~Toughbooktalk~ Rob - 630-300-8877

The largest Toughbook discussion site on the net!
It is currently Sat Dec 07, 2019 6:42 am

All times are UTC-06:00




Post new topic  Reply to topic  [ 9 posts ] 
Author Message
 Post subject: USB Killer 2.0 - 220V
PostPosted: Thu Oct 15, 2015 7:12 pm 
Offline
User avatar

Joined: Tue Oct 13, 2015 3:19 am
Posts: 193
Location: Old Europe
Just stumbled upon this via Slashdot: http://www.net-security.org/secworld.php?id=18983
TLDR: USB stick drains 5V power from USB port in order to release a concentrated 220V burst back into the circuitry.

So, this particular attack could easily be circumvented by just disabling USB ports within the BIOS. (no power flowing - the killer stick won't be charged)
Disabling these ports seems to be a good idea anyway, considering the raise of DMA-based attacks like BadUSB and Firewires Inception.

As I know that Toughbooks tend to decouple ports from the mobo by means of daughterboards,
I cannot stop wondering if the cf19/31/u1 could survive with enabled USB / against a pre-charged killer stick.

What's your experience on electrical protection (fuses?) between mobo and daughterboards of fully rugged TBs?
Does the 461f emi/emp testing help in any way? (guess not)

BR,
Karl Klammer


Top
   
PostPosted: Fri Oct 16, 2015 12:43 pm 
Offline
User avatar

Joined: Thu Mar 19, 2009 12:19 am
Posts: 232
Another feature that makes me wonder right along with you is the fact that the USB ports on Toughbook have fuses. I think 220V would be able to arc regardless, but it would be an interesting experiment. And no, I am not volunteering any of mine to try it. :)


Top
   
PostPosted: Fri Oct 16, 2015 1:20 pm 
Offline
User avatar

Joined: Tue Dec 21, 2010 12:51 pm
Posts: 1894
Location: Northeast Louisiana
Now where can we buy one? lol

_________________
CF-28 MK2,Mk3 / CF-29 Mk3 / CF-30 MK2 / CF-25 Mk1 ATI / CF-19 MK3/Mk3/Mk5 / CF-U1 Mk1,Mk2 / CF-M34 Mk7/Mk3 / CF-17 Mk1 / CF-07
Voodoo Envy M355 / M360 / M515 / M780 / U703 / Voodoo Hexx / Voodoo Idol / Voodoo Rage F1 / Voodoo Rage F1 / Voodoo Rage F1 "signed case" / Voodoo Omen
Alienware M11x R1


Top
   
PostPosted: Fri Oct 16, 2015 3:12 pm 
Offline
User avatar

Joined: Thu Mar 19, 2009 12:19 am
Posts: 232
And we have a volunteer... lol.


Top
   
PostPosted: Fri Oct 16, 2015 5:56 pm 
Offline
User avatar

Joined: Tue Dec 21, 2010 12:51 pm
Posts: 1894
Location: Northeast Louisiana
I am sure there is a Dell in the shed just waiting for this. I think I have a spare 73 board and a bios protected Mk1 74 that is stripped.

_________________
CF-28 MK2,Mk3 / CF-29 Mk3 / CF-30 MK2 / CF-25 Mk1 ATI / CF-19 MK3/Mk3/Mk5 / CF-U1 Mk1,Mk2 / CF-M34 Mk7/Mk3 / CF-17 Mk1 / CF-07
Voodoo Envy M355 / M360 / M515 / M780 / U703 / Voodoo Hexx / Voodoo Idol / Voodoo Rage F1 / Voodoo Rage F1 / Voodoo Rage F1 "signed case" / Voodoo Omen
Alienware M11x R1


Top
   
PostPosted: Fri Oct 16, 2015 6:44 pm 
Offline
User avatar

Joined: Fri Jan 18, 2013 11:35 am
Posts: 2971
We will be waiting for the video...

_________________
Life will beat you into submission.


Top
   
PostPosted: Sat Oct 17, 2015 6:05 pm 
Offline
User avatar

Joined: Tue Dec 21, 2010 12:51 pm
Posts: 1894
Location: Northeast Louisiana
Got to get it first, lmao, I see some diagrams, but that is it so far.

_________________
CF-28 MK2,Mk3 / CF-29 Mk3 / CF-30 MK2 / CF-25 Mk1 ATI / CF-19 MK3/Mk3/Mk5 / CF-U1 Mk1,Mk2 / CF-M34 Mk7/Mk3 / CF-17 Mk1 / CF-07
Voodoo Envy M355 / M360 / M515 / M780 / U703 / Voodoo Hexx / Voodoo Idol / Voodoo Rage F1 / Voodoo Rage F1 / Voodoo Rage F1 "signed case" / Voodoo Omen
Alienware M11x R1


Top
   
PostPosted: Sun Oct 25, 2015 3:32 am 
Offline
User avatar

Joined: Sun Apr 18, 2010 12:08 pm
Posts: 50
Location: Södertälje (aka Little Baghdad), Sweden
We just pour non conductive hot glue into the USB ports at work. Course, the bluetooth modules are still active and visible, so i have no idea what use it is to disable physical access but whatever.

_________________
CF-29LTQGZBM, MK4, 1526mb, KingSpec 64GB SSD, DVD, GPS, Emissive, XP SP3


Top
   
PostPosted: Sun Oct 25, 2015 12:52 pm 
Offline

Joined: Sun Apr 07, 2013 11:01 am
Posts: 30
USB, unlike Firewire and Thunderbolt, doesn't do DMA (though that may have changed with version 3.1, I haven't checked). However, BadUSB was insidious nonetheless because it involved subverting the firmware in the microcontroller on the stick, making it unremovable and undetectable by the user. Since most peripherals nowadays have embedded 10-cent microcontrollers (SSDs, hard disks, USB sticks and memory cards, you name it), this is going to be an ongoing, serious problem.

A "taser" stick, though? Wow, that's just mean :)


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 9 posts ] 

All times are UTC-06:00


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Limited