Disclaimer: While we gave samxplogs a free BusKill Kit for review, we did not pay them nor restrict their impartiality and freedom to publish an independent review. We did require them to make the video open-source as a condition of receiving this free review unit. The above video is licensed CC BY-SA; you are free to redistribute it. If you are a video producer and would like a free BusKill Kit for review, please contact us
Want to see BusKill in-action? Checkout these video demos made by YouTuber @samxplogs showing the BusKill cable in-use on several supported platforms:
This post will describe how to use BusKill as a dead man switch to trigger your laptop to self-destruct if it’s physically separated from you. This guide is specific to QubesOS users.
What if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? They’d also be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files are not securely shredded after your DispVM is destroyed.
Are you a security researcher, journalist, or intelligence operative that works in QubesOS–exploiting Qubes’ brilliant security-through-compartimentalization to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.
I’m sure your QubesOS laptop has Full Disk Encryption and you’re using a strong passphrase. But what if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM’s private data and the currently-running Whonix DispVM’s data, but there’s a high chance they’d be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!
Let’s say you’re a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?
BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus’ magnetic connection will be severed. This event causes a configurable trigger to execute.
This post will describe how to add a trigger that initiates a “self-destruct” sequence when your BusKill laptop kill cord’s connection is severed–rendering your data permanently & irrevocably destroyed in the event that your laptop were physically separated from you (ie: by a snach-and-run thief).
Many people were disappointed when the original post introducing BusKill only alluded to a self-destruct trigger, without actually describing how to use it with BusKill. This was done for two reasons:
Most people probably don’t actually want an accidental false-positive to destroy all their data and
A self-destruct sequence should be taken seriously. Its implementation should be thoroughly thought-out, tested, and forensically analyzed
This article will provide that thorough analysis and explain to the reader how to implement a self-destruct trigger with BusKill on linux machines that have FDE with LUKS.
