Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Jailbroken Devices Compromised By Charging Stations

Soulskill posted more than 3 years ago | from the charged-with-computer-fraud dept.

Cellphones 93

mask.of.sanity writes "Data can be stolen from Windows, Android and Apple devices by unassuming power charging towers. In an attack demonstrated at the Defcon hacking conference, mobile phone charging units were rigged to pull data from phones plugged into them. Researchers found many jailbroken and modified devices activated USB functions when they were plugged in, or simply rebooted."

cancel ×

93 comments

Sorry! There are no comments related to the filter you selected.

that's what you get (-1)

Anonymous Coward | more than 3 years ago | (#37156004)

for being a child

Er... how can Android be jailbroken (2, Interesting)

Anonymous Coward | more than 3 years ago | (#37156012)

Nitpicking here... An iPhone that is jailbroken has its security compromised where anything is possible via the USB connection. However, an Android device that has root still has its security mechanisms 100% intact unless someone automatically checks "yes" everytime the su dialog pops up, or has a really craptastic ROM.

Yes, some ROMs might allow for a root prompt to allow a hacked charger to slurp data via ADB, but this can be easily disabled by just turning debug mode off.

Re:Er... how can Android be jailbroken (4, Interesting)

pruss (246395) | more than 3 years ago | (#37156222)

1. Moreover, there is quite a bit you can do with adb even without root: the adb shell normally gets privileges that are higher than those ordinary non-system Android apps get, though lower than full root privileges. (E.g., you can silently install and deinstall arbitrary apps from an adb shell.) So keeping debug on and plugging into untrusted devices is probably not such a great idea, whether the device is rooted or not. Moreover, if debug is on, then even if the device isn't rooted, an attacker can often just silently install an app that roots the device via whatever vulnerability roots a given device, and then get full root privileges.

2. The Superuser app that I use can be set so that it remembers su permissions after the first time one is asked and doesn't ask again if the same app requests the permission (technically, it will ask again if the app requests the permission in connection with another su command, but most root-using apps just request permission for an su shell, and then do their work in the shell). I keep that setting active, since I do things that require root so often (my SuperDim app to dim the display below what the OS normally allows for use at night; on boot setting the exec permission on my SD card so I can move app libraries to it; adjusting CPU governor settings; using my Force2SD app to move recalcitrant apps to SD; running a script to do a tar backup of all of /data; etc.). It would be a real nuisance to be constantly prompted. But there is an obvious security cost to the convenience. I am willing to accept that cost, especially since I currently use only two root-based apps that I didn't write myself, and I think they are trustworthy apps. So only two apps that I didn't write have the silent su authorization enabled.

Re:Er... how can Android be jailbroken (1)

mjwx (966435) | more than 3 years ago | (#37164116)

So keeping debug on and plugging into untrusted devices is probably not such a great idea

Keeping Debug on is not a good idea.

Plugging it into an unknown or untrusted device is an even worse one.

An Android user who keeps debug on probably knows enough to not plug it into strange charging devices.

Re:Er... how can Android be jailbroken (0)

Anonymous Coward | more than 3 years ago | (#37156262)

I have yet to see a rooting guide which advised people to disable ADB afterwards. Not even the one-click tools do so. I bet 95% of root users leave it on.

Re:Er... how can Android be jailbroken (2)

blair1q (305137) | more than 3 years ago | (#37156268)

Yes, but see how they worded the threat?

If you have done something to totally drop security on your magic data port, then something you connect to that port that you do not understand can pwn your gifs.

Pretty simple really.

Same deal with flying. You're okay until someone lets the snakes loose.

Re:Er... how can Android be jailbroken (0)

Anonymous Coward | more than 3 years ago | (#37159984)

Yes, but see how they worded the threat?

Yeah, that's the first thing I saw.

The headline should have read, "Users who make their devices insecure end up with insecure devices."
Duh.

Re:Er... how can Android be jailbroken (2)

zoloto (586738) | more than 3 years ago | (#37156332)

Your comparison of Android and iOS are Oranges and Apples. (:P) Just because someone's jailbroken their iOS device doesn't mean it's insecure from that point, and often times that security hole is the purveyor of other actual fixes to prevent unauthorized access. Including the one it (the jb method) used to jailbreak the device. ie: the PDF exploits used for jailbreaking iOS devices.

Re:Er... how can Android be jailbroken (0)

Anonymous Coward | more than 3 years ago | (#37162262)

It does if the retard who hacked their phone doesn't know to take the proper measures against it ... which is to say, most non techie people...

Which is to say most i tards.

Re:Er... how can Android be jailbroken (0)

Anonymous Coward | more than 3 years ago | (#37156690)

Yes, some ROMs might allow for a root prompt to allow a hacked charger to slurp data via ADB

Or it could prey on people set up to act as a USB drive as default.

Hmm (5, Insightful)

LocalH (28506) | more than 3 years ago | (#37156024)

So basically, you connect an untrusted device to a device you trust somewhat, and you're shocked when bad things can happen?

It's like people who would pick up a random USB drive off the ground and then plug it into their computer without taking precautions. Why is this any different?

Re:Hmm (5, Insightful)

Anonymous Coward | more than 3 years ago | (#37156330)

I'm not sure if your USB drive example is a good comparison to this situation. Charging stations are being commonplace and showing up in airports, coffee shops, etc. Businesses that people trust.

I think think this is more like a fake ATM machine. People are so used to ATMs being everywhere, that little thought is given when they enter their PIN number into one. It's not something that the average person is going to think twice about.

Re:Hmm (0)

Anonymous Coward | more than 3 years ago | (#37157842)

that little thought is given when they enter their PIN number into one

I bet if they were really assigned a PIN Number they would have to think long and hard at the confusion, since their bank never gave their number another number!

After all, I know what my personal identification number (PIN) itself is, but I have no idea what my personal identification number's number (PINN) is!

Re:Hmm (1)

Paradise Pete (33184) | more than 3 years ago | (#37158970)

If you're going to all that trouble, why leave out that he also wrote about an ATM machine?

Re:Hmm (1)

Richard_at_work (517087) | more than 3 years ago | (#37159344)

Dropping USB sticks in a corporate car park is a well known method of getting malware into that company.

Re:Hmm (2)

Joce640k (829181) | more than 3 years ago | (#37156486)

Simple solution: Get a USB extension cable which only has power connections, not data.

Re:Hmm (0)

Anonymous Coward | more than 3 years ago | (#37156524)

This would probably need some fiddling to work, depending on phone. My phone (Motorola Hint) occasionally throws a fit and claims I'm using an Unauthorized Charger when the connection is a bit loose. This is with a wall wart charger.

Re:Hmm (0)

Anonymous Coward | more than 2 years ago | (#37170224)

Motorola uses a non-standard cable. There's a resister wired between two pins. You could make your own non-standard cable with that resistance and not data path.

Re:Hmm (0)

Anonymous Coward | more than 3 years ago | (#37162754)

As seen in the wild: Some devices WILL refuse charging from something that looks like an USB cable, yet only provides dumb 5V @ 500 mA on the power pin - smartphones included. Those will only start charging after going through the USB power negotiations (start with 100 mA and negotiate more in 100 mA increments, up to 500 mA total). That is the only defined, standard-compliant way to get power from USB, btw - the fact that you might get away with just crossing your heart and plugging in a 5V line is actually a defect (a mighty convenient one, but a defect nevertheless); nevermind that I've seen cheapo "chargers" that will happily pump 3000 mA into the device (nb - a device that's rated for 6 times less).

Re:Hmm (0)

Anonymous Coward | more than 3 years ago | (#37156580)

I would plug in a random USB drive. It's a USB drive. It gets no special privileges, this isn't firewire and anyway in 2011 we have IOMMU so even if it was (which it isn't) allowed to initiate DMA transactions it doesn't get to look anywhere the OS doesn't want it to.

If your OS is dumb enough to assume anything plugged in should be privileged and get to execute code then that's an OS security problem, nothing to do with me.

Re:Hmm (2)

The Dawn Of Time (2115350) | more than 3 years ago | (#37156810)

*golf clap*

You're so awesome, and your points really make a difference in the real world.

Re:Hmm (1)

CheerfulMacFanboy (1900788) | more than 3 years ago | (#37157016)

I would plug in a random USB drive. It's a USB drive. It gets no special privileges, this isn't firewire and anyway in 2011 we have IOMMU so even if it was (which it isn't) allowed to initiate DMA transactions it doesn't get to look anywhere the OS doesn't want it to.

If your OS is dumb enough to assume anything plugged in should be privileged and get to execute code then that's an OS security problem, nothing to do with me.

http://www.h-online.com/open/news/item/USB-driver-bug-exposed-as-Linux-plug-pwn-1203617.html [h-online.com]

Re:Hmm (5, Interesting)

Em Adespoton (792954) | more than 3 years ago | (#37157184)

Tell me this... does this amazing OS of yours alert you when you plug in a new USB keyboard? Because some of the USB sticks people find on the ground have both a flash memory partition and a fake keyboard interface that sends key commands in a predefined manner.

I'm all for OSes that fingerprint all your USB devices and require you to validate each function of each interface the first time presented, but even OpenBSD doesn't do this by default.

Re:Hmm (0)

Anonymous Coward | more than 3 years ago | (#37158974)

No, it will get to spam the keyboard interface. Way to go little USB stick, if you correctly guess that you're looking at a username/password prompt you will be able to bang away with hundreds of attempts per hour to guess my username and password (sorry, root login is disabled) although you will never know if you've succeeded (hint: you have not).

Re:Hmm (1)

m50d (797211) | more than 3 years ago | (#37159654)

So you never log in to your system? I suppose that's one way to keep it secure

Re:Hmm (2)

erroneus (253617) | more than 3 years ago | (#37156756)

In technical terms, you are correct. But the belief was that this was a power station, not something intended to compromise. True that it caught people unaware. It would have caught me unaware. It goes to show that using complex connectors for power isn't such a great idea since it requires trust which people are unaware they are giving.

This has given me cause to pause. I just checked my phone. It's default setting on reboot is for USB connections to prompt on the phone what to allow. USB debugging is also disabled by default. Am I wrong in guessing I would have been safe unless I was stupid enough to answer the prompt? Also, I am running a Team Whiskey load on my phone, not a stock one.

Most people are and likely still will be vulnerable. Sad.

Re:Hmm (1)

Dwedit (232252) | more than 3 years ago | (#37156804)

It's just about like trusting that a power outlet will deliver the voltage and frequency it claims to, and not something else that will blow up your device.

Re:Hmm (2)

cowboy76Spain (815442) | more than 3 years ago | (#37157288)

The analogy only works in part. In your case, your maximum possible loss is the device itself and any data not properly backed up. In the case explained in the article, the exploit means that your data ends in untrusted hands.

Of course, it depends a lot of the nature of the data that you have in your phone. For my phone, it would be a greatest setback breaking the device than making public any data held in it. But maybe some other people has in their smartphones the numbering of their secret banks accounts in Switzerland.

Duh (1)

SquirrelDeth (1972694) | more than 3 years ago | (#37156028)

The phones are charged through the usb port and usb ports transfer data. Wow someone realized they could put more than two wires in the charger cable.
I made my mp3 player play through an old tape deck yesterday I must be a genius.

Re:Duh (0)

Anonymous Coward | more than 3 years ago | (#37156350)

Dear genius, USB it's not like water pipes where it simply enough to push some water from one end to see it spilling from the other end. Sincerly, Real Genius.

Re:Duh (4, Informative)

Miamicanes (730264) | more than 3 years ago | (#37156382)

What you need is a USB CondomCable with the D+ and D- pins shorted together. No data can flow, and if the bad guys didn't bother to try and implement proper power protocol, you'll get the added satisfaction of frying THEIR hardware when your phone cranks up the juice and tries to suck down 1.7A instead of politely sipping 100mA. Just don't ever use such a cable by mistake to connect your phone to a pc or laptop belonging to yourself or a friend.

Re:Duh (1)

artor3 (1344997) | more than 3 years ago | (#37156606)

If the D+ and D- lines are shorted in the cable itself, then it will draw as much current as the host can source, all the time. Your phone has no control over whether that number is 100 mA or 1.7 A. Furthermore, shorting the D+ and D- lines together is highly unlikely to damage the host. It's not like hackers are fabbing their own substandard chips. If you really want to make a cable that will kill the host, without being as obvious as sticking a USB connector on to the other end of a 120 VAC cord, your best bet would be shorting VBUS to one of the data lines.

Re:Duh (4, Informative)

Kookus (653170) | more than 3 years ago | (#37156694)

I don't think he meant that the d+/- lines were what fries the host, he was indicating that the phone wouldn't think it's connected to a computer and it would draw higher amps because it thinks it's hooked up to just a charger. So if the host didn't limit amps and it's wires weren't rated for 1.7A, then it would result in them overheating and hopefully damaging something.
The whole purpose was to make a connector that actually works, not something to destroy the host. The ancillary prize was damaging hosts if they were advertised as just a charger and they really weren't.

Re:Duh (1)

ColaMan (37550) | more than 3 years ago | (#37159730)

The USB spec limits negotiated current to a max of 500mA (I think).

Any sort of active device will have some sort of hub inline and it should simply shut that port off if it goes into overcurrent.

Re:Duh (1)

Miamicanes (730264) | more than 3 years ago | (#37163316)

China has an official government standard for micro-USB charging that basically says, "if the data lines are shorted together, the client can legitimately assume that the host is a charger capable of supplying 1.7 Amperes". By virtue of everything coming from China, that basically means that there's now a worldwide standard for the same. However, most cheap USB chargers DON'T short the pins together, because then they'd have to have a regulator with proper heatsink capable of supplying up to 1.7A continuously without melting or overheating. I believe most of the really, really cheap chargers use parts that will quickly die if you try to draw more than ~500mA continuously.

This is why, for example, a Samsung or HTC Android phone charges at least twice as fast when connected to their official chargers (and some thirdparty chargers) than it does when connected to a powered USB hub, and several orders of magnitude faster than they'll charge from a laptop's USB port. The bundled power supply shorts D+ and D-, so the phone knows it can draw 700mA (Samsung) or some comparable amount (HTC). Likewise, if the phone senses USB, but can't discern its power capabilities, it will assume the worst and limit its draw to 100mA (this is why quite a few Android phones will tread water instead of charge if you're tethered via USB... they're drawing power from the host PC, but less total current than they're using at that moment to maintain an active data connection.

Re:Duh (1)

tlhIngan (30335) | more than 3 years ago | (#37168198)

If the D+ and D- lines are shorted in the cable itself, then it will draw as much current as the host can source, all the time. Your phone has no control over whether that number is 100 mA or 1.7 A.

The danger is though that the power supply is well-protected. Most cheap USB power adapters may only be able to provide 500mA. Sure, if you try to draw 1A, they can try to supply it (provided the voltage rails don't dip too low), until something burns up. Usually the regulator as at 500mA it can survive with whatever cooling system it's been given, but at 1+A, it overheats and dies.

Not a good thing - a dead regulator can easily put the source DC on the output lines, frying your device. And assuming that $10 USB adapter you bought at the store has crowbar circuits, a fuse (!), or other protective device is asking a bit much.

Re:Duh (1)

lostchicken (226656) | more than 3 years ago | (#37157054)

Really, you'd just need to put enough series inductance on the D- and D+ lines to foul up any data transfer. That way systems like the iPhone's charge sensing resistor trick would still work.

jailbroken? no need for that (1)

gl4ss (559668) | more than 3 years ago | (#37156048)

consider what happens when you plug an ipod classic into an usb slot.

or if you got adb enabled on android. or if your android is from a manufacturer which has rather fancy control sw suites on pc. the usb is generally considered a trusted port or indeed more like plugging to a host.

"or simply rebooted" implies that they rebooted when they were attached to usb, which sounds a bit far fetched tbh.. the charging units could host a malicious pc on a chip, sure.

you could fight this by getting an extension cable that has the data lines cut.

Re:jailbroken? no need for that (0)

Anonymous Coward | more than 3 years ago | (#37156088)

you could fight this by getting an extension cable that has the data lines cut.

One has to love the simplest and most effective response!

Re:jailbroken? no need for that (1)

RobertLTux (260313) | more than 3 years ago | (#37156148)

or dropping the maybe US$20 on both a AC and DC to USB module heck i think that US$40 will get you one of those emergency charger things and it will come with one or both included

Re:jailbroken? no need for that (2)

mpoulton (689851) | more than 3 years ago | (#37156176)

"or simply rebooted" implies that they rebooted when they were attached to usb, which sounds a bit far fetched tbh.

Many phones will boot when connected to power if they are off to begin with. I think that's what he meant.

defence (-1)

Anonymous Coward | more than 3 years ago | (#37156076)

if you make a micro USB to micro USB cable, with only the power pins connected it would make an effective barrier to this attack.

Sounds like an opportunity (0)

WindBourne (631190) | more than 3 years ago | (#37156112)

Simply create some couplers in which you provide an MF couple, but drop data lines (2 and 3). 1 and 4 would be passed through.

Re:Sounds like an opportunity (1)

MischaNix (2163648) | more than 3 years ago | (#37156164)

Funny enough, I already have one of these laying around somewhere, made from tape, spare wires, and love. Though, I had to do funky stuff with 2/3 to get it to accept a charge.

Re:Sounds like an opportunity (1)

gweihir (88907) | more than 3 years ago | (#37156166)

Just my thought. Easily made from an USB extension cord if you are into DIY. I have one in order to keep my mp3 player preventing my PC from booting when I charge it.

Jailbreaking is bad, m'kay... (0)

Anonymous Coward | more than 3 years ago | (#37156114)

That's what this sounds like.

Unlocked Android devices compromised by PCs (0)

Anonymous Coward | more than 3 years ago | (#37156134)

Win/Linux malware:
adb reboot bootloader
fastboot -w
fastboot flash system backdoor.img

Assuming that ADB is left enabled (it usually is).

Too bad you didn't buy a real phone! (0)

Anonymous Coward | more than 3 years ago | (#37156152)

You should have bought a phone designed by people who understand security:

Blackberry.

If you care about your data, there is no other choice.

Re:Too bad you didn't buy a real phone! (0)

Anonymous Coward | more than 3 years ago | (#37156558)

Sure, I'll let whomever monitors Blackberry's servers have all my info, especially if I live in a repressive country who told Blackberry to hand them the keys to the kingdom or get out.

Re:Too bad you didn't buy a real phone! (0)

Anonymous Coward | more than 3 years ago | (#37157214)

Run. Your. Own. Server.

http://us.blackberry.com/apps-software/business/server/express/

Or is it that you just actually don't understand how BlackBerry security works, and the trade-offs between using BIS or BES...

Re:Too bad you didn't buy a real phone! (1)

LordLimecat (1103839) | more than 3 years ago | (#37157474)

Someone doesnt understand how BES server works, or who controls the keys.

Have fun cracking AES256 with a 30 character key.

Re:Too bad you didn't buy a real phone! (0)

Anonymous Coward | more than 3 years ago | (#37158194)

was under the impression that those oppressive regimes (Iran wasn't it?) told blackberry all that is a big no-no and that the gov't needs to be able to track everything for blackberry to do business in the country? could be incorrect.

in any case that's not a problem with Blackberry, they're no less secure than any other phone. more, in fact.

thing is, security just means keeping people out who shouldn't be allowed in. that goes right out the window when the government says they are allowed in, and they have guns and law backing them up. that's not a failing of a phone or a server's security, that's a failing of the state.

Re:Too bad you didn't buy a real phone! (1)

LordLimecat (1103839) | more than 3 years ago | (#37158222)

was under the impression that those oppressive regimes (Iran wasn't it?) told blackberry all that is a big no-no and that the gov't needs to be able to track everything for blackberry to do business in the country? could be incorrect.

No, youre correct, and what RIM agreed to was to give access to the packets, IIRC. Noone ever made the claim that that would do the Gov't any good if their target used a BES. BIS (thats with an 'I', the non-corporate consumer option that does POP and IMAP and OWA push) users might be out of luck, however.

in any case that's not a problem with Blackberry, they're no less secure than any other phone. more, in fact

That is true, since they natively support full disk and memory encryption, IPSEC VPN, and full AES encryption on all communications, as well as full handset control from the server. iPhone etc might have some similar options, but its laughable to try to compare the two.

that goes right out the window when the government says they are allowed in

If the government has found a way to crack AES, perhaps (ie, not likely). If the govt is on the verge of seizing your servers and you kill the BES server and all of its keys, theres not a chance theyll be able to crack all those sniffed packets or decrypt those handset's memory.

Re:Too bad you didn't buy a real phone! (1)

bytethese (1372715) | more than 3 years ago | (#37162658)

Sorry to nitpick here, but it irks me reading stuff like PIN number or BES server...

Re:Too bad you didn't buy a real phone! (0)

Anonymous Coward | more than 3 years ago | (#37166432)

Get over yourself and stop being a douche.

The real question (1)

Crazy_entertainer (2442572) | more than 3 years ago | (#37156156)

I did use one charging station at the airport a few months ago and my IPOD starting playing this annoying song [slashdot.org] that I have never seen on my playlist before. Anyone else have this issue?

Re:The real question (1)

LocalH (28506) | more than 3 years ago | (#37156194)

I don't think that worked.

Re:The real question (0)

Anonymous Coward | more than 3 years ago | (#37156252)

You have to click it backwards. Better to leave it this way. I have a feeling you know the tune:
"It's the SAME
OLD SONG..."
As close to pure recursion as you can get if heard at exactly the right moment in time and you bob your head hard enough.

Re:The real question (-1, Troll)

Crazy_entertainer (2442572) | more than 3 years ago | (#37156406)

No the link is here [clownsong.com]

Seatback charging on airplanes (4, Informative)

mpoulton (689851) | more than 3 years ago | (#37156160)

I flew on Air Canada a few weeks ago and they had USB ports for charging integrated into the seatback touchscreen displays. When I plugged my phone (HTC Incredible running CM7 nightlies) into it with a USB data cable, it indicated a valid data connection to a host controller! I was surprised and thought the seatback device probably contained a small PC to handle the interactive display. I tried to poke around on the host device to see what I could find, but didn't get anywhere with it. For some reason it didn't even occur to me that the "poking around" could be going the other way. If someone could compromise those seatback devices, the phone contents of thousands of passengers could be automatically collected...

Re:Seatback charging on airplanes (1)

kingturkey (930819) | more than 3 years ago | (#37156212)

I haven't flown on Air Canada but I imagine that the system on V Australia planes is quite similar. There the USB port can be used for charging, but you can also connect a remote storage device (probably intended for a thumb drive, but a phone in USB storage mode would work the same) in order to playback photos, mp3s and videos (divx I guess) through the seat-back entertainment system.

Re:Seatback charging on airplanes (1)

Osgeld (1900440) | more than 3 years ago | (#37156224)

there should be no reason those plugs have all 4 pins installed, thats just asking for it

Re:Seatback charging on airplanes (4, Informative)

Anonymous Coward | more than 3 years ago | (#37156468)

AC Chargers that can supply up to 1000ma short the two data pins together to tell the phone it can draw that high amount of current.
USB devices connected to a controller are only allowed to draw 500ma, and only after negotiation with the host.
A USB connected to a port where the data pins are not shorted AND cannot negotiate a higher current with the host is only allowed to draw 100ma.

So removing the data pins from a USB port will prolong charge duration 5x or 10x

Re:Seatback charging on airplanes (2)

RobbieThe1st (1977364) | more than 3 years ago | (#37156912)

Not if you short them together on the device side.

It's not quite that simple (shorting data lines) (1)

Fencepost (107992) | more than 3 years ago | (#37161484)

As Limor at Lady Ada determined with the MintyBoost, the Apple devices do some funky things depending on the level of voltage on the data lines. Details at http://www.ladyada.net/make/mintyboost/icharge.html with links to additional resources as well.

Re:Seatback charging on airplanes (1)

Farmer Tim (530755) | more than 3 years ago | (#37156640)

I was surprised and thought the seatback device probably contained a small PC to handle the interactive display.

If it linked to the flight control systems you would have been really surprised...but not for long.

Re:Seatback charging on airplanes (1)

drinkypoo (153816) | more than 3 years ago | (#37156688)

This would be a major danger with IEEE1394 because it's a route to memory via DMA and only recent platforms have an IOMMU worth its sand. But with USB it's only a danger if your device is very trusting... Of course, a lot of small devices will search for a filename based on their device type in order to perform a flash upgrade...

Re:Seatback charging on airplanes (2)

cshake (736412) | more than 3 years ago | (#37156958)

Since iDevices (at least the iPods I've used) have the ability to charge from the "dumb" wall bricks with a USB port, why not bring a custom cable with you to unsecured locations that only connects to VCC and Gnd on the USB port, and has the appropriate resistor between the data lines to indicate a valid charging station? Voila, no risk of data going either way and you still get a charge from an unknown location.

Re:Seatback charging on airplanes (1)

delvsional (745684) | more than 3 years ago | (#37158266)

you know.. the iphones come with this nifty adapter that plugs into an even more common receptacle. usually two slots and a hole in the wall with no data connection whatsoever. I hear that it's 120VAC. Just sayin......

Re:Seatback charging on airplanes (1)

Em Adespoton (792954) | more than 3 years ago | (#37157198)

There could be a simpler reason for this... many devices charge MUCH faster if they sense a valid data connection... without the data connection, you're limited to normal USB line level. It's possible that the only thing on the other side is some caps and a resistor.

Re:Seatback charging on airplanes (2)

MichaelSmith (789609) | more than 3 years ago | (#37157592)

I tried to poke around on the host device to see what I could find, but didn't get anywhere with it

If you drill down to something called TCAS or FMS I advise you to leave it alone.

Re:Seatback charging on airplanes (1)

Anonymous Coward | more than 3 years ago | (#37158010)

The ports were originally intended for game controllers to be attached to the entertainment system.

Re:Seatback charging on airplanes (1)

venkateshkumar99 (791435) | more than 3 years ago | (#37160220)

Most likely reason for this might be that, there might be a loose connection and the phone detected the connection as a data connection instead of pure power connection rather than anything sneaky happening. This is done b shorting out the D+, D- pins through a ~200Ohm resistor which indicates to the phone that it can draw more than 500mA from the source (500mA is the maximum current a standard USB port can provide on a computer). Reference: A good source: http://www.maxim-ic.com/app-notes/index.mvp/id/4803#3 [maxim-ic.com] Especially the last paragraph in the section header. http://en.wikipedia.org/wiki/MicroUSB#Power [wikipedia.org]

Jailbreaking? (1)

Flector (1702640) | more than 3 years ago | (#37156170)

It's hard to beat DroidWall and su status to keep "all open apps" from "constantly connecting for reasons unclear."

Re:Jailbreaking? (0)

Anonymous Coward | more than 3 years ago | (#37156354)

LBE Privacy Guard is a must have app.

Re:Jailbreaking? (1)

Flector (1702640) | more than 3 years ago | (#37156364)

yes, it is

While the software shouldn't suck... (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#37156824)

In an ideal world, the software wouldn't be so damn trusting; but this seems like a problem that(until the ideal world appears on the back of the world-peace pony) could be solved by a ~$1 cheapass dongle device.

Connector suitable to phone/device in question on one side, whatever tricks are needed to convince that class of device that this is an Officially Blessed Charger(usually some resister-based fuckery on the data pins or a simple USB handshake of some sort) and USB cable with only +5 and GND lines physically present on the other side.

Until phones get serious, and act like vulnerable general-purpose computers storing a fuckload of personal data that have just been plugged into an assumed-hostile network, simply air-gapping the data lines when you are charging seems like the way to go...

Told you so (3, Informative)

Animats (122034) | more than 3 years ago | (#37156932)

Told you so on February 6, 2009. [slashdot.org]

Back in 2009, it was just a Windows autorun problem. Since then, Google and Apple have been able to screw up in the same way.

Coming soon, I suppose, attacks on appliances via "smart meter" data links. Not everything should have a data link.

Re:Told you so (1)

coinreturn (617535) | about 3 years ago | (#37221820)

No, Apple did not screw up. The boneheads who jailbreak their iPhones did.

They did NOT steal data... (1)

lunchlady55 (471982) | more than 3 years ago | (#37157864)

They were capable of pulling data, but took the ethical route instead, displaying a warning message informing attendees of the dangers of using public charging kiosks.

I think this should be made more clear in /. article.

Re:They did NOT steal data... (1)

Anonymous Coward | more than 3 years ago | (#37158440)

Even worse, there was a sign on the actual station that said something like "never plug your phone into an untrusted jack" and yet people were there all weekend plugging their phones into the thing. It's DEFCON, folks, c'mon.

Soo, you are at the Defcon hacking conference... (0)

Anonymous Coward | more than 3 years ago | (#37158696)

you are walking along and see a usb charging station. You are a little low on one of your mobles, so why not?

I quit using Fresh Evo over this, (1)

pecosdave (536896) | more than 3 years ago | (#37158722)

They thought making it's users unable to turn off USB debugging was a positive feature they should all enjoy. Screw that. I'm also a little annoyed Android doesn't support SD encryption, taking the S out of SD.

Re:I quit using Fresh Evo over this, (1)

bill_mcgonigle (4333) | more than 3 years ago | (#37163818)

I'm also a little annoyed Android doesn't support SD encryption

I think Android 3.x does. You can also buy WhisperCore for earlier devices (not that I'd trust encryption I can't compile myself). I think there was a port of LUKS to Android 2 as well. But only the newest mobil eCPU's (e.g. in the Droid 3) have hardware AES, so it's going to eat battery on older stuff (and most Android phone already have terrible battery life).

When I can get 3 days charge and encryption on an Android phone I'm buying one, full unlocked price.

i still have a 25 euro samsung cellphone (1)

KingBenny (1301797) | more than 3 years ago | (#37159486)

it makes and receives calls, it sends and receives texts, has a calendar and alarm clock and it makes it very much so i don't waste more time on facebook when i'm not at home, i kinda like it, jailbreak that

Re:i still have a 25 euro samsung cellphone (1)

Zorque (894011) | more than 3 years ago | (#37163348)

I'm glad you're happy with your phone. Mine allows me to do my job wherever I am. Different people have different needs, who knew?

Re:i still have a 25 euro samsung cellphone (1)

KingBenny (1301797) | more than 2 years ago | (#37169938)

imagine that :)

The need for a USB to USB adapter (0)

Anonymous Coward | more than 3 years ago | (#37159500)

Somebody should make a USB to USB adapter that users can carry along with their phone. It should be a completely passive component that passes through the power connection but not the data connection. Then you can use that whenever you connect your phone to an untrusted charger.

Dumb question.. (1)

mat catastrophe (105256) | more than 3 years ago | (#37160326)

Will turning them *off* first help prevent this from happening?

Re:Dumb question.. (1)

coolmadsi (823103) | about 3 years ago | (#37175704)

Will turning them *off* first help prevent this from happening?

Someone elsewhere in this topic commented that that is what they thought was meant by "rebooted" - i.e. when plugged into a charger, the phone turned itself on if it was off. I don't know if that is the case here, but I have seen an old phone of mine do something similar when it was off and I plugged it in to charge.

Hardware solution? (1)

lowy (91366) | more than 3 years ago | (#37162798)

Does anyone make a cable and/or a tiny Male2Female adapter that passes through only the power pins? With one of those on our keychains we could safely charge our iDevices anywhere without fear of data diddling.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>