Posted on 11/15/2019 4:48:04 PM PST by BenLurkin
Los Angeles District Attorney has warned travelers to avoid charging their smartphones and other devices using public USB power charging stations as they may contain dangerous malware.
USB was designed to transfer both power and data and security researchers as well as cybercriminals have learned how to use USB connections to deliver malicious payloads to users who thought they were merely charging their devices.
Over the past few years, several proofs of concepts were created with the most notorious being Mactans, which was unveiled at the Black Hat security conference back in 2013. While the device may look like an ordinary USB wall charger, it actually has the capability to deploy malware on iOS devices.
(Excerpt) Read more at techradar.com ...
I did this once and got a 5 volt shock.
l
Saw these in airports recently. Also used on our tour bus.
Including hotel lamps?
And on our plane. I used the portable.
You can also get a charge only USB cable which doesn’t have the data wires.
Never a problem.
The charging sockets in the seats at the SW gates at LAX are so loose that a plug-in charging adapter won’t work. You need to use the built-in USB charging ports instead. Maybe those sockets are loose for a reason . . .
Here is something not commonly known...
Some devices are rigged to pass data over the VCC and GND pins on the USB port....yes, REALLY.
Think about if for a moment and you will imagine all sorts of nefarious uses.
Hardware data protection circuitry generally enables only the VCC and GND pins and leaves the data pins unconnected....so Joe Blo thinks the charger has to be safe. Joe sticks his device on the charger and it passes data over the VCC and GND lines as a pattern of voltage variations.
Joe’s device has to be rigged to handle data on the VCC and GND lines of course...but just think how easy it would be to add that to a smartphone or whatever.
You can buy ‘safe’ USB cables that only have the VCC and GND wires in them..no data lines. So they just have to be safe, right!? lol
The chipping and hardware rigging in hardware would make your head spin...if they could do it, they have done it.
Naughty NSA tricks...
https://www.amazon.com/Plugable-Universal-Charge-Only-Adapter-Android/dp/B00FA9GXKM
See my post #11
You can use a USB data blocker (aka USB condom) to charge your device safely. They sell them on Amazon here:
I would always use them in sketchy travel locations.
Thanks.
Much of this was mitigated when Apple released iOS 7 beta 2.
Read the Blackhat 2013 paper:
Key to not getting this virus is to refuse any software loading or other device sharing request that appear soon after plugging in the charging station.
“Some devices are rigged to pass data over the VCC and GND pins on the USB port....yes, REALLY.”
The receiving device would have to be designed to accept that in order for it to work. But a small capacitor across those pins would completely put an end to that kind of hanky panky anyways.
A tamper proof charging cable or filter would be an easy design and would be a good seller if people take this seriously.
And there you go!
That you're aware of.
I guess this has to be said, although it should be obvious.
“Joe sticks his device on the charger and it passes data over the VCC and GND lines as a pattern of voltage variations.”
Digital Telegraph.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.