

"You'll Never Take Me Alive" Released for Mac - paulgerhardt
https://isecpartners.github.io/news/tools/2014/05/09/yontma-mac-release.html

======
zx2c4
For the truly paranoid, this immediately cuts the power on a Linux system when
a chosen USB key is yanked out:

[http://git.zx2c4.com/knock-knock-token/tree/knock-knock-
toke...](http://git.zx2c4.com/knock-knock-token/tree/knock-knock-token.c)

------
lunixbochs
This is awesome, but what about hotplug? I think a DMA/coldboot attack
requires enough sophistication, adding hotplug to take the laptop isn't a huge
burden on top.

I guess it'd be harder for ethernet, but still feasible (and many people use
wireless - so the attacker could just work out of a van or room from wireless
range).

------
astrodust
Shouldn't it be "...for OS X" these days just as "for Windows" is better than
"for PC".

~~~
dewey
Apple itself advertises it's software "for Mac" [0] and not "for OS X" so I'd
say that's the right way to do it.

\- "GarageBand for Mac"

\- [0] [https://www.apple.com/support/mac-
apps/facetime/](https://www.apple.com/support/mac-apps/facetime/)

------
st3fan
Doesn't OS X already disable DMA access automatically when FileVault is
enabled and the screen is locked?

~~~
autodidakto
Sort of. We think. I dunno:

[https://security.stackexchange.com/questions/18720/how-
secur...](https://security.stackexchange.com/questions/18720/how-secure-is-
filevault-2-while-the-computer-is-in-sleep-mode)

~~~
autodidakto
Update:

[https://github.com/iSECPartners/yontma-
mac/issues/4](https://github.com/iSECPartners/yontma-mac/issues/4)

------
ryanmcbride
This looks pretty awesome. Is there any information as to how it impacts
battery life and resources? It seems pretty small so I'm guessing not much.

~~~
lunixbochs
How often do you lock your computer with ethernet plugged in but no power
cable?

~~~
ryanmcbride
An incredibly valid point.

------
Terretta
Kudos, iSEC. Love how you guys are always giving back.

