We're happy to announce the release of BusKill v0.5.0
You can upgrade your BusKill app to the latest version either by
Transparency is important. As we launch our crowdfunding campaign (making the BusKill cable available for purchase for the first time), we wanted to provide a clear video demo showing the cable in-use in all tested platforms:
Watch the below video to see a demonstration of BusKill running on all of the above-listed systems.
BusKill was tested to work in Windows 10.
Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the BusKill app for Windows.
Or you can buy a BusKill kit with the BusKill Windows app pre-installed on the the included USB drive.
BusKill was tested to work in MacOS 10.15 (Catalina).
Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the MacOS
Or you can buy a BusKill kit with the BusKill MacOS app pre-installed on the the included USB drive.
BusKill was tested to work in Ubuntu Linux.
Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the Linux
Or you can buy a BusKill kit with the BusKill Linux app pre-installed on the the included USB drive.
BusKill was tested to work with TAILS (The Amnesic Incognito Live System).
While you could use the BusKill Linux
.AppImage release with a second USB drive while using TAILS, the recommended solution for security-critical users is to just use the BusKill cable in-line with the TAILS live USB drive. This takes advantage of
Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with TAILS.
Or you can buy a BusKill cable to support the BusKill project.
BusKill was also tested to work with QubesOS.
Due to the design of QubesOS (
dom0, sys-usb, etc), the BusKill GUI app does not support QubesOS. Instead, QubesOS support is implemented using the qubes-rpc and a set of scripts stored in
For more information on how to use BusKill in QubesOS, see our BusKill guide for QubesOS.
Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with QubesOS.
Or you can buy a BusKill cable to support the BusKill project.
This post will describe how to use BusKill as a dead man switch to trigger your laptop to self-destruct if it's physically separated from you. This guide is specific to QubesOS users.
What if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? They'd also be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files are not securely shredded after your DispVM is destroyed.
Are you a security researcher, journalist, or intelligence operative that works in QubesOS--exploiting Qubes' brilliant security-through-compartimentalizatio to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.
I'm sure your QubesOS laptop has Full Disk Encryption and you're using a strong passphrase. But what if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM's private data and the currently-running Whonix DispVM's data, but there's a high chance they'd be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!
Let's say you're a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?
BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus' magnetic connection will be severed. This event causes a configurable trigger to execute.
trigger can be anything from:
This post will describe how to setup such a system in QubesOS with BusKill
This post will describe how to add a trigger that initiates a "self-destruct" sequence when your BusKill laptop kill cord's connection is severed--rendering your data permanently & irrevocably destroyed in the event that your laptop were physically separated from you (ie: by a snach-and-run thief).
Many people were disappointed when the original post introducing BusKill only alluded to a self-destruct trigger, without actually describing how to use it with BusKill. This was done for two reasons:
This article will provide that thorough analysis and explain to the reader how to implement a self-destruct trigger with BusKill on linux machines that have FDE with LUKS.
Today, we're happpy to announce that there’s a new way to browse our website more securely and anonymously. To do it, you’ll need a bit of software called the Tor Browser
After the Tor Browser is installed, copy and paste this URL into the address bar to load this website:
Besides the obvious anonymity benefits--allowing our customers to purchase our products anonymously--we chose to make our website accessible at the above
.onion address to take advantage of tor's superior Public Key Infrastructure to the clearnet's flawed x509 model (read: it's more secure).
Instead of using the untrustworthy X.509 PKI model, all connections to a v3 .onion address is made to a single pinned certificate that is directly correlated to the domain itself (the domain is just a hash of the public key + some metadata). Moreover, some of the most secure operating systems send all the user's Internet traffic through the Tor network -- for the ultimate data security & privacy of its users.
In short, users are much safer when communicating directly to a website using a
.onion domain than its clearnet domain.
We've always made sure that our site's content was fully accessible to Tor Browser on strict mode. Unlike other popular websites, we would never use Google reCAPTCHA or blanket block Tor exit nodes.
We want and encourage our customers to be able to use all of our services over Tor. And by adding our service over an Onion Service, our customers with a healthy distrust for the X.509 PKI can take comfort in knowing that accessing our website through our Onion Service address will give them end-to-end encryption using our Tor-generated certificate.
You can buy a BusKill cable with bitcoin, monero, and other altcoins directly from our BusKill Store's Onion Site:
You can also buy a BusKill cable with bitcoin, monero, and other altcoins directly from our Clearnet BusKill Store:
We're very excited to announce that BusKill cables are now available for purchase via CrowdSupply!
This week we launched the BusKill crowdfunding campaign on CrowdSupply.
The DIY guide to build a BusKill laptop kill cord was released last year. Designed to protect journalists, activists, travelers, and crypto traders -- this USB Dead Man's Switch can trigger your computer to lock if someone physically snatches your computer away from you while you're using it.
You can buy a BusKill cable today from CrowdSupply:
You can also buy a BusKill cable with bitcoin, monero, and other altcoins directly from our BusKill Store:
This post will introduce a simple
udev rule and ~$20 in USB hardware that effectively implements a kill cord Dead Man Switch to trigger your machine to self-destruct in the event that you're kicked out of the helm position.
ⓘ Note: This is an old article that is out-of-date.
To learn how to install BusKill, see our BusKill GUI App Documentation.
Let's consider a scenario: You're at a public location (let's say a cafe) while necessarily authenticated into some super important service (let's say online banking). But what if--after you've carefully authenticated--someone snatch-and-runs with your laptop?
Maybe you can call your bank to freeze your accounts before they've done significant financial harm. Maybe you can't.
Or maybe your laptop was connected to your work VPN. In less than 60 seconds and with the help of a rubber ducky, the thief could literally cause millions of dollars in damages to your organization.
Surely there must be some solution to trigger your computer to lock, shutdown, or self-destruct when it's physically separated from you! There is: I call it BusKill.