YoNTMA
YoNTMA (You’ll Never Take Me Alive!) is a tool designed to enhance BitLocker’s data protection on Windows laptops. YoNTMA ensures that if your laptop is physically stolen while it is powered on, sensitive data (such as disk encryption keys) does not persist in memory for an attacker to recover via a DMA or cold boot attack.
YoNTMA runs as a background service and begins monitoring your computer any time the screen is locked. If the power cable or Ethernet cable is disconnected from the system while your laptop is locked, YoNTMA will immediately hibernate the machine to ensure that the disk encryption keys do not remain in RAM. This ensures that if a thief walks off with your powered-on laptop, your encrypted data stays protected.
Pre-requisites:
- Windows Vista, Windows 7, or Windows 8
- BitLocker enabled on operating system volume
The project is hosted on GitHub at the following URL: https://github.com/iSECPartners/yontma