{"guid":"b5d1079a-7d72-45b1-8328-e5c3e60944c1","title":"Beyond Anti Evil Maid","subtitle":"Making it easier to avoid low-level compromise, and why you'll still lose","slug":"32c3-7343-beyond_anti_evil_maid","link":"https://events.ccc.de/congress/2015/Fahrplan/events/7343.html","description":"In 2011, Joanna Rutkowska unveiled an easy-to-use tool for mitigating many attacks on system boot chains by using the TPM - the Anti Evil Maid. Unfortunately the implementation was difficult to incorporate into normal system boot in a secure manner - anybody able to observe a user could recreate the secret. This presentation describes a method to allow systems to prove their identity to the user without making it trivial for attackers to mimic a secure boot and extract secrets from the user, and why the state of modern hardware means this may still not be enough.","original_language":"eng","persons":["Matthew Garrett"],"view_count":43298,"promoted":false,"date":"2015-12-29T11:30:00.000+01:00","release_date":"2015-12-29T01:00:00.000+01:00","updated_at":"2026-04-21T12:15:04.725+02:00","tags":["Security"],"length":3625,"duration":3625,"thumb_url":"https://static.media.ccc.de/media/congress/2015/7343-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2015/7343-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2015/b5d1079a-7d72-45b1-8328-e5c3e60944c1-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2015/b5d1079a-7d72-45b1-8328-e5c3e60944c1-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/32c3-7343-beyond_anti_evil_maid","url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_title":"32C3: gated communities","conference_url":"https://api.media.ccc.de/public/conferences/32c3","related":[{"event_id":1733,"event_guid":"QszoY6oJD6rpkbsTRQinRA","weight":19},{"event_id":1837,"event_guid":"ZYk9lubJJBkqDWJBOZpWyw","weight":7},{"event_id":2811,"event_guid":"fa0727ab-81a7-4197-bc7d-0ce5e9dc4526","weight":28},{"event_id":2827,"event_guid":"f79c744f-30d1-4175-a173-2e760049337d","weight":5},{"event_id":2878,"event_guid":"1c70e359-0e63-4dad-b7f3-8377e3822286","weight":3},{"event_id":2880,"event_guid":"72ad2630-b736-4d4c-8ea1-d982076426bc","weight":4},{"event_id":2885,"event_guid":"36ff9cc8-f717-42f3-b570-fca9810a02fa","weight":4},{"event_id":2887,"event_guid":"cc9ede64-bad5-4ed0-92a3-4fbaf54eadec","weight":3},{"event_id":2892,"event_guid":"668ba44b-6800-4a8f-9544-b8e5cd7bd86c","weight":3},{"event_id":2895,"event_guid":"1cac5105-cfdc-42e9-9a87-0ee71fc2443c","weight":3},{"event_id":2907,"event_guid":"3b16ddc9-499b-44b1-9084-b3e328daea30","weight":4},{"event_id":2911,"event_guid":"60ba43d2-a9c8-42ab-a434-8772cb182675","weight":6},{"event_id":2944,"event_guid":"5fb6f7b5-c237-4b64-b786-85e4c95f13ad","weight":4},{"event_id":2948,"event_guid":"7ca8581d-a3f7-4247-8101-786cf04d9bd1","weight":3},{"event_id":2954,"event_guid":"62a79191-ca6a-48ea-b747-8cf13faa75cb","weight":3},{"event_id":3597,"event_guid":"87092ad2-d3fd-4a37-bb58-1fe71217a06b","weight":4},{"event_id":3607,"event_guid":"64c07cb5-ec19-4972-a2c8-96c0e0df83c6","weight":14},{"event_id":3615,"event_guid":"74783236-46f4-493c-9574-1b27a44847b7","weight":7},{"event_id":3640,"event_guid":"700a07e7-a9c4-437b-a4c5-4491b23a9b4a","weight":6},{"event_id":3695,"event_guid":"c300b194-2a85-4705-92aa-b4e789882303","weight":3},{"event_id":3708,"event_guid":"aaec73e9-66b9-46d2-aa0f-9f43018198ea","weight":5},{"event_id":3761,"event_guid":"b598ebbf-0fc6-4127-bb9d-20ae18f1171d","weight":3},{"event_id":3818,"event_guid":"adb3ca92-d333-4a8d-b44a-09b3bbb75656","weight":4},{"event_id":4866,"event_guid":"117a52b4-f675-49dd-aafe-659c07b6bc9c","weight":4}],"recordings":[{"size":49,"length":3616,"mime_type":"audio/opus","language":"deu","filename":"32c3-7343-de-Beyond_Anti_Evil_Maid.opus","state":"downloaded","folder":"opus-translation","high_quality":true,"width":null,"height":null,"updated_at":"2015-12-30T15:17:26.205+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/opus-translation/32c3-7343-de-Beyond_Anti_Evil_Maid.opus","url":"https://api.media.ccc.de/public/recordings/9319","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":55,"length":3616,"mime_type":"audio/mpeg","language":"deu","filename":"32c3-7343-de-Beyond_Anti_Evil_Maid.mp3","state":"downloaded","folder":"mp3-translated","high_quality":true,"width":null,"height":null,"updated_at":"2015-12-30T15:17:13.191+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/mp3-translated/32c3-7343-de-Beyond_Anti_Evil_Maid.mp3","url":"https://api.media.ccc.de/public/recordings/9317","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":null,"length":null,"mime_type":"application/x-subrip","language":"eng","filename":"DRAFT_32c3-7343-en-de-Beyond_Anti_Evil_Maid.en_DRAFT.srt","state":"todo","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2022-01-15T18:02:38.549+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/DRAFT_32c3-7343-en-de-Beyond_Anti_Evil_Maid.en_DRAFT.srt","url":"https://api.media.ccc.de/public/recordings/50728","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":213,"length":3625,"mime_type":"video/mp4","language":"eng-deu","filename":"32c3-7343-en-de-Beyond_Anti_Evil_Maid_sd.mp4","state":"downloaded","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2016-02-03T14:13:07.208+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/h264-sd/32c3-7343-en-de-Beyond_Anti_Evil_Maid_sd.mp4","url":"https://api.media.ccc.de/public/recordings/9316","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":212,"length":3625,"mime_type":"video/webm","language":"eng-deu","filename":"32c3-7343-en-de-Beyond_Anti_Evil_Maid_webm-sd.webm","state":"downloaded","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2016-02-03T14:13:07.475+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/webm-sd/32c3-7343-en-de-Beyond_Anti_Evil_Maid_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/9320","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":49,"length":3616,"mime_type":"audio/opus","language":"eng","filename":"32c3-7343-en-Beyond_Anti_Evil_Maid.opus","state":"downloaded","folder":"opus","high_quality":true,"width":null,"height":null,"updated_at":"2015-12-30T00:06:05.080+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/opus/32c3-7343-en-Beyond_Anti_Evil_Maid.opus","url":"https://api.media.ccc.de/public/recordings/9148","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":411,"length":3625,"mime_type":"video/mp4","language":"eng","filename":"32c3-7343-en-Beyond_Anti_Evil_Maid.mp4","state":"downloaded","folder":"h264-hd-web","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-02-03T14:12:12.851+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/h264-hd-web/32c3-7343-en-Beyond_Anti_Evil_Maid.mp4","url":"https://api.media.ccc.de/public/recordings/8785","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":536,"length":3625,"mime_type":"video/webm","language":"eng-deu","filename":"32c3-7343-en-de-Beyond_Anti_Evil_Maid_webm-hd.webm","state":"downloaded","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-02-03T21:01:46.858+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/webm-hd/32c3-7343-en-de-Beyond_Anti_Evil_Maid_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/9315","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":411,"length":3625,"mime_type":"video/mp4","language":"deu","filename":"32c3-7343-de-Beyond_Anti_Evil_Maid.mp4","state":"downloaded","folder":"h264-hd-web","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-02-03T14:12:13.047+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/h264-hd-web/32c3-7343-de-Beyond_Anti_Evil_Maid.mp4","url":"https://api.media.ccc.de/public/recordings/8786","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":448,"length":3625,"mime_type":"video/mp4","language":"eng-deu","filename":"32c3-7343-en-de-Beyond_Anti_Evil_Maid_hd.mp4","state":"downloaded","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-02-03T14:12:13.270+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/h264-hd/32c3-7343-en-de-Beyond_Anti_Evil_Maid_hd.mp4","url":"https://api.media.ccc.de/public/recordings/8787","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"},{"size":55,"length":3616,"mime_type":"audio/mpeg","language":"eng","filename":"32c3-7343-en-Beyond_Anti_Evil_Maid.mp3","state":"downloaded","folder":"mp3","high_quality":true,"width":null,"height":null,"updated_at":"2015-12-30T00:11:10.116+01:00","recording_url":"https://cdn.media.ccc.de/congress/2015/mp3/32c3-7343-en-Beyond_Anti_Evil_Maid.mp3","url":"https://api.media.ccc.de/public/recordings/9149","event_url":"https://api.media.ccc.de/public/events/b5d1079a-7d72-45b1-8328-e5c3e60944c1","conference_url":"https://api.media.ccc.de/public/conferences/32c3"}]}