DEV Community

Cover image for swiftGuard — Anti-forensic app to safeguard your USB ports.
Lennart
Lennart

Posted on

swiftGuard — Anti-forensic app to safeguard your USB ports.



Application Banner


Anti-forensic macOS tray application designed to safeguard your system by monitoring USB ports. It ensures your device's security by automatically initiating either a system shutdown or hibernation if an unauthorized device connects or a connected device is unplugged. It offers the flexibility to whitelist designated devices, to select an action to be executed and to set a countdown timer, allowing to disarm the shutdown process.


 

What it offers

  • Monitoring: Continuously monitors USB ports for device activity, even in sleep mode.
  • Whitelisting: Allows users to whitelist authorized devices, ensuring hassle-free connectivity.
  • Discrete: Operates in the macOS system tray, minimizing interruptions.
  • Customizable: Allows users to configure various settings, including action (shutdown/hibernate), countdown timer and whitelist.
  • Lightweight: Designed to consume minimal system resources for optimal performance.
  • Privacy: Does not require an internet connection, ensuring the privacy of your data.
  • Open Source: Provides transparency and allows community contributions for continuous development.

 

See it in Action!


Application Screenshots

Left: Manipulation button to defuse the alarm. Right: Whitelist and Settings menu.

 

Why should You care?

A few reasons to use this tool:

  • Anti-Forensic Measures: In case the police or other thugs break in. The police often use a mouse jiggler to prevent the screen saver or sleep mode from being activated.
  • Prevent Data Exfiltration: You do not want someone adding or copying documents to or from your computer via USB.
  • Public Environments: If you frequently use your Mac in public places like libraries or cafes, swiftGuard acts as an additional layer of security against physical attacks in a potentially vulnerable setting.
  • Server Protection: You want to improve the security of your home or company server (e.g. your Raspberry Pi, NAS, etc.).
  • Data Protection Regulations: Many industries and organizations are subject to strict data protection regulations. swiftGuard helps maintain compliance by preventing unauthorized data transfers and access through USB ports.

Tip: You might also want to use a cord to attach a USB key to your wrist. Then plug the key into your computer and
run swiftGuard. If your computer is robbed, the USB is removed and the computer shuts down immediately.

 

What Features are planned next?

  • Bluetooth: If a Bluetooth Device (tries to) connect(s), or if a new Bt Device comes near you MacBook, swiftGuard will shutdown/hibernate.
  • More Actions: When it detects a Manipulation swiftGuard is able to delete or encrypt files/folders, wipe ram, send an email notification, ...)
  • Custom Actions: You can define custom shell/python commands to be executed, e.g., run a script.
  • Linux Support: Cross-platform support.
  • Encryption: More security on top, with password protected configuration and defusing.
  • Auto Start/Update: I think this one is clear.

 

Getting started!

Visit the GitHub Repository to explore the code, contribute to development, or download the latest release.


swiftGuard

Top comments (0)