Uncategorized

DoNotDisturb: now with email support (and YONTMA)

Re: https://firmwaresecurity.com/2018/04/25/donotdisturb-detect-evil-maid-attacks/

someone has created some more Mac-centric Evil Maid detection code:

https://github.com/ptrckhbr/scripts/blob/master/applescript/DND.scpt

I wish someone would collect all the various FW/OS-centric ways to check for Evil Maids, and write a tool that covers all of them. Here’re some other ways, via You’ll Never Take Me Alive (YONTMA) from iSEC Partners (now NCC Group):

https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2013/march/yontma-youll-never-take-me-alive/
https://github.com/iSECPartners/yontma
https://github.com/iSECPartners/yontma-mac

 

Standard

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s