Slashdot Mirror

← Back to Stories (view on slashdot.org)

Jailbroken Devices Compromised By Charging Stations

Posted by Soulskill on from the charged-with-computer-fraud dept.

mask.of.sanity writes "Data can be stolen from Windows, Android and Apple devices by unassuming power charging towers. In an attack demonstrated at the Defcon hacking conference, mobile phone charging units were rigged to pull data from phones plugged into them. Researchers found many jailbroken and modified devices activated USB functions when they were plugged in, or simply rebooted."

3 of 93 comments (clear)

  1. Hmm by LocalH · · Score: 5, Insightful

    So basically, you connect an untrusted device to a device you trust somewhat, and you're shocked when bad things can happen?

    It's like people who would pick up a random USB drive off the ground and then plug it into their computer without taking precautions. Why is this any different?

    --
    FC Closer
    1. Re:Hmm by Anonymous Coward · · Score: 5, Insightful

      I'm not sure if your USB drive example is a good comparison to this situation. Charging stations are being commonplace and showing up in airports, coffee shops, etc. Businesses that people trust.

      I think think this is more like a fake ATM machine. People are so used to ATMs being everywhere, that little thought is given when they enter their PIN number into one. It's not something that the average person is going to think twice about.

    2. Re:Hmm by Em+Adespoton · · Score: 5, Interesting

      Tell me this... does this amazing OS of yours alert you when you plug in a new USB keyboard? Because some of the USB sticks people find on the ground have both a flash memory partition and a fake keyboard interface that sends key commands in a predefined manner.

      I'm all for OSes that fingerprint all your USB devices and require you to validate each function of each interface the first time presented, but even OpenBSD doesn't do this by default.