Back in October, I posted a note about the Evil Housekeeper attack (sometimes called Evil Maid) that was developed by Joanna Rutkowska of Invisible Things Lab . The attack, which enables a person (the Evil Housekeeper) with physical access to a laptop computer to plant a software Trojan on it, is effective even if the laptop’s hard disk is protected by encryption.
In case you are not yet convinced that it is important to look after the physical security of your laptop, you might want to compare notes with an unnamed “senior Syrian government official”, who, according to an article published this week by the German magazine Der Spiegel, had his laptop “bugged” by Mossad, the Israeli intelligence agency, while he was staying at a hotel in London in 2006:
… a senior Syrian government official checked into a hotel in the exclusive London neighborhood of Kensington. He was under Mossad surveillance and turned out to be incredibly careless, leaving his computer in his hotel room when he went out. Israeli agents took the opportunity to install a so-called “Trojan horse” program, which can be used to secretly steal data, onto the Syrian’s laptop.
The Mossad was interested because the laptop contained construction plans, correspondence, and photographs of the Al Kibar complex being constructed in the Syrian desert. Their suspicions had been aroused by, among other things, a high level of communications traffic between the site and North Korea. The site was bombed and destroyed in September 2007, presumably by the Israelis, although the event has never been officially acknowledged, even by the Syrians.
Now it is doubtless true that most of us don’t have to worry about having our hotel rooms “cleaned” by a foreign intelligence agency. But this is one more example of how important it is to get the basics right: don’t leave your laptop lying around.
Random Walks 