On 10/29/20 11:06 PM, evado...@gmail.com wrote:
Proof of Concept.
github.com/evadogstar/qubes-sleepkeeper
Qubes-Sleepkeeper protects you from physical attack when the attacker
force you to enter the password of your Qubes after it wakeup from sleep
or from password guessing after wakeup. The attacker have very limited
time to do so or Qubes will shutdown automaticaly.
Interesting but threat model unclear. If the attacker can force you to
enter one password after suspend, why would he not force you to enter
LUKS and user password 5 minutes later? Please explain. Rather an evil
maid "attempt detection" (not protection) by "laptop is down instead of
sleeping"? I think it really could help as additional data protection in
case of normal, criminal theft...
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/d82a76a4-cb86-ebf8-25c7-f6556ba750d5%40web.de.
