Riot police planted the door, beating a citizen with a boot in the face and takes away the computer. This is a sample script of detention of dangerous cyber criminals. In this algorithm, the most unpleasant for the detainee? Of course, the seizure of the computer, because the results of the examination will be the basis for placing a hacker in places of deprivation of liberty for many, many years.
Sorry for the spelling and phonetic errors in the text.
Owner and main writer of MintGuide.org is not a native English speaker.
To delete the last paragraph, the security professionals have proposed an interesting technology USBKill. The point is simple: the working operating system inside a virtual container and is encrypted. All operations hacker produces through this guest OS. Another program running on the primary system monitors the activity of the USB ports and other features:
- If the computer turns off, data access will require a password.
- If the laptop connects or disconnects the charger, USBKill deletes a virtual OS.
- If the computer will be connected to an external device through the USB connector — USBKill destroy virtual working OS with all the evidence.
The last point is particularly important, because any examination begins with download special intelligence SOFTWARE, for removing the image to disc. Once the flash drive, is connected, USBKill destroy the data and copy will be nothing left.
The authors USBKill reveal other interesting gadgets used by secret services in the cyber operations. In particular, there are devices like Mouse jiggler and Keyboard jiggler.
These USB devices are recognized by the OS as a normal mouse and keyboard. Used jiggler in order to simulate the activity on your computer and prevent actuation of the lock screen due to downtime. USBKill will regard the attempt to connect such devices as a direct signal to the destruction of data.
You can download the source code USBKill on GitHub.
The author of the program Hephaestos reports that the tool will help to prevent a repetition of the history of Ross Ulbricht, Creator of underground platforms to sell drugs Silk Road. Laptop Ulbricht was seized by law enforcement agencies, and the computer is left on for a long time.
Hephaestos says that USBKill waiting for changes in the USB port, and then instantly turns off the computer. In USBKill will be added more commands and functions. The author States that the program can be very effective when run on virtual machines that disappear when you reboot.