Heads can authenticate itself to a user through librem key or phone TOTP.
I think BIOS and UEFI don’t use librem key or TOTP to authenticate themselves to a user.
If I use BIOS or UEFI, is it possible to detect tamper evidences left by physical attackers who had internal physical access? I suspect password-protected firmware that doesn’t boot from external devices should be enough to deter external physical attacks which probably won’t leave physically visible tamper evidences.
A tablet is likely to leave physical tamper evidences if somebody opened it. If I apply nail polish on laptop screw holes or attach tamper-evident stickers on my desktop, I may be able to detect tamper evidences left by internal physical attacks.
I’m just guessing here. If you don’t have phone TOTP or librem key, perhaps you can use low-tech tamper detection methods instead of high-tech methods.
No, not unless fuses are used by the manufacturer as an audit log for upgrading/downgrading firmware. Nail polish and tamper-evident stickers, otherwise known as security seals, can be covertly bypassed and/or replaced by a skilled attacker.
@amano I think you might be interested in Trammell Hudson’s project safeboot:
Trammell Hudson is the genius who created HEADS. This safeboot project of his has the same goal, but with UEFI stock machines firmware. It uses a Yubikey for remote attestation tamper proofing.
Here is a short description:
The slightly more secure Heads firmware is a better choice for user freedom since it replaces the proprietary firmware with open source. However, Heads and LinuxBoot only support a limited number of mainboards and systems, while safeboot’s objective is to work with existing commodity hardware and UEFI SecureBoot mechanisms, as well as relatively stock Linux distributions.
I wouldn’t say it’s overly complicated, but there are a lot of steps for installation. At least, you don’t need any flashing of the SPI flashrom externally nor internally. The only thing I don’t like about it, is the Yubico hardware token - I would prefer a NitroKey or LibremKey.
safeboot intends to protect the integrity of the boot process and runtime integrity of the system against adversaries with external physical access to the device, as well as limited internal physical access.
Does this mean safeboot cannot detect tamper evidences left by proper internal physical access?
And, where are tamper switches used by safeboot? I don’t have them in my computers.
I don’t think that’s what is meant here. For TOTP used for 2FA on web sites and other logins, you can use any correct TOTP implementation. For verification of the operating system etc. itself, there is no point using any software running inside the operating system etc. because if the operating system etc. has been compromised then it could be compromised in such a way that it still passes whatever tests you impose, while containing malicious code inserted by the e.g. evil maid. Explanation for how TOTP can be used for device verification: Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot) - Michael Altfield's Tech Blog
I guess it could relate to a situation where the phone replaces the Librem Key, running similar code and functionality, and the phone is used to verify a laptop / desktop (presumably connected via USB).
The basic scenario is that if you leave a device unattended, you need to take a smaller device with you - and the smaller device will verify that the unattended device was not tampered with (or tell you that it was tampered with).