Submitted via IRC for TheMightyBuzzard
If you connect your devices to anything public, be it wireless or wired Internet, or USB power charging stations, it is best to assume that these are not safe. While you can protect your data in several ways, e.g. by using a VPN when you need to access the Internet while connected to a public or untrusted network, it is sometimes the case that simple things are overlooked. In November 2019, Los Angeles' District Attorney's Office published an advisory to travelers about the potential dangers of public USB ports. These ports could be used for an attack that has been called juice-jacking. Juice Jacking basically allows attackers to steal data or infect devices that unsuspecting people plug into specifically prepared USB power stations. The Distrcit[sic] Attorney's Office recommended that travelers use AC power outlets directly, use portable chargers, or charge devices in cars instead of using public USB chargers. While that is sound advice, it may not be possible sometimes to use these alternatives. That's where the Original USB Condom comes into play.
Source: https://www.ghacks.net/2019/12/09/usb-condoms-are-a-thing-now/
Is "juice jacking" really a thing though? Have any of you soylentils out there actually seen a rogue USB plug in the wild?
(Score: 5, Interesting) by The Mighty Buzzard on Friday December 13 2019, @01:17PM (2 children)
Heh, I just scraped off the contacts for the data pins on one end of a six foot cable. I generally don't want my phone exchanging data over a cable with anything except my desktop.
My rights don't end where your fear begins.
(Score: 4, Informative) by DavePolaschek on Friday December 13 2019, @03:36PM (1 child)
I have a vague memory that the iPhone still needs to send a little bit of data to its charger in order to say "give me all the juice, baby!" Then again, perhaps you don’t have a fruity phone. The condom I bought "supports high speed charging" as far as I can tell. Pretty sure it was under USD10.
(Score: 4, Interesting) by nitehawk214 on Friday December 13 2019, @03:57PM
You are correct, if the D+ and D- pins are not connected, it will only slow charge. However shorting the data pins together enables a "charge only" 1.5A charging port. The "USB condom" is probably an adapter that does this. Even if the host device does try to connect, the shorted together pins will make it receive gibberish.
https://www.maximintegrated.com/en/design/technical-documents/tutorials/4/4803.html [maximintegrated.com]
USB-C has a higher power handshake than that, it does negotiation to choose a higher voltage than 5V. If the "USB condom" could do this level of negotiation, I would be very impressed. It would have to do it twice, between host->condom and condom->device. The thing looks pretty simple, so I suspect its just the shorting the pins technique.
https://www.allaboutcircuits.com/technical-articles/introduction-to-usb-type-c-which-pins-power-delivery-data-transfer/ [allaboutcircuits.com]
"Don't you ever miss the days when you used to be nostalgic?" -Loiosh