Misusing Ethernet To Kill Computer Infrastructure Dead

Some attacks on computers and networks are subtle; think Stuxnet. An anonymous reader writes with a report at Net Security of researcher Grigorios Fragkos's much more direct approach to compromising a network: zap the hardware from an unattended ethernet port with a jolt of electricity. Fragkos, noticing that many networks include links to scattered and unattended ethernet ports, started wondering whether those ports could be used to disrupt the active parts of the network. Turns out they can, and not just the ports they connect to directly: with some experimentation, he came up with a easily carried network zapping device powerful enough to send a spark to other attached devices, too, but not so powerful -- at least in his testing -- to set the building on fire. As he explains: I set up a network switch, and over a 5 meters Ethernet cable I connected an old working laptop. Over a 3 meters cable I connected a network HDD and over a 100 meters cable I connected my “deathray” device. I decided to switch on the device and apply current for exactly 2 seconds. The result was scary and interesting as well. The network switch was burned instantly with a little “tsaf” noise. There was also a buzzing noise coming from the devices plugged-in to the network switch, for a less than a second. There was a tiny flash from the network HDD and the laptop stopped working. It is not the cheapest thing in the world to test this, as it took all of my old hardware I had in my attic to run these experiments. I believe the threat from such a high-voltage attack against a computer infrastructure is real and should be dealt with.

Simon Travaglia would be proud

[RogueyWon]

This sounds like something ripped right from the BOFH stories...

Re:Simon Travaglia would be proud

[Falconhell]

Yep, in the 90's
https://en.m.wikipedia.org/wik... [wikipedia.org]

Re:Simon Travaglia would be proud

[Falconhell]

Original episode from 94

http://bofh.ntk.net/BOFH/0000/... [ntk.net]

Re:Simon Travaglia would be proud

[rainwalker]

Yep. Etherkillers have been around since forever. The oldest link I could find in 30 seconds is one one from 1999 [archive.org], but I'm sure I had one before than, and I certainly didn't come up with the concept. It's nice that he re-invented the etherkiller, but man, Google is your friend.

Re:Simon Travaglia would be proud

[RenderSeven]

I made one in '81 long before I heard of BOFH and way before Ethernet. Our network was serial with some ARCNET and made a mains cable for each as a joke, back when bosses generally had a sense of humor.

Re:Simon Travaglia would be proud

[JMJimmy]

Hammer breaks computer hardware! News at 11.

Fire destroys shit! OMG

I mean seriously, yes this is possible but you could do damage to a network in innumerable ways. Until the problem is actually happening there's no sense protecting against it. At most I could see someone trying this with a school network to get out of having to do a test or a disgruntled employee... it's not going to be a frequent thing.

Re:

[ceoyoyo]

I'm surprised it doesn't happen more in schools already, actually. When I was in high school, some students figured out that if they built up a static charge and touched the lock (computers back then had physical input locks) on the case, the motherboard would get fried. They fried four or five machines until someone figured out what was going on recruited a few of us to disconnect the input locks on the rest of the machines.

Re:

[eth1]

This sounds like something ripped right from the BOFH stories...

That was certainly the first place I read about splicing mains plugs onto Ethernet cables... :)

Prior Art Exists (tm)

[swschrad]

I just wore my old O'Really "Ethernet Killers" t-shirt from the late 90s the other day.

optocouplers

[Spazmania]

Which switch? The expensive ones are supposed to have optocouplers on the data ports to prevent just this sort of problem. You kill the port but the switch (and everything attached) lives on.

Re:optocouplers

[msauve]

No, regular Ethernet (i.e. copper) connections are almost always transformer isolated. A typical spec for the isolation they provide is 1500 VRMS for 60 seconds. But, even if using optoisolators weren't cost prohibitive, they only increase the breakover voltage, which doesn't prevent someone from causing deliberate damage using even higher voltages.

If you want to avoid the issue, use fiber connections instead of copper.

Fiber

[unixcorn]

Fiber optic cable to all devices would nullify this sort of attack.

Re:

[Z00L00K]

A good EMP device will take care of everything, even disconnected equipment.

Re:

[Flavianoep]

And one can do EMP with an atomic bomb!

Re:

[TWX]

Some fiber cabling has a metal wire in it so that it can be located in-ground. If that backbone cable is not properly grounded at the building entrance and that wire is touching or bonded to an improperly-grounded rack then weird things can happen.

Re:Fiber

[penguinoid]

Fiber optic cable to all devices would nullify this sort of attack.

But won't protect it against a laser shark.

Re:

[seven of five]

Or wi-fi

Re:

[jabuzz]

Yes and no. I could still take out the optics on the network switch as I hook a 1kW infra red laser onto the end of my connection. One suspects that it might have a bad effect on the rest of the switch as well as my connection.

Re:

[Ihlosi]

Fiber optic cable to all devices would nullify this sort of attack.

Depends on how many kW of laser power you're piping into the cable.

Re:

[Chris Mattern]

But would be slower and less reliable.

Stupid FUD

[slacka]

If a malicious user gain physical access to your network, a high-voltage attack is the least of your worries. Network sniffers and other tools can quickly own your entire network doing far more monetary damage then some fried networking equipment.

Re:

[Luthair]

This was my thought also. Effectively this is only vandalism and there are easier ways to cause monetary damage.

Re:

[bickerdyke]

On it's own, yes. But it can be a powerful tool in a scenario where physical infiltration in required.

Breaking into a CCTV monitored target all of a sudden becomes much easier if you can use this attack to fry the hub that the IP-Cameras are connected to. or the machines that power the surveillance monitors in the watchman's booth. Bonus points if security has been outsourced to a company that does monitor several facilities from a central office. Precious minutes gained while the team investigating why all

Re:

[geekmux]

If a malicious user gain physical access to your network, a high-voltage attack is the least of your worries. Network sniffers and other tools can quickly own your entire network doing far more monetary damage then some fried networking equipment.

An ISP or other service provider would suffer greatly from a attack like this on their hardware infrastructure that could result in considerable damage in the form of many pissed off customers. Damage to reputation has a cost as well.

Sometimes the network switch IS the real-time revenue generator, so try not to assume what kind of attack would have a larger impact.

Re:

[rickb928]

Good reason to set up the cameras in your data center.

Re:Stupid FUD

[TWX]

Not all interfaces that are patched are necessarily live. Not all interfaces that are patched will let just any MAC address on to the network. Not all interfaces that will let one new MAC address on to the network will allow for MAC table flood attacks as they will cut-off the interface if too many MAC addresses attempt to use the interface too quickly. There are means to reduce the problem if one wants to take the time to implement and maintain them, and if the organization will hire enough people to do the job.

Re:

[Luthair]

MAC filtering is pretty pointless, it provides about as much security as closing (not locking) your front gate at home to keep thieves out.

Re:

[TWX]

And an analogy that doesn't actually explain the technical fault is useless.

Re:

[Luthair]

That isn't the point of an analogy.

Re:

[Zero__Kelvin]

Here is your explanation, moron [google.com]

Re:

[mlts]

Done right, it can be useful. Things like manufacturer MAC blocking and having one MAC per port is a way to ensure someone doesn't attach a switch or Wi-Fi AP to an internal network.

On some networks like POS networks, it is one extra security measure, just because someone can't unplug a cash register, plug in their laptop and go at that segment. Not foolproof (as one can figure out the POS's MAC and spoof it), but it does stop the guy who wants to plug into a network jack because the public store wireless

Re:

[mlts]

My sentiments exactly. There is a lot more someone can do who has physical access, is willing to face felony level malicious mischief charges and is willing to end any chance of a meaningful career in IT (heck, a meaningful career anywhere, for that matter.) Just walking up to a rack and yanking all drives out will bring a data center to its knees. Yes, some data centers actually take the time to use the locks on the equipment, but most don't bother since the locks tend to be engineered to hold plastic b

Re:

[Solandri]

Yeah, I don't think "malicious intruder" is the right way to cast this. I've been worried about precisely this problem for a different reason. One of my network cables goes to the roof to a parabolic antenna shooting wifi to another building. It occurred to me that a lightning strike hitting that antenna could ride up the continuous copper provided by the ethernet cables and switches and do a lot of damage to a lot of equipment. What's the best way to isolate the antenna from the rest of the network? A

Re:

[radish]

I have cat-5 running through my attic and it does seem very sensitive to lightning. Don't think I've had any direct hits but at least 2 instances where there seems to have been a surge in one of the runs. Both cases resulted in burnt out ports on both the device and the switch, but no further damage. I have no idea what I can (easily) do about it.

Re:

[eth1]

If a malicious user gain physical access to your network, a high-voltage attack is the least of your worries. Network sniffers and other tools can quickly own your entire network doing far more monetary damage then some fried networking equipment.

The thing is that this kind of attack can be done quickly and un-detectably. Some access-layer switch hardware has hundreds of ports. Ten seconds unobserved in a cubicle would be all you need to plug a cable with a mains plug at one end, and RJ45 at the other into the relevant ports, pull it back out, and stuff it back in your laptop bag. $1k per work area x 400 switch ports (plus the expensive switch) is a lot of money to go poof with 10 seconds of effort, not to mention the 400 people that will now be sit

Re:

[timholman]

If a malicious user gain physical access to your network, a high-voltage attack is the least of your worries. Network sniffers and other tools can quickly own your entire network doing far more monetary damage then some fried networking equipment.

Exactly. If attackers want to physically destroy your network, there are a million different ways to do it. They could just as easily set the building on fire, or shoot out a power transformer. But their goal is to exploit it.

Consider the evolution of malware.

Re:

[gurnec]

MAC address lockdown is practically useless on its own (see: ARP poisoning attacks & DHCP spoofing), not to mention completely unscalable.

Network isolation & good firewall rules at the demarcs are important, but they aren't a panacea.

slacka is correct, protecting networks after a physical intrusion has occurred is very difficult or impossible.

802.1X can help when it comes to the scalability of port authentication, and DHCP snooping and dynamic ARP inspection can both help in securing networks agains

And then there's PoE

[RogueWarrior65]

More adoption of PoE will make this sort of thing even worse.

Re:

[TWX]

How so? There are lightning arrestors that can allow PoE current levels to pass through. Old arrestors actually would block PoE, I know from experience retrofitting inter-building copper trunks...

Not surprising

[The MAZZTer]

Lightning strike fried the onboard NIC on one of my PCs once.

Re:

[rickb928]

Lightning fried an entire sheriff's department I had the joy of supporting some years ago. Not just NICs, since most were built onto the motherboards. Not just switches, but UPSs, radios, telephone systems, lighting, even the main UHF antenna disappeared. They dispatched out of a car for a few days.

We got their network and PCs replaced about 4 hours before the software people arrived and rebuilt the 911 system. The base station was replaced a half hour or so before we finished. Emergencies. God help me

Hammer Attack

[sinij]

I set up a network switch, and over a 5 meters Ethernet cable I connected an old working laptop. Then I took my pen-testing device aka “hammer”. I decided to vigorously apply. the device to the switch and the laptop. The result was scary and interesting as well. The network switch was a heap of twisted metal after a lot of "banging" noise. It resisted the attack for considerable time due to hard metal shell. The laptop stopped working much faster, after only some application of the device. It is not the cheapest thing in the world to test this, but very satisfying. I believe the threat from such a blunt object attack against a computer infrastructure is real and should be dealt with.

Re:

[Drewdad]

The protection provided by the hard case can be bypassed by the use of a torsion device applied at the point where the metal plates are affixed to each other. The "screws" can be removed, or "driven" from the case.

Re:Hammer Attack

[sinij]

Actually, in all seriousness, I had to do this 'hammer attack' in the past as part of FIPS 140 physical security mechanisms testing. Was a hardened case with interlocking plates, and after 30 minutes of banging on it I only succeeded denting it. I had to write in the report that I needed a bigger hammer. No kidding.

Re:

[phantomfive]

Wow what kind of device was that? Where can I get one?

Lightning does the same thing ...

[BoRegardless]

It happens all the time.

Nonsense.

[jpellino]

Obviously there was a hole in one of his rigged cables and it let the smoke out of the interweb tubes.

Been going on since as long as I can remember.

[mlts]

This is absolutely nothing new. Back in the early 1990s, I worked with a guy who had "adapters" which were 120VAC to coax Ethernet, 120VAC to serial, 120VAC to thicknet, and 120VAC to SCSI.

One place I worked at had someone use customized surge suppressors on Ethernet drops that went from a public area to a private area, because they were afraid of this.

This is nothing new... This is in the same category of stuff like sticking blobs of Superglue into the locks on a building as part of a "denial of service" attack.

These days, the fix is easy... if really worried and wireless isn't an option, go with single mode fiber if concerned that someone is going to use a network drop for an attack. If someone blows out the NIC on the other end with a 100+ laser, it will only blow out the SFP.

Re:

[lowen]

Given enough power on the transmit laser, you can blow out more than the sfp. Research the term 'fiber fuse' or watch https://www.youtube.com/watch?... [youtube.com] for a hilarious holiday themed destruction of fiber with excessive light. (There are other videos on youtube; this one is just too funny to pass up.

Re:

[aaarrrgggh]

Common mode rejection yes, but not direct mode.

Re:

[petermgreen]

120V (or even 240V) in common mode should do nothing. 120V in differential mode will cause massive overcurrents in the circuitry adjacent to the port and possiblly in the switch as a whole but it's unlikely to be able to go in one port and come out another while still having enough strength to do damage to devices beyond the switch.

However TFA was clearly using a LOT more than mains voltage. A sufficiently large common mode voltage (you can't really apply very high voltages in differential mode because your

Comment removed

[account_deleted]

Comment removed based on user account deletion

Uhm.

[fisted]

Normally there's a transformer on either end of the cable. Whatever they fed "2 seconds of current" through, it wasn't that. WTF.

Re:

[fisted]

Just to avoid ambiguity, of course the transformers are part of the PHY, not part of the cable.

Access to hardware...

[dargaud]

...means that you can destroy said hardware. What kind of news is that ?!?

Re:

[OzPeter]

...means that you can destroy said hardware. What kind of news is that ?!?

It's click bait news to help sell the site to whoever the new owners will be.

What does Dice care (if it ever did) about the quality of stories on here.

Re:

[Stewie241]

Well, it calls attention to something that I certainly wasn't sure about.

Obviously, I have an ethernet port exposed in a building, I would certainly expect that if somebody applied current it would probably kill the switch.

What I wouldn't have been certain about was what other impact it might have.

The experiment showed that not only was the switch killed, but also another laptop connected to the switch, and not just that laptop, but also the external hard drive connected to the laptop.

So the risk of an open

Re:

[jonnythan]

but also the external hard drive connected to the laptop.

To be fair, the HDD was connected to the switch, not the laptop.

Re:

[avandesande]

Yeah companies should think a bit about what could happen if something like a kiosk was connected to their network in a public area.

How many volts and milliamps did you hit it with?

[RHenningsgard]

A few years ago, I helped design and build a production-line test system for RJ-45 jacks, and the test spec required us to "HIPOT" test by applying 2,250 volts to the network connections with the shell grounded, verifying that there was no appreciable current leaked to ground. I assume from your description that you applied a fairly high current across the signal lines, which would certainly burn out the windings on the RJ-45 jack isolation transformer was at the other end of that specific cable. How you got the damage to propagate beyond a single RJ-45 termination is something of a mystery to me.

A Piss Box?

[KatchooNJ]

Anyone here remember an old phone phreaker toy that would send a zap down a phone line to cook a modem or a phone and break some FCC laws at the same time? heh I remember them being nicknamed "Piss Boxes", but they may have had a more proper name. This is like a network Piss Box. heh

How in the world? How much voltage was in there?

[iTrawl]

I was about to ask how come the spark wasn't stopped in its tracks by the optocouplers in the RJ45-to-board junctions. Then I read TFA (I know, right?!) and saw the pictures.

I don't know what the voltage was, but to maintain a spark over a 5cm air gap I guess it was pretty high. That means optocouplers can't help if you can just jump over them. 5cm could easily cover a small switch, unless once it reaches another RJ45 it can jump another 5cm (i.e. it can cover as much distance as it pleases), in which case

Etherkiller yet again.

[nitehawk214]

Aside from etherkiller [fiftythree.org] being old, you could just as easily set the building on fire if you wanted to kill infrastructure.

This requires you to be in the same building if not the same room as the device you are trying to kill. If you have physical access to a machine... etc...

Kill it dead? Oh noes!

[wonkey_monkey]

Misusing Ethernet To Kill Computer Infrastructure Dead

Great, you've killed it dead. Now I have to fix it alive.

More info needed

[acoustix]

Network switch? What kind? consumer? enterprise? I can shutdown unused ports on enterprise network switches. Does it still kill the switch if the shock is applied?

This article was clickbait and nothing more.

What's next? Aiming a water hose at a wireless access point?

Easier to attach the electrical grid, no?

[Anonymous Psychopath]

You'd only be able to attack one circuit at a time, I suppose, but outlets are everywhere. Much easier to fry devices that way.

Blotto Box

[Loconut1389]

This reminds me back in the days of "phreaking" and "boxes" (eg red box, blue box, beige box), there was a rumored "blotto box" which amounted to attaching a generator to someones TNI or to a big green box and running for the hills.

Back in my day...

[mr_mischief]

Back in my day we called this a bullet. "Death ray" sounds megalomaniacal.

Wait for it...

[moorley]

There's a BOFH reference or anecdote in there somewheres... Gotta be...

Re:

[__aaclcg7560]

Power Over Ethernet (POE) switches are generally more expensive than regular network switches and, in my experience, aren't widely deployed for general use. A regular wall jack near the floor probably won't have POE. A ceiling jack will have POE to power wireless access points and security devices. The network jack for a phone might have POE from the switch or a power injector.

Re:

[drinkypoo]

It doesn't matter if they do or not because PoE is carried on the third and fourth pair. You inject your dirty power on the first and second pair and PoE is irrelevant.

Re:

[__aaclcg7560]

The OP mentioned an "Ethernet Taser" being plugged into the wall to take out the security guards. Hence, you need POE to power that device and I was pointing out that typical wall jack wouldn't have POE. Otherwise, just use a regular Taser to get the job done.

Re:girl with dragon tattoo did it

[drinkypoo]

The OP mentioned an "Ethernet Taser" being plugged into the wall to take out the security guards. Hence, you need POE to power that device

On this planet, we have electrical potential storage devices we call "batteries".

Re:

[__aaclcg7560]

Take it up with the OP, as I was just pointing out the POE aspect.

Re:

[Zero__Kelvin]

Re-reread the post. The words "security guards" were never used. The them in the sentence refers to the Ethernet ports.

Re:

[__aaclcg7560]

The first person a courier would meet in a office would be security guards at the reception desk. At some of the companies I've worked at, the security guards were armed with guns. At one company I worked at, the security guards were armed with guns and a K9 attack dog. There are easier ways to subdue an unarmed person than using a makeshift "Ethernet Taser" from a wall jack.

Re:

[Zero__Kelvin]

You couldn't possibly be as stupid as you are trying to make yourself appear to be. She disabled the fucking Ethernet ports with a taser. She didn't plug a frigging taser into the Ethernet ports to disable securtiy guards. The OP never mentioned security guards. Again. No fucking security guards. You made them up, and now you are refusing to admit you made them up.

Re:

[rickb928]

It's a Layer 1 attack.

Same as a lightning strike. Rare, but fascinating and devastating when they hit dead on.

Re:

[Z00L00K]

A true faraday cage would protect against RF, but many casings aren't well done.

Re:

[TWX]

Usually the best solution is to not patch-in horizontal cables that aren't in-service, and to use station cables that require a special tool to unplug from the wall and from the computer, but there are not very many facilities where this is practiced because it's incredibly labor-intensive to have to send a technician to move every computer and change all of the patching. Some organizations don't let the users move their own computers anyway, so for them it wouldn't be much more difficult to send the techn

Re:

[__aaclcg7560]

I've worked at a few companies where the cables from walls are not physically plugged into the switches inside the network closet for inactive ports. At one company, this was a security policy. At other companies, they couldn't afford enough switches to plug in all the wall jacks.

Re:

[TWX]

We don't patch every drop either. Drops are installed speculatively and usually there are close to twice as many drops as there are devices mainly because the cost to run two cables is not significantly higher than the cost to run one cable, and the utility of having the extra cabling when it's needed is more important than the financial impact of the installation.

The number of ports should equal the number of devices, not the number of cables. As more organizations use wireless devices the number of p

Re:Surge suppressor

[TWX]

Even more importantly there are lightning arrestors that are designed to provide a ground-path for lightning when it strikes an outside-mounted AP, camera, or manages to find an underground or aerial pathway between buildings outside of the building's cone of protection, and they even have models that can allow PoE to traverse the device. I'm not sure what happens with lower voltage and amperage though, where the threshold for the device failing-safe and shunting to ground is, nor am I sure of what happens to the cable itself if 120V or 240V with a theoretical maximum of around 20A for household outlets is applied. The Cat5/5e/6/6a cabling is rated to 600V, but 26AWG to 24AWG wire is not very large and cannot handle the same current as a 12AWG wire for the same amount of time. My assumption is that even with a lightning arrestor it'd probably melt the cable up to that arrestor before the electrical circuit breaker shuts off the service to the outlet being used to cause this.

There's a good reason why it's against code to install high voltage wiring and low voltage cabling in the same pathway.

I'm actually curious how much protection is built into the switch. Typically a certain number of ports are grouped to an ASIC, and the switches have to be able to handle a degree of dirty signal anyway, so it's possible that a single household high voltage spike might not hurt the switch or might only burn out a few ports as one ASIC cooks-off. I'm not exactly going to test this out though.

Re:Surge suppressor

[penguinoid]

Yup! But then there's two questions
1) will the surge protector protect against this device
2) who has surge protectors on each of their ethernet ports?

Re:

[pla]

And the reason vendors have chosen to NOT include that technology into their actual networking equipment is what again?

Because you-the-consumer won't pay an extra 4 cents per port for hardware that includes it.

Re:Surge suppressor

[__aaclcg7560]

From my experience with surge protectors on UPSes, a 1Gb connection is reduced to a 10/100Mb connection. Not sure if that has changed in recent years.

Re:

[GameboyRMH]

I don't have that problem with the ethernet surge protector built into the big APC UPS (about 6 years old) on my gaming machine.

Re:

[Immerman]

Is the surge protector rated at 1GBps?

That higher frequency requires much tighter tolerances on wire lengths and EM interference, so if a cable, surge protector, or any other passive ethernet device wasn't specifically designed with a 1Gbps connection in mind then it probably will degrade the signal, except for individual devices where random manufacturing variance just happened to fall within the higher-speed tolerances.

Re:

[rickb928]

" If you're following Information Security best practice you shouldn't have any unconnected sockets in your office"

As in, "If you're following Information Security best practice you shouldn't provision for expansion or unexpected demand".

Sure.

Re:Running power through wires shock!!

[Anonymous Coward]

Or they're disconnected at the switch end in the wiring closet until needed.

Re:

[Anonymous Coward]

" If you're following Information Security best practice you shouldn't have any unconnected sockets in your office"

As in, "If you're following Information Security best practice you shouldn't provision for expansion or unexpected demand".

Sure.

No, you provision sockets and wire them to the network room. Then you have a bundle of unpatched terminals in the panel. Someone authorized comes in and needs the socket you patch in to the switch and it goes live. When they're done you remove the cable and the socket is dead again. 5 seconds on either end protects your network from unauthorized devices

Re:

[Tailhook]

Just because you are too busy to follow the practice, doesn't mean it isn't a good idea.

What is good about an idea that doesn't actually protect anything? All your "best practice" has done is secure unused ports. USED ports can still be zapped, and from either end of the cable too. Or did your "best practice" also assume non-removable and armored Ethernet cables?

Your "best practice" is a fiction inside your head.

Re:Running power through wires shock!!

[KlomDark]

90% of people who use the term "best practice" are idiots that couldn't independently think their way out of a wet bag.

Re:Running power through wires shock!!

[Tailhook]

If you're following Information Security best practice you shouldn't have any unconnected sockets in your office, and they should be audited at least every 3 months.

So you've raised the bar for the attacker from "zap any random RJ45 jack" to "unplug something and zap that RJ45 jack"? Or am I missing something?

Re:

[TWX]

I need a citation for that Nortel claim. PoE at the source is capped 36 watts, which is something like seven tenths of an amp spread across all four pairs.

Re:

[petermgreen]

Most PC connectors are non-isolated and referenced to the PCs ground. Apply a large voltage in common mode and it will find it's way to ground through all sorts of paths, many of them likely destructive. Ethernet on the other hand has isolation transformers designed to survive a strength test of arround 1.5KV*. 120V (or even 240V) AC in common mode on an ethernet port should have no affect if the device is not defective.

120 VAC in differential mode will definately fry the port, it may fry the rest of the de

Re:

[KatchooNJ]

I thought 11 was reserved for news about fighting the frizzies, though!

Re:

[bickerdyke]

though an incendiary with a timer would also do the trick.

But leaves traces visible to every firefighter. Leading to further investigations, the FBI will check the CCTV recordings, someone will recognize you there or your licence plate. Or the license plate of what you stole to be your getaway car, but left your fingerprints where you stole it...

Anyway: It might be worth something to have the case closed quickly with "faulty electrical device" and no further questions asked.

Re:

[bickerdyke]

Stupid article that basically says: "You can destroy an electronic device by shoving too much electricity into it!"

Yes, but it becomes a bit more interesting when you can do that from another location connected by a wire no one thinks of as an attack vector (the port is firewalled after all!) and is often enough freely accessible.

But yes, this tells less about the attackers ingenuity than it tells us about our everyday shortsightedness.

Re:

[Ihlosi]

Yes, but it becomes a bit more interesting when you can do that from another location connected by a wire

Stupid article that basically says "Metal wires conduct electricity."