Before you freak and slam the alert button forty-two times in fury, disgust and rage... I am talking about your portable device USB charger!!! So
pause, settle down, take a deep breathe, and let me explain:
Given the nature of our hectic lives these days, and the fact that the vast majority of us are reliant upon portable media devices for a myriad of
things - phones, tablets, music players, cameras, etc - the only real opinion we have about charging them is that it frustrates us and these darned
devices always seem to go dead at the worst possible time. It's nothing for most of us to take advantage of any source of charge we can find when we
are out. We'll use public or work computers, the artist formerly known as automobile cigarette lighter, any handy electic or USB plug we can find.
It's a no brainer and who can it hurt, right?
Well, not too long ago this happened:
A recent post to social news site Reddit detailed how the computer of an executive at a “large corporation” had been infected with malware
from an undetermined source. Further investigation apparently revealed that it had stemmed from a $5 e-cigarette bought from the online auction site
The e-cigarette was found to have malware hard-coded into the charger, which “phoned home” and infected the system when plugged into the
computer’s USB port.
This is something I assume has already been covered on ATS somewhere, though I haven't seen it. But that's OK because it's not the primary focus of
this thread, simply a real world example of the potential for USB exploiting.
There are still many people who consider their USB or microUSB to be nothing more than a means of charging - forgetting that these same cables are
also the vector we use to transfer files from our PC's to our devices and vice-versa. There is a feeling of false safety we get when we know that we
can set the device to "charge only". Thus we tend to be very opportunistic and lenient about how and when we charge these devices. No pun intended (
well maybe a little ) but what was that old saying?
Any port in a storm...
There are measures we currently have to limit our exposure, but they can be a hassle. Most devices come with a two stage USB charger - meaning a USB
cable with a removable AC adapter. From what I've seen, over years, is that the adapter tends to stay in the wall, and the cable tends to go out with
the device. USB ports are everywhere and it's nothing to catch a quick ten or twenty minute charge. Not doing THAT is the most important step in
security. Make sure you bring the AC half of the charger with you and use it when possible.
Think of viruses as computer VD. Being promiscuous with USB connections is every bit as risky for your devices as it is for your body. If you play
fast and loose with charging, you could infect your mobile. Once that's done, the second you hook it up to your other systems ( read home PC ) it
becomes infected and contageous as well. That means all of your other portable devices are likely to fall like dominoes into a state of infection.
I know that at least one person is reading this and scoffing that they've got the latest version of this or that virus protection on all of their
devices, or that they have an iProduct or use Linux and don't need to worry. Sorry to burst bubbles here - but nobody is safe from infection, not even
Apple or Linux users. In fact a large portion of the new viruses are targeted at portable devices, meaning iPhones and Android - thus Apple and Linux.
Portability and the popularity of portable computing has killed the days of Microsoft being almost solely targeted.
All that said, there is emerging tech from the private sector that will soon be available to help. It is called "The USB Condom":
A new USB security device has been developed by New York-based researchers that allows users to practice safe-charging when connecting their
devices to public computers.
The USBCondom provides a "protective barrier between your device and 'juice-jacking' hackers", according to the product's Crowd Supply page,
preventing accidental data exchange through a USB cable.
Security firms have warned of the danger of connecting devices to unfamiliar computers or the growing number of public charging stations.
"If the smartphone automatically connects when it is in removable media mode, that makes all files in the internal storage accessible to the PC," said
IT security firm Kaspersky Lab in a blog post.
"These may include documents, as well as various data backup copies created by applications and many other things."
The company is new but their tech seems sound and it shouldn't be long before widespread availability of this product, or others like it occurs. This
company is still in the Kickstarter phase, but even now the product is priced at ten bucks. It won't be terribly long before that price drops and I
imagine that most of us will be purchasing two or more of these devices to attach to the ends of our USB cables.
So, ATS, I have given some of you a new reason to be paranoid - but also supplied a methods of alleviating the paranoia all in one post! Not bad,
And to think I didn't even cover the fact that Big Brother is probably looking for every opportunity to get you to plug that USB into devices that he
has access to. Big Brother - the one so patient that he can wade through trillions of duck-lipped selfies in the name of freedom... Sigh.
Thanks for reading!
edit on 11/29/14 by Hefficide because: (no reason given)