Do Not Disturb for Mac

Detecting physical tampering on macOS

Do Not Disturb is a free, open-source macOS utility that helps spot when someone has accessed your machine without permission. It’s designed to protect users who worry about physical attacks—such as the so-called “evil maid” scenario—where an adversary gains hands-on access to a device to alter or exfiltrate data.

The problem it addresses

Physical-access attacks bypass many remote protections because an attacker can modify firmware, swap drives, or install hardware/software backdoors. Do Not Disturb adds a local monitoring layer intended to alert you to signs that someone has tried to tamper with your computer.

How it detects suspicious activity

• Watches for meaningful changes and events that commonly indicate tampering.
• Logs and inspects indicators so unexpected modifications can be noticed quickly.
• Runs quietly in the background to preserve usability while continuously monitoring.

Notifications and configuration

Do Not Disturb lets you tailor how and when you’re notified about potential intrusions. You can choose what kinds of events trigger alerts and how those alerts are delivered so you stay informed without being overwhelmed.

Cost and intended users

This project is distributed at no charge, making it a practical option for individuals who want extra protection without buying commercial security products. It’s especially useful for users who keep sensitive information on laptops or other portable Macs that might be exposed to physical access.

Other options to consider

• Commercial endpoint-security suites that include tamper detection and professional support.
• Cisdem Data Recovery (free) for situations focused on recovering files rather than monitoring physical access.
• Community-maintained security tools and utilities that provide complementary protections or additional detection methods.