Show HN: Tripwire: A new anti evil maid defense

The bullet point stating that tripwire was built for "High-ranking officials in businesses/organizations" should be removed, because that group is very unlike the "Developers of critical software", "Investigative journalists", and "Attorneys with high-profile clients" which are also mentioned.

Everybody who had the pleasure to work with "high-ranking officials in businesses/organizations" knows that this group is the one who overrides many technically optimal decisions and thinks internal policies do not apply to them. Their lives are not affected if a device is compromised because they are financially stable and can just blame an intrusion on the IT team.

I guess this is actually not an anti evil maid defense.

It's rather an anti evil maid tool, or an evil maid defense. :)

sorry for being pedantic, but with the arms race within cybersecurity, "anti something defense" sounds like double negation to me.

For a second I thought Tripwire, Inc.[0] had risen from the dead with a new IDS.

[0] https://en.wikipedia.org/wiki/Tripwire_(company)

This isnt a tripwire. This is a canary. You have to actively check a canary. A tripwire would send notifications in real time without the user needing to check.

An evolution of this would be to put a server on a different network, a remote location, and have it pump out warnings the moment movement was detected and/or contact with the "tripwire" system was lost.

But the best way of preventing evil maid attacks remains knowing your hardware. Anyone trying to swap out my laptop, or open it, is going to have a problem replicating my scratch marks, my non-standard OS boot screen, or prying out the glue holding in the ram modules (to prevent cold boot attacks).