Micah Lee πŸ”‘ is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Micah Lee πŸ”‘ @micahflee

For the last two years I've carried a honeypot laptop with me every time I traveled. I checked it in my luggage, left it unattended in my hotel rooms. After each trip, I did forensic analysis on the laptop to detect if it had been tampered with.

I wrote about my experience and methodology here: theintercept.com/2018/04/28/co

Micah Lee πŸ”‘ @micahflee

I hoped that, if an evil maid attacker tried tampering with my laptop, I would not only discover the attack, but learn how it works, and possible who was behind it. Unfortunately (fortunately?), I didn't discover any evil maids.

Micah Lee πŸ”‘ @micahflee

I installed Debian on the laptop. Before each trip, I removed the hard disk and took checksums of the partitions and the disk header. I also dumped the BIOS firmware. After each trip, I did the same, and compared to see if they matched.

Micah Lee πŸ”‘ @micahflee

I learned a lot about hardware hacking and got to use free software BIOS tools like chipsec, EUFITool, and flashrom.

It was a lot of fun! I go into much more technical detail in the article.

Β· Web Β· 9 Β· 21
Christopher Lemmer Webber @cwebber@octodon.social

@micahflee That's awesome!

mastodon.social powered by Mastodon