USB Protection - USB Anti-Killer - Linux Mint

I'm using Linux Mint 18 Xfce on my computer currently. I have an Alienware X51 R2 (Specs HERE). Recently, devices such as the USB Killer and other malicious USB devices have popped up, and I'm looking to protect my system from such things. Mac/iOS has USB protection against this, as I've attempted it myself for testing, but I'm looking for a way to do this. Is there a solution out there already? If not, I'll develop it myself, but I'd like not to waste time doing so, if I have the option to do so.

Protection has nothing to do with the OS but with the hardware.

Austin Evans recently killed the data of a new macbook's USB-C thunderbolt port with a USB killer. The macbook still works and can be charged through that port, but the data part of it is dead.

The only way to really protect your PC from devices like this, is to remove or disconnect the USB ports completely.

4 Likes

I think is comes down too users being responsible in the end.

I dont think there is a OS out there that a stupid user can't mess up. USB included... Hot girl gives me a USB stick, I plug into every USB port hopping it works till my whole house is dead :(

I'd rather lose a data port than the entire machine... And I already watched the video last night, thanks :) That video was one of the inspirations for my talking action. @Marten I think you misunderstand the point and the question at hand. I'll take it upon myself to develop it, as it seems there aren't going to be any straightforward answers. I appreciate the attempts :)


As you can see, you got me thinking.
If you were to only allow current in the expected direction (Diod-package after USB-IN), you could then fuse all the incomming stuff (the wavy things) before having 10Ohm inline resitors on both data lines and a varistor to clamp down the voltage there (Just in case and because they are cheap).
I redirected power for the connector to an external PSU with a varistor in paralel to clamp down the voltage and then got both directions fused. The "78xx" module is a 5V voltage regulator, the thing in the bottom right is supposed to be the power supply.

You might want to have the fuses in sockets (for obvious reasons) and placed between socket and diods.

Disclaimer: I am not an electrician nor do I understand how the USB system works or would respond to a module like this. Try at your own risk!

1 Like

I think that he thought that you wanted to develop software to fix this vulnerability. That is obviously not possible as this fries your motherboard becouse of how the usb spec is (often) implemented.
Your original comment can be read as though that is what you wanted while you probably wanted a hardware fix.

You're on to something here. I've already begun tinkering with prototypes I'm building from scrap parts. I've come across a solution that really works for me so far. (Self tested with USB Roasting stick). Essentially, the port itself can be locked in a way that does not allow the capacitors to charge by the time ths power cuts. A quick rundown. The ports themselves are encrypted. A specific USB drive with a specific code is needed to connect at all. Before that happens, the port connection is to be authorized by the host. Meaning, no power is sent through the ports until you authorize it. If step one fails and a device does successfully interface despite not having been enabled, the power draw from the port is so minimal, functioning at only 15% of USB 2.0 power draw, enough to check the drive for the encryption key, and if it fails, disables the port. I've done this through a set of 3 loops all with an overflow buffer that goes directly back to the power supply, essentially eliminating all significant current from the Mobo itself. (My explanation is quite simplistic, it's actually a fairly complicated process and nowhere near practical... Just a bunch of wires everywhere is hardly finalized :P ) In the meantime, I'm exploring software based solutions to this problem. And before anyone reiterates that this cannot be solved through software, realize first, that with open USB I/O, you can change everything through software.

So Apple was a genius all along? Who knew? Oh wait, there are only USB ports on the new Macbook Pro, and a headphone jack.

you will need to develop "port condoms"
for each port you place the device which acts as an inbetween to the port and the thing to be plugged into
need to have some type of fuse in there to trigger and disconect the port

1 Like

you could get something like this : https://www.amazon.com/Lindy-USB-Port-Blocker-40452/dp/B000I2JWJA/ref=sr_1_1?s=pc&ie=UTF8&qid=1478959797&sr=1-1&keywords=usb+blocker

which locks your usb ports so nothing can be plugged in

USB killer works with a capacitor right? So the USB port charges the capacitor, that means that first, the USB killer will require all the power output from the USB port. You can disconnect the USB port as soon as that happens with the power management tuning app of your choice, powertop or more modern but laptop-focused, tlp. You can just make a profile that when a USB port's power is bottomed out, the USB port immediately shuts down. It should be more than fast enough to prevent the charging and thus tripping of a capacitor that's big enough to fry the circuit.
There is a good chance the community has already implemented a safety like that in tlp, but I haven't looked, so I don't know.
Generally though, is this really a risk? Are people still practising USB stick promiscuity these days, with all the malware and stuff? How big is the chance that you put a USB killer into your computer? Seems more like a Darwin mechanism than a threat to me lol

If you use a usb hub for unknown devices would that protect the pc ? Not sure if the surge would get through a hub to the PC port ?

I would expect it to go through. All you do is extend the port. If you were to put inline resistors (rated to as low wattage as possible) or fuses, you could be good.
GFIs might also help.

... nevermind, didn't read above. Just repeating what others have said.