There are multiple types of attacks that can be performed once the attacker gets physical access to the device. They are commonly known as evil maid attacks, based on the scenario where a hotel maid can subvert unattended devices left in the room. Many of them have been addressed during the last few years, let's have a look at the most common techniques:
- DMA attack: Attackers can get access to the content of the RAM that contains sensitive information through the Direct Memory Access mechanism. An example of such a threat is ThunderClap, utilizing Thunderbolt ports.
- Cold boot attack: Attackers rely on the data remanence property of the RAM. The target machine is cold-booted (after a hard reboot), using an OS from the removable disk. After this, the attacker dumps the content of the pre-boot physical memory into a file. The firmware password aims to defeat this type of attack by requesting authentication before letting anybody boot from an external drive.
- Direct access to a...