
BusKill: A kill cord for your laptop - maltfield
https://tech.michaelaltfield.net/2020/01/02/buskill-laptop-kill-cord-dead-man-switch/
======
Reventlov
Archive link because the website is down:
[http://web.archive.org/web/20200102140351/https://tech.micha...](http://web.archive.org/web/20200102140351/https://tech.michaelaltfield.net/2020/01/02/buskill-
laptop-kill-cord-dead-man-switch/)

I was expecting a "kill switch" destroying the computer, but that's just a
thing that switch off your laptop when unplugged. I guess you could also do
this with bluetooth, for example.

~~~
k_sze
If you are doing proper OpSec, you would have whole disk encryption anyway, in
which case destroying the computer is largely unnecessary, I think.

That said, the caveat of XKCD 538
([https://www.xkcd.com/538/](https://www.xkcd.com/538/)) still applies.

~~~
wongarsu
In theory an adversary could deep-freeze the computer the moment the kill cord
activates. Sufficiently cold RAM doesn't loose data immediately when it loses
power, allowing the adversary to make a copy and read the decryption keys from
RAM.

Though if this is part of your threat model you should be much more concerned
about a thousand more mundane problems, like adversaries reconstructing
keystrokes from keyboard vibrations that are easily measured with a laser, or
reconstructing screen content from reflections on a spoon.

~~~
jbarberu
If your attack vector is adversaries ready to deep freeze your laptop, perhaps
you should do your computing in a more secure location :)

~~~
alasdair_
It's pretty common for law enforcement to quickly freeze RAM when busting
hackers. I've definitely read of cases where suspects encryption keys were
pulled from RAM using exactly this method.

The killcord would have been useful for Ross Ulbricht (Silk Road) who was
busted by the FBI after using his laptop in public - they grabbed it while he
had it unlocked and didn't have time to put it in suspend.

~~~
ryanlol
> It's pretty common for law enforcement to quickly freeze RAM when busting
> hackers

I’d really love a citation on this, especially since “quickly” seems to imply
that they’d do this out in the field.

~~~
tgsovlerkhgsel
If you can't prevent the device from powering down, you have less than a
minute to freeze the RAM before the contents become useless. This can be done
with a can of cold spray.

No idea how long you have to power it back on afterwards, tens of minutes to a
couple of hours probably.

That said, the proper "kill switch" operation would be to explicitly wipe the
key from memory before powering off (if you want to power off instead of just
locking).

~~~
catalogia
> _you have less than a minute to freeze the RAM before the contents become
> useless. This can be done with a can of cold spray._

I wonder what their approach to a laptop with poor serviceability would be. I
think it would take me more than a minute to get physical access to the ram of
some modern computers.

~~~
shakna
> I think it would take me more than a minute to get physical access to the
> ram of some modern computers.

RAM is still one of the most accessible parts for most laptops & desktops.

Tablets and phones on the other hand make it much much harder.

------
im_down_w_otp
I used to have my laptop setup to require my specific Yubikey to be inserted
to allow waking from sleep and booting, and when you pulled it out it locked
the machine, logged you out, suspended, or shutdown depending on which
modifier key you were holding down when you removed it.

Worked pretty well as a "kill switch" when getting up from my desk.

I probably have the udev scripts laying around somewhere.

~~~
asia92
Sounds like a good way to hit the 10k usb-c lifespan

~~~
Fnoord
Lets see. Say you work 5 days a week. That's about 260 days a year (without
vacations etc). Say you unlock your device 4 times a day when you work. That
is 1040 times a year. Does your device even last 9-10 years? Well, if it is a
MacBook, Apple ditched support for all <= 2012 MBPs. Not sure when they did,
but this was true at start of last year for sure.

~~~
fluffything
I have a Macbook Air 2012 which is still supported by Apple (I get new OSes
and OS updates every year).

~~~
Fnoord
Try to get the screen or battery replaced. To be fair, they're easier user
serviceable than newer MB(A/P)s. For example, me with my MBP 2015 will have a
harder time to service it once it gets EOL (hardware-wise) than you have now
with your MBA 2012.

~~~
fluffything
I've replaced the battery twice, last time in september 2019, and this last
time it costed me 60 EUR, and the battery life is much better than the
original one.

I might want to replace the battery again in the next 3-4 years if I still
have this laptop, and you might be right in that this might not be possible,
but at least today it is.

~~~
Fnoord
Oh it is likely possible via iFixit or other aftermarket. Just not officially
via Apple.

~~~
fluffything
Yep, I just googled my model + battery, and ordered a new battery from iFixit.
Took like 15 min to swap the battery myself.

------
miles
Windows users may want to try the built-in Bluetooth proximity locking
feature:

Lock your Windows 10 PC automatically when you step away from it
[https://support.microsoft.com/en-us/help/4028111/windows-
loc...](https://support.microsoft.com/en-us/help/4028111/windows-lock-your-
windows-10-pc-automatically-when-you-step-away-from)

While macOS doesn't include such a feature out of the box, apps like Near Lock
[https://nearlock.me](https://nearlock.me) exist.

EDIT: Just found Rohos Logon Key for Windows and macOS:

[https://www.rohos.com/products/rohos-logon-key-for-
mac/](https://www.rohos.com/products/rohos-logon-key-for-mac/)

It "converts any USB drive into a security token for your computer" and can
"automatically lock your Mac screen when the key is unplugged".

------
fnord77
Ross Ulbricht had his laptop snatched by an undercover FBI agent while he was
using it.

This kill cord might have saved him some grief.

~~~
0kl
Better opsec would have saved him some grief as well.

Before even touching on his habitual use of coffee shops near his residence to
run the Silk Road...

> The connection was made by linking the username "altoid", used during Silk
> Road's early days to announce the website, and a forum post in which
> Ulbricht, posting under the nickname "altoid", asked for programming help
> and gave his email address, which contained his full name.

By the time the FBI was watching him and had connected his name to I don’t
think there’s a lot that he could have done to avoid arrest.

~~~
zelly
He would still have gone to prison no matter what (the government can make up
evidence), but they may not have been able to seize his Bitcoin without
stealing his laptop.

~~~
H8crilA
Does that matter with a double life sentence.

~~~
ta999999171
No clue how prison works? Do watch a few documentaries. Money's important
inside.

~~~
monadgonad
Bitcoin on the outside is hardly "money"

------
jccalhoun
I will sometimes go to the university library to do some work and I'm always
amazed at people who will go to the restroom or something and leave their
laptop sitting there without a lock or even logged out.

I always use a kensington lock and lock my screen whenever I have to leave my
laptop. If I had a macbook I would be taking it with me. I know the locks
won't stop someone who really wants to steal it but with so many unattended
laptops sitting around it makes it less likely they will go for mine.

~~~
CaptainMarvel
What do you attach the other end of the kensington lock to?

~~~
SmellyGeekBoy
The desk?

------
ropiwqefjnpoa
The article keeps saying "self-destruct" but that's not what happens.

But if your hard drive is encrypted, this is a pretty good solution for most
people.

Maybe if you can get BusKill to activate a mini thermite explosive under your
hard drive.

~~~
nowahe
I remember watching a Defcon conference where they tested different methods
for destroying a hard drive in place. And they found that thermite actually
doesn't damage the platters (well at least not enough for data to be
unrecoverable).

Hard drive platters are surprisingly heat/chemical resistant. I think they
found that the best method was to physically destroy the platters.

~~~
dlgeek
I remember watching that talk years ago. I was disappointed in the lack of
rigor of their conclusions.

The whole point of thermite-based HDD destruction is to get the platens over
the Curie temperature so the magnetic field is gone, not to physically destroy
them. They point this out in the start, but then never talk about whether this
was achieved or not in their experiment (assumably so they could go on to the
actual explosives).

It was entertainment, and I'd take any results with a grain of salt.

~~~
namibj
The guy worked on it further. He eventually solved the original challenge.

------
tyingq
It appears breakaway mag USB-A connectors are pretty cheap:
[https://www.amazon.com/Griffin-Breaksafe-Magnetic-
Breakaway-...](https://www.amazon.com/Griffin-Breaksafe-Magnetic-Breakaway-
Disconnects/dp/B0759FKCK8)

From tidbits in this thread, it sounds like a Veracrypt hidden volume with a
distress passphrase, plus a fairly simple dead-man script wouldn't be hard to
set up. Something like: kill sensitive processes, drop caches, wipe memory,
then panic the kernel.

~~~
ColanR
I checked amazon earlier, and it looks like this thread may have put those
things out of stock. Guess a lot of people like the idea!

------
chacha2
If all the killcord does is turn off the machine, just use a laptop with no
battery.

~~~
kulahan
That's somewhat less convenient, don't you think? This works if you're at the
park typing a paper up, or at a Starbucks where all the outlets are in use,
for instance.

------
dotBen
A man just died in Oakland today trying to recover his laptop that was
snatched from him in a Starbucks.

[http://nypost.com/2020/01/02/man-dies-after-trying-to-
stop-t...](http://nypost.com/2020/01/02/man-dies-after-trying-to-stop-thief-
who-stole-his-laptop-at-starbucks/)

Definitely don't go running after your stolen laptop, let it go.

~~~
abstractbarista
I'd definitely give chase. To me, it _is_ worth dying for. Not because of the
laptop, but out of principle for vigorously fighting these ridiculous crimes.
We all need to collectively fight back against crime or it will be normal (as
it is now).

~~~
closeparen
That'll be a lonely hill to die on. We in California collectively decided that
theft under $950 is not a big deal and should be fought less vigorously:
[https://en.wikipedia.org/wiki/2014_California_Proposition_47](https://en.wikipedia.org/wiki/2014_California_Proposition_47)

~~~
tropo
That was a mistake. Criminals now very purposely run off with just shy of
$950. Theft is way up in California.

Meanwhile, in Texas you'd just shoot the laptop thief, either as soon as aware
of the imminent theft or as the thief flees. It's fully supported by the law:

[https://lawofselfdefense.com/statute/texas-
sec-9-42-deadly-f...](https://lawofselfdefense.com/statute/texas-
sec-9-42-deadly-force-to-protect-property/)

Law enforcement in many communities would congratulate you for a job well
done.

~~~
SmellyGeekBoy
Controversial opinion maybe, but I personally don't think anyone deserves to
_lose their life_ for stealing a laptop.

~~~
La1n
I don't think that's controversial, I think most of the world shared that
opinion.

------
Taniwha
A gentle warning: different Linux distros handle UDEV "remove" differently,
and incompatibly, so few people actually use this message it's not well tested
(try shipping code for a device that DOES need it!).

Debian was a particular problem until they switched to SystemD (which I think
is possibly the only udevdaemon that gets it right) - even so some distros
(Ubuntu I'm looking at you) screwed up starting the udevdaemon before they
mounted root writable meaning that scripts run from it couldn't really do
anything useful

Fortunately most distros are switching to SystemD so this will likely work in
most places

~~~
Taniwha
BTW - a clue for budding writers of UDEV scripts - you can't run daemons
directly (udevdaemon will kill them when the scripts that started them exit) -
you can use "at now" (after you install at of course) to start a secondary
script that will be allowed to start your daemon for you

(that way you can write code that works with all init systems, largely by
avoiding them)

~~~
CameronNemo
I maintain a fork of Upstart that I call startup. It integrates with udev (or
busybox's uevent, or any other event source) so you can start daemons based on
device events and then supervise those daemons. systemd has something similar
where you can place a SYSTEMD_WANTS stanza in a udev rule and it will pull in
a systemd unit, but I really dislike that model because it is hard to discover
the policy that led to a unit being activated. With startup/Upstart, the
policy is in the job configuration itself.

Source for startup:
[https://gitlab.com/chinstrap/startup](https://gitlab.com/chinstrap/startup)

Example of the udev events in action: [https://gitlab.com/chinstrap/pinebook-
pro/blob/master/etc/st...](https://gitlab.com/chinstrap/pinebook-
pro/blob/master/etc/startup/setfont.conf)

------
jotm
I guess I'll share in this thread.

\---1---

I have a OnePlus 6T with the stock ROM exclusively for my British phone
number. On the 25th of December, someone from Canada logged into the GMail
account used on that phone, from a OnePlus 3T.

The password was one randomly generated in KeePass (all of them are except for
useless websites). They managed to change the password to the account, but
seemingly nothing else, so that's just weird.

I received the notification on my other email, and recovered the account,
reset the password, replaced with a new one.

\---2---

Last week, I opened up a laptop I use for storage (3 drives fit inside,
perfect for backups) and noticed a network drive with a Chinese name. It
disappeared when I clicked on it. The laptop is always on connected to my
router and to a VPN server.

Now I need to completely wipe the phone, root and use a custom ROM, as well as
wipe the laptop (and two other computers?), upgrade OpenWRT on the router and
change all of the passwords I guess. Yes, I still haven't done it heh.

\---

\-----------> _I am curious about your comments on this._ <\-----------

\---

Never had anything really suspicious like this actually happen to me.

I don't even have anything good/useful on my devices, except a Keepass
database with passwords to all bank accounts/emails/etc. If that's been
opened, I'm a bit fucked, but I'd be receiving notifications on my phone and
other emails.

~~~
therealmocker
Sounds like maybe a SIM swap attack? In addition to password changes I would
look into Google's advanced protection program
([https://landing.google.com/advancedprotection/](https://landing.google.com/advancedprotection/))
and get U2F or FIDO2 setup on your account.

------
tylermenezes
FYI, you could also do this with your charger. (It sends udev events.) It's a
lot less likely to get weird looks.

~~~
sedatk
So this project is already dead.

------
savingGrace
Another solution would be to just remove the battery and plug the laptop in.
While this removes the portability, it is still an alternative solution.

~~~
ShakataGaNai
Maybe a decade or so ago this would be a good answer. But unless you're one of
those ThinkPad people who are still pulling for the X220 to make a come
back.... A majority of modern laptops don't have user removable batteries.

Yes, they could still be removed in _some_ cases, but its often not for the
feint of heart and not something many people would want to undertake.

~~~
war1025
Is it really the majority? Or just on macbooks and the high end lines like
that? I didn't think my laptops were that old (3-5 years) and they all have
removable batteries.

~~~
perl4ever
I hadn't thought about it, but I have a newish business class Dell and I don't
think it does have a removable battery. On the other hand, I have a Dell
laptop from circa 2011 and it does; in fact I got the extra large one that
sticks out awkwardly.

------
dbtx

      echo o > /proc/sysrq-trigger
    

(read linux/Documentation/admin-guide/sysrq.rst before you try this)

~~~
s_gourichon
shutdown -h now or the more recent incantation (from memory) systemctl
shutdown would be less violent. AFAIK it can't be stopped either, and at least
it sync's and umount's filesystems properly.

~~~
dbtx
Violent is the point-- shutdown might be prohibitively slow. Or it'll get
stuck waiting to umount a network share. Or maybe, you want the DRAMs to go
dark and start losing ASAP, I don't know. If you must, simply precede 'o' with
some sequence of 's', 'e', 'u' so it'll go down hard and fast, but still a bit
controlled. I find that 'u' succeeds more often if done after 'e'.

FWIW, this is just what I do with the keyboard (but more slowly) when
something went wrong enough that I can't even switch to a text VT and recover.
Sometimes even 'b' won't hard reset it-- which indicates everything was
already hosed, or maybe just the keyboard. Presumably the umount didn't work
either, but I gave it a chance.

------
vgaldikas
SilkRoad guy would of loved this :D

~~~
nkrisc
Ross Ulbricht, who was apprehended at a public library while logged in to
various accounts. As I recall a plain clothes agent distracted him while
others then tackled him.

("would've", not "would of")

~~~
thechao
Other English speakers I know complain about our orthography: bought, caught,
draught, etc. But, yet, here we are with a “word” pronounced “of” and spelled
“‘ve”! Now _that’s_ awful orthography!

~~~
overcast
It's not pronounced "of", it's more like "ev", exactly like the contraction of
words it's made up of. Would have.

~~~
geocrasher
In my household I'm the English nerd, although I have no degree behind it. I'd
correct my wife when she wrote "would of" but then I listened closer when she
talked: She wasn't saying "would've" she was _saying_ "would of".

That's when I gave up. There are a million other reasons to love my wife, and
her proper use of 'would've' wasn't one of them to begin with :)

~~~
mikeryan
Does your wife actually pronounce these differently? Small sample size but as
far as I can tell I pronounce these identically. (CA - native speaker)

~~~
geocrasher
She does not. They are the same to her. We're also native speakers from the
Reno NV area, which is heavily influenced by Sacramento and San Francisco
language.

------
RandomBacon
What if someone plugs in a rubber ducky or some other kind of sophisticated
USB while you turn your head for just a second?

There are USB devices that are so small, you can barely even see them in the
port when plugged in.

Perhaps a hard-to-remove USB plug? (like child-proof plugs you might see in an
electrical outlet)

~~~
amiga-workbench
There are udev rules to defeat this kind of thing, law enforcement use USB
mouse jigglers to keep computers awake for example, these can be filtered out
and ignored.

------
0kl
> You could just have a usb thumb drive on a retractable lanyard (think RFID
> badges or DoD Common Access Cards), but what if that thin retractable cord
> just snaps–leaving the USB drive snugly in-place in the laptop?

You could also just use a thicker cord.

The project, no offense to the author, could be renamed: long USB cable with a
magnetic usb attachment.

> As of yesterday, that’s [stolen laptop] a hard attack to defend against.

Which is just wrong; the author did not invent anything here - anyone I’ve
known that’s ever been worried about this scenario has implemented it already
with <yubikey/access card/arbitrary usb>.

* extra PSA: if you’re worried about this but somehow haven’t already required 2FA for all your accounts and admin access on your laptop, then you should re-evaluate your threat scenarios.

~~~
tylerhou
2FA doesn't matter if you're already logged in.

~~~
0kl
> extra PSA: if you’re worried about this but _somehow haven’t already_
> required 2FA...

I’m aware - I’m pointing out that it’s extremely likely you already have a
physical device you can attach to a cord/chain/braided-steel-cable and use for
the “snatch and grab” scenario. And that a snatch and grab is just so unlikely
compared to any other security threat imo.

------
krilly
Er, why not just attach the laptop itself to your body? Low tech > high tech

------
TedDoesntTalk
> We do what we can to increase our OpSec when using our laptops in public.
> But even then, there’s always a risk that someone could just steal your
> laptop..."

Don't leave the house if you want to be safe.

------
linuxhansl
Couldn't you just pair your computer with your phone (or something that you
keep on you) via blue tooth, detect the loss of signal, and then trigger
whatever action you'd like to trigger?

~~~
sedatk
Phone too deep in your pocket means destruction of your computer? No, thanks.

------
londons_explore
I'd like to see a more practical solution for removing disk encryption keys
from RAM.

For example, wipe the disk encryption key from RAM, but then pause all disk IO
and present some kind of UI to re-enter the encryption key to continue using
the system.

Encrypting all of system RAM can also quickly be done - perhaps a kernel
module which in the case of a panic encrypts all of system ram with a key
derived from your disk encryption key would be handy. Then when the key is
available again, ram can be decrypted and processes resumed.

~~~
nickik
That what systemd homed is supposed to enable

------
brianbreslin
Can someone explain to me in laymen's terms what this does? It renders the
motherboard inoperable? Kills the display? How do you recover from this if you
ACCIDENTALLY unplug it?

~~~
arm
It can do whatever you want it to do. The examples in the article were:

• whenever any USB drive is removed, trigger xscreensaver to lock the screen:

> _ACTION== "remove", SUBSYSTEM=="usb", RUN+="DISPLAY=:0 xscreensaver-command
> -lock"_

• whenever a specific USB drive is removed, shut down the computer:

> _ACTION== "remove", SUBSYSTEM=="usb", ENV{ID_MODEL}=="Micromax_A74",
> RUN+="shutdown -h now"_

~~~
oefrha
Nitpick, it can do whatever you want it to do that’s possible in software.
You’ll be disappointed if you want to have it drill a hole in your hard drive
;)

~~~
somebodythere
Just build a USB-powered hard-drive drill, duh.

------
Zenst
Saw a demo 20 years ago at Infosec(UK) of a company selling a dongle which
with corresponding pass, acted as a proximity authentication and locking when
you walked away.

Today, most laptops have cameras which can offer the same level of proximity
detection if you away from the laptop. That would make this type of solution
doable via software that way, albeit a bit more of a software load overhead.

But for some killcord, I'd also have an alarm.

~~~
albemuth
> most laptops have cameras which can offer the same level of proximity
> detection

Most people who would want a kill cord probably have the camera blocked :P

~~~
Zenst
If that kill cord actually killed the laptop/drive over just shutting it down,
I'd tend to agree.

------
dangus
This is a really neat project but it’s also not really a solution to anything.

First, it doesn’t solve for the scenario of person pointing a gun at you and
telling you to access your top secret files for them. That will defeat most
forms of security and so if physical access is a concern you probably
shouldn’t be logging in at your local coffee shop.

Second, a thief who wants your computer for its monetary value isn’t
interested in its contents. Your normal drive encryption and screen timeout
restrictions have you covered there. They’re gonna wipe your computer, sell
it, and move on.

Institutionally purchased hardware is often equipped with zero-touch
provisioning (such as Apple Device Enrollment). These products can be bricked
at the hardware level they moment they touch the Internet. They’ll need a new
logic board, i.e. new soldered on storage, i.e. they’re not even necessarily
worth stealing.

Third, the idea of a magnetic connector’s removal locking or bricking your
computer seems awfully inconvenient. That’s gonna be constant false positives
without a gain in security.

If you’ve got someone who is after you to obtain your secret company info and
knows enough to cause mayhem, you’ve got much bigger problems than whether or
not your screen is going to lock. They’re also probably going to use social
engineering, targeted malware and spyware, not brute force physical access.

~~~
jefftk
_> it’s also not really a solution to anything_

It's a solution to situations like
[https://en.wikipedia.org/wiki/Ross_Ulbricht#Silk_Road,_arres...](https://en.wikipedia.org/wiki/Ross_Ulbricht#Silk_Road,_arrest_and_trial)
, where the laptop is taken by people who (a) can legally seize it, (b) can
legally search it, but (c) probably can't legally compel you to produce
passwords.

(Not endorsing this usage!)

~~~
koheripbal
Cases like this in countries that do not have due process laws makes the use-
case even more compelling.

~~~
dangus
If they don’t have due process laws they can throw you in jail until you
produce the decryption password, and if they turn on the computer and it’s
wiped they’ll throw away the key.

If there is no due process, all bets are off and your best defense is to be
uninteresting to authorities.

~~~
ianbooker
Things are not always black and / or white. The rule of law, in reality, is
rather a continuous variable then a binary one.

And even if: A kill switch can simply hide / erase some things and present
some weak evidence..

------
crankylinuxuser
It reminds me of USBkill
[https://github.com/hephaest0s/usbkill](https://github.com/hephaest0s/usbkill)

Its primary use is to thwart machine fuzzing and debugging using USB devices.
The moment there's a change in USB state, down the machine goes.

------
pacomerh
If you're using a macbook, isn't "Find my mac" enough to erase remotely?, I
understand this is a faster disabling mechanism but also a bit inconvenient. I
wish there was something even easier, like a tiny usb drive with a remote
control

~~~
Whatarethese
With FindMy I can erase or mark as lost my Macbook in under 20 seconds from
unlocking my iPhone if needed.

~~~
daveidol
Assuming the laptop is still online / comes back online to receive the wipe
command...

~~~
andrey_utkin
... and you are conscious and have your hands free :)

~~~
SmellyGeekBoy
Where the hell do you people live!?

~~~
andrey_utkin
Used to live in Ukraine.

------
fortran77
Would this have stopped the FBI getting the Silk Road laptop? I wonder if
they're looking out for these things. I know when they take computers that are
running, they keep them running and powered on with a portable power supply

------
hkai
Wow, a solution for a problem we never have to worry about in Asia. Why can't
your government just crack down on theft so that people can be allowed to use
their laptop wherever they want without fear?

------
henvic
> In less than 60 seconds and with the help of a rubber ducky, the thief could
> literally cause millions of dollars in damages to your organization.

Kudos for the imagination, but in real life for most developers not
vendorizing and auditing their dependencies (+ downloading them all from
production) is most likely to cause such havoc (regardless if dozen thousands
or millions of damage)...

I imagine this might likely happen in places like security and programming
language conferences, especially when you leave your belongings around
unattended for a minute or two.

The ideal scenario IMHO would be to have to authorize/reject devices from
connecting to your machine (and limiting the scope). I don't know much about
USB-C and know it is hard, but I see Apple coming up with something like this
in the future (maybe along with Apple Watch detection for quick logout - you
can already use it for logging in).

------
MonkZ
On systemd enabled systems, try "loginctl lock-sessions" as udev cmd. It
should work on common desktop environments. If you have something custom try
xss-lock to react on the lock-sessions signal.

------
wffurr
I was expecting something more like the Etherkiller:
[http://www.fiftythree.org/etherkiller/](http://www.fiftythree.org/etherkiller/)

~~~
brian_herman__
Or this [https://usbkill.com/](https://usbkill.com/)

------
sysbin
Maybe a smartwatch reading the heart rate of the owner and noticing
stimulation could trigger the same functionality as well.

~~~
k_sze
The connection between the smartwatch and the computer would, in practice, be
wireless, which is something the author wants to avoid because it's easier to
hack without the victim noticing.

~~~
sysbin
I'm sure with encryption there shouldn't be much worry. I think currently
apple watches allow users to unlock their computers when returning.

------
bayesian_horse
I think it should be possible to program an MCU to bruteforce the USB ids. Or
buy the same usb drive.

------
simonebrunozzi
Smart. Author should productize and sell this. Small market, but almost no
competition so far.

~~~
alain_gilbert
I created the exact same thing 3 years ago.

Main difference is that you don't need to configure anything with mine :P

------
sytelus
ummm... ever heard of bit locker?

------
zelly
Ross Ulbricht needed this.

------
techaddict009
@OP sorry for lame question:

Does the dis connection of USB formats the laptop or just shuts it down?

------
tingletech
reminds me of a tragic death the other day where someone in a Starbucks was
killed getting flung off a car while he was trying to save his laptop from
robbers who grabbed his computer.

~~~
tingletech
[https://sanfrancisco.cbslocal.com/2020/01/03/suspects-in-
fat...](https://sanfrancisco.cbslocal.com/2020/01/03/suspects-in-fatal-laptop-
theft-from-oakland-starbucks-face-murder-manslaughter-charges/)

------
jonnycomputer
There was a story not long ago about an old man who rigged up his front door
to trigger a gun of some sort on unexpected entry, and ended up getting killed
by it.

This really just sounds like a way to inadvertently brick your computer 999
times out of 1000. Seems like something to secure it to your person would be
mostly adequate.

~~~
Buge
This specific implementation doesn't brick it. It just locks the screen (or
you could make it shutdown).

~~~
jonnycomputer
or, if you actually read the article:

"As of today, we have BusKill. The BusKill solution described in this article
can trigger your laptop to self-destruct if it’s physically separated from
you."

