||1 month ago|
|include||1 month ago|
|.gitignore||1 month ago|
|Makefile||1 month ago|
|README.md||1 month ago|
|bka.c||1 month ago|
BKA Kernel Armor
BKA Kernel Armor (or bka for short) is a kernel module aimed to minimize the risk of law enforcement or other bad actors compromising you computer. It detects newly attached USB devices and, if enabled, shuts down the machine.
Configuration is done through module parameters. The following parameters currently exist:
- 0: protection is disabled, meaning it is possible to attach new USB devices. These devices are then added to the global allowlist.
- 1: protection is enabled, meaning it is not possible to attach new USB devices.
- 0: don't shutdown when encountering new USB devices, only disable the device
- 1: do a regular poweroff when encountering a new USB device
- 2: do an emergency poweroff when encountering a new USB device (may lead to data loss)
These values may be specified either through the command line when loading them:
insmod bka.ko protection=1 shutdown=1
or after loading them, through the sysfs interface:
echo 1 > /sys/module/bka/parameters/protection echo 1 > /sys/module/bka/parameters/shutdown
The basic procedure: just type
You need your kernel headers installed, though.
BKA is also shorthand for Bundeskriminalamt, the German pendant to the FBI.