this post was submitted on 07 Aug 2023
12 points (87.5% liked)

Security

5021 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS
 

We're happy to announce that we were successfully able to initiate a BusKill lockscreen trigger using a 3D-printed BusKill prototype!

3D Printable BusKill (Proof-of-Concept Demo)
Watch the 3D Printable BusKill Proof-of-Concept Demo for more info youtube.com/v/Q-QjHelRvvk

via @[email protected]

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

What is BusKill? (Explainer Video)
Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

Why?

While we do what we can to allow at-risk folks to purchase BusKill cables anonymously, there is always the risk of interdiction.

We don't consider hologram stickers or tamper-evident tape/crisps/glitter to be sufficient solutions to supply-chain security. Rather, the solution to these attacks is to build open-source, disassembleable, and easily inspectable hardware whose integrity can be validated without damaging the device and without sophisticated technology.

Actually, the best way to confirm the integrity of your hardware is to build it yourself. Fortunately, printing your own circuit boards, microcontroller, or silicon has a steeper learning curve than a BusKill cable -- which is essentially just a USB extension cable with a magnetic breakaway in the middle.

Mitigating interdiction via 3D printing is one of many reasons that Melanie Allen has been diligently working on prototyping a 3D-printable BusKill cable this year. In our latest update, we hope to showcase her progress and provide you some OpenSCAD and .stl files so you can experiment with building your own and help test and improve our designs.

Print BusKill

Photo of the 3D-Printed BusKill Prototype

If you'd like to reproduce our experiment and print your own BusKill cable prototype, you can download the stl files and read our instructions here:

Iterate with us!

If you have access to a 3D Printer, you have basic EE experience, or you'd like to help us test our 3D printable BusKill prototype, please let us know. The whole is greater than the sum of its parts, and we're eager to finish-off this 3D printable BusKill prototype to help make this security-critical tool accessible to more people world-wide!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (3 children)

What is the advantages this provides over a Yubikey?

[–] [email protected] 2 points 1 year ago

Yubikey is about authentication. This is the same as a dead man’s cable on a boat/tractor/other machinery — your computing device shuts down if you become physically disconnected from it.

Useful for if you suddenly have to leave your laptop to go do something, or if someone forcibly takes it from you. You can also use this as a security tether so if someone attempts to remove your desktop computing device, the data will be fully encrypted or even scrambled.

[–] mspencer712 2 points 1 year ago

For example, nearly ten years ago the FBI arrested Ross Ulbright and seized his encrypted laptop while it was running. One group caused a scene, distracting Ulbright, and another group separated Ulbright from his laptop. That bust was a good thing, and it’s good that Ulbright was convicted for what he had done. But details of the operation make it clear that any adversary - not just law enforcement working against a suspect - can use similar tactics to steal encrypted data.

This tool, along with other security practices, can help at-risk users (yes, including criminals) mitigate this kind of attack.

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago)

It has a magnetic (de)coupler, which allows it to break away at any angle if your laptop is physically snatched away from you.

Some of our users actually use the BusKill cable with a Yubikey:

If that's not clear, I highly recommend watching this 2-minute explainer video