A software engineer has designed a so-called USB "kill cable" that works as a dead man's switch to shut down or wipe a Linux laptop when the device is stolen off your table or from your lap in public spaces like parks, malls, and internet cafes.
The cable, named BusKill, was designed by Michael Altfield, a software engineer and Linux sysadmin from Orlando, Florida.
The idea is to connect the BusKill cable to your Linux laptop on one end, and to your belt, on the other end. When someone yanks your laptop from your lap or table, the USB cable disconnects from the laptop and triggers a udev script [1, 2, 3] that executes a series of preset operations.
These can be something as simple as activating your screensaver or shutting down your device (forcing the thief to bypass your laptop's authentication mechanism before accessing any data), but the script can also be configured to wipe the device or delete certain folders (to prevent thieves from retrieving any sensitive data or accessing secure business backends).
"We do what we can to increase our OpSec when using our laptop in public-such as using a good VPN provider, 2FA, and password database auto-fill to prevent network or shoulder-based eavesdropping," says Altfield. "But even then, there's always a risk that someone could just steal your laptop after you've authenticated!"
Altfield is not selling ready-made BusKill cables, at least, not for now. On his website, the Linux IT expert published instructions on how everyone can build their own BusKill cables.
Basic components included a USB flash drive (can be empty, no need to store any data on it), a carabiner keyring to attach the BusKill cable to your belt, a USB magnetic breakaway adapter, and the actual USB cable.
The price for a cable can range from $20 to $45, depending on the BusKill configuration needed for your device and the sturdiness of its components.
Altfield also lists two sample udev scripts. One locks your device by activating the screensaver while the second shuts down your laptop.
Users will need to build their own scripts that wipe data or delete sensitive folders, as these will depend on the location and type of the data they want to delete.