Sort of on the subject, i've seen a brochure for a specialty product marketed to law enforcement. It's meant for use with the seizure of live, powered on desktop PCs and similar that have a high likelihood of full disk encryption.
Essentially it's a medium sized double conversion ups, with a really high quality sine wave inverter, and some electronics that can match phase with a live 120vac 60Hz circuit. And a tool kit which consists of the insulated electrical hand tools needed to do a midspan removal of the cable jacket and splice into the wires in an ordinary PC power cable. The person using it is of course supposed to be trained in advance, and competent at the process of attaching the UPS to the live circuit.
That is a policy I heard to be used in already not-extremely-secure environments like software development at a bank (completely isolated from production environment).
They didn't go so far as to cause alarms on unknown device ids, but devices would just not be mounted if they were not whitelisted.
About 13-14 years ago some parts of the US DoD resorted to hot glue gun filling all the usb ports on desktop PCs, except for the two ports required for the keyboard and mouse.
This was during the windows XP era when it seemed there were an endless number of security problems related to usb devices, no matter how good the group policy and registry settings pushed via active directory membership were.
My company stayed on NT4 until 2008 because it didn't have USB support. Network was fully locked down and any unknown MAC would cause an immediate search by IT.
They probably did. The sort of IT folks that would run a decade old OS are the same kind that would resort to this sort of security theater to "lock down" their network. Capturing MAC addresses off a device is pretty simple if you don't mind a little bit of connectivity loss during the process.
>About 13-14 years ago some parts of the US DoD resorted to hot glue gun filling all the usb ports on desktop PCs, except for the two ports required for the keyboard and mouse.
Here's a current story:
Someone ordered the wrong desk phones at your large company?
1.) Assemble your crew. Go to various departments and recruit non-technical people.
2.) Task them with disassembling 1000 desk phones.
Is the disassembly and reassembly just for more billable hours? Seems to me you could fill user-accessible USB ports with hot glue without it, same as a user could fill it with an unauthorized USB device.
It solves two problems: one is someone covertly or foolishly plugging in an untrusted USB device (which might be easily missed on, say, the back of a desktop) and it means that checking to make sure that only a keyboard or mouse are attached is as simple as putting tamper-evident seals on those cables.
Attempting to authenticate USB devices is a very hard problem — a sufficiently advanced attacker can spoof manufacturer and device IDs, even if you lock things down to prevent anything other than a keyboard or mouse it's possible to send keystrokes to open the wrong website, there's always a chance of an exploitable flaw in your USB stack, etc. — but anyone diligent can be paid to walk around every week checking to make sure that a seal is solid and the tamper-evident stickers have the same serial number as listed on the inventory. There is a real value in having things where the failure modes are obvious and intuitive.
The closest thing to a USB hub I've got is one of my external drives for my Mac Mini has a built in USB hub so I can plug stuff into that as well as directly into the computer. The last time I worried about such things was back when desktop computers only had one or two USB ports. Plus, in a DoD situation, I'd imagine that having your own USB hub plugged into a DoD computer would be the kind of thing that could put your job at risk. A friend who teaches at the Naval War College often laments the unusability of DoD IT because of the level of locking down, but any "Why don't you do X?" suggestions have a response of "I'd get fired."
The safeguard doesn't need to be perfect, it just has to be good enough.
If my experience with users holds true, they'll abandon the quest at the first obstacle and the USB will harmlessly sit in a desk drawer for the rest of time.
It doesn’t solve for an outsider or malicious employee getting access to a machine. What it does solve for is an employee plugging in a compromised usb device on accident since they probably won’t unplug there keyboard or mouse for it.
That's what my alma mater, the University of Waterloo, did for some of our labs when I attended. Then at some point something must have happened and they moved all the electronics into the PC case and only the wires of the mouse, keyboard, and monitor came out of these little openings.
Reminds me of my school when someone booted Ophcrack to recovered cached network passwords - they removed the CD drives. Given the machines didn't support booting from USB (IIRC), it wasn't a terrible solution.
I have not yet seen this implemented anywhere in banks. HID devices are fine, but anything else USB (esp. storage) is locked out completely. One of those banks wouldn't even let temp staff send emails out of the bank from their work account.
(Due to various disability acts they can't really do it either, as the employer must provide their staff with hardware they require, e.g. ergonomic keyboards and mice)
That sounds really the wrong way around - the worst offenders in USB malware surely are flash drives that declare themselves as keyboards and input preprogrammed keyboard events (like the USB Rubber Ducky [0])!
(For your parenthetical I should clarify - it wasn't the case that it was impossible to whitelist other devices, it just had to be done on a case-by-case basis. I.e. you would call IT and say "Jen from accounting at machine foo123 needs her new ergonomic mouse to be recognized" and they would remote in, tell Jen to unplug and replug the device and whitelist that exact USB device id on that exact machine.)
It may be so, but I'm talking from experience - as a keyboard geek I have, over the past ten years, taken all sorts of weird keyboards (and mice) into various big banks with not a hint of trouble. USB storage, on the other hand, qualifies for an instant termination.
this is a pretty common practice on many (if not all) government networked devices
that...or the USB port is permanently blocked (saw that when I was at a finserv years back: all USB ports (except the one the mouse plugged into) were epoxied
You will be seen as active (including on comms software (at least the ones I've tried)) if you have any sort of video playing e.g. Youtube in an active tab. Quite handy.
If you ever come across a jiggle-and-click gadget, let me know. Some of the computer activity trackers I've seen lately require the user to click every so often, so plain jigglers are no longer effective.
Get a USB Rubber Ducky and script it to send something like Mouse Button 7. The click event registers but it isn't associated with an action except in super advanced CAD software.
For the purposes of preventing locking out, I've had some success installing Autohotkeys and sending the MouseMove event every minute or so in a loop. No need for plugging additional USB devices.
"With the CRU WiebeTech HotPlug you can transport a computer without shutting it down.
"The HotPlug allows hot seizure and removal of computers from the field to anywhere else. The HotPlug's patented technology keeps power flowing to the computer while transferring the computer's power input from one A/C source (such as a wall outlet or power strip) to another (a portable UPS) and back again.
"We created this product for our Government/Forensic customers, but it has IT uses as well. Need to move a server without powering it down? The HotPlug can do it.
"It's great for digital forensic investigators and techs who can't risk losing access to data on a running computer. With many computers now employing full-disk encryption, shutting them down poses the risk of having to crack a password after moving the computer to a lab for analysis, which can greatly increase the time and expense of an investigation. When combined with a WiebeTech Mouse Jiggler, you also won't have to worry about the computer entering password-protected screensaver or sleep modes."
If the police are seizing your PC (presumably following an investigation and a warrant) and you have put an accelerometer to shut it down (or unmount an encrypted volume) when moved in order to deny them access to the encrypted data, would this not count as tampering with evidence?
If I were to do this, I would try and find a secondhand server that already has similar protection built in, so if anyone asks I could say "I did not even know it came with this feature".
FIPS 140-2 is often used in the private sector as a source of security process inspiration even when there are no legal or contractual requirements to follow it.
Having a good security architecture is not obstruction of justice. Doubly so if the data is still accessible to you after the failsafe is tripped. All you've done is prevent their ability to access the data before informing you of the existence of the warrant, using access mechanisms that - to you - are indistinguishable from an unauthorized access attempts.
> "I did not even know it came with this feature".
A documented threat model and security policy that justifies physical tamper protection and pulls inspiration from FIPS is a much smarter legal strategy than perjury. Consult a lawyer.
I don't believe that specific product addresses it at all. Undoubtedly the persons operating the kits have put some thought into it, but given the myriad of possible LAN configurations and types of software deadmans switches, it must be a difficult problem to solve.
There used to be an OS X program that would lock the computer if it detected motion. As long as a trusted Bluetooth device was paired, the computer was fine. But if the device left range and someone touched the computer, it locked.
There was also one that would use the motion detector to try to detect if the device was falling, and park the hard drive heads before impact.
I'd have thought plugging something into the outlet and unscrewing the outlet to take with you would be more convenient than carefully splicing wires just enough not to disconnect them. All the easier if it's on a power strip.
Technically you don't need to touch the naked wire, you only need to remove (carefully) the outer insulation and have the two (still insulated) wires separated for a few centimeters.
Then there are splitter clamps.
The most common ones are used (low voltage) on cars and motorcycles, they look like these:
Safer for the operator? Sure. But certainly not for the device, if you're trying to keep it operating. An ATX power supply has 24 pins at 5 different voltage levels (plus any auxilliary power connectors for the GPU and drives, etc...), and motherboards are a lot less tolerant of spikes and transients than the PS on the other side.
Dealing with AC power isn't really that dangerous if you're careful.
We had an electrician of questionable licensing do some minor work for us (replacing some switches and outlets). I asked him to tell me when I should go down to the circuit breaker to turn off the electricity and he told me not to bother. He did all the work with hot current running through the wires. I stayed close enough to be able to tell if I needed to call 911 but no closer while he worked.
I was once working for a small company building electrical equipment. We mostly worked on "medium voltage" equipment, you know 2400 to 69000 VAC.
For one project we had large banks of ultracapacitor in a cabinet. Fully charged it was around 1200 VDC. This thing was in the prototyping stage, and we were testing a control system on a Saturday morning.
So we charge it using a large AC/DC converter, fully charged, everything worked beautifully. We start a discharge cycle converting the DC back to AC. Uh oh, it starts pulling way too much current. Flames start to shoot out of the AC/DC converter. Fuck. BANG. Fuse blown.
We assess the damage... the AC/DC unit is totally shot. And someone (me) is going to have to analyze what caused the failure. Otherwise everything with the capacitor cabinet seems okay, but the thing is still charged to 1090 VDC and the fuse is blown. Check with the mechanical engineer that designed the cabinet. Turns out the fuse can't be changed (can't be accessed) while the cabinet is charged and the cabinet can't be discharged because the fuse is blown. Well that isn't good.
The only thing we could do was discharge it into a load bank (think large toaster) by connecting something directly to the copper busbar live at 1090 VDC. So one of the commissioning guys volunteered. He put on some high voltage gloves, stood on a plastic mat, and connected some jumper cables someone had in their car to the bus bar. He stepped back and someone else threw the switch on the load bank and it discharged without incident.
You would think if you guys were working on those AC voltages, you'd have an arc flash suit on hand and he would have also put on an arc flash suit to do that.
I've done a ton of electrical work for my own benefit over the years and I'm perfectly comfortable doing things like swapping switches with live wires. I've never once had a problem. The one and only time I've fucked up was when I cut a run of romex cable that I thought had been turned off.
Lesson learned: electrical wiring is like a gun. Always treat it like it's on, and if you have to do something would be unsafe if the wiring is energized, make damn sure it's de-energized before proceeding. When you're working in that mindset already anyway, flipping the breaker for something as simple as swapping a switch/outlet hardly has any benefit.
I apprenticed with my Dad. The first two rules he taught me have stuck with my my whole life:
1) Treat every wire as if it was hot. Even if you know it's not.
2) A good electrical connection must first have a good physical connection.
Not sure why that second rule sticks with me :) but there has been more than one occasion when I'm fairly sure the first rule has saved me from a bad shock. And you're right - treating the wires as if hot means you can actually work with hot wires for a lot of simple things.
The second rule is a great one that so many people doing their own work miss.
The wire nut is only there to stop the wires loosening over time and provide some basic insulation. It is not there to actually attach the wires. When you twist your wires together, they should be attached well enough on their own that you'd be comfortable throwing a piece of electrical tape over them to stop them shorting to the box and leaving it as-is (but don't do that). If the only thing keeping them together is the wire nut and you being very gentle when you manipulate them back into the box, they're not actually connected.
The poor physical connection creates a poor electrical connection. A poor electrical connection has resistance which creates heat. Heat creates fires. Even better after a few years when enough traffic has driven past your house and enough people have moved around inside of it and the wires have wiggled to just barely in contact so occasionally when someone walks down the hallway the lights will all flicker as the wires create some pretty electrical arc light shows, adding carbon buildup to the wires and further increasing the resistance and heat concentrated in the one tiny point of the copper where they're still sometimes connected.
No reason at all for this rant. Definitely not a real example at all. Definitely didn't waste an afternoon with a toner, a drill with a pilot bit, and a borescope to hunt down the six octagon boxes someone had sealed into the basement ceiling hiding away some of the shoddiest wiring I'd ever seen. Nope.
100% confirm on the wire nut thing. It's possible to get a good twisted connection with a wire-nut without pre-twisting, but conditions have to be just right, and must result in a properly twisted wire pair in the end, or it's just trouble waiting to happen.
One packet of wire nuts I bought came with a drill bit made to twist them on. I found it works way better than twisting the wires by hand, it creates a tight twist that's very hard to undo.
This makes me feel bad. As a kid, I remember holding light switches at just the right point to hear the buzzing (arcing)? inside. At least if the contacts were carbonizing, there wasn’t a lot flowing through them closed.
I'm not a nut that does everything with the power on--I kill any branch I'm working on and double and triple check with a non-contact voltage detector before I stick my fingers into anything (which saved my bacon the one time when the hot from a different branch of the same phase ended up connected to a neutral wire for a plug with no connected ground leaving it showing 0V on a multimeter in any configuration and still being live with the breaker off; that house was a mess). However our current dwelling has no main cut-off for the power. If we wanted to turn off power to the panel we'd need to get the power company out to pull the meter from the socket.
In a mostly full panel the bus bars are pretty much completely covered by the breakers anyway. You'd have to work pretty hard to come in contact with them. And the wires you're working with (besides the ground) are insulated anyway so no issue if they brush up against something.
The only thing that's _slightly_ butthole puckering is chasing the uninsulated ground wire through the panel down to the neutral bus.
And yeah, done without gloves because weighing "safety when I make a mistake" versus "greater dexterity so I'm much less likely to make a mistake" I prefer the latter. The protection is rubber soled shoes and keeping one hand tied behind my back so the electricity has no path through me.
Ha, that's nothing. I once watched a stubborn guy replace the bus bars in the input panel of a house. He did wear rubber gloves and boots and stand on a plastic stool. But, this is a kind of job where you are operating a socket wrench on the clamps holding down the bare ends of the thick direct-burial power cables, then wrestling the ends of the cable out of the way to unscrew and remove the bus-work from the panel chassis.
He did this without notifying the power company, so those supply lines were hot with 240V residential service. The weather shifted and a light mist started falling before he was done. Like another poster above, I was thinking I need to be ready to call 911, but wanting to be far enough away not to be hit by splattering metal or any surprise voltage gradients in the soil.
I accidentally replaced an outlet and added a switch to a circuit that was still energized. I had turned off the wrong breaker, and failed to confirm it before I started work.
But, careful work habits and some tools that happened to be insulated anyway, meant that I was never bridging two different potentials. The job went flawlessly and I only noticed when I plugged the outlet tester into it at the end, expecting to go turn the breaker on and come back and look at the lights... but the lights were already lit up.
Working on hot wires is no problem. Ground wires scare me and I'll turn off the main breaker before I touch them. You can never be sure what ground is really at.
In more than a few dilapidated rentals I've been in...
Ground is ... all the metal bits in the bathroom and there's earth leakage happening somewhere.
The safe work procedure is then: get the shower to the desired pressure and temperature before you get in / while you're still wearing your shoes then try not to touch the taps while you're in there.
But don't tell the guests cos hearing them yell "FUUUUCK!" is amusing.
Bonus points if they pass out from the shock and knock their head on the way down.
Splicing into the many wires that is an atx+12v power connector, between the output of the power supply and the motherboard is way more fiddly than just dealing with the hot and neutral on an ordinary $5 PC power cord. You could also never be certain what weird ziptie and cable management system (or lack thereof) might exist in a home built x86 PC case, or if there's any room for hands to work at all...
I think the thing I saw is also meant to deal equally well with a commodity x86 PC built from parts, or an Intel NUC size thing, or a corporate desktop machine with proprietary internal wiring like a slimline Dell, Lenovo, HP, etc.
I thought about HotPlug too. And the obligatory Seinfeld Frogger scene (become much less familiar to younger folks).
HotPlug must only work in countries with terribly designed plug outlets like the US and Canada. Our NEMA 5-15 plugs are live when the plug's hot (electrons be here) and neutral (return to sender) blades are still visible. I don't think this device could work in the UK I'm not from there but I think their plugs can't be live with exposed plug blades.
Essentially it's a medium sized double conversion ups, with a really high quality sine wave inverter, and some electronics that can match phase with a live 120vac 60Hz circuit. And a tool kit which consists of the insulated electrical hand tools needed to do a midspan removal of the cable jacket and splice into the wires in an ordinary PC power cable. The person using it is of course supposed to be trained in advance, and competent at the process of attaching the UPS to the live circuit.