We’re happy to announce that BusKill is presenting at DEF CON 32.
What: Open Hardware Design for BusKill Cord
When: 2024-08-10 12:00 – 13:45
Where: W303 – Third Floor – LVCC West Hall
Update 2024-09-04 Added slide deck pdf
We’re happy to announce that BusKill is presenting at DEF CON 32.
What: Open Hardware Design for BusKill Cord
When: 2024-08-10 12:00 – 13:45
Where: W303 – Third Floor – LVCC West Hall
Update 2024-09-04 Added slide deck pdf
This post contains a canary message that’s cryptographically signed by the official BusKill PGP release key
For more information about BusKill canaries, see:
Today we’re ecstatic to publish our first demo showing a homemade BusKill Cable (in the prototype 3D-printed case) triggering a lockscreen.
While we do what we can to allow at-risk folks to purchase BusKill cables anonymously, there is always the risk of interdiction.
We don’t consider hologram stickers or tamper-evident tape/crisps/glitter to be sufficient solutions to supply-chain security. Rather, the solution to these attacks is to build open-source, easily inspectable hardware whose integrity can be validated without damaging the device and without sophisticated technology.
Actually, the best way to confirm the integrity of your hardware is to build it yourself. Fortunately, BusKill doesn’t have any circuit boards, microcontrollers, or silicon; it’s trivial to print your own BusKill cable — which is essentially a USB extension cable with a magnetic breakaway in the middle
Mitigating interdiction via 3D printing is one of many reasons that Melanie Allen has been diligently working on prototyping a 3D-printable BusKill cable this year. In this article, we hope to showcase her progress and provide you with some OpenSCAD and .stl
files you can use to build your own version of the prototype, if you want to help us test and improve the design.
ⓘ Note: This post is adapted from its original article on Melanie Allen’s blog.
In our last update, I showed a video demo where I succesfully triggered a lockscreen using a BusKill prototype without the 3D-printed body for the case and N35 disc magnets. I realized that the N35 disc magnets were not strong enough. In this update, I show a demo with the prototype built inside a 3D-printed case and with (stronger) N42 and N52 cube magnets.
This post contains a canary message that’s cryptographically signed by the official BusKill PGP release key
For more information about BusKill canaries, see:
In celebration of Bitcoin Black Friday 2023, we’re offering a 10% discount on all BusKill cables sold between Nov 18 to Dec 03.
This post will describe how to setup keyboard shortcuts in QubesOS so that you can temporarily disarm (pause) the BusKill laptop kill cord.
This allows the user to, for example, go to the bathroom without causing their computer to shutdown or self-destruct.
This is a guide that builds on part one: A Laptop Kill Cord for QubesOS (1/2). Before reading this, you should already be familiar with how to setup udev rules for BusKill on QubesOS.
ⓘ Note: This post is adapted from its original article on Tom Hocker’s blog.
What if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? They’d also be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files are not securely shredded after your DispVM is destroyed.
Are you a security researcher, journalist, or intelligence operative that works in QubesOS–exploiting Qubes’ brilliant security-through-compartimentalization to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.
I’m sure your QubesOS laptop has Full Disk Encryption and you’re using a strong passphrase. But what if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM’s private data and the currently-running Whonix DispVM’s data, but there’s a high chance they’d be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!
Let’s say you’re a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?
BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus’ magnetic connection will be severed. This event causes a configurable trigger to execute.
The BusKill trigger
can be anything from:
While our last post described how to setup such a system in QubesOS with BusKill, this post will describe how to add keyboard shortcuts to arm & disarm the dead man switch (eg so you can go to the bathroom).
🇬🇧 English version of this article.
Wir freuen uns bekannt zu geben, dass BusKill-Kabel zum ersten Mal persönlich in einem Ladengeschäft in Deutschland (Leipzig) gekauft werden kann.
🇩🇪 Deutsche Version dieses Artikels
We’re happy to announce that, for the first time ever, BusKill cables can be purchased in-person in Leipzig, Germany.
The BusKill project has partnered with ProxyStore to make BusKill laptop kill cords finally available from a brick-and-mortar location. You can now go to the following location and purchase a BusKill cable with cash or cryptocurrency.
Bernhard-Göring-Straße 162
04277 Leipzig
Germany
We’re happy to announce that we were successfully able to initiate a BusKill lockscreen trigger using a 3D-printed BusKill prototype!
While we do what we can to allow at-risk folks to purchase BusKill cables anonymously, there is always the risk of interdiction.
We don’t consider hologram stickers or tamper-evident tape/crisps/glitter to be sufficient solutions to supply-chain security. Rather, the solution to these attacks is to build open-source, disassembleable, and easily inspectable hardware whose integrity can be validated without damaging the device and without sophisticated technology.
Actually, the best way to confirm the integrity of your hardware is to build it yourself. Fortunately, printing your own circuit boards, microcontroller, or silicon has a steeper learning curve than a BusKill cable — which is essentially just a USB extension cable with a magnetic breakaway in the middle.
Mitigating interdiction via 3D printing is one of many reasons that Melanie Allen has been diligently working on prototyping a 3D-printable BusKill cable this year. In this article, we hope to showcase her progress and provide you some OpenSCAD and .stl
files so you can experiment with building your own and help test and improve our designs.
ⓘ Note: This post is adapted from its original article on Melanie Allen’s blog.
Last month, I successfully triggered a lockscreen event using our 3D-printed BusKill prototype.
We’re happy to announce the release of BusKill v0.7.0
Most importantly, this release allows you to arm the BusKill GUI app such that it shuts-down your computer when the BusKill cable’s connection to the computer is severed.