Along with the Applescripts comes a very extensive Read Me file that has a lot of general tips as well as how to use/edit the scripts. In all honesty, I'd never heard of the Firewire vulnerability before perusing the Read Me, and I'm supposed to be on top of this stuff.
So what do the scripts do? As Adam writes:
The primary app is a simple toggle that will change your laptop to a 'Secure Mode' which implements the following security features:
- A password is now required to unlock the screen on waking the system from sleep (like after having the lid closed), or once the screensaver has become active.
- The unit will have the screensaver activate after 10 minutes.
- The display will sleep after 20 minutes of inactivity.
- The system will sleep after 30 minutes of inactivity.
- Firewire will be disabled - thus illuminating the threat of a DMA (Direct Memory Access) attack.
When toggled again, all the security features listed above go back to normal 'Home Mode':
- No password is required to wake the system or deactivate the screensaver.
- Both display and system sleep are set to 'Never'.
- Firewire will work normally.
As a convenient means of identifying the system's current security status, the Dock position will change in 'Secure Mode' to the left of the screen, and back to the bottom in 'Home Mode'.
The secondary helper app SM Fw-Disabler, when set as a login item, will make sure that whatever mode the system is in when it is shut down, will continue when restarted until the user chooses to change it.
Both scripts store your user name and password in plain text, so you need to keep the scripts on an encrypted volume. FileVault instructions are included in the Read Me for this purpose. Also...
As stated in the script comments, all the settings in the script including the sleep/screensaver times and Dock position changes can be set if the above are not to the user's liking. Those who are great at Applescript will have no trouble at this, but for those who might like some tips, just leave a comment here on the blog and I'll reply ASAP.
Finally, the Read Me concludes with some not-commonly-known tips on PCMCIA expansion bays, Open Firmware passwords, and TrueCrypt. All in all, this is great stuff, so download the scripts and the Read Me at the following Mediafire link:
(updated to version 2.0, addressing Finder-lockup problems in the previous release)
PowerPC Security v2.0.zip
(ADDED: This can also be useful for Snow Leopard. It'll take some tinkering with the Applescript, but leave a comment and Adam will be glad to help.)
Post a Comment