Imagine you’re at a coffee shop, and then someone steals your laptop right when you’re looking away. It’s a rare, but scary scenario. And because our laptops contain so much sensitive information, it means the thief could have access to your entire digital life.
Device encryption provides one solution. But what happens if you’ve already logged in, and your laptop’s lid is open? Well, a San Francisco-based computer programmer has come up with a potential solution. On Thursday, Michael Altfield published a blog post on how Linux laptop owners can build a $20 killswitch to automatically shut down their machine if it’s ever yanked away from them.
His solution, dubbed “BusKill,” is actually pretty straightforward. On a Linux laptop, you can add a rule on the software’s device manager to trigger an action anytime a USB drive is removed. The same rule, which is only a few lines of computer code, can also be calibrated to work on a specific USB stick.
Altfield decided to apply the rule to a $4 USB drive he bought. Then he connected the drive to a one-meter long cable, which can attach to his belt. The whole setup can cost from $20 to $45 using off-the-shelf parts, and essentially creates a “kill cord” between you and your computer. In the event someone tries to steal the laptop, the connected USB drive will pop out, triggering the machine to activate the lock screen or shut down.
He’s posted a video of his solution in action, which relies on a magnetic USB adaptor to let the kill cord easily disconnect from the machine without damaging the laptop or the cord.
— David Bisset (@dimensionmedia) January 2, 2020
“We do what we can to increase our OpSec (operational security) when using our laptop in public,” Altfield wrote in his blog post. “But even then, there’s always a risk that someone could just steal your laptop after you’ve authenticated.”
Altfield told PCMag he came up with the idea because he frequently travels, and ends up using public spaces such as local cafes, libraries and coworking spaces to go online. “As such, I found myself accessing things like online banking, filing my taxes, and connecting to my work VPN (Virtual Private Network) in public. Just being a foreigner in many countries makes you a target, and you have to be vigilant of the possibility of theft,” he said in a direct message over Twitter.
“So this is something I’ve been thinking about for many years. Ever since the Snowden revelations, I think a lot of security professions have been thinking about physical security,” he added.
Altfield has never had a laptop stolen from him. But the crimes do happen. On Tuesday, one Oakland, California man died while trying to pursue a crook who stole his laptop from a Starbucks cafe. “If the victim had backups and knew his data was safe after it was swiped, would he have pursued them?” Altfield wondered.
He hopes to add a “self-destruct” mechanism to BusKill, which will automatically wipe the Linux machine’s memory, including the decryption keys, when the USB cable is pulled out.
In a bit of irony, Altfield’s solution brings to mind to how federal agents arrested the convicted cybercriminal Ross Ulbricht, who ran the online black marketplace Silk Road. Federal agents had to come up with a way to grab his laptop while it remained open and logged in. So they created a diversion: While Ulbricht was with his laptop at a library, two federal agents posed as romantic partners pretending to have a verbal spat. This gave them an opening to grab the laptop while Ulbricht was distracted.
However, Altfield said his solution could also protect journalists, activists, diplomats, military members and business people who need to send a large cryptocurrency transaction. “So keep an eye out on my tech blog for future improvements to BusKill, where I’ll be playing with self-destruct kill triggers,” he added. His blog post has instructions on creating the cord for both USB-Type A and USB-Type C Linux machines.
Editor’s Note: This story has been updated with comment from Altfield.