Featured Updates

Bitcoin Black Friday (10% discount on BusKill)
BusKill Now Shipping!
LUKS Header Shredder (BusKill Self-Destruct Trigger)
BusKill Demos (Windows, MacOS, Linux, TAILS, QubesOS)
BusKill v0.6.0 released
previous arrow
next arrow

Bitcoin Black Friday (10% discount on BusKill)

In celebration of Bitcoin Black Friday 2022, we're offering a 10% discount on all BusKill cables sold between Nov 19 to Dec 04.

BusKill Bitcoin Black Friday Sale - Our Dead Man Switch Magnetic USB Brakaway cables are 10% off all orders paid with cryptocurrency

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.


If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

What is Bitcoin Black Friday?

Black Friday is ~1 month before Christmas, and it's the busiest shopping day in the US. The first "Bitcoin Friday" (launched by Jon Holmquist) was Nov 9th, 2012 (at the time, one bitcoin was ~$11). The following year, the two ideas merged to become Bitcoin Black Friday.

This year, we're joining Bitcoin Black Friday by offering our products at a 10% discount if you pay with cryptocurrency.

Why should I use cryptocurrencies?

We've always accepted cryptocurrencies because:

  1. They're more secure than pre-cryptocurrency payment methods
  2. They're a more egalitarian system than pre-cryptocurrency finance
  3. They're more environmentally friendly than pre-cryptocurrency financial systems
  4. The fees are less than pre-cryptocurrency transactions
  5. They allow for anonymous purchases online
  6. Their transactions are censorship-resistant

Security

Before cryptocurrencies, making an online transaction was horrendously insecure and backwards.

Diagram shows all the third parties that can steal your funds in a pull-based system: Merchant, Acquierer, Payment Processor, Switch, Issuer
"Conceptually, pull-based transactions are really not that different than giving three parties the password to your online banking service and trusting them to log in and take what they need. You have to trust the merchant, their IT supplier; the acquiring bank, their third-party processor; the card network; and your own card issuer—and everybody who works for them and has access to their systems. If a bad guy gets hold of your card details at any point in this process, they could drain your account.
The picture shows the scope of all the entities with access to your critical card information" source

Asymmetric cryptography has been available since the 1970s, but CNP (Card Not Present) transactions to this day still don't use public keys to sign transactions. Rather, you give your private keys (that is, your credit card number, expiry, etc) directly to the merchant and you authorize them to pull money out of your account (trusting that they take the right amount and not to loose those precious credentials).

Bitcoin flipped this around to actually make transactions secure. With bitcoin, you don't give others the keys to take money out of your account. Instead, transactions are push-based. You sign a transaction with your private keys, and those keys are shared with no-one.

Even today, pre-cryptocurrency transactions are abhorrently insecure. In the US or Europe, if someone knows your account number and bank, they can direct debit money out of your account. For the same reason, losses due to credit card theft is enormous. To quote Satoshi Nakamoto's criticism of pre-cryptocurrency transactions, "A certain percentage of fraud is accepted as unavoidable"

In fact, fraudulent transactions in the banking industry are so common that your bank will generally reimburse your account for any malicious transactions that you tell them about within 60-90 days. But if someone drains your account of all your money and you don't notice for 12 months? Too bad. All your money is gone.

Graphic shows a push-based model where a consumer pushes value directly to a merchant
In Bitcoin, transactions are push-based. source

Tokenization and 3DS are merely bandages on a fundamentally backwards, pull-based transaction model.

But because bitcoin is push-based, it's magnitudes more secure.

Egalitarian

If you have a bank account, then you probably take a lot of things for granted.

Like buying things online (with a credit card). Or getting cash when traveling abroad (from an ATM machine). Or taking out a loan so you can start a business.

Before crypto-currencies, it was very difficult to do these things unless you had a bank account. And in 2008 (the year with the first-ever bitcoin transaction), McKinsey & Company published a report concluding that half of the world's adult population is unbanked.

But with crypto-currencies, anyone with access to the internet and a computer or smart phone can use bitcoin to send and receive money online -- without needing to first obtain a bank account.

Environmentalism

The energy required to facilitate transactions in decentralized, blockchain-based cryptocurrencies like bitcoin is minuscule by comparison. And, most importantly, the amount of energy used to solve the proof-of-work problem does not grow as the number of transactions-per-second grows.

Traditional financial institutions require an enormous amount of overhead to facilitate transactions in their centralized networks. Unlike bitcoin, which was designed specifically to eliminate the unnecessary overhead created by a trusted third party, pre-cryptocurrency transactions required humans to verify transactions. These humans require office buildings. These office buildings require energy to build and maintain. And, most importantly, as the number of transactions-per-second grows on their network, the number of humans and office space also grows.

Bar Graph shows the comparison of energy usage of Bitcoin and various industries.
Bitcoin versus other industries — yearly energy use, in TWh source

This fact is often misunderstood because there's a lot of misinformation on the Internet that makes a few disingenuous modifications to the facts:

  1. They calculate the energy usage of the computers processing transactions only, maliciously omitting calculating the energy usage of the entire industry's infrastructure (eg energy used by office buildings)
  2. They calculate the energy usage per transaction, maliciously omitting the fact that the amount of energy expended by bitcoin miners is automatically adjusted by the proof-of-work algorithm (so energy usage does not increase as the network scales-up)
  3. They offer statistics about "energy usage" without mentioning the energy sources. It matters if the energy source is coal/nuclear/natural-gas or solar/wind/hydroelectric

Nic Carter Headshot
...estimates for what percentage of Bitcoin mining uses renewable energy vary widely. In December 2019, one report suggested that 73% of Bitcoin’s energy consumption was carbon neutral, largely due to the abundance of hydro power in major mining hubs such as Southwest China and Scandinavia. On the other hand, the CCAF estimated in September 2020 that the figure is closer to 39%. But even if the lower number is correct, that’s still almost twice as much [renewable energy sources] as the U.S. grid

-Nic Carter, Harvard Business Review
source

The facts are that the energy usage of bitcoin is magnitudes less than the energy used by pre-cryptocurrency financial intuitions, that energy usage does not increase as the number of transactions processed by the network increases, and that mining bitcoin is often done with renewable energy.

Low Fees

The introduction to the Bitcoin White Paper (2008) clearly states that Bitcoin was created to reduce costs by using a distributed ledger (the blockchain) to eliminate the need for a trusted third party.

A hooded figure wearing a guy faux ask sits in lotus pose. Behind them is an illuminated personification of Bitcoin
Satoshi Nakamoto, anonymous Bitcoin inventor

Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model.
Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs
...
These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party.

What is needed is an electronic payment system based on cryptographic proof instead of trust,
allowing any two willing parties to transact directly with each other without the need for a trusted third party. Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers. In this paper, we propose a solution to the double-spending problem using a peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions.

-Satoshi Nakamoto, Author of Bitcoin: A Peer-to-Peer Electronic Cash System

At the time of writing, the average transaction fee for a bitcoin transaction is $0.06. And unlike pre-cryptocurrency transactions, you can increase or decrease the fee that you pay to increase or decrease the time it takes for the transaction to complete (at $0.06, it will get added to the blockchain in ~1 hour).

By comparison, the way to send funds internationally through the Internet via pre-cryptocurrency banks is via an international wire transfer. Fees very per bank, but they typically charge $15-$85 per transaction. And unlike bitcoin, wire transfers won't make move on nights and weekends, so they can take 1-7 days to complete.

Also, with bitcoin, that $0.06 transaction fee only applies when you're sending money. Many banks will also charge a fee for an incoming wire transfer. In bitcoin, there is no transaction fee to receive money.

Anonymity

Though early cryptocurrencies like Bitcoin don't ensure anonymity like newer privacy coins, ZCash and Monero were designed specifically to provide private transactions.

This allows our customers to purchase from us anonymously, which can be extremely important for activists and journalists whose lives are threatened by their adversaries.

Tweet from WikiLeaks that reads "WikiLeaks now accepts anonymous Bitcoin donations on 1HB5XMLmzFVj8ALj6mfBsbifRoD4miY36v"
WikiLeaks started accepting donations in Bitcoin 7 months after PayPal froze their account

We accept both ZCash and Monero. If you'd like us to accept another privacy coin, please contact us 🙂

Censorship-Resistant

Cryptocurrencies like bitcoin are peer-to-peer and permissionless. Transactions exchanging bitcoins occur directly between two parties. There is no middle-man that has the power to block, freeze, or reverse transactions.

Before blockchains were used to maintain a public ledger and enable peer-to-peer transactions, we were dependent on big financial institutions to move money on our behalf through the internet. That antiquated system allowed them to censor transactions, such as donations made to media outlets reporting war crimes and donations to protest movements.

Evan Grer portrait
"For me, that is one of the coolest things about bitcoin"
...
"People can potentially use it donate more anonymously to dissident groups and causes in a world where mass government surveillance threatens freedom of expression and certainly harms activists’ ability to fundraise for their work, when people are afraid they could be targeted by a government for donating to a worthy cause."

-Evan Greer, Director of Fight for the Future

source

After PayPal froze WikiLeaks's donation account in 2010, WikiLeaks started accepting bicoin in 2011.

From Occupy Wall Street to Ukraine, defenders of democracy have utilized permissionless cryptocurrencies to accept international donations without the risk of transactions made through financial institutions.

Buy BusKill with crypto

Don't risk loosing your crypto to a thief that steals your laptop. Get your own BusKill Cable today!

You can also buy a BusKill cable with bitcoin, monero, and other altcoins from our BusKill Store's .onion site

Bitcoin Accepted Here

Monero Accepted Here

To be notified about future sales of the BusKill cable, you can signup for our newsletter.


BusKill Now Shipping!

We're excited to announce that our first production run of BusKill cables is now in-stock in our distribution center. Existing orders are going out now, and new orders will ship immediately.

[BusKill] Our Dead Man Switch Magnetic Breakaway cables are Now Shipping!

The first BusKill prototype was born in 2017. It gained international popularity in 2020 when Michael Altfield described how to build your own BusKill cable. After extensive effort and with the help of several contributors, a Linux hacker's DIY cable got a user-friendly, cross-platform GUI.

When the only USB-A magnetic breakaway coupler on the market became out of stock and EOL'd, we raised $18,507 on CrowdSupply in early 2022 to manufacture our own injection-molded cable. One thousand logistics challenges later, Mouser started shipping BusKill cables to our backers in October 2022.

The assembled BusKill cable is plugged-into the USB-A port of a laptop

Now that the hardware is out the door, we're hard at work on new features for the BusKill app. Our top goal is to add a soft-shutdown trigger to the existing lock-screen trigger. At the time of writing, this is functional on Linux and Windows. We're just working out the kinks of privilege escalation on MacOS.

To be notified when we've added the soft-shutdown trigger to the BusKill app, you can signup for our newsletter.


We did our best to test BusKill across the three target platforms, but the wide spread of OS versions does leave room for error. If you happen to find a bug with BusKill, please let us know.

If you don't have a BusKill cable yet, you can buy one here on this website or build your own. And for the makers out there, checkout the progress on our 3D printable BusKill magnetic breakaway coupler 🙂

You can also buy a BusKill cable with bitcoin, monero, and other altcoins directly from our BusKill Store

Bitcoin Accepted Here

Monero Accepted Here

BusKill Demos (Windows, MacOS, Linux, TAILS, QubesOS)

BusKill Demo #2

Transparency is important. As we launch our crowdfunding campaign (making the BusKill cable available for purchase for the first time), we wanted to provide a clear video demo showing the cable in-use in all tested platforms:

Full Video Demo

Watch the below video to see a demonstration of BusKill running on all of the above-listed systems.

Windows

BusKill was tested to work in Windows 10.


Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the BusKill app for Windows.

Or you can buy a BusKill kit with the BusKill Windows app pre-installed on the the included USB drive.

MacOS

BusKill was tested to work in MacOS 10.15 (Catalina).


Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the MacOS .dmg release.

Or you can buy a BusKill kit with the BusKill MacOS app pre-installed on the the included USB drive.

Linux

BusKill was tested to work in Ubuntu Linux.


Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the Linux .AppImage release.

Or you can buy a BusKill kit with the BusKill Linux app pre-installed on the the included USB drive.

TAILS

BusKill was tested to work with TAILS (The Amnesic Incognito Live System).


While you could use the BusKill Linux .AppImage release with a second USB drive while using TAILS, the recommended solution for security-critical users is to just use the BusKill cable in-line with the TAILS live USB drive. This takes advantage of

  1. The BusKill cable's magnetic breakaway along with
  2. The TAILS built-in emergency shutdown

Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with TAILS.

Or you can buy a BusKill cable to support the BusKill project.

QubesOS

BusKill was also tested to work with QubesOS.


Due to the design of QubesOS (dom0, sys-usb, etc), the BusKill GUI app does not support QubesOS. Instead, QubesOS support is implemented using the qubes-rpc and a set of scripts stored in sys-usb and dom0.

For more information on how to use BusKill in QubesOS, see our BusKill guide for QubesOS.

Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with QubesOS.

Or you can buy a BusKill cable to support the BusKill project.

A Laptop Kill Cord for QubesOS

This post will describe how to use BusKill as a dead man switch to trigger your laptop to self-destruct if it's physically separated from you. This guide is specific to QubesOS users.

What if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? They'd also be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files are not securely shredded after your DispVM is destroyed.

QubesOS Logo
QubesOS: A reasonably secure OS

Are you a security researcher, journalist, or intelligence operative that works in QubesOS--exploiting Qubes' brilliant security-through-compartimentalizatio to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.

I'm sure your QubesOS laptop has Full Disk Encryption and you're using a strong passphrase. But what if someone literally steals your laptop while you're working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM's private data and the currently-running Whonix DispVM's data, but there's a high chance they'd be able to recover data from previous DispVMs--as Disposable VM's rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!

Let's say you're a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?


BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus' magnetic connection will be severed. This event causes a configurable trigger to execute.

The BusKill trigger can be anything from:

  1. locking your screen or
  2. shutting down the computer or
  3. initiating a self-destruct sequence

This post will describe how to setup such a system in QubesOS with BusKill

Continue reading

LUKS Header Shredder (BusKill Self-Destruct Trigger)

This post will describe how to add a trigger that initiates a "self-destruct" sequence when your BusKill laptop kill cord's connection is severed--rendering your data permanently & irrevocably destroyed in the event that your laptop were physically separated from you (ie: by a snach-and-run thief).

LUKS Header Shredder

Many people were disappointed when the original post introducing BusKill only alluded to a self-destruct trigger, without actually describing how to use it with BusKill. This was done for two reasons:

  1. Most people probably don't actually want an accidental false-positive to destroy all their data and
     
  2. A self-destruct sequence should be taken seriously. Its implementation should be thoroughly thought-out, tested, and forensically analyzed

This article will provide that thorough analysis and explain to the reader how to implement a self-destruct trigger with BusKill on linux machines that have FDE with LUKS.

Continue reading

Introducing BusKill: A Kill Cord for your Laptop

This post will introduce a simple udev rule and ~$20 in USB hardware that effectively implements a kill cord Dead Man Switch to trigger your machine to self-destruct in the event that you're kicked out of the helm position.

BusKill: A USB Kill Cord for you Laptop

ⓘ Note: This is an old article that is out-of-date.

To learn how to install BusKill, see our BusKill GUI App Documentation.

Photo of a Rubber Ducky USB drive
Rubber Ducky I <3 you; you make hack time lots of fun!

Let's consider a scenario: You're at a public location (let's say a cafe) while necessarily authenticated into some super important service (let's say online banking). But what if--after you've carefully authenticated--someone snatch-and-runs with your laptop?

Maybe you can call your bank to freeze your accounts before they've done significant financial harm. Maybe you can't.

Or maybe your laptop was connected to your work VPN. In less than 60 seconds and with the help of a rubber ducky, the thief could literally cause millions of dollars in damages to your organization.

Surely there must be some solution to trigger your computer to lock, shutdown, or self-destruct when it's physically separated from you! There is: I call it BusKill.

Continue reading

Scroll to top