In celebration of Bitcoin Black Friday 2023, we're offering a 10% discount on all BusKill cables sold between Nov 18 to Dec 03.
Tag: dead man switch
Featured Updates
Disarm BusKill in QubesOS
This post will describe how to setup keyboard shortcuts in QubesOS so that you can temporarily disarm (pause) the BusKill laptop kill cord.
This allows the user to, for example, go to the bathroom without causing their computer to shutdown or self-destruct.
This is a guide that builds on part one: A Laptop Kill Cord for QubesOS (1/2). Before reading this, you should already be familiar with how to setup udev rules for BusKill on QubesOS.
- A Laptop Kill Cord for QubesOS (1/2)
- Disarm BusKill in QubesOS (2/2)
ⓘ Note: This post is adapted from its original article on Tom Hocker's blog.
What is BusKill?
What if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? They'd also be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files are not securely shredded after your DispVM is destroyed.
Are you a security researcher, journalist, or intelligence operative that works in QubesOS--exploiting Qubes' brilliant security-through-compartimentalization to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.
I'm sure your QubesOS laptop has Full Disk Encryption and you're using a strong passphrase. But what if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM's private data and the currently-running Whonix DispVM's data, but there's a high chance they'd be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!
Let's say you're a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?
BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus' magnetic connection will be severed. This event causes a configurable trigger to execute.
The BusKill trigger can be anything from:
- locking your screen or
- shutting down the computer or
- initiating a self-destruct sequence
While our last post described how to setup such a system in QubesOS with BusKill, this post will describe how to add keyboard shortcuts to arm & disarm the dead man switch (eg so you can go to the bathroom).
BusKill im Ladengeschäft erhältlich (Leipzig ProxySto.re)
🇬🇧 English version of this article.
Wir freuen uns bekannt zu geben, dass BusKill-Kabel zum ersten Mal persönlich in einem Ladengeschäft in Deutschland (Leipzig) gekauft werden kann.
BusKill available in-store (Leipzig ProxySto.re)
🇩🇪 Deutsche Version dieses Artikels
We're happy to announce that, for the first time ever, BusKill cables can be purchased in-person in Leipzig, Germany.
![[BusKill] Our Dead Man Switch Magnetic USB Breakaway cables are Now Available in-person in Leipzig, Germany at ProxyStore](https://www.buskill.in/wp-content/uploads/sites/8/xleipzig-proxystore-featuredImage9.jpg.pagespeed.ic.bQ8Gov_jdl.jpg)
The BusKill project has partnered with ProxyStore to make BusKill laptop kill cords finally available from a brick-and-mortar location. You can now go to the following location and purchase a BusKill cable with cash or cryptocurrency.
Bernhard-Göring-Straße 162
04277 Leipzig
Germany
3D Printable BusKill Proof-of-Concept
We're happy to announce that we were successfully able to initiate a BusKill lockscreen trigger using a 3D-printed BusKill prototype!
While we do what we can to allow at-risk folks to purchase BusKill cables anonymously, there is always the risk of interdiction.
We don’t consider hologram stickers or tamper-evident tape/crisps/glitter to be sufficient solutions to supply-chain security. Rather, the solution to these attacks is to build open-source, disassembleable, and easily inspectable hardware whose integrity can be validated without damaging the device and without sophisticated technology.
Actually, the best way to confirm the integrity of your hardware is to build it yourself. Fortunately, printing your own circuit boards, microcontroller, or silicon has a steeper learning curve than a BusKill cable -- which is essentially just a USB extension cable with a magnetic breakaway in the middle.
Mitigating interdiction via 3D printing is one of many reasons that Melanie Allen has been diligently working on prototyping a 3D-printable BusKill cable this year. In this article, we hope to showcase her progress and provide you some OpenSCAD and .stl files so you can experiment with building your own and help test and improve our designs.
ⓘ Note: This post is adapted from its original article on Melanie Allen's blog.
Demo
Last month, I successfully triggered a lockscreen event using our 3D-printed BusKill prototype.
3D Printable BusKill Prototypes
We're happy to announce that we've had good progress on the design of the 3D printable BusKill USB-A magnetic breakaway couplers this year!
While we do what we can to allow at-risk folks to purchase BusKill cables anonymously, there is always the risk of interdiction.
We don’t consider hologram stickers or tamper-evident tape/crisps/glitter to be sufficient solutions to supply-chain security. Rather, the solution to these attacks is to build open-source, disassembleable, and easily inspectable hardware whose integrity can be validated without damaging the device and without sophisticated technology.
Actually, the best way to confirm the integrity of your hardware is to build it yourself. Fortunately, printing your own circuit boards, microcontroller, or silicon has a steeper learning curve than a BusKill cable -- which is essentially just a USB extension cable with a magnetic breakaway in the middle.
Mitigating interdiction via 3D printing is one of many reasons that Melanie Allen has been diligently working on prototyping a 3D-printable BusKill cable this year. In this article, we hope to showcase her progress and provide you some OpenSCAD and .stl files so you can experiment with building your own and help test and improve our designs.
ⓘ Note: This post is adapted from its original article on Melanie Allen's blog.
Developing the Prototype
Ideation
A few years ago, Michael asked me if I was interested in developing a 3D-printed case for the magnetic breakaway. He enumerated the following design requirements:
- The case should be as small as possible, because it shouldn’t block neighboring ports, nor sit heavy in the port causing it to bump into objects on the desk.
- The case should be able to be dissembled, so that people can make sure it isn’t tampered with. It shouldn’t be glued together.
- In order to avoid using glue, we had a factory specially manufacture some hexagonal shaped magnets that we believed would be able to sit inside the printed part without glue.
- Much like USB breakaways that are designed to prevent wear and tear on ports, the case would house a pogo pins and magnets, and a USB.
However, over the past years' iterations, we adjusted the requirements:
Bitcoin Black Friday (10% discount on BusKill)
In celebration of Bitcoin Black Friday 2022, we're offering a 10% discount on all BusKill cables sold between Nov 19 to Dec 04.
BusKill Now Shipping!
We're excited to announce that our first production run of BusKill cables is now in-stock in our distribution center.
The first BusKill prototype was born in 2017. It gained international popularity in 2020 when Michael Altfield described how to build your own BusKill cable. After extensive effort and with the help of several contributors, a Linux hacker's DIY cable got a user-friendly, cross-platform GUI.
When the only USB-A magnetic breakaway coupler on the market became out of stock and EOL'd, we raised $18,507 on CrowdSupply in early 2022 to manufacture our own injection-molded cable. One thousand logistics challenges later, Mouser started shipping BusKill cables to our backers in October 2022.
Now that the hardware is out the door, we're hard at work on new features for the BusKill app. Our top goal is to add a soft-shutdown trigger to the existing lock-screen trigger. At the time of writing, this is functional on Linux and Windows. We're just working out the kinks of privilege escalation on MacOS.
To be notified when we've added the soft-shutdown trigger to the BusKill app, you can signup for our newsletter.
We did our best to test BusKill across the three target platforms, but the wide spread of OS versions does leave room for error. If you happen to find a bug with BusKill, please let us know.
If you don't have a BusKill cable yet, you can buy one here on this website or build your own. And for the makers out there, checkout the progress on our 3D printable BusKill magnetic breakaway coupler 🙂
You can also buy a BusKill cable with bitcoin, monero, and other altcoins directly from our BusKill Store
BusKill Demos (Windows, MacOS, Linux, TAILS, QubesOS)
Video Demo
Watch the below video to see a demonstration of BusKill running on all of the below-listed systems.
Transparency is important. As we launch our crowdfunding campaign (making the BusKill cable available for purchase for the first time), we wanted to provide a clear video demo showing the cable in-use in all tested platforms:
Windows
BusKill was tested to work in Windows 10.
Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the BusKill app for Windows.
Or you can buy a BusKill kit with the BusKill Windows app pre-installed on the the included USB drive.
MacOS
BusKill was tested to work in MacOS 10.15 (Catalina).
Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the MacOS .dmg release.
Or you can buy a BusKill kit with the BusKill MacOS app pre-installed on the the included USB drive.
Linux
BusKill was tested to work in Ubuntu Linux.
Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the Linux .AppImage release.
Or you can buy a BusKill kit with the BusKill Linux app pre-installed on the the included USB drive.
TAILS
BusKill was tested to work with TAILS (The Amnesic Incognito Live System).
While you could use the BusKill Linux .AppImage release with a second USB drive while using TAILS, the recommended solution for security-critical users is to just use the BusKill cable in-line with the TAILS live USB drive. This takes advantage of
- The BusKill cable's magnetic breakaway along with
- The TAILS built-in emergency shutdown
Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with TAILS.
Or you can buy a BusKill cable to support the BusKill project.
QubesOS
BusKill was also tested to work with QubesOS.
Due to the design of QubesOS (dom0, sys-usb, etc), the BusKill GUI app does not support QubesOS. Instead, QubesOS support is implemented using the qubes-rpc and a set of scripts stored in sys-usb and dom0.
For more information on how to use BusKill in QubesOS, see our BusKill guide for QubesOS.
Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with QubesOS.
Or you can buy a BusKill cable to support the BusKill project.
A Laptop Kill Cord for QubesOS
This post will describe how to use BusKill as a dead man switch to trigger your laptop to self-destruct if it's physically separated from you. This guide is specific to QubesOS users.
What if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? They'd also be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files are not securely shredded after your DispVM is destroyed.
This is part one of a two-part series. For part two, see Disarm BusKill in QubesOS (2/2)
- A Laptop Kill Cord for QubesOS (1/2)
- Disarm BusKill in QubesOS (2/2)
Are you a security researcher, journalist, or intelligence operative that works in QubesOS--exploiting Qubes' brilliant security-through-compartimentalizatio to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.
I'm sure your QubesOS laptop has Full Disk Encryption and you're using a strong passphrase. But what if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM's private data and the currently-running Whonix DispVM's data, but there's a high chance they'd be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!
Let's say you're a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?
BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus' magnetic connection will be severed. This event causes a configurable trigger to execute.
The BusKill trigger can be anything from:
- locking your screen or
- shutting down the computer or
- initiating a self-destruct sequence
This post will describe how to setup such a system in QubesOS with BusKill