USBKill Transforms a Thumb Drive Into an "Anti-Forensic" Device

Orome1 writes with a snippet from a report at net-security.org; a hacker going by Hephaestos has shared with the world a Python script that, when put on an USB thumb drive, turns the device in an effective kill switch for the computer to which it's plugged in. USBkill, as the programmer dubbed it, "waits for a change on your USB ports, then immediately kills your computer." The device would be useful "in case the police comes busting in, or steals your laptop from you when you are at a public library," Hephaestos explained.

works differently in the states.

[nimbius]

"In case the police come busting in" is a condition typically followed by a hailstorm of bullets here in the United States. Afterwards, assuming you have a winning complexion, charges are fabricated and officers exhonorated.

Our prosecution also works similar to a firehose. Typically if youre arrested for loitering or driving while black, youll be charged with resisting arrest and a large slew of other charges that may not even apply to your specific encounter. Once in jail a member of the prosecution team will approach you with a laundry list of offenses and the threat of decades of years in jail. Mercifully they will offer a plea bargain that, should you choose to simply plead guilty, youll only spend a fraction of that time in prison. If you cant afford a lawyer, and dont have a firm grasp of legal proceedings yourself, this option is generally chosen.

Wiping the contents of your laptop, or refusing to give a password in the US, is generally met with unfavourable consequences. Indefinite forcible detention at border checkpoints without charges, for example, befell moxy marlinspike. computing chicanery in general that goes beyond the relm of 'good consumer' will find you hounded to the end of your days, as was the case of the late Aaron Schwartz. Given my options, id rather feign ignorance than quietly activate a duress payload.

Not the first, but more useful for today

[eastjesus]

Reminds me of something I wrote back around 1981. Working with the early IBM PC at the machine code level several flaws surfaced and for fun I packaged them all together in the boot sector of a 5 1/4" floppy which we put in a "break glass" box and put on the wall (There were no hard drives yet, the XT wasn't out yet). If you placed the floppy in the boot drive it would destroy the hardware in a few seconds. First, there was a bit on the original IBM display adapter (mono text only) which would lock the horizontal sweep on the standard IBM monitor forcing the horizontal output power transistor to overheat and burn out. You would see the display image collapse while the monitor would squeal while smoke (literally!) would come out the sides and back, and die with a $200 repair to fix it. Second, there were no stops on the head movement on those original floppy drives - with the right loop they would step out until the heads fell off inside the case with a pair of clunks if you had a 2 drive system. (Not a difficult repair, but you had to know what your were doing and get into the floppy drives themselves to fix it.) Finally, the speaker ran off of a shift register which could be loaded with a really nasty PWM sound and set to free run. With interrupts disabled and the CPU halted, the machine sat there smoking with a very loud nerve-rattling siren, completely dead and unable to boot. It would require major physical repairs to get it working again. The monitor would stink for weeks afterwards.

Re:this already exists

[bluefoxlucid]

Which opens you up to all kinds of high circumstantial evidence prosecution. Evidence that you may have been involved in a crime coupled with a psychotic behavior in which you put your computer data at severe risk to handle an unexpected seizure? If they have weak evidence showing your involvement in a crime, the corroborating behavior provides circumstantial evidence supporting their weak evidence; either by itself may be inadmissible.

Re:Of course USB is a perfect system

[Moof123]

That is probably a tactic to be used by the authorities. If they get a hold of the laptop and sneak in some piece of hardware to make the USB drop every now and then, the suspect will pretty soon disable it.

Way back when I worked for a 3 letter acronym this was a pretty low tech solution often employed to circumvent alarms of all sorts. Just randomly trigger the alarm a every few hours at night and within a few days it will be turned off out of disgust or at the orders of any cops that have been dispatched the last half dozen times. Now you can waltz in and do your dirty work.

Re:Except they just turn the power off

[TheCarp]

If anyone needs someone to talk on how intimidating such a situation can be, they can just ask my wife, she has ended up in situations like this a couple of times just trying to get to work.

Here in Boston the local public transit (MBTA) thugs have a serious TSA hard on. They actually run random bag swabbing checkpoints at stations. In theory, you can refuse and leave, walk right out. In practice, when my wife tried to say no, she had one officer yelling "we have a resistor" as she was suddenly surrounded by people telling her what to do and found herself being railroaded to the the swabber and into the station....so much for a right to refuse and walk out.

Its amazing how intimidating a gang of armed men yelling at you can be.