MarketUSBKill
Company Profile

USBKill

USBKill is anti-forensic software distributed via GitHub, written in Python for the BSD, Linux, and OS X operating systems. It is designed to serve as a kill switch if the computer on which it is installed should fall under the control of individuals or entities against the desires of the owner. It is free software, available under the GNU General Public License.

Background
When law enforcement agencies began making computer crime arrests in the 1990s, they would often ask judges for no knock search warrants, to deny their targets time to delete incriminating evidence from computers or storage media. In more extreme circumstances where it was likely that the targets could get advance notice of arriving police, judges would grant "power-off" warrants, allowing utilities to turn off the electricity to the location of the raid shortly beforehand, further forestalling any efforts to destroy evidence before it could be seized. These methods were effective against criminals who produced and distributed pirated software and movies, which was the primary large-scale computer crime of the era. The usual technique for authorities—either public entities such as law enforcement or private organizations like companies—seizing a computer (usually a laptop) that they believe is being used improperly is first to physically separate the suspect user from the computer enough that they cannot touch it, to prevent them from closing its lid, unplugging it, or typing a command. Once they have done so, they often install a device in the USB port that spoofs minor actions of a mouse, touchpad, or keyboard, preventing the computer from going into sleep mode, from which it would usually return to a lock screen which would require a password. Agents with the U.S. Federal Bureau of Investigation (FBI) investigating Ross Ulbricht, founder of the online black market Silk Road, learned that he often ran the site from his laptop, using the wireless networks available at branches of the San Francisco Public Library. When they had enough evidence to arrest him, they planned to catch him in the act of running Silk Road, with his computer on and logged in. They needed to ensure he was unable to trigger encryption or delete evidence when they did. ==Use==
Use
In response to the circumstances of Ulbricht's arrest, It can also be used in reverse, with a whitelisted flash drive in the USB port attached to the user's wrist via a lanyard serving as a key. In this instance, if the flash drive is forcibly removed, the program will initiate the desired routines. "[It] is designed to do one thing," wrote Aaron Grothe in a short article on USBKill in 2600, "and it does it pretty well." As a further precaution, he suggests users rename it to something innocuous once they have loaded it on their computers, in case someone might be looking for it on a seized computer to disable it. In addition to its designed purpose, Hephaest0s suggests other uses unconnected to a user's desire to frustrate police and prosecutors. As part of a general security regimen, it could be used to prevent the surreptitious installation of malware or spyware on, or copying of files from, a protected computer. It is also recommended for general use as part of a robust security practice, even when there are no threats to be feared. ==Variations and modifications==
Variations and modifications
With his 2600 article, Grothe shared a patch that included a feature that allowed the program to shut down a network when a non-whitelisted USB is inserted into any terminal. In the issue of 2600 following Grothe's article, another writer, going by the name Jack D. Ripper, explained how Ninja OS, an operating system designed for live flash drives, handles the issue: it uses a watchdog timer, in the form of a memory-resident bash script, that cycles a loop through the boot device (, the flash drive) three times per second to see if it is still mounted, and reboots the computer if it is not. ==See also==
Source: Wikipedia ↗
tickerdossier.comtickerdossier.substack.com