• Features
• Screenshots
• Why?
• Installation
• Usage
  • GUI
  • CLI
• Development
• Credits
• License

• Monitoring: Continuously monitors USB ports for device activity, even in sleep mode.
• Whitelisting: Allows users to whitelist authorized devices, ensuring hassle-free connectivity.
• Discrete: Operates in the macOS system tray, minimizing interruptions.
• Customizable: Allows users to configure various settings, including action (shutdown/hibernate), countdown timer and whitelist.
• Lightweight: Designed to consume minimal system resources for optimal performance.
• Privacy: Does not require an internet connection, ensuring the privacy of your data.
• Open Source: Provides transparency and allows community contributions for continuous development.

Left: Manipulation button to defuse the alarm. Right: Whitelist and Settings menu.

A few reasons to use this tool:

• Anti-Forensic Measures: In case the police or other thugs break in. The police often use a mouse jiggler to prevent the screen saver or sleep mode from being activated.
• Prevent Data Exfiltration: You do not want someone adding or copying documents to or from your computer via USB.
• Public Environments: If you frequently use your Mac in public places like libraries or cafes, swiftGuard acts as an additional layer of security against physical attacks in a potentially vulnerable settings.
• Server Protection: You want to improve the security of your home or company server (e.g. your Raspberry Pi, NAS, etc.).
• Data Protection Regulations: Many industries and organizations are subject to strict data protection regulations. swiftGuard helps maintain compliance by preventing unauthorized data transfers and access through USB ports.

Important: Make sure you use FileVault, macOS's built-in disk encryption feature, encrypt your entire disk, ensuring that your data remains secure even if your device falls into the wrong hands. Otherwise, unauthorized users may gain access to your data easily. System Preferences > Security & Privacy > Security > FileVault Do NOT enable iCloud Recovery!

Tip: You might also want to use a cord to attach a USB key to your wrist. Then plug the key into your computer and run swiftGuard. If your computer is robbed, the USB is removed and the computer shuts down immediately.

1. Obtain the most recent version by downloading it from Releases.
2. Open the downloaded swiftGuard.dmg file.
3. Drag the swiftGuard application into the Applications folder.
4. Grant necessary permissions by opening System Preferences > Security & Privacy > Privacy > Accessibility and adding swiftGuard to the list of applications. Do the same for Automation.
5. Open the swiftGuard application from the Applications folder.
6. swiftGuard should now appear in the macOS system tray.

1. Open the swiftGuard application from the Applications folder.
2. Click on the application icon in the macOS system tray to open the main menu.
3. Click the Guarding/Inactive entry to start or pause the guarding of your USB ports.
4. The Devices menu displays all allowed and connected devices. Allowed devices are indicated with a checkmark, even if they are not connected.
5. To add or remove a device from the whitelist, simply click on the corresponding device entry.
6. If manipulation is detected, an alert (Manipulation) will appear in the main menu. Clicking on it will reset the alarm. The Exit button will not work.
7. In the Settings menu you can set a delay (0 - 60 seconds) and an action (Shutdown or Hibernate). The delay determines how long swiftGuard will wait for you to reset/defuse the alarm before executing the action.

Notes:

• swiftGuard alerts you if devices are removed that were connected before or while the application was started, except you add them to the whitelist.
• Connecting new devices will always trigger an alert, if these devices are not whitelisted.
• If you encounter any problems, please check the log file in the ~/Library/Logs/swiftGuard folder.
• Your settings and whitelisted devices are stored in the ~/Library/Preferences/swiftGuard/swiftguard.ini file.

You can run swiftGuard as a simple Python script from the command line without a graphical user interface (GUI). This is useful when operating swiftGuard on a headless system or saving system resources. However, you will lose the ability to defuse the shutdown process via the GUI, but you can kill the swiftGuard process from the command line instead. The preferences and whitelists are stored in the same location as the GUI version and can be edited manually. For further information, please refer to the worker.py file located in the src/swiftGuard directory.

1. Open a terminal and navigate to the desired directory.

   cd ~/Desktop

2. Clone the repository.

   git clone https://github.com/Lennolium/swiftGuard.git

3. Navigate to the source directory.

   cd swiftGuard/src/swiftGuard

4. Install the requirements in a new virtual environment.

   python3 -m venv venv
   source venv/bin/activate
   pip3 install -r requirements.txt

5. Run the worker.py.

   python3 worker.py

Notes:

• Settings/Whitelist: ~/Library/Preferences/swiftGuard/swiftguard.ini
• Logs: ~/Library/Logs/swiftGuard/swiftguard.log

As an open-source project, I strive for transparency and collaboration in my development process. I greatly appreciate any contributions members of our community can provide. Whether you are fixing bugs, proposing features, improving documentation, or spreading awareness - your involvement strengthens the project. Please review the code of conduct to understand how we work together respectfully.

• Bug Report: If you are experiencing an issue while using the application, please create an issue.
• Feature Request: Make this project better by submitting a feature request.
• Documentation: Improve our documentation by adding a wiki page.
• Community Support: Help others on GitHub Discussions.
• Security Report: Report critical security issues via our template.

This application is heavily inspired and based on project usbkill by Hephaestos. I want to thank him and all the other great contributors of usbkill for their great work, inspiration and help. I firmly believe in the principles of the open source community, which call for the sharing and enhancement of one another work. The purpose of this project is to revive an abandoned project and to support others in learning and comprehending the fundamentals of Python, Qt and macOS, and to develop their own projects.

Provided under the terms of the GNU GPL3 License © Lennart Haack 2023.

See LICENSE file for details.