SoylentNews is people
SoylentNews
Another cyber warning has been issued about the risk from compromised chargers—but this time data theft is not the issue...
Hackers Can Now Trick Usb Chargers To Destroy Your Devices—This Is How It Works:
Not all cyber attacks focus on data theft. Sometimes the intent is "to achieve destruction of the physical world through digital means," Chinese tech giant Tencent warns. The company's researchers have just disclosed a serious new vulnerability in many of the mass-market fast chargers now used around the world.
[...] Tencent’s researchers have now proven that a compromised charger can override this negotiation, pushing more power down the cable than the device can safely handle, likely destroying the device and potentially even setting it on fire.
Because the fast charger is essentially a smart device in its own right, it is open to a malicious compromise. An attack is very simple. With malware loaded onto a smartphone, an attacker connects to the charger, overwriting its firmware and essentially arming it as a weapon for whatever plugs in to it next.
The interesting twist here is that the malware might even be on the target device. An attacker pushes that malicious code to your phone. The first time you connect to a vulnerable fast charger, the phone overwrites its firmware. The next time you connect to that same charger to [recharge] your device, your phone will be overloaded.
Tencent has produced a demo video, showing how a charger can be compromised and then used to overload a device.
Tencent have dubbed this issue "BadPower," and warn that "all products with BadPower problems can be attacked by special hardware, and a considerable number of them can also be attacked by ordinary terminals such as mobile phones, tablets, and laptops that support the fast charging protocol."
(Score: 3, Informative) by nitehawk214 on Monday July 20 2020, @07:40PM (23 children)
Yes but dumb-chargers can only slow-charge. The negotiation is for fast charging modes.
You could use an old "charge only" cable, where it doesn't pass the data pins.
Of course, it is complicated as fuck; and most of my devices only slow-charge even when both devices and the cable supposedly support it.
https://www.digitaltrends.com/mobile/how-does-fast-charging-work [digitaltrends.com]
"Don't you ever miss the days when you used to be nostalgic?" -Loiosh
(Score: 2, Interesting) by fustakrakich on Monday July 20 2020, @07:56PM (22 children)
I'll take slow-charge over explode-charge
I can't believe how we make such junk. It is trivial to put a physical voltage/current limiter into the phone
La politica e i criminali sono la stessa cosa..
(Score: 4, Interesting) by JoeMerchant on Monday July 20 2020, @08:41PM (13 children)
Limit the current and you can no longer fast charge beyond that current limit... the whole reason for "smart" negotiation of fast charging modes is because simple current limits just don't cut it anymore - the batteries are state-dependent and what makes for a fast charge in some states makes for boom (or at least smolder and puff) in other states.
They wouldn't have moved from dumb current/voltage limit chargers to "smart" chargers if there wasn't a clear need for the complexity, but now that they've made the move, they're using the "smart" aspects as an excuse for why it's "safe" to eliminate the dumb current and voltage limits altogether and just make them limited in software, "to better accommodate future needs."
Now, you've got firmware - of course it needs to be update-able, of course that leads to vulnerabilities...
Someday, a certain class of products (like these smart chargers, maybe automotive controls too) should be classified: NO OTA UPDATES - require a human being to at least throw a physical switch, or replace a chip, or do ANYTHING, to push an update into the system - then make that action part of a "certified update" cycle that provides at least some assurance that the update you are permitting into your potentially dangerous device is not known to contain malicious code.
🌻🌻 [google.com]
(Score: 3, Insightful) by sjames on Tuesday July 21 2020, @12:31AM (12 children)
In this case, the issue is voltage/current that the device itself can't handle at all. The demo video shows the smoke being let out of a device by the hacked charger. Really, any device that can plug in to USB-C should be able to deal with 20v even if it has to disconnect/shut down to do it. That accomplished, the on-board charge controller should be able to charge the battery safely even if the charger pegs itself at 20v.
Meanwhile, any adapter to allow a pre USB-C phone to be plugged in should absolutely limit the supply voltage to 5v or disconnect.
That would at least avoid device destroying events.
(Score: 2) by JoeMerchant on Tuesday July 21 2020, @01:57AM (11 children)
and unlimited current, yes, it should - but that would raise the cost of the on-board device, increase it's size, weight, heat generated, all by tiny fractions that are unacceptable in the consumer electronics competitive marketplace. Shouldn't be that way, but it is.
I think the year was something like 1994 when Cypress Semiconductor sent me a "sample" USB mouse and T-shirt, touting the benefits of this brave new replacement for RS232 - all I could think at the time was: "Oh, yeah, this is gonna screw everything up."
The main feature of USB is its low per-unit cost, that comes at a pretty high price for the design of those units - and people will skimp on that design in all kinds of ways, including the potential to let the smoke out - because: as everyone who sells consumer electronics knows, when you make things that last forever, you screw yourself out of the replacements business.
🌻🌻 [google.com]
(Score: 2) by sjames on Tuesday July 21 2020, @06:02AM (10 children)
Surely a device costing near $1000 can afford a couple polyfuses and a zener diode for clamping.
(Score: 3, Interesting) by JoeMerchant on Tuesday July 21 2020, @11:49AM (8 children)
You would think so... now, make 10 million of these $1000 retail devices, which trade for $600 at wholesale, which have $200 per device spent on corporate level marketing, which already cost $150 in parts and labor to manufacture, and convince the board of directors that dropping your net profit on the $50 million R&D investment from $450 million to $440 million (by increasing the per unit cost of manufacture to $151) is a good idea.
🌻🌻 [google.com]
(Score: 2) by sjames on Tuesday July 21 2020, @07:53PM (7 children)
Sadly, it won't happen until people realize that they're paying $1000 for junk and the sales shift to support someone who does spend the extra $0.50/unit.
(Score: 2) by JoeMerchant on Tuesday July 21 2020, @08:19PM (6 children)
Yeah, you'd think that, wouldn't you?
The consumer electronics marketplace of the past 50 years has done nothing but laugh at your silly idealistic notion.
🌻🌻 [google.com]
(Score: 2) by sjames on Wednesday July 22 2020, @01:17AM (5 children)
And that's why capitalism only works when it is well regulated.
It's why phones all used to have their own special snowflake charger until the EU put it's foot down.
(Score: 2) by JoeMerchant on Wednesday July 22 2020, @02:33AM (4 children)
Capitalism, as practiced on Earth, is regulated as all hell. There is no such thing as a free market anywhere in the economic foodchain above the Flea market.
🌻🌻 [google.com]
(Score: 2) by sjames on Wednesday July 22 2020, @03:09AM (3 children)
But is it WELL regulated?
(Score: 2) by JoeMerchant on Wednesday July 22 2020, @11:22AM (2 children)
According to Bezos and the other billionaires, yes, very well thank you, couldn't be better in fact.
🌻🌻 [google.com]
(Score: 2) by sjames on Thursday July 23 2020, @10:07AM (1 child)
News flash: Fox declares Henhouse security sufficient!
(Score: 2) by JoeMerchant on Thursday July 23 2020, @01:29PM
Never really highlighted in the news: the Henhouses have been 100% Fox run operations since forever. The Foxes feel that they are entitled to anything and everything produced in the Henhouses, because their ancestors paid Hens to build them, gathered all the Hens out of the countryside and crammed them into the houses, paid Hens to develop the technology to cram ever more Hens into the houses. If it wasn't for Fox money, those Hens would be free range, unproductive. Of course the Foxes deserve to make all the decisions - which is why the COVID bailout went mostly directly to the Foxes, and the choice in the coming election is between Fox1 and Fox2.
🌻🌻 [google.com]
(Score: 4, Funny) by DannyB on Tuesday July 21 2020, @01:32PM
The $1000 device can be smart enough to protect those polyfuses and the zener diode by blowing first.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Interesting) by anubi on Tuesday July 21 2020, @12:16AM
I think you can still get the simple car chargers for $1 at the dollar store. I bought a few the other day as I needed some 34063 buck regulators, and I discovered the car chargers at my local Dollar Tree were made with them.
https://www.onsemi.com/pub/Collateral/MC34063A-D.PDF [onsemi.com]
Another tidbit... Their tea lights, two for a buck, are powered by the same lithium coin cells commonly used by PC clock backup.
Kinda off topic, but having read this gives you a few more options when you have to get something else working.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 4, Interesting) by coolgopher on Tuesday July 21 2020, @01:00AM (6 children)
I really don't see how this can be a thing. You do not "push" power. The current is drawn, by the device. And any device with a lithium battery will have a dedicated charging IC to vary how much juice is allowed into the battery at any given time (proper lithium battery charging is Not Simple(tm)). None of the devices we've produced at work have ever had a programmable charging chip, and even if they had been it would've been the height of folly to expose the programming interface to the USB lines. The way the article is written it sounds like the charger is presenting itself as a USB host or device so you can then talk to it using regular USB. That sounds like an insane design. But even then, you don't push power.
That then leaves the 20V mode of USB-C, which has to be negotiated for (in theory). And for that to be harmful we'd have to be talking about devices without overvoltage protection on the charge circuit. Which again would be insane. You don't trust your inputs. Put a polyfuse there ffs (or something better if you're wanting those 20V).
The amount of fail that would have to be going on for this to be a thing seems staggering, unless I've missed something. Do feel free to enlighten me.
Disclaimer: I'm not an EE, I'm just good at creating inadvertent ground loops.
(Score: 0) by Anonymous Coward on Tuesday July 21 2020, @02:14AM
This would work by doing something like this:
Device asks for 12v - send 24v instead.
Device asks for 20v - send 40v instead.
etc....
What this is pointing out is that the devices do not have sufficient charge port protection to disconnect from the voltage source when the wrong voltage is applied. The designers have gone and created the smoking hardware variant of the software "bad data received, formatting hard drive" bug.
Do not trust the other device to behave as requested, and build your charge port inputs under the assumption that the device on the other end might miss-behave, and you won't have this problem.
(Score: 2) by shortscreen on Tuesday July 21 2020, @03:45AM (3 children)
So USB is not limited to 5V anymore? That explains everything. It does more than explain it, it makes this outcome inevitable. The headline could have just said "Some Geniuses Decided USB Ports Should Be Able to Output 20 Volts" and I could have inferred all the rest without any TFA or TFS.
(Score: 2) by DannyB on Tuesday July 21 2020, @01:35PM (2 children)
This was one of the problems of the Raspberry Pi 4. It has a USB-C charge port. But its designers seemed to have the quaint idea that it should only be 5V and not negotiate for more. Just like programmers don't negotiate for more.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Tuesday July 21 2020, @02:01PM (1 child)
I remember reading somewhere about a phone that always overheated when charged in the car. Turned out that the cheap car charger (lighter socket-->USB) was supplying nominal 12VDC (possibly more, since cars often run up to 14+ volts when running). So either that dollar-store-car-charger had no 5 volt regulator inside, or the regulator failed leaving the full input voltage available at the USB end.
While I haven't read anything about other charger failures, it seems possible that mains voltage (115AC in USA) could also make it through to the USB connectors if a home charger failed...
Prudent device design should protect for both these cases?
(Score: 2) by DannyB on Tuesday July 21 2020, @05:34PM
We are potentially talking about considerable amounts of power.
A USB-C laptop charger can provide up to 100 W. A USB-C phone charger up to 15 W.
You CAN actually use the laptop charger on a phone, and phone charger on a laptop.
The phone simply charges fast. The laptop warns that it is charging slowly.
My wife and I plan to only buy USB-C laptop chargers in the future because they're almost as cheap as phone chargers.
A Raspberry PI design assumes more power is delivered by more current rather than higher voltage. By negotiating higher voltage, you don't need thicker USB-C cables to charge a laptop.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Tuesday July 21 2020, @04:37AM
Based on that reasoning incandescent lights wouldn't exist. As somebody that accidentally melted a tape player casing, the draw has little influence over that, the power has to go somewhere. Give something too much power and something has to come of the amps and volts.