Still Under DDOS, but here is a status update anyway. The Tor network is breaking.
/d/OpSec icon

/d/OpSec

17,155 subscribers

Anonymous Planet Onion

Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.

Vendors: /d/vendor_handbook.

While the focus of this community's OpSec discussions may center around Dark Net (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec.

BusKill Kill Cord?

by /u/swmxMZluuf2z0kOqv73o · 1 votes · 2 months ago

Have any one here use BusKill kill cord?

http://www.buskillvampfih2iucxhit3qp36i2zzql3u6pmkeafvlxs3tlmot5yad.onion/blog/

They at present in discount if pay with monero. I think to buy one. But first I wonder if any one here have try it? I could not find a review.

Comments (7)
/u/swmxMZluuf2z0kOqv73o OP · 1 votes · 2 months ago · Link

> DeSnake also claims to have prepared a USB-based "kill switch" device designed to wipe his computers' memory and shut them off in seconds if they ever leave his control.

Also read that DeSnake use similar, but no sure if it be BusKill or something more.

https://www.wired.com/story/alphabay-desnake-dark-web-interview/

/u/swmxMZluuf2z0kOqv73o OP · 1 votes · 2 months ago · Link

/u/DeSnake use BusKill or ?

/u/corqo · 1 votes · 2 months ago · Link

I currently use a modified version of the buskill killswitch which I customized to only wipe the luks header portion of the drive and kill the luks keyslots, leaving the actual encrypted data (roughly after the first 16 MB of the luks Partition) untouched. Meaning that if I have a those 16MB backed up somewhere offline then if I accidentally trigger the kill switch I can restore the first 16MB of the luks partition and boot into my Qubes install.

Currently I have it only configured with hotkeys, but I am currently working on some more innovations for it which will allow it to trigger if any of the entry points to my place of operation detect incoming traffic.

I already released a guide on how to pull this off on Kickass forums a while back, I will release it here tonight after I finish rewriting the guide.

/u/corqo · 1 votes · 2 months ago · Link

After initially commenting I decided to post the guide that I originally posted to KickAss here as well.

Just posted a guide on my modified buskill script that allows for hidden restoration option with plausible deniability.

/post/abe9ed74d57d6631cae7

/u/Grazelda Code Hunter · 1 votes · 2 months ago · Link

A kill switch like this one might give you warm fuzzies, but will not eliminate stored data. This thing will only offer a false sense of security and maybe some protection for active crypto keys, which is what it seems to be aimed for. If the drive holding data is still physically whole there so too is the exposure risk.

/u/corqo · 1 votes · 2 months ago · Link

Could you elaborate on how this provides "a false sense of security" exactly. There are three ways to attack encryption:

1. Attacking the algorithm

2. Attacking the implementation

3. Attacking the Key

Using a kill switch that wipes the header portion of the drive results in any attack vector against the encryption key being impossible. It also results in any attacks against the implementation being most likely impossible due to the metadata areas and luks header being wiped.

And if you are seriously making the argument that this kill switch is "a false sense of security" because the encrypted AES data is untouched, then you should assume TOR, SSL, VPN's ETC cannot provide you with any benefits and also provide a false sense of security because if they had a way to break AES encryption by attacking the algorithm, then you have much greater issues than your disk being decrypted.

Could you elaborate on how this exactly "provides a false sense of security"?

Edit: Sorry if I came off aggressive in this post. Just Passionate about this topic. No hard feelings.

/u/Grazelda Code Hunter · 1 votes · 2 months ago · Link

The kill switch may work for volatile data, not stored data was my point. a footprint left in the sand because the OP (a site newb) did not mention his OS selection and wanted to be sure they did not assume it was panacea solution for security. One perspective on OpSec is that it is never good to under estimate the resources available to your enemy. There is no easy tear-off solution for good OpSec given the context of his post.