the breach by continuing to use the PC.
“And a few bits of advice from a seasoned glitter polish user: Make sure to let it dry before you take the photo, or the glitter could move if it’s disturbed and upset your carefully documented pattern,” Motherboard’s Victoria Turk writes. “I’d also advise against painting it directly onto your devices as it’s sticky stuff and difficult to remove (and I wouldn’t want to get nail polish remover—effectively paint stripper—too near any expensive parts). Painting the glitter onto a sticker (that you can’t cleanly peal back and replace) might be a good solution.”
Opsec — or operational security — is both an art and science. It’s almost impossible to do perfectly, but if you’re protecting high value data and need to be abroad this technique may come in handy.
After F-Secure principal security consultant Tom Van de Wiele stepped into the #CyberSauna for the second episode of…
January 19, 2018
The email subject line says “Scanned from Lexmark” and the attached file is “image2017-11-23-9292134.7z". Seems…
November 29, 2017