Archive link because the website is down: <a href="http://web.archive.org/web/20200102140351/https://tech.michaelaltfield.net/2020/01/02/buskill-laptop-kill-cord-dead-man-switch/" rel="nofollow">http://web.archive.org/web/20200102140351/https://tech.micha...</a><p>I was expecting a "kill switch" destroying the computer, but that's just a thing that switch off your laptop when unplugged. I guess you could also do this with bluetooth, for example.
I used to have my laptop setup to require my specific Yubikey to be inserted to allow waking from sleep and booting, and when you pulled it out it locked the machine, logged you out, suspended, or shutdown depending on which modifier key you were holding down when you removed it.<p>Worked pretty well as a "kill switch" when getting up from my desk.<p>I probably have the udev scripts laying around somewhere.
Windows users may want to try the built-in Bluetooth proximity locking feature:<p>Lock your Windows 10 PC automatically when you step away from it <a href="https://support.microsoft.com/en-us/help/4028111/windows-lock-your-windows-10-pc-automatically-when-you-step-away-from" rel="nofollow">https://support.microsoft.com/en-us/help/4028111/windows-loc...</a><p>While macOS doesn't include such a feature out of the box, apps like Near Lock <a href="https://nearlock.me" rel="nofollow">https://nearlock.me</a> exist.<p>EDIT: Just found Rohos Logon Key for Windows and macOS:<p><a href="https://www.rohos.com/products/rohos-logon-key-for-mac/" rel="nofollow">https://www.rohos.com/products/rohos-logon-key-for-mac/</a><p>It "converts any USB drive into a security token for your computer" and can "automatically lock your Mac screen when the key is unplugged".
The article keeps saying "self-destruct" but that's not what happens.<p>But if your hard drive is encrypted, this is a pretty good solution for most people.<p>Maybe if you can get BusKill to activate a mini thermite explosive under your hard drive.
I will sometimes go to the university library to do some work and I'm always amazed at people who will go to the restroom or something and leave their laptop sitting there without a lock or even logged out.<p>I always use a kensington lock and lock my screen whenever I have to leave my laptop. If I had a macbook I would be taking it with me. I know the locks won't stop someone who really wants to steal it but with so many unattended laptops sitting around it makes it less likely they will go for mine.
It appears breakaway mag USB-A connectors are pretty cheap: <a href="https://www.amazon.com/Griffin-Breaksafe-Magnetic-Breakaway-Disconnects/dp/B0759FKCK8" rel="nofollow">https://www.amazon.com/Griffin-Breaksafe-Magnetic-Breakaway-...</a><p>From tidbits in this thread, it sounds like a Veracrypt hidden volume with a distress passphrase, plus a fairly simple dead-man script wouldn't be hard to set up. Something like: kill sensitive processes, drop caches, wipe memory, then panic the kernel.
A man just died in Oakland today trying to recover his laptop that was snatched from him in a Starbucks.<p><a href="http://nypost.com/2020/01/02/man-dies-after-trying-to-stop-thief-who-stole-his-laptop-at-starbucks/" rel="nofollow">http://nypost.com/2020/01/02/man-dies-after-trying-to-stop-t...</a><p>Definitely don't go running after your stolen laptop, let it go.
A gentle warning: different Linux distros handle UDEV "remove" differently, and incompatibly, so few people actually use this message it's not well tested (try shipping code for a device that DOES need it!).<p>Debian was a particular problem until they switched to SystemD (which I think is possibly the only udevdaemon that gets it right) - even so some distros (Ubuntu I'm looking at you) screwed up starting the udevdaemon before they mounted root writable meaning that scripts run from it couldn't really do anything useful<p>Fortunately most distros are switching to SystemD so this will likely work in most places
I guess I'll share in this thread.<p>---1---<p>I have a OnePlus 6T with the stock ROM exclusively for my British phone number. On the 25th of December, someone from Canada logged into the GMail account used on that phone, from a OnePlus 3T.<p>The password was one randomly generated in KeePass (all of them are except for useless websites). They managed to change the password to the account, but seemingly nothing else, so that's just weird.<p>I received the notification on my other email, and recovered the account, reset the password, replaced with a new one.<p>---2---<p>Last week, I opened up a laptop I use for storage (3 drives fit inside, perfect for backups) and noticed a network drive with a Chinese name. It disappeared when I clicked on it. The laptop is always on connected to my router and to a VPN server.<p>Now I need to completely wipe the phone, root and use a custom ROM, as well as wipe the laptop (and two other computers?), upgrade OpenWRT on the router and change all of the passwords I guess. Yes, I still haven't done it heh.<p>---<p>-----------><i>I am curious about your comments on this.</i><-----------<p>---<p>Never had anything really suspicious like this actually happen to me.<p>I don't even have anything good/useful on my devices, except a Keepass database with passwords to all bank accounts/emails/etc. If that's been opened, I'm a bit fucked, but I'd be receiving notifications on my phone and other emails.
<p><pre><code> echo o > /proc/sysrq-trigger
</code></pre>
(read linux/Documentation/admin-guide/sysrq.rst before you try this)
What if someone plugs in a rubber ducky or some other kind of sophisticated USB while you turn your head for just a second?<p>There are USB devices that are so small, you can barely even see them in the port when plugged in.<p>Perhaps a hard-to-remove USB plug? (like child-proof plugs you might see in an electrical outlet)
> You could just have a usb thumb drive on a retractable lanyard (think RFID badges or DoD Common Access Cards), but what if that thin retractable cord just snaps–leaving the USB drive snugly in-place in the laptop?<p>You could also just use a thicker cord.<p>The project, no offense to the author, could be renamed: long USB cable with a magnetic usb attachment.<p>> As of yesterday, that’s [stolen laptop] a hard attack to defend against.<p>Which is just wrong; the author did not invent anything here - anyone I’ve known that’s ever been worried about this scenario has implemented it already with <yubikey/access card/arbitrary usb>.<p>* extra PSA: if you’re worried about this but somehow haven’t already required 2FA for all your accounts and admin access on your laptop, then you should re-evaluate your threat scenarios.
> We do what we can to increase our OpSec when using our laptops in public. But even then, there’s always a risk that someone could just steal your laptop..."<p>Don't leave the house if you want to be safe.
Couldn't you just pair your computer with your phone (or something that you keep on you) via blue tooth, detect the loss of signal, and then trigger whatever action you'd like to trigger?
I'd like to see a more practical solution for removing disk encryption keys from RAM.<p>For example, wipe the disk encryption key from RAM, but then pause all disk IO and present some kind of UI to re-enter the encryption key to continue using the system.<p>Encrypting all of system RAM can also quickly be done - perhaps a kernel module which in the case of a panic encrypts all of system ram with a key derived from your disk encryption key would be handy. Then when the key is available again, ram can be decrypted and processes resumed.
Can someone explain to me in laymen's terms what this does? It renders the motherboard inoperable? Kills the display? How do you recover from this if you ACCIDENTALLY unplug it?
Saw a demo 20 years ago at Infosec(UK) of a company selling a dongle which with corresponding pass, acted as a proximity authentication and locking when you walked away.<p>Today, most laptops have cameras which can offer the same level of proximity detection if you away from the laptop. That would make this type of solution doable via software that way, albeit a bit more of a software load overhead.<p>But for some killcord, I'd also have an alarm.
This is a really neat project but it’s also not really a solution to anything.<p>First, it doesn’t solve for the scenario of person pointing a gun at you and telling you to access your top secret files for them. That will defeat most forms of security and so if physical access is a concern you probably shouldn’t be logging in at your local coffee shop.<p>Second, a thief who wants your computer for its monetary value isn’t interested in its contents. Your normal drive encryption and screen timeout restrictions have you covered there. They’re gonna wipe your computer, sell it, and move on.<p>Institutionally purchased hardware is often equipped with zero-touch provisioning (such as Apple Device Enrollment). These products can be bricked at the hardware level they moment they touch the Internet. They’ll need a new logic board, i.e. new soldered on storage, i.e. they’re not even necessarily worth stealing.<p>Third, the idea of a magnetic connector’s removal locking or bricking your computer seems awfully inconvenient. That’s gonna be constant false positives without a gain in security.<p>If you’ve got someone who is after you to obtain your secret company info and knows enough to cause mayhem, you’ve got much bigger problems than whether or not your screen is going to lock. They’re also probably going to use social engineering, targeted malware and spyware, not brute force physical access.
It reminds me of USBkill <a href="https://github.com/hephaest0s/usbkill" rel="nofollow">https://github.com/hephaest0s/usbkill</a><p>Its primary use is to thwart machine fuzzing and debugging using USB devices. The moment there's a change in USB state, down the machine goes.
If you're using a macbook, isn't "Find my mac" enough to erase remotely?, I understand this is a faster disabling mechanism but also a bit inconvenient. I wish there was something even easier, like a tiny usb drive with a remote control
> In less than 60 seconds and with the help of a rubber ducky, the thief could literally cause millions of dollars in damages to your organization.<p>Kudos for the imagination, but in real life for most developers not vendorizing and auditing their dependencies (+ downloading them all from production) is most likely to cause such havoc (regardless if dozen thousands or millions of damage)...<p>I imagine this might likely happen in places like security and programming language conferences, especially when you leave your belongings around unattended for a minute or two.<p>The ideal scenario IMHO would be to have to authorize/reject devices from connecting to your machine (and limiting the scope). I don't know much about USB-C and know it is hard, but I see Apple coming up with something like this in the future (maybe along with Apple Watch detection for quick logout - you can already use it for logging in).
Would this have stopped the FBI getting the Silk Road laptop? I wonder if they're looking out for these things. I know when they take computers that are running, they keep them running and powered on with a portable power supply
Wow, a solution for a problem we never have to worry about in Asia. Why can't your government just crack down on theft so that people can be allowed to use their laptop wherever they want without fear?
On systemd enabled systems, try "loginctl lock-sessions" as udev cmd. It should work on common desktop environments.
If you have something custom try xss-lock to react on the lock-sessions signal.
I was expecting something more like the Etherkiller: <a href="http://www.fiftythree.org/etherkiller/" rel="nofollow">http://www.fiftythree.org/etherkiller/</a>
reminds me of a tragic death the other day where someone in a Starbucks was killed getting flung off a car while he was trying to save his laptop from robbers who grabbed his computer.
There was a story not long ago about an old man who rigged up his front door to trigger a gun of some sort on unexpected entry, and ended up getting killed by it.<p>This really just sounds like a way to inadvertently brick your computer 999 times out of 1000. Seems like something to secure it to your person would be mostly adequate.