Security experts often warn that it’s much easier for hackers to compromise a device if they have physical access to it. This security scenario is often referred to as an “evil maid” attack, the idea being that an attacker could sneak into a target’s hotel room and tamper with his laptop while he’s out of the room – or, in Patrick Wardle’s case, out on a Tinder date.
Wardle, a former NSA hacker turned security researcher, was on a date in Moscow when he began to suspect he’d been lured away from his hotel room – and laptop – intentionally. The experience inspired him to create Do Not Disturb, a new app that will alert users if someone messes with their Mac.
Do Not Disturb sends users a notification as soon as someone opens the lid of their computer. The iOS app also allows a user to take a photograph of the person using the computer via the webcam, shut the computer off, or record screen activity.
“The majority of ‘evil maid’ attacks require an active, awake computer,” Wardle told Wired. “So Do Not Disturb runs on your Mac and monitors for lid-open events, which are kind of a generic precursor for a lot of physical-access attacks. If someone tries to break into your device, it alerts you.”
The Do Not Disturb app for Mac is free, but the iOS app will have annual subscription pricing. If users want all the benefit without the cost, they can opt for email alerts instead of push notifications.
Wardle isn’t only familiar with evil maid attacks as a potential target; he’s also executed his own evil maid exploit on-camera for Vice News. The experience showed that alerting users when their laptop is opened isn’t a foolproof defence against evil maid attacks – nothing is a failsafe against an experienced hacker, but Do Not Disturb is a good start.
[Wired]