USB killer v2.0

jim bell jdb10987 at yahoo.com
Thu Oct 15 14:15:50 PDT 2015


From: Blibbet <blibbet at gmail.com>
>Joe Fitzpatrick of SecuringHardware.com made a USB Sanitizer:
>https://github.com/securelyfitz/USBSanitizer/
>https://twitter.com/securelyfitz/status/583858610683441152
>https://www.youtube.com/watch?v=V60TksZd7uk

>Xipiter also sells the USB Condom.
>https://www.crowdsupply.com/xipiter/usbcondom

>I wonder if either would stop USB Killer 2.0?
I don't know about the specific products you mentioned, but it would be trivial to build an intermediate product to protect the products from each other.  USB consists of four connections:  GND, V+, and two datas.  Aside from adding some intermediate series resistors of relatively low value, perhaps a few tens of ohms., diodes (silicon rectifier and perhaps Zener) would easily shunt over-voltages and block them.  Obviously, there would be a limit to what a given protection system would protect against:  Apply a 1000-volt, 10-amp power supply between V+ and ground, and SOMETHING is going to die!  But the 'threat model' is far simpler for real-world dangers.
The tricky part is that you are supposed to be able to USE the power provided through the V+ pin for external devices.  That's a convenience, but it is also somewhat of a danger.  Who knows how much protection is already built-in to a typical computer's USB ports?  A good 1000-volt PIV silicon diode in series with V+ would prevent an external circuit from forcing positive current into that pin.  Similarly, another 1-amp diode, connected to the V+ and GND, backwards, would prevent V+ from being pulled appreciably below ground.  Placing a 20 ohm resistor outboard of these diodes would limit current flow, etc.  The trick is that you might want to use the entire capability of voltage and current from that USB port, without IR (voltage loss over a resistor or diode) loss.  
There are also devices called "opto-isolators" (also called "opto-couplers") which could be used to provide well over 1000 volt isolation to the data signals themselves.                 Jim Bell, N7IJS







  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4788 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20151015/58dfdce2/attachment-0002.txt>


More information about the cypherpunks mailing list