Featured Updates

BusKill Demos (Windows, MacOS, Linux, TAILS, QubesOS)
LUKS Header Shredder (BusKill Self-Destruct Trigger)
BusKill available in-store (Leipzig ProxySto.re)
BusKill v0.7.0 released
BusKill goes to DEF CON 32
previous arrow
next arrow

Disarm BusKill in QubesOS

This post will describe how to setup keyboard shortcuts in QubesOS so that you can temporarily disarm (pause) the BusKill laptop kill cord.

This allows the user to, for example, go to the bathroom without causing their computer to shutdown or self-destruct.

This is a guide that builds on part one: A Laptop Kill Cord for QubesOS (1/2). Before reading this, you should already be familiar with how to setup udev rules for BusKill on QubesOS.

  1. A Laptop Kill Cord for QubesOS (1/2)
  2. Disarm BusKill in QubesOS (2/2)

ⓘ Note: This post is adapted from its original article on Tom Hocker’s blog.

What is BusKill?

What if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? They’d also be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files are not securely shredded after your DispVM is destroyed.

QubesOS Logo
QubesOS: A reasonably secure OS

Are you a security researcher, journalist, or intelligence operative that works in QubesOS–exploiting Qubes’ brilliant security-through-compartimentalization to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.

I’m sure your QubesOS laptop has Full Disk Encryption and you’re using a strong passphrase. But what if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM’s private data and the currently-running Whonix DispVM’s data, but there’s a high chance they’d be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!

Let’s say you’re a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?


BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus’ magnetic connection will be severed. This event causes a configurable trigger to execute.

The BusKill trigger can be anything from:

  1. locking your screen or
  2. shutting down the computer or
  3. initiating a self-destruct sequence

While our last post described how to setup such a system in QubesOS with BusKill, this post will describe how to add keyboard shortcuts to arm & disarm the dead man switch (eg so you can go to the bathroom).

Continue reading

BusKill Demos (Windows, MacOS, Linux, TAILS, QubesOS)

Video Demo

Watch the below video to see a demonstration of BusKill running on all of the below-listed systems.

Transparency is important. As we launch our crowdfunding campaign (making the BusKill cable available for purchase for the first time), we wanted to provide a clear video demo showing the cable in-use in all tested platforms:

Windows

BusKill was tested to work in Windows 10.


Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the BusKill app for Windows.

Or you can buy a BusKill kit with the BusKill Windows app pre-installed on the the included USB drive.

MacOS

BusKill was tested to work in MacOS 10.15 (Catalina).


Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the MacOS .dmg release.

Or you can buy a BusKill kit with the BusKill MacOS app pre-installed on the the included USB drive.

Linux

BusKill was tested to work in Ubuntu Linux.


Visit docs.buskill.in for instructions on how you can build your own BusKill cable and download the Linux .AppImage release.

Or you can buy a BusKill kit with the BusKill Linux app pre-installed on the the included USB drive.

TAILS

BusKill was tested to work with TAILS (The Amnesic Incognito Live System).


While you could use the BusKill Linux .AppImage release with a second USB drive while using TAILS, the recommended solution for security-critical users is to just use the BusKill cable in-line with the TAILS live USB drive. This takes advantage of

  1. The BusKill cable’s magnetic breakaway along with
  2. The TAILS built-in emergency shutdown

Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with TAILS.

Or you can buy a BusKill cable to support the BusKill project.

QubesOS

BusKill was also tested to work with QubesOS.


Due to the design of QubesOS (dom0, sys-usb, etc), the BusKill GUI app does not support QubesOS. Instead, QubesOS support is implemented using the qubes-rpc and a set of scripts stored in sys-usb and dom0.

For more information on how to use BusKill in QubesOS, see our BusKill guide for QubesOS.

Visit docs.buskill.in for instructions on how you can build your own BusKill cable to use with QubesOS.

Or you can buy a BusKill cable to support the BusKill project.


Quicker Emergency Shutdown for TAILS

Are you a security researcher, journalist, or intelligence operative that works in TAILS–exploiting TAILS’ brilliant incognito & amnesic design that forces all of your network traffic through the Tor anonymity network? Great! This post is for you.

TAILS Logo
TAILS: The most secure OS available

TAILS is amnesic; it’s designed to leave no trace of the fact that it was used on your laptop. But what if someone literally steals your laptop while you’re working with classified information in TAILS? Not only will they get access to all of the tabs open in your Tor Browser (gaining access to your accounts for any sites you’re currently logged into, gaining the ability to impersonate and send messages as you, etc), but they’d also be able to access the contents of your decrypted persistent drive!

Let’s say you’re a journalist, activist, whistleblower or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or persistent volume?

What if you had a magnetic trip-wire tied from your body to your laptop such that it would trigger the TAILS emergency shutdown if the cable got disconnected by you jumping to your feet or falling off your chair at the sudden bang of your front door being reduced to splinters?


Using a BusKill cable with your TAILS drive can help shave off those precious seconds needed to trigger an emergency shutdown that will help keep you, your data, and your contacts safe.

Continue reading

A Laptop Kill Cord for QubesOS

This post will describe how to use BusKill as a dead man switch to trigger your laptop to self-destruct if it’s physically separated from you. This guide is specific to QubesOS users.

What if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? They’d also be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files are not securely shredded after your DispVM is destroyed.

QubesOS Logo
QubesOS: A reasonably secure OS

This is part one of a two-part series. For part two, see Disarm BusKill in QubesOS (2/2)

  1. A Laptop Kill Cord for QubesOS (1/2)
  2. Disarm BusKill in QubesOS (2/2)

Are you a security researcher, journalist, or intelligence operative that works in QubesOS–exploiting Qubes’ brilliant security-through-compartimentalization to keep your data safe? Do you make use of Whonix Disposable VMs for your work? Great! This post is for you.

I’m sure your QubesOS laptop has Full Disk Encryption and you’re using a strong passphrase. But what if someone literally steals your laptop while you’re working with classified information inside a Whonix DispVM? Not only will they get access to all of your AppVM’s private data and the currently-running Whonix DispVM’s data, but there’s a high chance they’d be able to recover data from previous DispVMs–as Disposable VM’s rootfs virtual files (volatile.img) are not securely shredded after your DispVM is destroyed by Qubes!

Let’s say you’re a journalist, activist, whistleblower, or a human rights worker in an oppressive regime. Or an intelligence operative behind enemy lines doing research or preparing a top-secret document behind a locked door. What do you do to protect your data, sources, or assets when the secret police suddenly batter down your door? How quickly can you actually act to shutdown your laptop and shred your RAM and/or FDE encryption keys?


BusKill utilizes a magnetic trip-wire that tethers your body to your laptop. If you suddenly jump to your feet or fall off your chair (in response to the battering ram crashing through your door) or your laptop is ripped off your table by a group of armed thugs, the data bus’ magnetic connection will be severed. This event causes a configurable trigger to execute.

The BusKill trigger can be anything from:

  1. locking your screen or
  2. shutting down the computer or
  3. initiating a self-destruct sequence

This post will describe how to setup such a system in QubesOS with BusKill

Continue reading

Scroll to top