USB Killer 2.0 - 220V

Post all general Toughbook related things here.
Post Reply
Message
Author
User avatar
Karl Klammer
Posts: 193
Joined: Tue Oct 13, 2015 3:19 am
Location: Old Europe

USB Killer 2.0 - 220V

#1 Post by Karl Klammer »

Just stumbled upon this via Slashdot: http://www.net-security.org/secworld.php?id=18983
TLDR: USB stick drains 5V power from USB port in order to release a concentrated 220V burst back into the circuitry.

So, this particular attack could easily be circumvented by just disabling USB ports within the BIOS. (no power flowing - the killer stick won't be charged)
Disabling these ports seems to be a good idea anyway, considering the raise of DMA-based attacks like BadUSB and Firewires Inception.

As I know that Toughbooks tend to decouple ports from the mobo by means of daughterboards,
I cannot stop wondering if the cf19/31/u1 could survive with enabled USB / against a pre-charged killer stick.

What's your experience on electrical protection (fuses?) between mobo and daughterboards of fully rugged TBs?
Does the 461f emi/emp testing help in any way? (guess not)

BR,
Karl Klammer

User avatar
wyrm73
Posts: 231
Joined: Thu Mar 19, 2009 12:19 am

Re: USB Killer 2.0 - 220V

#2 Post by wyrm73 »

Another feature that makes me wonder right along with you is the fact that the USB ports on Toughbook have fuses. I think 220V would be able to arc regardless, but it would be an interesting experiment. And no, I am not volunteering any of mine to try it. :)

User avatar
ADOR
Posts: 1990
Joined: Tue Dec 21, 2010 12:51 pm
Location: Northeast Louisiana

Re: USB Killer 2.0 - 220V

#3 Post by ADOR »

Now where can we buy one? lol
CF-28 MK2,Mk3 / CF-29 Mk3 / CF-30 MK2 / CF-25 Mk1 ATI / CF-19 MK3/Mk3/Mk5 / CF-U1 Mk1,Mk2 / CF-M34 Mk7/Mk3 / CF-17 Mk1 / CF-07
Voodoo Envy M355 / M360 / M515 / M780 / U703 / Voodoo Hexx / Voodoo Idol / Voodoo Rage F1 / Voodoo Rage F1 / Voodoo Rage F1 "signed case" / Voodoo Omen
Alienware M11x R1, Alienware 17 R5

User avatar
wyrm73
Posts: 231
Joined: Thu Mar 19, 2009 12:19 am

Re: USB Killer 2.0 - 220V

#4 Post by wyrm73 »

And we have a volunteer... lol.

User avatar
ADOR
Posts: 1990
Joined: Tue Dec 21, 2010 12:51 pm
Location: Northeast Louisiana

Re: USB Killer 2.0 - 220V

#5 Post by ADOR »

I am sure there is a Dell in the shed just waiting for this. I think I have a spare 73 board and a bios protected Mk1 74 that is stripped.
CF-28 MK2,Mk3 / CF-29 Mk3 / CF-30 MK2 / CF-25 Mk1 ATI / CF-19 MK3/Mk3/Mk5 / CF-U1 Mk1,Mk2 / CF-M34 Mk7/Mk3 / CF-17 Mk1 / CF-07
Voodoo Envy M355 / M360 / M515 / M780 / U703 / Voodoo Hexx / Voodoo Idol / Voodoo Rage F1 / Voodoo Rage F1 / Voodoo Rage F1 "signed case" / Voodoo Omen
Alienware M11x R1, Alienware 17 R5

User avatar
Shawn
Posts: 2960
Joined: Fri Jan 18, 2013 11:35 am

Re: USB Killer 2.0 - 220V

#6 Post by Shawn »

We will be waiting for the video...
Life will beat you into submission.

User avatar
ADOR
Posts: 1990
Joined: Tue Dec 21, 2010 12:51 pm
Location: Northeast Louisiana

Re: USB Killer 2.0 - 220V

#7 Post by ADOR »

Got to get it first, lmao, I see some diagrams, but that is it so far.
CF-28 MK2,Mk3 / CF-29 Mk3 / CF-30 MK2 / CF-25 Mk1 ATI / CF-19 MK3/Mk3/Mk5 / CF-U1 Mk1,Mk2 / CF-M34 Mk7/Mk3 / CF-17 Mk1 / CF-07
Voodoo Envy M355 / M360 / M515 / M780 / U703 / Voodoo Hexx / Voodoo Idol / Voodoo Rage F1 / Voodoo Rage F1 / Voodoo Rage F1 "signed case" / Voodoo Omen
Alienware M11x R1, Alienware 17 R5

User avatar
ares93
Posts: 50
Joined: Sun Apr 18, 2010 12:08 pm
Location: Södertälje (aka Little Baghdad), Sweden

Re: USB Killer 2.0 - 220V

#8 Post by ares93 »

We just pour non conductive hot glue into the USB ports at work. Course, the bluetooth modules are still active and visible, so i have no idea what use it is to disable physical access but whatever.
CF-29LTQGZBM, MK4, 1526mb, KingSpec 64GB SSD, DVD, GPS, Emissive, XP SP3

CliC
Posts: 30
Joined: Sun Apr 07, 2013 11:01 am

Re: USB Killer 2.0 - 220V

#9 Post by CliC »

USB, unlike Firewire and Thunderbolt, doesn't do DMA (though that may have changed with version 3.1, I haven't checked). However, BadUSB was insidious nonetheless because it involved subverting the firmware in the microcontroller on the stick, making it unremovable and undetectable by the user. Since most peripherals nowadays have embedded 10-cent microcontrollers (SSDs, hard disks, USB sticks and memory cards, you name it), this is going to be an ongoing, serious problem.

A "taser" stick, though? Wow, that's just mean :)

Post Reply

Return to “General Toughbook Talk”