[HN Gopher] BusKill - A USB kill cord for laptops
___________________________________________________________________
BusKill - A USB kill cord for laptops
Author : favourable
Score : 255 points
Date : 2021-12-15 11:38 UTC (11 hours ago)
(HTM) web link (www.buskill.in)
(TXT) w3m dump (www.buskill.in)
| Hizonner wrote:
| That can trivially be done in software using any USB device at
| all. In fact, Tails has done it forever, and I bet other things
| have too.
|
| Total ripoff.
| lelandfe wrote:
| https://www.buskill.in/buskill-laptop-kill-cord-dead-man-swi...
| szszrk wrote:
| Also magnetic usb cables are quite easily available now. You
| could use any tiny usb device and add magnetic feature to it
| for around $10 or so.
| arein3 wrote:
| I guess the best way would be to auto lock the laptop if someone
| screams, no hardware needed and if they hold you, you can still
| scream to lock the laptop
| BrazzVuvuzela wrote:
| Just remember to whitelist the Wilhelm scream, otherwise you'll
| get a lot of false positives from any TV in the room.
| 323 wrote:
| But what if you have no mouth?
| jonnat wrote:
| This comment takes me back to when I didn't have kids.
| rje99 wrote:
| I feel I would somehow forget its there a lose all my data within
| the week...
| excalibur wrote:
| Yeah, setting it to destroy your data when removed isn't
| advisable outside of some very controlled settings.
| jdironman wrote:
| Not to mention, USB drives fail.
| DarthNebo wrote:
| Feel like this something similar can be accomplished for Macs
| using AirTags/Apple Watch proximity to do specific actions via
| Shortcuts App, instead of just locking/erasing remotely using
| 'Find My'.
| vladvasiliu wrote:
| I seem to remember Windows 10 has a similar feature. You can
| pair your phone with it, and it supposedly locks automatically
| when the phone goes away. I've never seen it work, though...
| minimaxir wrote:
| macOS Monterey added a "Erase All Content and Settings" feature
| that works like the iOS versions by deleting the encryption
| key, although as a result the feature only works on T2 and M1
| Macs which encrypt the data at rest even without FileVault.
|
| It wouldn't surprise me if Apple imports more emergency wipe
| features into macOS from iOS.
| Cthulhu_ wrote:
| Isn't that already a thing? IIRC you can configure your Mac to
| unlock if your Watch is in close proximity, so it should be
| possible to do the opposite when it goes out of range.
| DarthNebo wrote:
| Probably something the Shortcuts app could do, I couldn't
| find a Watch specific entry when creating one though. So it's
| just lock/unlock for now.
| ltultraweight wrote:
| I thought the self-destruct wouldn't run a script, but would
| actually be a physical attack on the laptop like the usb-killer
| v2 from a few years back.
| WesolyKubeczek wrote:
| Looks like "security LARPers" are at it again. I'd bet 99% of
| buyers will self destruct their laptop themselves, by
| accidentally bumping into the cord.
|
| And to think now, the same people are pushing the narrative how
| PGP is bad.
| maltfield wrote:
| Hi, I'm Michael Altfield (Founder of the BusKill project). I'll
| take that bet because I'm pretty sure <99% of people will ever
| enable the self-destruct triggers :)
|
| BusKill does not ship with destructive triggers. The current
| app is limited to locking your screen. Future releases will
| include soft/hard shutdown.
|
| We do have a "LUKS Header Shredder" trigger (which we call
| self-destruct as it renders all the data on the FDE disk
| useless), but we (intentionally) don't include it by default
| and raise the barrier of entry because of the risk of data
| loss.
|
| We'll be publishing a more detailed write-up on the LUKS Header
| Shredder in 2 weeks. You can subscribe for updates on our
| website (buskill.in) or the campaign directly (crowdsupply.com)
|
| Also, while I recognize there are limits in PGP, I encourage it
| and actively train journalists and activists on how to use it
| (though I do prefer messaging solutions that make e2ee required
| and use PFS like Signal, Threema, Wire, etc).
| martin_a wrote:
| Maybe I'm "spoiled" because in Germany there's a need to publish
| an imprint on all websites that are somehow "commercial" (having
| ads on it would be enough), but this is highly "dubious".
|
| No contact information (as in "who runs this?") is provided on
| the site. Privacy policy is not GDPR compliant (no contact
| information provided), no names, nothing.
|
| This might be fine for a personal blog, but for doing business
| this is (at least for me) a no-go.
| maltfield wrote:
| Hi martin_a, I'm Michael Altfield. I started the BusKill
| project in January 2020 with the following article on my blog:
|
| * https://tech.michaelaltfield.net/2020/01/02/buskill-
| laptop-k...
|
| The above article front-paged on Hacker News, and I got a _lot_
| of people asking me how they could buy one and use it in on
| Windows and MacOS. Over the past year, many people have
| contributed in porting it to those platforms (I originally just
| designed it for myself, and I use Linux).
|
| The BusKill project is not owned by me. All our work is open-
| source, and it's owned by the community. As such, I don't put
| just my name on it because it's not just my work. But if you
| dig around, you do see my name pop-up in a few places.
|
| The list of contributors can be found on our documentation's
| "Attribution" section.
|
| * https://docs.buskill.in/buskill-
| app/en/stable/attribution.ht...
|
| The main website is mostly just a landing page, blog, and a
| store so people can buy with cryptocurrencies and Tor since
| CrowdSupply doesn't run an Onion Service and doesn't accept
| crypto payments.
|
| Not everyone who has contributed to the BusKill project is
| still active, but some of us are. You can find our names &
| photos at the bottom of the Crowd Supply campaign page:
|
| * https://www.crowdsupply.com/alt-shift/buskill
|
| Contact information is provided on the website. There's a link
| to it in the Footer* and on the GitHub page. Not sure how I can
| make that more clear:
|
| * https://www.buskill.in/contact/
| Symbiote wrote:
| I'm not familiar with the German rules, but GDPR Art. 14 SS1
| says:
|
| > Where personal data relating to a data subject are
| collected from the data subject, the controller shall, at the
| time when personal data are obtained, provide the data
| subject with all of the following information:
|
| > (a) the identity and the contact details of the controller
| and, where applicable, of the controller's representative;
|
| Usually, these contact details are in the privacy policy.
|
| It's certainly unusual for a website to omit this, and in
| most cases I wouldn't buy from a site where it's missing. In
| this particular case, maybe it's less strange.
|
| However, I still wouldn't order without knowing from where
| the package will be sent. Something from Estonia arrives here
| without any import taxes, something from outside the EU can
| do (the CrowdSupply site says they handle VAT), but can also
| attract high processing fees.
|
| https://gdpr-info.eu/art-13-gdpr/
|
| (Note I'm not interested in buying a BusKill; I'm just
| procrastinating.)
| maltfield wrote:
| All orders are handled by CrowdSupply (via Mouser). They
| handle shipping, VAT, import taxes, etc.
|
| It certainly added cost to the final product, but I figured
| it was more fair & transparent to everyone to set shipping
| to $0 internationally (I hate it when you finally make it
| to payment and only then learn shipping is $20 :/).
| Symbiote wrote:
| It seems to be from (or in partnership with)
| https://www.altshift.in/ in Estonia, leading to
| https://twitter.com/MichaelAltfield
| maltfield wrote:
| Yes :) BusKill is an open-source project. AltShift is my
| company.
| paulcole wrote:
| Would you be happier if the site prevented you from viewing it?
| martin_a wrote:
| It's not about viewing/trying to track me, but we are talking
| about somebody trying to sell me something. Would you feel
| fine paying around 100 bucks to... well... whom?
|
| Just a website with no contact information, no names,
| adresses, business registration, whatever?
|
| As far as I can see, this could very likely be a scam of some
| sort, because anybody who's into doing "real", honest,
| business would be fine with giving his name and address.
| paulcole wrote:
| > Would you feel fine paying around 100 bucks to... well...
| whom?
|
| I'd feel fine deciding if I feel fine.
|
| That's also why I have a credit card. I can get scammed and
| not be out $100.
| martin_a wrote:
| Ok, so you get the item and it explodes in your face.
| Whom do you sue?
| paulcole wrote:
| Probably nobody!
| martin_a wrote:
| And you don't think there should at least be some
| possibility to hold someone liable in case something goes
| _terribly_ wrong?
| dspillett wrote:
| I would. It would save me the time spotting the red flags and
| backing away anyway.
|
| Though a couple of relevant regulations state this should not
| be done, and no site is going to send away a potential
| customer by saying "we don't want to follow your
| laws/regulations so can't do business with you" when they can
| instead just get away with just ignoring, or in the case of
| sites run from elsewhere in the world claim to have no no
| knowledge of, those regulations.
| paulcole wrote:
| > no site is going to send away a potential customer by
| saying "we don't want to follow your laws/regulations so
| can't do business with you"
|
| Many local US-based TV news/newspaper sites do this albeit
| with a slightly more opaque message. And customer still
| mostly fits because these sites are ad-supported (usually
| with a mix of local/non-local ads.
| thargor90 wrote:
| Yes, we are spoiled.
|
| I'm not sure it's even possible to have a valid contract with
| an unknown party...
| FDSGSG wrote:
| "Operator of buskill.in" does not seem like an unknown party?
| martin_a wrote:
| It is. What's the postal address of the "operator of
| buskill.in" so I can file claims with him?
| FDSGSG wrote:
| info@buskill.in
| martin_a wrote:
| You seem to misunderstand what a postal address is.
|
| The provided information on this website is not enough to
| do legally binding business (at least in some parts of
| Europe, it's not only Germany).
| FDSGSG wrote:
| In Germany you can enter into a verbal contract without
| any exchange of personal details. Why would a website be
| treated differently? I'm curious.
|
| As far as I understand German law is very flexible about
| what constitutes a valid legally binding contract.
| martin_a wrote:
| Chapter 2 and 3 of the "BGB" contain several paragraphs
| which define legal rights and obligations for doing
| business via the internet or telephone.
|
| SS312f for example defines that customers must receive "a
| copy of a contractual document signed by the contracting
| parties in such a way that their identity is
| identifiable" (translated via DeepL).
|
| A simple mail address is not an identity in German law,
| especially not when doing business with B2C as you always
| have a 14 day period to cancel your order (except for
| downloads and various, special products).
|
| edit: If you want to cancel, you must be able to do so
| via (offline) mail, too.
| FDSGSG wrote:
| Sure, they're not following the rules. Why would that
| affect the validity of your contract with them if you
| purchase good from them? Why would this contract not bind
| the seller?
| martin_a wrote:
| I don't think it is. Neither in B2B and especially not in
| B2C. Although I think the consequences would mostly be worse
| for the customer, not the seller.
| bserge wrote:
| If they wanted to be dubious, they could've put up some
| fake/stolen information.
|
| Then you wouldn't question it, which just makes the whole thing
| rather useless.
|
| I always found it funny how people trust Stiftung Warentest.
| It's the German equivalent to "Which?", but at least Brits know
| they're full of shit.
| noasaservice wrote:
| https://github.com/hephaest0s/usbkill
|
| This does the same thing, but you can use any USB hardware as the
| entry/remove trigger. And you can script it to whatever you want.
|
| But... that doesn't sell unneeded hardware.
| maltfield wrote:
| usbkill is a bit backwards from BusKill.
|
| usbkill triggers when a device is inserted. BusKill triggers
| when a device is removed. It's an important difference.
|
| I actually didn't start BusKill to sell devices. It was
| originally a DIY project. The problem is that after I published
| the article describing how to make it, the one manufacturer of
| USB-A magnetic breakaways EOL'd their product and it sold-out
| (my & Hacker New's fault). It also wasn't for sale outside the
| US.
|
| This campaign is a response to people who asked me how they
| could build their own USB-A cable with a magnetic breakaway.
| Before they couldn't. Now they can.
|
| * https://buskill.in/buy
|
| Of course, you can still build your own. We encourage it. All
| our designs are open-source.
|
| * https://docs.buskill.in/buskill-
| app/en/stable/hardware_dev/i...
| k1rcher wrote:
| This is very cool to see. When I discovered and subsequently
| purchased my framework back in October I had an idea for a
| homebrewed, 3D printed expansion card, where plugging it
| in/activating it immediately executes dban (or some other, better
| alternative).
|
| Or you could always just carry an enormously strong electromagnet
| on you :-)
|
| Very keen on picking one of these up purely for the novelty,
| price isn't too bad. Although I think the demographic who would
| and could actually benefit from a failsafe for having their
| laptop physically yanked away from them is quite small.
| maltfield wrote:
| Our target demographic is mostly journalists.
|
| Keep an eye on the number of journalists who are murdered in
| oppressive regimes. It's very sad :'(
|
| * https://rsf.org/en/ranking
| yholio wrote:
| Good to have if you run a dark net marketplace or a political
| disident ring from public libraries.
|
| An additional refinement is to autolock the device if a certain
| personal key combo (ex. Shit - vol up - vol down) is not pressed
| every few minutes in response to an audible click. If not
| unlocked in a minute or so with a complex password, the device
| halts to a disk encrypted state and unpowered ram, minimizing the
| window attackers have to recover RAM state.
| Jerrrry wrote:
| Instead of a personal key combo, a dongle with an OTP code.
|
| Both the dongle and the computer have accelerometer-bump-tilt-
| oh-fuck-support.
|
| A OTP has to be entered every 5 minutes, or a secure
| screen/dead sequence starts.
|
| Sudden accelerated movements or a lack of presence-detection
| would also start the sequence.
| MayeulC wrote:
| I once wrote a script to automatically lock my computer if I
| got too far away from it, back when I was wearing a bluetooth
| wristband.
|
| I guess you could do the same, but shut down the computer
| instead.
| reaperducer wrote:
| _I once wrote a script to automatically lock my computer if
| I got too far away from it, back when I was wearing a
| bluetooth wristband._
|
| I had a program like this back in PowerBook days. It
| automatically unlocked the computer if a specified
| Bluetooth signal reached a particular strength, and locked
| the computer again if the signal strength fell below
| another threshold.
|
| It worked great, when it worked. It had maybe a 70% success
| rate, but that was good enough.
| ComputerGuru wrote:
| Windows 10 does this automatically if you pair your phone
| to your Windows 10 PC via bluetooth. When you walk away, it
| locks the screen.
| nefitty wrote:
| Unfortunately, iOS-provided location resolution for use in
| shortcuts makes it worthless for in-home use. Unless you
| live in a mansion though I guess.
| MayeulC wrote:
| You are assuming the signal is strong enough to be read
| at a distance. I just used the RSSI, and going away a few
| meters was enough. Moreover, since that was just a nicety
| in case I forgot to lock my computer during a corridor
| conversation, I could get away with a longer timeout.
|
| A more sophisticated implementation could be done if you
| can write software on the device. A PineTime would be
| perfect for this.
|
| I am not sure why mention iOS specifically, a phone is
| easily forgettable. Moreover, you don't really need to
| rely on any location API provided by the system, even if
| UWB or Bluetooth Location Services would do wonders for
| this, a simple RTT latency measurement or RSSI value
| should be enough.
| nefitty wrote:
| I always carry my phone, even if moving to another room.
| I assumed that a similar behavior is why you got rid of
| your wristband.
| MayeulC wrote:
| No, I got rid of it for multiple other reasons: started
| using a mechanical watch again, got rid of all
| proprietary software on my phone (though I used
| gadgetbridge for a while), realized anybody could just
| track me as the band was broadcasting the same MAC
| address everywhere.
|
| I also got multiple LG watch R, I'm probably going to
| fiddle a bit with them when I have time, hopefully
| mainlining them and porting postmarketos over. I'm open
| to trying again with those. In the end, I don't really
| have sensitive documents on a laptop (besides work-
| related confidential stuff), so I'm not sure I'd crank
| paranoia to 11.
|
| As for my phone, I often pull it out of my pocket and
| leave it on my desk, or abandon it somewhere, charging or
| powered off -- I should probably be more careful with
| that, but people know to expect some latency when
| contacting me.
| vkou wrote:
| If the feds are pinching you for computer crime in a public
| space, this is exactly why they'd handcuff you, but keep
| you within ~10 feet of your laptop.
| Jerrrry wrote:
| heartbeat monitor.
|
| unless they hit you with the cryo, too.
| goodpoint wrote:
| > Good to have if you run a dark net marketplace or a political
| disident ring from public libraries.
|
| ...and expose the contents of the screen to any camera with a
| good zoom? And the passwords you type? Not good.
|
| It's just an very overpriced thing that can protect you from a
| thief and not the FBI.
| generalizations wrote:
| He's making a reference to dread pirate Roberts. This was the
| threat model.
| zionic wrote:
| Wouldn't it make sense to remove the battery on your laptop
| entirely? With a modified magsafe-like power cord any attempt
| to grab the machine hard-kills the system and RAM begins
| degrading immediately. Epoxy over the screw terminals would
| also delay an attacker long enough to prevent freezing the RAM
| with compressed air to try and dump RAM via an exploit kit.
| tarboreus wrote:
| I think the idea is that you might only have about a second
| to kill the device. Yes, you can throw your computer in a
| bathtub of saltwater or whatever but that's not really the
| point.
| jacquesm wrote:
| You better make sure that 'tampering with evidence' carries
| a lower penalty than the thing that you're trying to hide.
| pmorici wrote:
| Devices to transfer from wall power to battery backup for
| transport have existed for a long time.
|
| https://wiebetech.com/products/hotplug-field-kit/
| remram wrote:
| TIL. Found a demo on YouTube:
| https://www.youtube.com/watch?v=erq4TO_a3z8&t=3m39s
| dehrmann wrote:
| Seinfeld had a "rogue electrician" named Slippery Pete who
| could do this.
| gruez wrote:
| >Epoxy over the screw terminals would also delay an
| attacker...
|
| Might as well go all in and epoxy the ram sticks/dimm slot
| assembly.
| dotancohen wrote:
| Aren't they already soldered in place in modern laptops?
| doubled112 wrote:
| Many laptops but not all laptops.
|
| I've noticed many lower end have one soldered and one
| removable. Drives me crazy because then you end up with
| more RAM but less performance, so have to choose which
| hit is worse.
| gruez wrote:
| >I've noticed many lower end have one soldered and one
| removable
|
| nah, that applies to many mid to high range laptops as
| well, eg. 14" thinkpads has had 1 soldered 1 removable
| dimm for years now.
| ClumsyPilot wrote:
| Would it cause overheating?
| gruez wrote:
| You don't have to douse the whole thing with expoxy. The
| dimm assembly looks like this: https://guide-
| images.cdn.ifixit.com/igi/dpYyM4oeOLPPTdpF.hug...
|
| Putting epoxy around the top and bottom edges (where the
| retention clips are) and the right edge (where the
| contacts are) should make it extremely difficult to
| dislodge, but not impact the thermal performance of the
| chips (the black rectangles).
| Mandatum wrote:
| You freeze the whole laptop.
| lmilcin wrote:
| The combo solution is not good enough, especially if you are in
| public.
|
| If you can be observed to use the combo (which you would have
| to be using regularly) somebody else could be pressing the
| combo or they could insert USB device that can generate the
| combo regularly.
|
| I would also add that locking your laptop is not safe enough if
| you are serious about this. There are devices that can
| exfiltrate information from what I understand almost every
| operating system through USB.
| marcodiego wrote:
| > There are devices that can exfiltrate information from what
| I understand almost every operating system through USB.
|
| If that is true, then it is a vulnerability. You should file
| bug reports.
| tjader wrote:
| How will you prevent a USB device to present itself as both
| a keyboard and mass storage and then type commands that
| copy data?
| marcodiego wrote:
| Keyboard and mouse plugged in after the system boots
| should only become effective after user permission is
| given using previously available devices.
|
| For more safety: any plugged usb device should lock your
| screen so that a password is required before it can be
| used.
| sildur wrote:
| With QubesOS. I just tried adding a keyboard and it
| simply showed me a pop up saying a USB keyboard has been
| attached. It won't work until I attach it to a qube.
| goodpoint wrote:
| usbguard does that without the need for Qubes.
| Karliss wrote:
| If the computer is locked, typing commands will not do
| nothing. If computer is unlocked a person could do it
| manually without USB by just sending them over internet
| or storage device of choice, no fancy keyboard+mass
| storage device required.
| DarylZero wrote:
| An OS doesn't even need to implement USB support. Of
| course it can offer access controls to enable the USB
| devices.
| tjader wrote:
| Of course not, but then you're saying USB is a security
| flaw.
|
| My point is that given how _universal_ USB as long as a
| device can do both input and output it 's going to be
| very hard to stop some exfiltration from being possible.
|
| Do you really think a bug report should be filed on all
| OS's for allowing USB drives and keyboards to be plugged
| on a running system?
| matheusmoreira wrote:
| > you're saying USB is a security flaw
|
| It is.
|
| > Do you really think a bug report should be filed on all
| OS's for allowing USB drives and keyboards to be plugged
| on a running system?
|
| Automatically trusting input devices is as bad as
| trusting user input. It's trivial to pass off a
| programmable USB keyboard as a mass storage device.
| DarylZero wrote:
| I was saying that the existence of the non-implementation
| of USB proves the possibility of access controls on USB.
|
| Convoluted way to put it I guess. For some reason was
| intuitive to me (proof of existence by example, more
| trivial example better).
|
| Having access controls on USB-HID is just a local policy
| choice where most people would choose convenience over
| security.
| tjader wrote:
| I agree, and it makes sense for some security oriented
| OS.
|
| But the comment I replied to seemed to suggest that the
| possibility of data exfiltration via USB is a bug in any
| OS.
| FpUser wrote:
| Tried to find "Shit" key on my keyboard as it would save me a
| lot of time. No luck.
| kingcharles wrote:
| Exactly. You need something not for when your laptop is removed
| from _you_ , but when _you_ are removed from your laptop.
|
| Also, if you are being targeted this hard you need to have
| something for when you are _left_ in front of your laptop and a
| gun is put to your head. Or the attackers threaten the welfare
| of your family.
| somedude895 wrote:
| > You need something not for when your laptop is removed from
| you, but when you are removed from your laptop.
|
| Yeah, this wouldn't have saved the admin of Alphabay, a now
| defunct darknet market. The FBI staged a car crash outside
| his house so when he'd come out to see what was going on they
| could arrest him and likely get to his laptop while it was
| unlocked. Then again, he really shouldn't have left his
| computer unlocked.
| alias_neo wrote:
| That seems like a great expense to go to for the sake of a
| possibility the guy might do more than peek out of the
| window and then go back to what they were doing.
|
| Surely there were a bunch of other options to consider
| before "let's stage a car crash"?
| mdrzn wrote:
| > Alphabay
|
| Related video is all I could find about this:
| https://www.youtube.com/watch?v=HXrXD1M6kXk
| matheusmoreira wrote:
| If someome is pointing a gun at you, it's probably too late
| to do anything. There should probably be cameras and motion
| detectors monitoring the perimeter in order to provide early
| warning.
| kingcharles wrote:
| The second part is harder to defend against. I didn't
| flinch when LEO pointed a loaded gun at me and threatened
| to shoot me, but as soon as they threatened my wife I told
| them I would sign whatever fiction they wanted to write,
| which I did. It just took me close to 8 years of being in
| jail to get a judge to look at it and tell them off and
| throw out the document.
| matheusmoreira wrote:
| ... Police threatened your wife in order to make you sign
| a confession? That's extremely fucked up.
| kingcharles wrote:
| Yes. Stupid retards did it on video though, otherwise it
| wouldn't have been seen at all. This was after over an
| hour of threatening me and refusing my right to silence,
| not letting me speak to my lawyer, etc.
| at_a_remove wrote:
| I would like to know more, if you're able.
|
| Eight years of false imprisonment sounds like lawsuit
| city, to me.
| laristine wrote:
| Should we be concerned that no new canary notice [1] has been
| posted after the second canary [2], which promised to post the
| next one in June 2021?
|
| [1] List of canaries: https://www.buskill.in/tag/canary/ [2]
| https://www.buskill.in/canary-002/
| JeffRosenberg wrote:
| > The BusKill team publishes cryptographically signed warrant
| canaries on a biannual basis.
|
| The canary-002 says: Status: All good
| Release: 2021-06-13 Period: 2021-06-01 to 2021-12-31
| Expiry: 2022-01-31
|
| EDIT: Oh, the issue is just that they failed to update the
| wording of: "We plan to publish the next of these canary
| statements in the month of June 2021." Looks like a copy from
| canary-001.
| maltfield wrote:
| Ah, crap, sorry about that.
|
| I'll try to remember to update the verbiage of that lower
| line to reference the top line to prevent this from happening
| again in the future.
|
| Thanks for pointing it out!
| maltfield wrote:
| Hi, Michael Altfield here (Founder of the BusKill project and
| holder of the PGP Key for signing canaries)
|
| No, you should not be concerned. The latest canary #002
| literally says: Period: 2021-06-01 to
| 2021-12-31 Expiry: 2022-01-31
|
| Source: https://www.buskill.in/canary-002/
|
| What matters is what's cryptographically signed. Did I make a
| mistake somewhere else?
|
| The next canary will be posted before 2022-01-31.
| liminalsunset wrote:
| MacBooks used to have a key combination (left cmd shift option
| and power) that could be used to kill power instantly. In the
| schematics, these keyboard keys were hard wired to the SMC
| microcontroller's reset line, which would remove all voltage to
| the motherboard upon reset.
|
| With the T2, this still exists, but you need to wait more seconds
| and use a 2step combination. This is a pain because you can no
| longer use it to do an emergency shutdown.
| salex89 wrote:
| Or, maybe just add back the Kensington Security Slot and attach
| the laptop to yourself/desk with a strong wire and not have your
| laptop yanked in the first place.
|
| I understand the first part of my idea is dead in the water, we
| hardly get additional ports, let alone a slot hardly anyone will
| use. But I would like to see a way to retrofit a KSS on a laptop.
| gruez wrote:
| >Or, maybe just add back the Kensington Security Slot and
| attach the laptop to yourself/desk with a strong wire and not
| have your laptop yanked in the first place.
|
| They could still yank _you_. It would pretty hard for you to
| execute the self destruct sequence after the undercover fbi
| agent knocked you over from your chair.
| arpa wrote:
| It all boils down to whether your adversary is mossad or not
| mossad [1].
|
| 1. https://www.usenix.org/system/files/1401_08-12_mickens.pdf
| BrazzVuvuzela wrote:
| You could tether the kill cord to your belt loop.
| Farbklex wrote:
| Yeah I still don't get this. I hate that I can't secure a
| Macbook. But pretty much every cheap laptop comes with a
| kensington lock hole.
|
| Sure it is not _super_ secure but being able to leave my laptop
| for 1 minute in a public place is nice. Instead I have to put
| the macbook in my backpack and take it with me.
| ssorallen wrote:
| Locking your laptop to a table in a cafe doesn't seem like
| something most folks would do. Working in a cafe was the use
| case I imagined when I saw this.
| alushta wrote:
| The point is to lock your laptop when the government is coming
| to bust you. This device would have kept Ross Ulbricht out of
| jail.
| Jerrrry wrote:
| >This device would have kept Ross Ulbricht out of jail.
|
| This device would had made a difference in the initial
| library-swipe confrontation, but would had definitely not
| kept Ross out of jail by any means (even that day)
| zionic wrote:
| Oh he certainly would have been arrested (jail), but he
| would have avoided prison (conviction).
| Jerrrry wrote:
| He would of avoided jail (that day, the agent would have
| noticed the bump-kill-switch and averted recon)
|
| He would had always of went to prison, even if they
| didn't get his HDD unencrypted. He used his personal
| email to promote his Mycology website, had the Obama
| administration to contend with, and was the first to sail
| westward.
|
| Free Ross (The Department of Parks and Recreation)
| buu700 wrote:
| It would be interesting if you could combine the two ideas.
| Physically secure the laptop to the table, but also lock / shut
| down / wipe the drive in the event that someone cuts through
| the wire.
| captaincrunch wrote:
| What would stop someone from crazy gluing the easy release cable,
| shaving the wire back and connecting power to the usb before
| removing it?
| schleck8 wrote:
| > Buy with Monero
|
| I bet they'd go crazy if someone accused them of this being
| designed for illegal activities
| Cthulhu_ wrote:
| That's... because it isn't? How would a dead man switch be
| illegal?
|
| I mean it may, hypothetically, be used to hide illegal
| activities, but if you go that way you go down the slippery
| slope and will be advocating for weakening or backdooring
| encryption just in case it's used for illegal activites.
| schleck8 wrote:
| This is a perfect fit for darknet admins, being able to nuke
| all digital evidence when arrested has been a thing for ever.
| Often it works by closing the laptop.
|
| It might also be useful for whistleblowers, although I doubt
| that there is any advantages over strong file and disk
| encryption.
| aaronmdjones wrote:
| It doesn't seem, to me, to be designed for illegal activities
| any more than, say, a car is. People commit crimes with those
| every day.
| ryanlol wrote:
| I've just been using a wristband made out of cheap headphones
| plugged into a 3.5mm jack, acpi event triggers the shutdown.
| maltfield wrote:
| How does that work? Can you use udev to call a script on an
| acpi event? Is it cross-platform?
|
| Would love to see a write-up with more info on how to do this
| :)
| ryanlol wrote:
| acpid is probably the easiest way to accomplish this
| https://wiki.archlinux.org/title/acpid
| swader999 wrote:
| This great, just like the cord on my snowmobile!
| maltfield wrote:
| We reference treadmills and jetskis in the explainer video to
| explain the concept of "Kill Cords"
|
| * https://youtu.be/S3LtLyuaBvI?t=26
|
| I didn't know snowmobiles had this too! I guess it's my bias
| since it never snows where I'm from :D
| cultofmetatron wrote:
| This would have saved the guy running the silk road from jail
| goodpoint wrote:
| Most likely not.
| cultofmetatron wrote:
| they organized it so that he was surrounded by agents. they
| needed to get access to his laptop while it was open and
| running. This might have gotten him just enough time to
| disable it before they made their rush.
| rakwoelq wrote:
| Alternatively you can remove the laptop battery and use it with
| just the charging cable attached to power the device. The laptop
| will automatically shut off when the power cable is disconnected.
| Then PAM Duress [0] can be used for the xkcd538 [1] situation.
|
| [0] https://news.ycombinator.com/item?id=28267975
|
| [1] https://xkcd.com/538
| fluidcruft wrote:
| I guess it depends on the threat model, but if the primary
| concern is theft couldn't AC adapter disconnect be used for
| this?
| shultays wrote:
| BusKill can trigger your laptop to lock, shutdown, or self-
| destruct if it's physically separated from you.
|
| I understand lock and shutdown but self-destruct? Really? Your
| laptop/data is one bump away from destroying itself?
| maltfield wrote:
| Hi, Michael Altfield here (founder of the BusKill project).
|
| As described on the crowdsupply page, the cross-platform GUI
| app (as opposed to the udev rule for which BusKill was
| originally designed) currently only has the "lock screen"
| trigger. In the future, we'll add a "shutdown" trigger.
|
| While we have developed a "LUKS Header Shredder" trigger (what
| we call "self-destruct" trigger -- as it renders your FDE
| disk's data permanently inaccessible), we will _never_ ship
| that directly with the app by default.
|
| There's definitely a use-case for it, but most people probably
| don't want it. For those that do, we're publishing a guide on
| how to use the "LUKS Header Shredder" script (tested on Ubuntu
| and QubesOS) in 2 weeks. For updates, you can subscribe to the
| website's RSS feed, our website's newsletter (buskill.in), or
| the crowdsupply.com newsletter.
| SamBam wrote:
| Presumably the people who opt into the self-destruct option are
| more concerned with the possibility that they might need to
| self-destruct and not be able to than of possibility of false
| alarms.
|
| If you've already planned for the possibility of self-destruct,
| a laptop can be a very transient device. Maybe the only
| important thing on the laptop is your bitcoin wallet key, but
| you also have a physical copy stashed in a lockbox somewhere.
| Maybe you're only using the laptop for its browser, and you've
| memorized all the passwords you need to enter.
|
| Someone snatching the laptop might be doing so to grab the one
| keyphrase that you logged in with. The actual device is
| unimportant to you, then.
| XorNot wrote:
| Reminds me of a coworker who had their iPhone set to "wipe
| after 10 bad pins". Took about 2 days before their 5 year old
| happily typed the wrong pin 10 times and wiped it.
| myself248 wrote:
| Blackberry required you to enter the word "Blackberry" after
| the fifth try, which would at least prevent butt-dialing from
| wiping the device. Some kids might figure that out too, but
| at that point I suppose you had the choice to use a condom
| and decided not to...
| Isthatablackgsd wrote:
| Here a story. I got BB RIM 850 when I was 15ish years old,
| it was my first communication pre-smartphone device. I
| stupidly set up to wipe my blackberry if input incorrectly
| after a few times, and I did this within minutes of first
| time using it. You can imagine what happened in the next 10
| minutes... Yes, I forgot my complicated password and it got
| wiped. And that rendered my brand-new RIM 850 useless. So,
| I have to wait 10 days to get a new one.
| dane-pgp wrote:
| There should be an exponentially increasing delay for such a
| system, so that the phone would make you wait hours (or days)
| before letting you make your 10th guess. That would require
| the 5 year old to not get bored of the useless phone, and the
| owner to not find the phone (and enter the correct code) for
| those days too.
|
| Also, it would make sense to include a simple proof-of-
| intentionality system, like the old Nokia keypad unlock
| feature to prevent pocket dials. The phone could prompt you
| to type a displayed 4 digit code before typing your actual
| PIN attempt, for example.
| kayodelycaon wrote:
| There is an increasing delay on iPhones. After 6 attempt it
| stops accepting input for 5 minutes. It gets longer each
| time after that.
| dagw wrote:
| My old job had wipe after 3 (or maybe it was 5) bad pins
| within N minutes as the required security setting for company
| phones. The thing I learnt from it is that wiping your phone
| actually isn't that big a deal and if you've set it up right
| you can pretty quickly be back up and running.
| i_like_waiting wrote:
| The stress I had on 3rd attempt just to discover it is
| actually 5 attempts... Kind of helps being more conscious
| about having backup of everything regularly
| gfosco wrote:
| I'm getting closer and closer to this reality... iphones
| are basically there, with icloud backup. Have been trying
| to get less attached to any OS installs, and be fast at
| building up from a fresh install. Seems hard to even trust
| your own desktop after a while.
| tata71 wrote:
| Is this convenience worth sending unencrypted backups of
| your data to Apple?
|
| Do they allow truly offline backup and restore?
| gfosco wrote:
| For most people, yeah it's worth it. Afaik, yeah they do
| allow fully offline backup/restore, you don't need to use
| iCloud for that.
|
| I switched away to an Android, so this isn't something
| I'm taking advantage of personally.
| jsjohnst wrote:
| > Is this convenience worth sending unencrypted backups
| of your data to Apple?
|
| iCloud Backups are not "unencrypted backups"
|
| https://support.apple.com/en-us/HT202303
|
| I do wish they would bump the backups to "end-to-end
| encryption" category though, at least as an option.
| MarkusWandel wrote:
| There are any number of ways to do this, but one is a LUKS
| encrypted file system and "self destruct" is wiping out the
| LUKS header and halting. Only the backup of the LUKS header
| (not with you at the time!) will restore the data.
| maltfield wrote:
| This is exactly what we do with the "LUKS Header Shredder"
| script in BusKill. First we lock the screen. Then we use the
| built-in `luksErase` command to destroy the data in the key
| slots, then we overwrite the whole header area. Then hard-
| shutdown.
|
| This script itself was actually an easter-egg in the
| explainer video at 50 seconds :P
|
| * https://youtu.be/S3LtLyuaBvI?t=46
|
| We're just finishing a very detailed write-up on the "LUKS
| Header Shredder," and we'll be publishing it in ~2 weeks. You
| can subscribe to our newsletter on our website (buskill.in)
| or crowdsupply.com for updates :)
| lmilcin wrote:
| Yeah, I have that on my servers in case somebody tries to
| hack them. There is a secret to logging to my machines and if
| you miss it the machine self destructs in a reversible way.
| Can't give more information but it is pretty easy to boot it
| again.
|
| One thing of note here, don't put LUKS header on any kind of
| flash (like SSD) or SMR HDD.
| quesera wrote:
| > self destructs in a reversible way
|
| Reversibility is not a feature of destruction, lexically-
| speaking. A better description might be "locked".
|
| More importantly in this case: if you are able to reverse
| it, you can be compelled to reverse it. This is no
| different than having a secret passphrase.
| dane-pgp wrote:
| > if you are able to reverse it, you can be compelled to
| reverse it.
|
| An interesting way of strengthening such a system is to
| split the recovery code between multiple people in
| multiple jurisdictions. Convincing them to hand over
| their piece of the key could require various levels of
| proof-of-free-will, ranging from "Hey, I need those
| numbers on that piece of paper I gave you" (asked on a
| video call, in a public park) to "I've booked a flight
| and I'll meet you at the agreed place next Monday at the
| standard time".
|
| These approaches can be combined with a protocol of "If I
| use the duress phrase, then give me a fake key and then
| send a message to the other members of the group / the
| public / the media that I've been compromised". Of course
| this sort of system assumes you are part of a wider
| organisation or at least have friends you can trust to
| implement all this opsec securely, without adding to your
| risk profile, but for some people this will be viable.
| zionic wrote:
| >One thing of note here, don't put LUKS header on any kind
| of flash (like SSD) or SMR HDD.
|
| Why not?
| lmilcin wrote:
| SSDs and drive-managed SMR HDDs do not immediately delete
| the data.
|
| If the system is interrupted after data is deleted there
| is a good chance you can still get it back.
|
| On a normal HDD you still have to wipe the data (ie.
| physically overwrite it half a dozen times). But this is
| not possible to execute reliably on SSD or drive-managed
| SMR HDD.
| megous wrote:
| You can reset the SSD's internal encryption key via
| hdparm, too, once you're done "deleting" luks header. It
| takes somewhat longer time, but if the SSD firmware is
| not completely stupid, it will be the equivalent of
| deleting the LUKS header and running TRIM on the whole
| device afterwards.
| Anunayj wrote:
| I'm guessing it is because it's harder to securely wipe
| SSD/flash drives [0]. Anyway I'm no expert on these
| topics.
|
| [0]: https://wiki.archlinux.org/title/Securely_wipe_disk#
| Flash_me...
| scblock wrote:
| I hate everything about this website. It uses all the tropes of a
| bad kickstarter campaign, and to sell you this item it preys on
| fear and misunderstanding. I absolutely do not trust that this
| company has my best interest at heart. It's so bad I wouldn't go
| near this product for any money.
| quickthrower2 wrote:
| Really? It seems like "here is what it does" kind if website to
| me
| maltfield wrote:
| Hi. I made the website. What exactly don't you trust?
| Everything is open-source, including the designs to build a
| BusKill cable yourself.
|
| * https://docs.buskill.in/buskill-
| app/en/stable/hardware_dev/i...
|
| The website also runs fine over Tor with javascript disabled.
| And I spent a lot of time modifying the theme to remove as much
| third party content (eg google fonts) as I could.
|
| We don't expect blind trust, but we do try to be totally
| transparent to earn it.
| comeonseriously wrote:
| Windows: Sorry, Dave, we can't shut your system down right now,
| you have 3 apps keeping it from shutting down and we have 37
| updates to Edge Browser to install... Have a nice day.
| matheusmoreira wrote:
| Why would anyone serious about this be running Windows in the
| first place? A live Linux operating system is so much better.
| Tails is designed for this.
| chipsa wrote:
| Send a signal to a driver to bluescreen the box?
| dotancohen wrote:
| That's what the -9 flag is for.
| BrazzVuvuzela wrote:
| "A stop job is running."
| maltfield wrote:
| Currently the BusKill app just locks the screen when the cable
| disconnects. I've never had Windows block the screen lock with
| such an error.
|
| The way we implemented the self-destruct (currently only
| available in Linux), it locks the screen before attempting to
| wipe the LUKS Header. I imagine we'll do something similar in
| Windows, so the worst-case would be the soft shutdown hangs but
| at-least the screen is locked immediately.
|
| Hopefully we can force an immediate, uninterruptible, hard-
| shutdown in Windows, too.
| Terry_Roll wrote:
| https://docs.microsoft.com/en-us/windows/win32/api/winuser/n...
|
| EWX_FORCEIFHUNG 0x00000010
|
| Forces processes to terminate if they do not respond to the
| WM_QUERYENDSESSION or WM_ENDSESSION message within the timeout
| interval. For more information, see the Remarks.
|
| If the EWX_FORCEIFHUNG value is specified, the system forces
| hung applications to close and does not display the dialog box.
| jeroenhd wrote:
| If forced shutdown is a priority, causing a bugcheck would
| probably be your best bet. This could be part of the USB
| driver for the device, or you could write a piece of software
| running as admin to trigger a fail state (like killing
| wininit or any other critical part of Windows).
|
| You'd have to watch out that you don't let the system store a
| memory dump, of course, that'd be the exact opposite of what
| you want.
| marcodiego wrote:
| This could have saved the creator of silk route. Not that I
| sympathize with crime, but he was unfairly accused of crimes he
| didn't committed like paying hitmen to kill enemies. Also, the
| way to operation was setup to get his laptop forcefully from him
| was, at the least, disrespectful. If FBI was so sure he committed
| any crime, they could have legally got a search warrant.
| rckt wrote:
| The idea is interesting, but the current form factor seems to be
| cumbersome. The cord can be easily disconnected by mistake.
|
| It would be nice to have a BT dongle that could react to the
| distance to the owner and to being unplugged.
| lalopalota wrote:
| Until something interferes with the bluetooth signal.
| sf_rob wrote:
| It would be nice if it were a USB-C power brick + magsafe like
| attachment. That could also be a lot more discrete by shifting
| the hardware to the brick itself. Granted that limits you to
| fewer laptops.
| paulcole wrote:
| Literally an FAQ on the homepage.
|
| > But bluetooth...
|
| > Using a radio-based Dead Man Switch introduces complexity,
| delays, and an increased vector of attack. BusKill is a simple
| hardware kill cord and is therefore more secure than any
| wireless solution.
| maltfield wrote:
| If all you want is a BT dongle, then there's tons of
| "solutions" on the market for this. See our "comparison" table
| on CrowdSupply for some options:
|
| * https://www.crowdsupply.com/alt-shift/buskill
|
| When I designed BusKill, I intentionally avoided wireless
| solutions.
|
| BusKill is designed for situations where the risk is extremely
| high, and you'll find that the radio-based solutions aren't
| very secure. They're faulty and have huge surface areas of
| attack.
| meerita wrote:
| _unplugs the usb_
|
| -Shutdown has been stop, would you like to keep those Chrome
| Tabs?
| WesolyKubeczek wrote:
| Say I'm an investigative journalist, gathering information about
| some bad guy embezzling all politicians that matter in a small
| country and doing all kinds of criminal stuff, including murders.
|
| I'm careful. I'm using a laptop that has this kill switch. I only
| keep my work on this laptop, it's so sensitive.
|
| The bad guy gets a whiff I'm digging around him. He sends armed
| thugs to my lair. They enter, so I pop the kill switch. "Where is
| the data?!", they ask me. "I don't know what you're talking
| about!" They beat me down, then one thug says to the other: "Hey
| comrade, look, maybe it's all on this laptop?" -- "Let's see".
| The laptop doesn't boot. They turn to me: "Funny how this laptop
| of yours doesn't even boot, why would you have a non-working
| toy?" I play dumb, they train their guns on my head. "Okay,
| okay," I say, "the data on this laptop has self-destructed,
| you're not getting it, no one is getting it!" -- "Really?" --
| "Really!" -- "It's good, motherfucker," says the thug and double-
| taps me in the head.
| The-Bus wrote:
| XKCD #538 ("Security") explains this succinctly.
|
| https://xkcd.com/538/
| goodpoint wrote:
| XKCD makes the same mistake as the parent of confusing a
| legal threat with a threat of bodily harm.
| matheusmoreira wrote:
| If they send assassins to your home because you know too much,
| OPSEC no longer matters. You're as good as dead if you don't
| immediately escalate to deadly force. Instead of destroying
| data, the computer should be uploading and publishing as much
| of it as possible so that whatever you're doing can't be
| stopped no matter what happens to you.
| aydwi wrote:
| You joke but this might have happened already
| WesolyKubeczek wrote:
| This _has_ happened, it was just that no technical gizmo
| would have saved the guy. I cannot imagine how.
|
| In case of a corrupt government, if they wanted to lock you
| up, they wouldn't strictly need any evidence at all. Having a
| gizmo that can potentially destroy evidence is a bonus.
| Otherwise, they will throw you behind the bars for 18 years
| for jaywalking. If you had a controversial businessman and
| his thugs after you, destroying the evidence only means they
| wouldn't have to destroy it themselves after having killed
| you.
|
| In any case, if you're working on sensitive stuff and you
| want to pretend you're writing some innocent poetry, I don't
| think any kind of jamesbondian device would help you look
| inconspicuous.
| dane-pgp wrote:
| > if you're working on sensitive stuff and you want to
| pretend you're writing some innocent poetry
|
| For plausible deniability, you need a second account on the
| machine that has all your poetry in. Then, when the thugs
| (or border guards) tell you to log into your laptop, you
| use the other username and password and say "Feel free to
| read all this poetry. I'm particularly proud of the one
| called 'My government isn't corrupt at all'."
|
| Also, in this scenario, you should probably store your raw
| information (with the names of innocents redacted) in a
| public cloud somewhere outside your jurisdiction,
| encrypted, and have a time-based dead man's switch (hosted
| somewhere else) which sends an email to your colleagues
| containing the URL and decryption key.
| new_stranger wrote:
| You're confusing attacks. What you describe is very useful when
| there is not threat to your being. You just want the data gone.
|
| However, if you are under physical threat then this is still
| useful because 1) you can protect witnesses and others and 2)
| you can make forwarding this information to remote sources part
| of the self-destruct.
|
| That is, "Sorry, I no longer have the data - the laptop self-
| destructed. The data and my name and location have been posted
| to reddit publicly or sent to a list of contacts in six
| countries"
|
| The point is, they want 1) you to stop and 2) to recover the
| data. You can bargain for your life by setting up the actions
| taken should this be activated.
| maltfield wrote:
| In such a scenario, you're right that if the attacker will use
| physical violence against you, of course the device wouldn't
| save you from bodily harm.
|
| But what about your sources? In this situation (if you actually
| can't remember the anonymous email address of your source),
| it's not your life that's being saved -- it's the identity and
| the life of the whistleblower.
| WesolyKubeczek wrote:
| I'm pretty sure there are rules of informational hygiene for
| cases like this, and they mostly grate on instincts of any
| geek obsessed with having all the data neatly organized,
| cross-referenced, and persisted.
|
| You can add any number of security layers, but you should
| always presume someone might get their hands onto whatever
| you're working on at the moment in cleartext and you want any
| damage to be minimal.
| throwawayffffas wrote:
| I remember seeing something likes this as a do it yourself a
| while back on hacker news.
| maltfield wrote:
| Yes! That was just under 2 years ago. It's the same project.
|
| DIY is great. The problem is that after I published that
| article, everyone on Hacker News went and bought-out all the
| USB-A magnetic breakways on Amazon. And they literally never
| re-stocked (I found out later it was EOL from the manufacture).
|
| The reason I launched this crowdfunding campaign was to put
| these USB-A magnetic breakaway cables back on the market so
| people could build their own again (and to sell the whole kit,
| to lower the barrier of entry to non-techie journalists).
|
| * https://buskill.in/buy
| tbabej wrote:
| For the Yubikey owners out there, a while back I wrote a blog
| post on how to achieve a similar setup using a Yubikey [1]. All
| it requires is a lanyard to attach the yubikey to.
|
| [1]: https://tbabej.com/Yubikey-secure-session-setup/
| captaincrunch wrote:
| Anyone needing a Yubikey would be very lucky to see them just
| hanging out of a computer, would just a bonus for the evil
| actor to also ruin your day and pull it out.
| dane-pgp wrote:
| Or you could attach the Yubikey to your belt (with a clip)
| and connect it to the laptop with a USB cable. Then all they
| could steal is a useless laptop and a cheap cable.
| tbabej wrote:
| The way I've implemented this is that the yubikey is on an
| extensible lanyard which is almost always around my neck. So
| while an evil actor could definitely unplug it to ruin my
| day, stealing it would be a tad bit more difficult :)
|
| In any case, the primary idea here was not to prevent
| stealing the laptop, but to prevent walking away from the
| laptop without locking it.
| 2Gkashmiri wrote:
| would have immensely helped dread pirate roberts
| acoard wrote:
| Dread Pirate Roberts did have a kill switch. The FBI agents
| distracted him by having two pretend to be a couple fighting.
| He turned his head to watch. Then the other FBI agent beside
| him swiped his laptop. Theoretically he could have hit the kill
| switch before turning to gawk at a lovers quarrel, but I mean,
| not many have the opsec or personal discipline to do that.
| amelius wrote:
| Why not use an accelerometer IC? Then you don't need the cord.
|
| Another idea is to use voice recognition.
| datameta wrote:
| I like the accelerometer idea. Hardware would be more
| dependable than a sequence of events that requires being able
| to speak and the mic to be working.
| chinathrow wrote:
| That's not helping if the person is yanked from the laptop
| instead of the other way round.
| mmaunder wrote:
| Might have protected Ross Ulbricht, but he's an edge case. Anyone
| had their laptop yanked away while using it?
| k1rcher wrote:
| This was my immediate thought as well. Oh Ross, if only you
| closed that damn laptop lid (and didn't incriminate yourself
| blatantly on stack overflow)
| 323 wrote:
| Actually we know it wouldn't.
|
| The agents arresting him did in such a way that they prevented
| him from touching his laptop (by creating a diversion), because
| they were feared that such a protection might exist.
| SamBam wrote:
| > The agents arresting him did in such a way that they
| prevented him from touching his laptop (by creating a
| diversion), because they were feared that such a protection
| might exist.
|
| But that's literally the scenario this physical-separation
| killswitch was designed for.
|
| He wouldn't have had to touch his laptop to trigger this.
| Quite the opposite.
| 323 wrote:
| You must be talking about a different device, because the
| one shown on this site only triggers if you carelessly move
| the laptop.
|
| It has no remote part, it doesn't matter how far the user
| is.
|
| If you're thinking about attaching the trigger to your hand
| with a lanyard, the agents could easily hold your hand in
| place, cut the lanyard, ...
|
| I don't understand why people always assume the FBI is
| brain-dead and could not use countermeasures against
| devices such as this if they become wide spread.
| SamBam wrote:
| You must have missed part of the description where they
| said the kill switch should be attached to the user's
| body.
|
| If the user is attached to the switch and moves more than
| 50 cm or so from their laptop, the switch is triggered.
| FearlessNebula wrote:
| What if he clipped it to his belt?
| zionic wrote:
| If done properly the agents grabbing his laptop/snatching it
| away from him would have severed the power connection to the
| battery-remove laptop locking it permanently.
| Hamuko wrote:
| > _If done properly_
|
| The man was running a multi-million dollar drug marketplace
| in a public library.
| FearlessNebula wrote:
| What was the logic behind that? So he couldn't be traced
| back to his house?
| 323 wrote:
| There was no logic.
|
| A public library is even worse for that purpose, because
| of security cameras and witnesses.
| snypher wrote:
| I thought standard practice was to run no battery, AC adapter
| only mode.
| Jerrrry wrote:
| They will hit the outlet and bring the AC with them, without
| bumping voltage.
| DarylZero wrote:
| What kind of equipment does one use to do this?
| chipsa wrote:
| It's a specialized tool, but basically the plug get
| pulled out slightly (which isn't enough to disconnect
| power in the US), and then the tool goes over the line
| and neutral pins, which supplies power from what is
| basically an UPS. After that, the entire plug can be
| pulled and capped (because you've got 120V across the
| exposed end of a plug now).
|
| Probably wouldn't work the same in Euro countries which
| have other plug types.
| toomanybeersies wrote:
| Even easier: just pull the wall plate out, then hook up
| the UPS behind it with couple of tap splices.
| Jerrrry wrote:
| I'm sure a power-supply-person with more knowledge can
| expand, but essentially a USP brick with cabling.
|
| They will bridge the outlet, and take the outlet, AC
| adapter, and everything connected, without the AC adapter
| even reading a voltage drop.
| LinuxBender wrote:
| There are mentions in this thread about false positives, risk of
| data loss, others. This made me think of Star Trek's use of a
| self destruct phrase. Obviously their method is too slow, but you
| could have a "duress" phrase and a "all clear" phrase.
|
| User-Defined Phrase: "Please dont kill me", activates "duress"
| mode.
|
| - A daemon listens in the background for a phrase of your choice.
| When detected, your laptop makes a sound effect that is not out
| of the ordinary for others to hear, but not something you would
| expect it to play when self destruct is activated. Git repos are
| committed/pushed with a duress demarcation code to an alternate
| branch. Your encrypted volumes are dismounted, buffers and caches
| cleared, camera and microphone start sending small chunks of
| audio/video to a destination of your choosing. Instructions for
| playback from your cloud of choice are emailed to emergency
| contacts. If you do not give the "all clear" in a user-
| configurable time period, the laptop does user-defined things
| like wiping encrypted volumes after giving an optional warning
| sound, optionally sending eeprom codes to brick the BIOS or
| replace the BIOS with a tracker and setting the screen to say
| "Stolen From User-Defined String, User-Defined Phone Number"
| after giving an optional warning sound. All of these actions
| could be optionally spaced apart based on risk, probably defined
| in a key-pair text file or json file.
|
| User-Defined Phrase: "Computer, disable self destruct" disables
| "duress" mode.
|
| - Giving the all clear code disables this behavior and your
| _ship_ does not self destruct. The system plays a sound to
| acknowledge "all clear". Emergency contacts are emailed the all-
| clear, but audio/video continue to upload for user-defined time
| in the event your were forced to give the phrase.
|
| Perhaps newer cars could also have this feature? Are there any
| existing open source projects that could be adapted/bent to
| accomplish these things?
| V__ wrote:
| I always thought that a lock screen with two passwords would be
| an interesting idea. Say the BusKill locks your system and
| sends a request to a server. If you don't enter the correct
| password to abort the script within a few seconds, it will run
| on your server, which sends a distress mail/call to emergency
| contacts, revoke all ssh keys/passwords etc.
|
| If however the distress password gets entered, the script still
| runs, but the system unlocks into a virtual pc or another
| account which is not suspicious.
| hef19898 wrote:
| Disclaimer: I know next to nothing about OS'es and login and
| so on.
|
| I had an idea once, would it be possible to set up two sets
| of passwords? One to properly unlock your device, and one to
| trigger either encryption or scrambling of the data when
| entered?
| maltfield wrote:
| Lookup "duress passwords"
|
| * https://en.wikipedia.org/wiki/Duress_code
|
| The feature is more relevant in (full disk) encryption
| software than OSes.
| MayeulC wrote:
| Of course, this is a kill switch, but that's usually
| detectable if the attacker is sophisticated enough. Plus,
| they can always backup the disk before.
|
| Plausible deniability lets you pretend you do not have
| incriminating data, but it's tricky to use in the first
| place: https://gitlab.com/cryptsetup/cryptsetup/-/wikis/Fre
| quentlyA...
|
| Travelling with an empty disk seems like a more appropriate
| option. Dm-verity could probably be used to check that
| there has been no tampering.
| ryanlol wrote:
| Of course, but this won't be easy with commodity hardware.
| Standard practice is to use write-blockers to prevent this
| kind of tricks, but of course you can prevent write-
| blockers by integrating your storage.
|
| I think you could get a pixel phone to do this in a useful
| way.
| nefitty wrote:
| In software, where there's a will, there's a way.
|
| Darknet Diaries has a cool episode about the dark cellphone
| industry: https://darknetdiaries.com/episode/105/
| gambiting wrote:
| Truecrypt had this exact function - one password would
| decrypt your drive sort of on one end, and start the OS
| there, another password would decrypt the drive on the other
| end, and start the OS installed there - so you always had
| perfectly plausible deniability, since the drive taken as a
| whole looked like a completely normal encrypted drive(in fact
| you could accidentally destroy the hidden partition by
| overwriting "empty" area while booted into the non-secret
| OS). Always thought that was super cool.
| Linosaurus wrote:
| > perfectly plausible deniability
|
| The paranoid dystopian counterpart is that you cannot prove
| you _don 't_ have a second partition either. Might get
| awkward if someone decided to compel the second password on
| less solid evidence. If you're not actually using the
| feature.
| arpa wrote:
| this is why you should actually have "signs of life" and
| something _slightly_ illegal on your plausible
| deniability partition. Just enough dirt to get you into
| trouble, but not too much trouble. If you're squeeky
| clean, you get the rubber hose cryptography treatment.
| Someone wrote:
| If you want those signs of life to be convincing, it
| should include all kinds of history without long gaps,
| such as:
|
| - email, including recently received and sent emails
|
| - web browser history
|
| - system logs
|
| - software updates
|
| In practice, I think it's impossible to do that. If the
| police discovers, for example, that your system logs show
| your machine was off for a week, but they also just saw
| you reset it, what do you tell them?
| kortilla wrote:
| The only problem is this is sort of obvious from a
| forensics perspective. Person is using truecrypt, they boot
| it up for you, and the partition is only half the size it
| should be.
| gambiting wrote:
| No, like the other reply pointed out too - it's not
| obvious. The first password unlocks the entire partition,
| the hidden one is just within the "empty" area of the
| drive. If you write a sufficiently large file while
| running the OS you could just overwrite and destroy the
| hidden partition without knowing that you did so. It's
| also impossible to tell that the hidden parition is there
| because encrypted data is indistinguishable from
| encrypted empty area of the drive.
| ASalazarMX wrote:
| Since Truecrypt bailed without explanation, do you know
| if Veracrypt also has this feature?
| somehnguy wrote:
| It does. Veracrypt is basically Truecrypt with some new
| features as far as I've been able to tell.
| JadeNB wrote:
| Your parent seems to point out that's not how it works:
| you've got access to the ful partition either way,
| meaning you can accidentally overwrite the other
| partition.
| alias_neo wrote:
| If I remember right, the hidden partitions are
| indistinguishable from random data on your disk and it
| was necessary to provide an offset to the first block (or
| whatever) so it could be decrypted. You could easily
| overwrite it accidentally because it just looks like free
| space.
| eloisius wrote:
| Have I got a PAM module for you:
| https://github.com/nuvious/pam-duress
| lmilcin wrote:
| The problem is, if they are serious and suspect you might
| be prepared and technical savvy, they will never allow you
| to operate the device.
| eloisius wrote:
| Yep. Pretty much all nerd solutions to physical or legal
| threats are genius but also worse than useless. Here's a
| $5 hammer, hit him with it until he gives us what we're
| looking for, so goes the comic I saw once.
| matheusmoreira wrote:
| This _is_ effective against legal threats. I remember at
| least one case in my country where one person was saved
| by truecrypt. They even asked the FBI for help on
| decrypting it.
|
| Hopefully civilization is not so far gone that police
| will imprison, torture or kill for failing to incriminate
| themselves. If it gets to the point cold-blooded torture
| is on the table, you'll probably get killed anyway.
| jamessb wrote:
| > Here's a $5 hammer, hit him with it until he gives us
| what we're looking for, so goes the comic I saw once.
|
| You are probably thinking of the $5 wrench in
| https://xkcd.com/538/
| kortilla wrote:
| That's why it needs to be destructive. You can't beat
| access to something out of someone if it has been
| deleted.
| nkrisc wrote:
| While true, they may beat you anyway just to be sure.
| ASalazarMX wrote:
| Big opportunity to implement a kill-switch if the
| microphone recognizes your screams!
| djweis wrote:
| That's referred to as rubber hose cryptography.
| dane-pgp wrote:
| That's also why Assange (and others) developed the
| Rubberhose file system[0].
|
| It's based on the game theoretic idea that if your
| adversary has no way of knowing how many hidden
| partitions you have, then you have no way of proving to
| them that you've given them all your secrets.
|
| As such, there is no benefit to you revealing _any_
| secrets under torture, because the torture would continue
| even after you 've told them everything, therefore there
| is no point to them torturing you in the first place.
|
| [0] https://en.wikipedia.org/wiki/Rubberhose_%28file_syst
| em%29
| multjoy wrote:
| A state liable to torture you may simply kill you
| instead. Or torture you and kill you, even if it serves
| no particular purpose.
|
| If you're in the business of protecting your secrets
| against torture then you need to also be protecting them
| against death because that is grimly inevitable.
| orthecreedence wrote:
| "I don't think they wanted me to say anything. It was
| just their way of having a bit of fun, the swines."
| ASalazarMX wrote:
| "JOB OPPORTUNITY: Assassins and mercenaries required.
| Must be proficient in game theory".
|
| In reality they will torture you until you stop
| decrypting partitions, and then a bit more of special
| torture, just in case.
| dane-pgp wrote:
| If they don't understand game theory, that just means
| they will act sub-optimally. In any case, the correct
| strategy for the user is still to not decrypt any
| partitions, since, as you say, the sooner the user stops
| decrypting, the sooner the torturers give up.
| 867-5309 wrote:
| how would you account for :poker face: "please don't kill me"
| vs :in a stranglehold, bleeding internally from multiple stab
| wounds: "PLAYS DON--"
| maltfield wrote:
| BusKill does not ship with destructive triggers. The current
| app is limited to locking your screen. Future releases will
| include soft/hard shutdown.
|
| We do have a "LUKS Header Shredder" trigger (which we call
| self-destruct as it renders all the data on the FDE disk
| useless), but we (intentionally) don't include it by default
| and raise the barrier of entry because of the risk of data
| loss.
|
| We'll be publishing a more detailed write-up on the LUKS Header
| Shredder in 2 weeks. You can subscribe for updates on our
| website (buskill.in) or the campaign directly (crowdsupply.com)
| matheusmoreira wrote:
| Does it support destroying keys in hardware tokens? Would be
| nice if plugging my yubikey into a specific USB port
| automatically destroyed all keys inside it.
| justinjlynn wrote:
| You really want such devices - i.e. Devices with duress
| modes - to act normally, as much as possible when in those
| modes. If they clearly destroy themselves immediately you
| often place yourself in much greater danger. If anything
| log them into a sandbox or honeypot that is, as much as
| possible, indistinguishable from your normal environment
| but is less damaging for you for them to access.
| chrischen wrote:
| Must have if you work in public places in SF. I can barely count
| how many times I've personally or had a friend who's either had
| their laptop stolen in a coffee shop or attempted. In recent
| years thieves even got more brazen and just try to snatch it from
| you while your hands are still on the keyboard which is perfect
| for this device. You'll want to enable full disk encryption for
| full security.
| stevespang wrote:
| Yeah, any kid can then boot it from that same USB port with
| another USB with OS on it, then format it and sell it.
| throwaway12232 wrote:
| This is shockingly expensive and comically impractical to use.
| Ensorceled wrote:
| $89 doesn't seem that expensive.
|
| It's just as impractical as money belts, key chain alarms,
| Tiles(tm)
|
| I mean, too impractical for me, but there is definitely a
| market for it.
| tiahura wrote:
| How is Tile impractical?
| pjerem wrote:
| Well, that's something you could easily do with only software
| and any USB device :
|
| while { if(!monitored_device.plugged) { setComputerOnFire() }
| }
|
| It must exist somewhere. And for the magnetic gimmick, any
| magnetic usb (which, btw, are actually pretty useful) cable
| from amazon would do the trick.
| pph wrote:
| That is pretty much what Tails is doing: If you disconnect
| the USB drive with the system, it will wipe the RAM and
| then shut down. However the data on the USB drive isn't
| modified, so if you don't trust its encryption you should
| prepare for quick physical destruction and/or disposal.
| maltfield wrote:
| Hi pjerem, Michael Altfield here (founder of the BusKill
| project).
|
| The problem is that there are no USB-A magnetic breakaways
| available on Amazon. If there were, then I wouldn't have
| launched this campaign!
|
| * https://buskill.in/buy
|
| Actually, Amazon did have USB-A magnetic breakaway
| components before, but they went EOL and sold-out when I
| first published my DIY article on how to build-your-own-
| BusKill-cable last year.
|
| * https://tech.michaelaltfield.net/2020/01/02/buskill-
| laptop-k...
|
| The reason I started making my own was a response to all
| the folks that asked me how they could get a USB-A BusKill
| cable since they sold-out (and they also were never
| available in Europe -- now they are!).
| 1_player wrote:
| Indeed. If what I'm doing is so sensitive I need a dead-man
| switch (i.e. the consequences of getting caught are very
| high), $89 to improve my opsec is definitely worth the money.
| Ensorceled wrote:
| Or your threat model is high, think journalists with
| protected sources.
| _flux wrote:
| I can grant expensive (though I don't know for how cheap I
| could make such a sellable project with free worldwide
| shipping, while also making profit), but what is comically
| impractical about this? It's not like the default functionality
| is to nuke the device from the orbit on disconnect.
|
| You could make one for yourself cheaper, though, if you have
| the know-how.
|
| Though a basic face detection-based screen lock could be quite
| more useful and cheaper, at the cost of increased battery
| consumption.
| throwaway12232 wrote:
| Only the cable by itself cost $59.00.
|
| It's the same USB magnetic cable that you can buy in many
| shops for $2.
|
| > but what is comically impractical about this?
|
| That you have to carry such contraption around and find a
| place to tie it to.
|
| If you have to spend more than $30 for a custom device you
| can detect if a laptop is being moved away from a table in
| many better ways.
| fluidcruft wrote:
| Oh, so you could hopefully substitute a suitable USB C
| cable? (Assuming they exist)
| excalibur wrote:
| > > but what is comically impractical about this?
|
| > That you have to carry such contraption around and find a
| place to tie it to.
|
| If you're the type of person who uses a laptop lock, I
| could see something like this being a welcome enhancement.
| But in that case it would be most practical if it were
| built into the lock itself.
| _flux wrote:
| Personally I have only found cables with relatively weak
| magnetic power. Where does one find these strong ones, in
| particular for prices like you mention? It doesn't seem to
| be a well-advertised property, so it's difficult to tell if
| they are actually strong ot not :/.
|
| The $59 price still includes worldwide shipping.
|
| > That you have to carry such contraption around and find a
| place to tie it to.
|
| I mean you are already carrying a laptop, and probably a
| charger with cables, so carrying a magnetic cable doesn't
| seem a big stretch. You would put it to the same bag with
| your other laptop-related accesories.
|
| It is also quite popular to wear pants with belt loops,
| which would seem suitable for tying this one. Granted
| dresses and skirts have these less commonly; even then
| perhaps one could use a belt. For sportswear I don't have a
| good suggestion.
|
| I notice you refer to these "better ways" yet you don't
| enumerate any. At least I wouldn't consider accelerometer
| and radio-based solutions proper alternatives to this
| (unless using proper latency-based distance measurement, I
| wonder if this truly can be implemented for less than $30).
| The camera solution I proposed might be realistic one, but
| it eats battery.
| dotancohen wrote:
| Interesting. The site implicitly references the arrest of the
| Silk Road founder, using the alternative acronym "Department of
| Parks and Recreation". He was arrested by having his laptop
| literally yanked from under his fingertips in a public library.
| Ensorceled wrote:
| Having a USB kill switch in this case could (would?) have
| escalated the arrest method to something more violent.
| amoshi wrote:
| Yep, I think so too, it wouldn't have protected him. Whoever
| was in charge of the operation would've noticed and
| identified this killswitch, and prepared appropriately. The
| suspect would be incapacitated as a matter of priority to
| prevent him from activating it.
| stickfigure wrote:
| Honestly, that sounds a little too "CSI". If the lanyard is
| attached to a wrist, the chance that someone could be
| suddenly incapacitated in such a way to avoid a jerky
| movement that breaks the connection is pretty small. "Knock
| them unconscious" is a TV trope.
| geoduck14 wrote:
| What about "pin his hands to the table" while the nerds
| exfiltrate the data?
| dane-pgp wrote:
| Maybe there needs to be an accompanying/alternative
| device which can be worn in a shoe and detects toe
| movements. It would probably have to be wireless, which
| would introduce false positives or false negatives, (and
| part of it may need to be attached to the user's ankle,
| due to size constraints), but it would at least defend
| against an attacker who could physically restrain the
| user.
| mellavora wrote:
| OMG, did you just invent Agent Smart's Shoe Phone?
| https://en.wikipedia.org/wiki/Shoe_phone
| reincarnate0x14 wrote:
| I can definitely see policy to tase or otherwise subdue with
| less than lethal means being OK'ed by authorities and
| judiciaries. In principle you'd hope this was rigorously
| established beforehand on per case basis but that
| historically has not been held to standard long if they end
| up doing it with any frequency.
|
| This is getting into the security question of what your
| threat model is. If you're seriously expecting a nation-state
| intelligence agency to be after your laptop, I'd really,
| really recommend not having anything on your laptop because
| unless you've got your own security team they're going to
| find some way to get it and will observe you to see if you're
| using something like a killswitch first.
| marvin wrote:
| How would a more violent arrest have solved anything?
| danbruc wrote:
| Instead of moving the laptop you move the user. Unless the
| kill switch is connected to the user or you remove the user
| too slowly and allow them to manually trigger the kill
| switch, you may gain access to the laptop.
| Ensorceled wrote:
| The kill switch is useless if the accused is incapacitated
| before they could trigger it.
|
| No knock raids, which are inherently violent, to "preserve
| evidence" and reduce the risk to LEO happen about 20000
| times a year in the US.
| [deleted]
| matheusmoreira wrote:
| > No knock raids, which are inherently violent
|
| > reduce the risk to LEO
|
| I remember reading news about an american who killed an
| officer who entered without knocking. He was not
| convicted, it was ruled self-defense.
| Ensorceled wrote:
| 20,000 no knock raids and, I think, two cases of officers
| being killed.
| dotancohen wrote:
| Why? Was he a violent criminal?
| Ensorceled wrote:
| What does "violent criminal" have to do with it? The US
| (and other jurisdictions ) use extreme, violent arrest
| methods like no knock raids for all sorts of non violent
| offences.
| jokethrowaway wrote:
| It's probably better to be beat up or tortured by a state
| actor than to rot in prison for the rest of your life if they
| get hands on proof of your culpability.
|
| Besides the USA is not Al Qaida, there is a chance they would
| respect the Geneva convention:
| https://ccrjustice.org/home/get-involved/tools-
| resources/fac...
| Ensorceled wrote:
| What I'm saying is that they wouldn't get a chance to use
| the kill switch because they would have focused on
| "containing" the suspect before they could activate it.
| datameta wrote:
| In theory, I agree. But it is somewhat akin to saying -
| why use strong encryption since a three letter agency can
| just brute force your device. If you're in that deep,
| maybe it won't help. But for the average reporter in a
| hostile zone, keeping the local police from snooping on
| their machine would be preferential.
| Ensorceled wrote:
| We actually agree completely. This thing may be useful,
| and certainly something to think about if you live or
| travel to places where electronic devices are often
| snatched and, like you said, prevents casual snooping
| since the local police WILL have to escalate to violence.
|
| I just don't think it's going to prevent a Silk Road
| incident and could make it worse for the suspect.
| SamBam wrote:
| I disagree. I this this sounds a little too much like a
| TV show like 24.
|
| The idea that you could completely immobilize someone at
| a public library so rapidly and without their awareness
| that they could not even move their arm 20 cm or so
| during a struggle seems ludicrous to me. Particularly as
| the kind of person who would buy this device would be
| setting themselves up with their back to the wall to
| prevent captures from behind.
|
| I am fairly strong and have wrestled and grappled for
| over a decade, and I would not put my faith in an
| operation that required me (even with another agent) to
| completely immobilize even a weak person enough that I
| could guarantee they could not trigger this.
|
| This takes a flick of a finger to trigger, or moving your
| arm a small distance away from the laptop.
| tata71 wrote:
| > The idea that you could completely immobilize someone
| at a public library so rapidly and without their
| awareness that they could not even move their arm 20 cm
| or so during a struggle seems ludicrous to me.
|
| Well, they did -- and without even touching him.
| dane-pgp wrote:
| They didn't "completely immobilize" him, though, as
| apparently "Ulbricht stood up sharply"[0] after his
| laptop was seized. However, he did make the mistake of
| not sitting with his back to a wall, since the agents
| "walked up behind" him. I guess we'll never know how he
| would have reacted if they had instead walked up in front
| of him and tried to grab his arms.
|
| [0] https://www.businessinsider.com/ross-ulbricht-will-
| be-senten...
| Ensorceled wrote:
| I think you have way too much faith in the reasonableness
| of law enforcement. There are 20K no-knock raids in the
| US every year, a significant percentage at the wrong
| address or clearly innocent people.
| heavenlyblue wrote:
| Why not have a bluetooth/wifi/customised proximity device
| constantly connected to your laptop (and resides in your
| wallet/shoes/private parts) and if you suddenly are too far away
| from your laptop while it's unlocked it gets purged?
| maltfield wrote:
| If all you want is a bluetooth/wifi solution, then there's tons
| of "solutions" on the market for this. See our "comparison"
| table on CrowdSupply for some options:
|
| * https://www.crowdsupply.com/alt-shift/buskill
|
| When I designed BusKill, I intentionally avoided wireless
| solutions.
|
| BusKill is designed for situations where the risk is extremely
| high, and you'll find that the radio-based solutions aren't
| very secure. They're faulty and have huge surface areas of
| attack.
| rightisleft wrote:
| My 2010 MacBook pro acquired this feature about 3 years ago...
| intrasight wrote:
| https://news.ycombinator.com/item?id=21935359
|
| I vaguely remember there being special hard drives with an "acid
| release" tab for rapid physical destruction. The military being a
| prime consumer. For laptops, I'm thinking a Thermite kill switch
| would be effective.
| amiga-workbench wrote:
| I've seen thermite tested, its absolutely not enough to damage
| disk players.
| e0a74c wrote:
| Some interesting experiments in this department:
| https://www.youtube.com/watch?v=-bpX8YvNg6Y
| mnsc wrote:
| Am I the only one to think that if someone is close enough to
| physically yank your computer out of your hands they are also
| physically close enough to beat you with a wrench if you lock the
| computer containing what they are after?
|
| https://xkcd.com/538/
| voidmain0001 wrote:
| Same. A person I know was buying physical gold about 8 years
| ago in preparation for a mega economic collapse which leaves
| gold as king. However he himself said that he will lose in the
| end because someone with a gun will come and take what he's
| got.
| jamil7 wrote:
| This xkcd is exactly what came to mind when reading the "Who
| benefits from BusKill" section.
| karmanyaahm wrote:
| Probably most of the time but maybe not when the adversery
| wants to be covert.
| Melkman wrote:
| That's what the self destruct is for. If you are yanked from
| your laptop or vice versa the laptop will crypto shred its disk
| and wipe RAM. Your attackers can hit you till you die but you
| will not be able to reverse it.
___________________________________________________________________
(page generated 2021-12-15 23:00 UTC)