
USB Killer 2.0 - gggggggg
https://www.usbkill.com/
======
elmigranto
I don't quite get it. Site mentions that device "prevents data theft via
'juice-jacking'"; what do they mean? If I borrow someone's charger, and it has
a chip that steals transmitted data somehow? Wouldn't better solution for this
be charge from outlet, rather than nuking USB controller in your laptop?

    
    
      Hardware designers of public machines…
      …with exposed USB ports should ensure that their systems resist electrical attacks.
    

What's the attack, is it DOS via destroying a machine. If so, you better buy
Hammer Kill 1.0 and test agains that.

~~~
rbut
Your first point is in reference to the 'USB Kill Tester Shield', not the 'USB
Killer'.

Quote from the front page: "If you use a charger or USB port that is not your
own - the device can steal your data while you are charging. Using a USB Kill
Shield will prevent devices from having access to your data."

------
DanBC
I like patcheudor's comment here:
[https://news.ycombinator.com/item?id=12467176](https://news.ycombinator.com/item?id=12467176)

~~~
regularfry
Counter-example that isn't _too_ contrived: if you've got security gates
controlled by a PC which are designed to fail open, I can see this being a
very useful addition to a physical pen-test.

~~~
joezydeco
No USB host stack opens itself up just because the transmission circuits have
been destroyed.

This isn't the case of a gate that fails open. This is the case of a gate that
gets hit by a rocket launcher, which blows the gate open and destroys the
datacenter behind it.

~~~
regularfry
> No USB host stack opens itself up just because the transmission circuits
> have been destroyed.

I'm not talking about the host, I'm talking about the gates. I've seen a
laptop bricked because it got the wrong voltage on the USB pins (I've still
got it; motherboard SMT fuse blew and I've not got round to replacing it).
From a fire safety perspective, it makes _perfect sense_ for gates to fail
open (or undriven, so you can push them open manually) when their controller
dies. If you can get to the USB port, that's a perfectly feasible route in.

~~~
compsciphd
I think the author's point is that if you have exposed USB ports then there is
nothing one can do. i.e. no matter how hardened they are, you can just keep on
increasing the voltage (relatively easily vs hardening) and you will kill the
PC. so one can just as easily pentest by removing the power from the PC
without any fatally destructive behavior.

------
tracymorgan8520
I love the part where they said it's made for penetration testers and security
auditors...You can literally threaten someone with a usb stick now.

------
b3lvedere
Wow. A small taser with an USB connector.

What's next. A taser with an HDMI connector?

~~~
iplaw
You've struck gold.

------
iplaw
They haven't performed any testing with the USB Kill connected to a USB to
Apple lightning adapter or to a USB-to-micro-USB adapter. I think that the
device with a micro USB adapter would function identically, as it's just a pin
mapping. But a Lightning adapter has a Lightning controller onboard.

Something like this (or even a USB to Lightning charger cable):

[https://www.amazon.com/HIOTECH®-Adapter-Lightning-Female-
iPh...](https://www.amazon.com/HIOTECH®-Adapter-Lightning-Female-
iPhone/dp/B01HEWL8PM)

Would this destroy the Lightning controller in the adapter/cable, or would it
work to destroy the iPhone?

------
Camillo
But why?

~~~
cyphax
To test your USB-ports. For consumers, this isn't overly useful. This is what
they write:

"Hardware designers of public machines should have a USB Kill to test their
products: photo booths, copy machines, airline entertainment systems, ticket
terminals, etc - anything with exposed USB ports should ensure that their
systems resist electrical attacks."

Seems like a form of hardware pentesting to me, so for security experts and
hardware designers, this looks like a pretty useful tool. :)

~~~
_nalply
Sadly as with all forms of pentesting there is the flip side: Unprotected
systems are vulnerable to attacks. Imagine one attacker distracting the victim
in a café and the other attacker quickly inserting the Kill stick. Sort of a
hardware Denial of Service.

I am going to research for lockable USB dongles you can insert and remove only
with a key.

~~~
DanBC
> Imagine one attacker distracting the victim in a café and the other attacker
> quickly inserting the Kill stick. Sort of a hardware Denial of Service.

You're in a coffee shop. Wouldn't the attackers just "accidentally" spill
coffee on your laptop? Some laptops cope well with water from the top (over
the keyboard) but not in the air vents.

~~~
type0
> Wouldn't the attackers just "accidentally" spill coffee on your laptop?

The difference is deniability, you can always see that someone killed your
laptop with coffee or smashed it with a hammer, with this you wouldn't know
until you can examine the circuits.

~~~
iplaw
And even then, power surges do happen. Circuitry get fried from time to time.
There is still a level of plausible deniability.

------
wruza
Why not just crack usb socket with a knife? Or put super glue in there?

~~~
metaphor
The attack involves taking down a high-value system via low-value, readily
accessible USB port.

I imagine that the USB PHY of a well designed system exposed to this attack
will not survive, but the entire system won't be so easily nerfed either.

~~~
oneplane
Except the PCH usually contains the USB PHY and when the PHY dies it takes the
PCH with it.

