For the last two years I've carried a honeypot laptop with me every time I traveled. I checked it in my luggage, left it unattended in my hotel rooms. After each trip, I did forensic analysis on the laptop to detect if it had been tampered with.
I wrote about my experience and methodology here: https://theintercept.com/2018/04/28/computer-malware-tampering/
I hoped that, if an evil maid attacker tried tampering with my laptop, I would not only discover the attack, but learn how it works, and possible who was behind it. Unfortunately (fortunately?), I didn't discover any evil maids.
I installed Debian on the laptop. Before each trip, I removed the hard disk and took checksums of the partitions and the disk header. I also dumped the BIOS firmware. After each trip, I did the same, and compared to see if they matched.
I learned a lot about hardware hacking and got to use free software BIOS tools like chipsec, EUFITool, and flashrom.
It was a lot of fun! I go into much more technical detail in the article.
@micahflee That's awesome!
