install difficulty.

.gitignore

@@ -52,3 +52,5 @@ docs/_build/
 
 # PyBuilder
 target/
+
+.idea

README.md

@@ -2,40 +2,53 @@
 
 « usbkill » is an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer.
 
-> The project is still under development but it does work and is effective.
-
 To run:
 
 ```shell
 sudo python usbkill.py
 ```
+or
+```shell
+sudo python3 usbkill.py
+```
+
+Related project; same idea, but implemented as a Linux driver: https://github.com/NateBrune/silk-guardian
+
 
 ### Why?
 
-There are 3 reasons (maybe more?) to use this tool:
+Some reasons to use this tool:
 
-- In case the police or other thugs come busting in (or steal your laptop from you when you are at a public library as happened to Ross). The police commonly uses a « [mouse jiggler](http://www.amazon.com/Cru-dataport-Jiggler-Automatic-keyboard-Activity/dp/B00MTZY7Y4/ref=pd_bxgy_pc_text_y/190-3944818-7671348) » to keep the screensaver and sleep mode from activating.
-- You don't want someone to install backdoors or malware on your computer or to retrieve documents from your computer via USB.
-- You want to improve the security of your (Full Disk Encrypted) home or corporate server (e.g. Your Raspberry).
+- In case the police or other thugs come busting in (or steal your laptop from you when you are at a public library, as happened to Ross). The police commonly uses a « [mouse jiggler](http://www.amazon.com/Cru-dataport-Jiggler-Automatic-keyboard-Activity/dp/B00MTZY7Y4/ref=pd_bxgy_pc_text_y/190-3944818-7671348) » to keep the screensaver and sleep mode from activating.
+- You don’t want someone to add or copy documents to or from your computer via USB.
+- You want to improve the security of your (encrypted) home or corporate server (e.g. Your Raspberry).
 
-> **[!] Important**: Make sure to use full disk encryption! Otherwise they will get in anyway.
+> **[!] Important**: Make sure to use disk encryption for all folders that contain information you want to be private. Otherwise they will get it anyway. Full disk encryption is the easiest and surest option if available
 
 > **Tip**: Additionally, you may use a cord to attach a USB key to your wrist. Then insert the key into your computer and start usbkill. If they steal your computer, the USB will be removed and the computer shuts down immediately.
 
 ### Feature List
-
-- Compability with Linux, *BSD and OS X
-- Shutdown the computer when there is USB activity
-- Ability to whitelist an USB device
-- Ability to change the check interval (default: 0.5)
-- Work perfectly in sleep mode (OS X)
-- Low memory consumption
-- No dependency except Python
-
-and more to come! Custom commands for when a USB change is observed will be implemented.
+(version 1.0-rc.4)
+- Compatible with Linux, *BSD and OS X.
+- Shutdown the computer when there is USB activity.
+- Customizable. Define which commands should be executed just before shut down.
+- Ability to whitelist a USB device.
+- Ability to change the check interval (default: 250ms).
+- Ability to melt the program on shut down.
+- RAM and swap wiping.
+- Works with sleep mode (OS X).
+- No dependency except secure-delete iff you want usbkill to delete files/folders for you or if you want to wipe RAM or swap. ```sudo apt-get install secure-delete```
+- Sensible defaults
+
+
+### Supported command line arguments (partially for devs):
+
+- -h or --help: show help message, exit.
+- --version: show version of the program, exit.
+- --no-shut-down: if a malicious change on the USB ports is detected, execute all the (destructive) commands you defined in settings.ini, but don’t turn off the computer.
+- --cs: Copy program folder settings.ini to /etc/usbkill/settings.ini
 
 ### Contact
 
 [[email protected]](mailto:[email protected]) - PGP/GPG Fingerprint: 8764 EF6F D5C1 7838 8D10 E061 CF84 9CE5 42D0 B12B
 
-

install/usbkill

@@ -0,0 +1,37 @@
+#!/usr/bin/env python
+
+#             _     _     _ _ _ 
+#            | |   | |   (_) | |
+#  _   _  ___| |__ | |  _ _| | |
+# | | | |/___)  _ \| |_/ ) | | |
+# | |_| |___ | |_) )  _ (| | | |
+# |____/(___/|____/|_| \_)_|\_)_)
+#
+#
+# Hephaestos <[email protected]> - 8764 EF6F D5C1 7838 8D10 E061 CF84 9CE5 42D0 B12B
+# <https://github.com/hephaest0s/usbkill>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+
+import os
+
+# Check if program is run as root, else exit.
+# Root is needed to power off the computer.
+if not os.geteuid() == 0:
+	import sys
+	sys.exit("\n[ERROR] This program needs to run as root.\n")
+
+import usbkill
+usbkill.go()

install/usbkill.ini

@@ -0,0 +1,153 @@
+#             _     _     _ _ _ 
+#            | |   | |   (_) | |
+#  _   _  ___| |__ | |  _ _| | |
+# | | | |/___)  _ \| |_/ ) | | |
+# | |_| |___ | |_) )  _ (| | | |
+# |____/(___/|____/|_| \_)_|\_)_)
+#
+#
+# Hephaestos <[email protected]> - 8764 EF6F D5C1 7838 8D10 E061 CF84 9CE5 42D0 B12B
+# <https://github.com/hephaest0s/usbkill>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+[config]
+
+######################## ######################## 
+# First are settings about usbkill behavior, then about the kill/destruction commands
+######################## ######################## 
+
+######################## 
+# Usbkill behavior commands:
+
+# whitelist
+# sleep
+# log_file
+######################## 
+
+# Whitelist command lists the USB ids that you want whitelisted
+# How to get the correct usbid for your trusted USB device?
+# BSD/Linux: run "lsusb", the usbid will looks like this: 0123:9abc
+# Mac OS X: run "system_profiler SPUSBDataType" in the terminal and find the Vendor/Product ID, it will looks like this:
+# > Product ID: 0x8403
+# > Vendor ID: 0x05ac  (Apple Inc.)
+# Take the 4 characters after the 0x and merge them (Vendor ID first), it will look like: 05ac:8403
+# Be warned! Other parties can copy your trusted usbid to another usb device!
+# use whitelist command and single space separation as follows:
+# whitelist = ["4c2a:d2b0", "0b2d:a2c4"]
+# To allow multiple (2 and 4) USBs with same id: [ {"4c2a:d2b0":2}, {"0b2d:a2c4":4}] or
+# [ "4c2a:d2b0","4c2a:d2b0", "0b2d:a2c4", ..., "0b2d:a2c4" ] (be consistent)
+whitelist = []
+
+# allow for a certain amount of sleep time between checks, e.g. 0.25 seconds:
+sleep = 0.25
+
+# Log file location:
+log_file = /var/log/usbkill/usbkill.log
+
+
+######################## 
+# Usbkill destruction commands:
+# N.B: all these commands are executed in the following order, except that ram and swap-wipe are in parallel.
+
+# remove_file_cmd
+# files_to_remove
+# folders_to_remove
+# melt_usbkill
+
+# kill_commands
+# do_sync
+
+# wipe_ram
+# wipe_ram_cmd
+# wipe_swap
+# wipe_swap_cmd
+######################## 
+
+##########
+# Remove commands:
+
+# remove_file_cmd
+# files_to_remove
+# folders_to_remove
+# melt_usbkill
+##########
+
+# use srm to remove files.
+# Check srm --help for available options
+remove_file_cmd = srm -l
+
+# What files should be removed upon a kill?
+# Provide absolute paths to the files (paths that start with '/' or '~').
+# Use " not ' to define the strings, e.g.:
+# files_to_remove = ["~/Desktop/contacts.txt", "~/Desktop/dpr_journal.txt"]
+files_to_remove = []
+
+# What folders should be removed upon a kill?
+# Provide absolute paths to the files (paths that start with '/' or '~').
+# Content in folders will be removed recursively
+# Use " not ' to define the strings, e.g.:
+# folders_to_remove = ["~/Desktop/sensitive/", "~/Desktop/dpr_journal_entries/"]
+folders_to_remove = [ ]
+
+# Remove log (folder) and settings (folder) and usbkill program (folder) upon kill?
+# This might be usefull if you only encrypt portions of your disk (home folder or volumes).
+# Make sure to sync the system (using do_sync=True) if this is a critical feature for you.
+# (True/False)
+melt_usbkill = False
+
+
+##########
+# Custom commands:
+
+# kill_commands
+# do_sync
+##########
+
+# Custom kill commands that can not be specified using above described mechanisms.
+# This is where you want to release volumes, etc.
+# These commands will run in order and as root, as the last commands.
+# Sync should be activated once more if you want to sync 
+# Use " not ' to define the strings, e.g.:
+# kill_commands = [ "bash ~/scripts/destroy.sh", "sync" ]
+kill_commands = [ ]
+
+# Should usbkill sync the file system for you?
+# This should not be a problem on most computers.
+# Sync will save some of your work to disk before killing your computer.
+do_sync = True
+
+##########
+# Wipe commands:
+# Note: if both are set, the commands are excecuted in parallel.
+# These commands will take a long time to complete and also make the device unresponsive!
+# These commands will greatly stall the halting of your system!
+
+# do_wipe_swap
+# wipe_swap_cmd
+# do_wipe_ram
+# wipe_ram_cmd
+##########
+
+
+# Set do_wipe_ram to True in order clean the ram.
+do_wipe_ram = False
+# Check sdmem --help for available options
+wipe_ram_cmd = sdmem -fll
+
+# Set do_wipe_swap to True in order clean the swap.
+do_wipe_swap = False
+# Check sswap --help for available options
+wipe_swap_cmd = sswap -l
+

setup.py

@@ -0,0 +1,47 @@
+#!/usr/bin/env python
+
+#             _     _     _ _ _ 
+#            | |   | |   (_) | |
+#  _   _  ___| |__ | |  _ _| | |
+# | | | |/___)  _ \| |_/ ) | | |
+# | |_| |___ | |_) )  _ (| | | |
+# |____/(___/|____/|_| \_)_|\_)_)
+#
+#
+# Hephaestos <[email protected]> - 8764 EF6F D5C1 7838 8D10 E061 CF84 9CE5 42D0 B12B
+# <https://github.com/hephaest0s/usbkill>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+
+from distutils.core import setup
+from os import path
+
+DIRNAME = path.dirname(path.realpath(__file__))
+
+name = lambda x : path.join(DIRNAME, x)
+
+setup(name='usbkill',
+      version='1.0-rc.4',
+      description='usbkill is an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer.',
+      author='Hephaestos',
+      author_email='[email protected]',
+      license='GPLv3',
+      url='https://github.com/hephaest0s/usbkill',
+
+      packages=['usbkill'],
+      scripts=[name('install/usbkill')],
+      data_files=[ ('/etc/', [ name('install/usbkill.ini') ]) ]
+     )
+