[OPSEC/Computer] USBKill Anti-Forensic Program Uses Python to Render a Computer Useless

From threatpost.com:
"The idea of needing to disable a computer quickly as the police-or another potential adversary-comes through the door typically has been the concern of criminals. But in today's climate activists, journalists, and others may find themselves wanting to make their laptops unusable in short order, and that's where usbkill comes in.

The new tool is a small Python script that users can download and run on any machine. The script then will monitor the machine for any changes in state on the USB ports, like when someone removes or plugs in a USB drive. If a state change is detected, the usbkill script then will disable the machine immediately."
Link to full article that includes link to source code here:
https://threatpost.com/usbkill-script-can-render-computers-useless/112622


Comments


[3 Points] 19216815:

Edit: it only shuts down your computer. I only skimmed through the article and misinterpreted what they were saying. This seems to be an effective tool if your disks are encrypted, as well as your memory. Another precaution, I don't know if this script properly shutdowns your computer, if it does not there may be a 2-5 minute window for someone to load a forensics live USB and dump your preboot memory. This is called a Cold Boot Attack. Encrypted memory can prevent this exploit. Although ineffective in most security scenarios, I am just speculating that a secure BIOS password could prevent this, or at least buy you some time for your memory to clear if they are able to bypass it.


[3 Points] None:

Does it have anti-balcony built in?


[2 Points] twalker11:

Smart idea.


[1 Points] Clix828:

This comment has been overwritten by an open source script to protect this user's privacy. It was created to help protect users from doxing, stalking, harassment, and profiling for the purposes of censorship.

If you would also like to protect yourself, add the Chrome extension TamperMonkey, or the Firefox extension GreaseMonkey and add this open source script.

Then simply click on your username on Reddit, go to the comments tab, scroll down as far as possible (hint:use RES), and hit the new OVERWRITE button at the top.


[1 Points] Vendor_BBMC:

USB keys are dead wobbly. You would be killing computers every day of the week.