Net anarchist?
Nope. He's just a criminal vandal.
An internet mischief maker has built a USB stick that delivers dangerous 220-volt shocks to PCs, destroying them in the process. The USB Killer is the second iteration of a laptop-wrecking device crafted by a Linux and infosec techie nicknamed Dark Purple. The first version of the PC-zapping hardware emerged in March, and …
It's slightly clever, using the host power to supply the damaging power, but really I have a cheaper solution involving an unused USB connector and a power pigtail. Also, I could run over the laptop using my car. Is that clever? Me thinks not.
Clever would be that he could do this from a remote location. Keep trying, Igor!
That will be the next step. Some form of gated switch that when triggered remotely will turn a useful usb stick into the destructive force it is now.
Imagine how it would go .. ID ten T user finds usb "storage" dongle in the parking lot, or middle of the grocery store isle.
ID10T picks up device, takes home or to work, plugs in, "hey.. its a USB storage device I picked up for free, awesome!"
Meanwhile, its attempting to install malware, some sort of call home remote via tor.
Later, after infection has made it inward, it destroys itself along with the PC that started the infection.
Next, you hear about company X (sony) going old school, pen and paper whilst they work to clean up.
A Dongle is just a Dongle, until it isn't.
Hide in plain site, at the first risk of detection, destroys itself and its initial attack vector / springboard into a network, just in case you (the hacker) left something that could trace to you. Of course you'd want to scrub drives first or encrypt parts etc, so that any data leaving is encrypted and the only location for the key is the USB that will destroy everything it can when activated.
Not necessarily. Inconspicuous reliable self-destruct for machines is something that is of interest for a lot of people. Anything from industrial secrets, to various hat colors, 3 letter agencies, you name it.
The fact that you and me do not need it, does not mean that this is not useful.
By the way - the choice of voltage is interesting. High minus is the only thing that really can blow up a motherboard via peripherals. High plus is nowhere near that effective.
I'd be very reluctant to consider this in a security context without rigorously testing its thoroughness on several samples of the target equipment: I imagine a lot of persistent data would survive in most cases.
Perhaps it if the caps were charged to 22000V... but even then...
Difficult to imagine a situation where you wouldn't have better luck with a hatchet.
It would be interesting if you were a criminal. Leave one in the house, labelled as Accounts or similar. Cops raid your place, find the stick, plug it in and: ZAP!
All joking aside, this would mainly be useful for mischief. It's unlikely to do much more than kill a PC, and I could see a miscreant leaving a load lying around. I'm pretty sure there are some people who would pick it up and plug it in to see what was on it, and I'm sure more than one would try a second machine after it fried the first ("I wonder why my laptop isn't working, let'd try it in my desktop").
The article mentions that it fries the motherboard and nothing about any effects on storage. My guess is that this might be useful offensively (in as much as destroying someone's machine is useful) but it is unlikely to prevent data from being extracted from a machine's drive except perhaps those attached to the same USB bus as the device.
Inconspicuous reliable self-destruct for machines is something that is of interest for a lot of people.
As it's got pretty nearly fuck-all chance of killing the data on disk (and it's the data that you want to destroy, not the machine) this is useless for that purpose.
He's just as clever and driven by the same motivation as the people who used to switch PSUs to 110v so they'd go <BANG> when switched on, scaring the living jesus out of the user.
Twat.
With respect, there is no guarantee that this device will do anything other than deliver 220V which may or may not kill the machine but cannot be guaranteed to destroy the data..
I suggest you go and read the steps Guardian journalists were made to take when the UK security services had them destroy the laptops containing the Snowden documents to find out just how thorough you need to be to guarantee data destruction.
"the steps Guardian journalists were made to take when the UK security services had them destroy the laptops containing the Snowden documents to find out just how thorough you need to be to guarantee data destruction."
That exercise wasn't about data destruction (e.g. there was already another copy of the data somewhere else, so the whole exercise was pointless from a confidentiality point of view).
That was a PR exercise about showing who's in charge here.
Won't work.
There is a re-settable polymer fuse in the USB, and several capacitors plus a voltage divider for voltage sensing, and that will mean s short to ground.
You will kind of fry the computer, but no data will be lost.
So I think this is just a nuissance, with no practical use.
The "lost" usb with the trojan, that one is a good one..
Anarchism is a political philosophy that advocates stateless societies, often defined as self-governed voluntary institutions. So I guess a Net anarchist would be someone who advocates an Internet which is not controlled by any political hierarchy, so probably running some sort of loose assortment of zero configuration protocols everywhere.
How does this have anything to do with vandalizing computers?
Charles,
Have you had ALL of your meds today?
In my shed I have:
- an oscilloscope (lovely old Tek...)
- cans of petrol
- gas canisters (butane etc)
- LOTS of powertools
- white spirit/meths/cellulose thinners
Just think of the havoc I could create with that lot eh?
Pls engage your brain in future before commentarding...
Kind regards,
Jay
Just think of the havoc I could create with that lot eh?
True, but presumably you don't put your white spirit/meths/cellulose thinners into coke bottles and leave then in school playgrounds to see what happens? That would be the equivalent to distributing these USB sticks.
True, but presumably you don't put your white spirit/meths/cellulose thinners into coke bottles and leave then in school playgrounds to see what happens?
Maybe he should be doing that, but that would be littering.
So is leaving only USB sticks around, only something that could get lost in the laundry is more innocuous than bottles.
"...presumably you don't put your white spirit/meths/cellulose thinners into coke bottles and leave then in school playgrounds to see what happens? That would be the equivalent to distributing these USB sticks."
What a great idea!
Why don't we go the whole hog and create child maiming landmines disguised as toys?
But wait! It's already been done. Also Russian I believe...
> He's just a criminal vandal.
Why? He's just building the things, which is quite an interesting exercise, I find. Are weapons manufacturers criminal vandals too, in your opinion?
I am in fact considering buying one of those, to teach my computer a lesson now and then. >:-}
This post has been deleted by its author
Why would anyone pick a USB stick and put it in their PC/laptop/whatever? It many ways, that's like picking up a floppy disc (remember them?) and putting it in the PC to "see what's on it". Ok.. maybe I'm paranoid, but I've seen viruses get passed around this way in the distant (a: b: drive era) past.
This post has been deleted by its author
>You can't catch malware simply by examining the contents of the drive, unless you've set your PC up in an incredibly foolish way...
Bollocks
>and of course you're going to scan the drive first thing.
Why?
Not sure what's more depressing: Your post, or the (3 up, 0 down) votes it's received.
Google "bad USB" (include the quotes) & grow up.
>"Not sure what's more depressing: Your post, or the (3 up, 0 down) votes it's received."
Both pale into insignificance next to the downvotes you're getting, without explanation, for pointing out the obvious. Perhaps their Google's broken at the ostrich farm?
https://srlabs.de/badusb/
This post has been deleted by its author