USB Killer 2.0
usbkill.comI don't quite get it. Site mentions that device "prevents data theft via 'juice-jacking'"; what do they mean? If I borrow someone's charger, and it has a chip that steals transmitted data somehow? Wouldn't better solution for this be charge from outlet, rather than nuking USB controller in your laptop?
Hardware designers of public machines…
…with exposed USB ports should ensure that their systems resist electrical attacks.
Your first point is in reference to the 'USB Kill Tester Shield', not the 'USB Killer'.
Quote from the front page: "If you use a charger or USB port that is not your own - the device can steal your data while you are charging. Using a USB Kill Shield will prevent devices from having access to your data."
I like patcheudor's comment here: https://news.ycombinator.com/item?id=12467176
Counter-example that isn't too contrived: if you've got security gates controlled by a PC which are designed to fail open, I can see this being a very useful addition to a physical pen-test.
No USB host stack opens itself up just because the transmission circuits have been destroyed.
This isn't the case of a gate that fails open. This is the case of a gate that gets hit by a rocket launcher, which blows the gate open and destroys the datacenter behind it.
> No USB host stack opens itself up just because the transmission circuits have been destroyed.
I'm not talking about the host, I'm talking about the gates. I've seen a laptop bricked because it got the wrong voltage on the USB pins (I've still got it; motherboard SMT fuse blew and I've not got round to replacing it). From a fire safety perspective, it makes perfect sense for gates to fail open (or undriven, so you can push them open manually) when their controller dies. If you can get to the USB port, that's a perfectly feasible route in.
I think the author's point is that if you have exposed USB ports then there is nothing one can do. i.e. no matter how hardened they are, you can just keep on increasing the voltage (relatively easily vs hardening) and you will kill the PC. so one can just as easily pentest by removing the power from the PC without any fatally destructive behavior.
I love the part where they said it's made for penetration testers and security auditors...You can literally threaten someone with a usb stick now.
Wow. A small taser with an USB connector.
What's next. A taser with an HDMI connector?
You've struck gold.
They haven't performed any testing with the USB Kill connected to a USB to Apple lightning adapter or to a USB-to-micro-USB adapter. I think that the device with a micro USB adapter would function identically, as it's just a pin mapping. But a Lightning adapter has a Lightning controller onboard.
Something like this (or even a USB to Lightning charger cable):
https://www.amazon.com/HIOTECH®-Adapter-Lightning-Female-iPh...
Would this destroy the Lightning controller in the adapter/cable, or would it work to destroy the iPhone?
But why?
It's a product you can buy as a hardware producer to test if your hardware is safe against this product. So they're kind of creating their own market.
To test your USB-ports. For consumers, this isn't overly useful. This is what they write:
"Hardware designers of public machines should have a USB Kill to test their products: photo booths, copy machines, airline entertainment systems, ticket terminals, etc - anything with exposed USB ports should ensure that their systems resist electrical attacks."
Seems like a form of hardware pentesting to me, so for security experts and hardware designers, this looks like a pretty useful tool. :)
Sadly as with all forms of pentesting there is the flip side: Unprotected systems are vulnerable to attacks. Imagine one attacker distracting the victim in a café and the other attacker quickly inserting the Kill stick. Sort of a hardware Denial of Service.
I am going to research for lockable USB dongles you can insert and remove only with a key.
> Imagine one attacker distracting the victim in a café and the other attacker quickly inserting the Kill stick. Sort of a hardware Denial of Service.
You're in a coffee shop. Wouldn't the attackers just "accidentally" spill coffee on your laptop? Some laptops cope well with water from the top (over the keyboard) but not in the air vents.
> Wouldn't the attackers just "accidentally" spill coffee on your laptop?
The difference is deniability, you can always see that someone killed your laptop with coffee or smashed it with a hammer, with this you wouldn't know until you can examine the circuits.
And even then, power surges do happen. Circuitry get fried from time to time. There is still a level of plausible deniability.
One example: http://www.connectworld.net/syscon/usb_security.html
At least the kill shield looks pretty useful for the paranoid among us (which is basically everyone here at some point).
Why not just crack usb socket with a knife? Or put super glue in there?
The attack involves taking down a high-value system via low-value, readily accessible USB port.
I imagine that the USB PHY of a well designed system exposed to this attack will not survive, but the entire system won't be so easily nerfed either.
Except the PCH usually contains the USB PHY and when the PHY dies it takes the PCH with it.
Or wire your USB plug up to a 120/240v power plug?
That is remarkably close to what this thing does.