And for fuck’s sake don’t raw dog your phone to convenient USB chargers in airplanes, airports, or other public spaces.
Yes the argument can be made that airplanes may enjoy slightly better chain-of-custody type security, but fr the number of people I see who dgaf plugging their junk into USB brothels is wild.
Yeah the security angle gets parroted a lot, I’d call it more of a bad practice thing than a “omg you’ll definitely get haxxord”.
Otoh USB C as a spec is sort of necessarily a nightmare. It’s not hard to end up with shitty devices that’ll gleefully provide 20V when the system expects 5V and even if it’s just USB A, it’s not that hard to end up with 120/240v going straight into your phone.
At least with devices you own and control you know if they’re melting things and haven’t spent their lives being kicked/spilled on/cleaned with corrosive solvents or just generally old as hell and unmaintained.
Personally I bring my own because it’s faster and more reliable, and I have trust issues.
I never charge my phone directly in public places. Instead I charge a simple powerbank I have, that then charges the phone. No idea how easy it is for that one to “be contaminated and carry something over”, but being simple, basically no features, just charging and a Led indicator, I suspect the chances are at least a lot less.
Exactly. Which is why I have old fashioned earbuds with cable, and the moment I start travelling, I turn off my WiFi and if checking nail or messaging, I activate my sim card in the tablet.
Has there ever been a successful exploit? There are plenty of good reasons to use your own charger but from a security perspective you aren’t going to die if you plug your phone directly in.
Contrary to the government communications, the vast majority of cybersecurity experts do not warn that juice jacking is a threat unless you’re a target of nation-state hackers. There are no documented cases of juice jacking ever taking place in the wild. Left out of the advisories is that modern iPhones and Android devices require users to click through an explicit warning before they can exchange files with a device connected by standard cables.
And for fuck’s sake don’t raw dog your phone to convenient USB chargers in airplanes, airports, or other public spaces.
Yes the argument can be made that airplanes may enjoy slightly better chain-of-custody type security, but fr the number of people I see who dgaf plugging their junk into USB brothels is wild.
Don’t androids disable data transfer via cable by default?
Yeah the security angle gets parroted a lot, I’d call it more of a bad practice thing than a “omg you’ll definitely get haxxord”.
Otoh USB C as a spec is sort of necessarily a nightmare. It’s not hard to end up with shitty devices that’ll gleefully provide 20V when the system expects 5V and even if it’s just USB A, it’s not that hard to end up with 120/240v going straight into your phone.
At least with devices you own and control you know if they’re melting things and haven’t spent their lives being kicked/spilled on/cleaned with corrosive solvents or just generally old as hell and unmaintained.
Personally I bring my own because it’s faster and more reliable, and I have trust issues.
I always use my own because nobody is handing out free cables to me but using your own equipment ensures you won’t get bamboozled.
Do you have a source?
I never charge my phone directly in public places. Instead I charge a simple powerbank I have, that then charges the phone. No idea how easy it is for that one to “be contaminated and carry something over”, but being simple, basically no features, just charging and a Led indicator, I suspect the chances are at least a lot less.
Until someone attacks your Bluetooth headphones or vulnerability in your WiFi firmware
Exactly. Which is why I have old fashioned earbuds with cable, and the moment I start travelling, I turn off my WiFi and if checking nail or messaging, I activate my sim card in the tablet.
I was actually joking…
I think GrapheneOS disables USB when it’s locked by default, so data transfers aren’t allowed :)
Has there ever been a successful exploit? There are plenty of good reasons to use your own charger but from a security perspective you aren’t going to die if you plug your phone directly in.
Contrary to the government communications, the vast majority of cybersecurity experts do not warn that juice jacking is a threat unless you’re a target of nation-state hackers. There are no documented cases of juice jacking ever taking place in the wild. Left out of the advisories is that modern iPhones and Android devices require users to click through an explicit warning before they can exchange files with a device connected by standard cables.
https://arstechnica.com/information-technology/2023/05/fearmongering-over-public-charging-stations-needs-to-stop-heres-why/