from the acting-before-the-problem-arises? dept.
Submitted via IRC for SoyCow1337
LA warns of 'juice-jacking' malware, but admits it has no cases – TechCrunch
Los Angeles’ district attorney is warning travelers to avoid public USB charging points because “they may contain dangerous malware.”
Reading the advisory, you might be forgiven for thinking that every USB outlet you see is just waiting for you to plug in your phone so it can steal your data. This so-called “juice-jacking” attack involves criminals loading malware “on charging stations or cables they leave plugged in at the stations so they may infect the phones and other electronic devices of unsuspecting users,” it reads. “The malware may lock the device or export data and passwords directly to the scammer.”
But the county’s chief prosecutor’s office told TechCrunch that it has “no cases” of juice-jacking on its books, though it said there are known cases on the east coast. When asked where those cases were, the spokesperson did not know. And when asked what prompted the alert to begin with, the spokesperson said it was part of “an ongoing fraud education campaign.”
Which begs the question — why?
[...] Security researcher Kevin Beaumont tweeted that he hasn’t seen “any evidence of malware being used in the wild on these things.” In fact, ask around and you’ll find very little out there. Several security researchers have dropped me messages saying they’ve seen proof-of-concepts, but nothing actively malicious.
(Score: 5, Insightful) by aristarchus on Sunday November 17 2019, @11:56PM (11 children)
No, it does not. It might raise the question. English, grok it!
https://grammarist.com/rhetoric/begging-the-question-fallacy/ [grammarist.com]
https://www.businessinsider.com/beg-the-question-meaning-definition-usage-2016-4?r=US&IR=T [businessinsider.com]
https://www.logicallyfallacious.com/tools/lp/Bo/LogicalFallacies/53/Begging-the-Question [logicallyfallacious.com]
"Flogging will continue until logic and grammar improve."
"You can beat a dead horse, but you can't make it beg a question."
(Score: 1, Funny) by Anonymous Coward on Monday November 18 2019, @12:10AM (8 children)
^ Old man yells at evolving language.
(Score: 5, Insightful) by aristarchus on Monday November 18 2019, @12:22AM (7 children)
To be pacific, I would prefer an escape goat, but this is something of a damp squid. [thesun.co.uk]
Dumbing down is not evolution, it is devolution, leading strait to Fuddruckery.
So I'll just bite my time, curled up in the feeble position, remaining something of a social leopard, curving my enthusiasm in a last stitch effort to rectificate the lingus.
You know, you put women on them when you admire them. [youtube.com]
"And the whole case is a damp squid."
(Score: 0, Interesting) by Anonymous Coward on Monday November 18 2019, @12:30AM
https://www.youtube.com/watch?v=MZxCfb4Z_Ks [youtube.com]
Fuck you, got mine.
(Score: 2) by c0lo on Monday November 18 2019, @04:05AM
Come on, magister, a feeble position doesn't do much.
I'm not saying you should gander up and jump in the mist of things, with a flair in your nosedrills and a bulligerent deposition. I'm the first to conceive that a bear-handed fight with those who reneckated granma may sound like an admiral job, but it does post somehow unique risks in this dogie-dog world.
But, for all intensive purposes, taking the medium strip is better. Continue to comment like this and you'll keep me happy like a clown.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Monday November 18 2019, @05:28AM (4 children)
It's not dumbing down. A dumbing down would be e.g. "I could care less" to mean you could not care less. That frequently misstated reference makes no sense whatsoever.
"Begs the question" meaning it "begs a given question to be asked" is completely logical.
It's more of an evolution of words. For instance pathetic is little more than an adjective version of pathos. And so it initially would have been little more than "of emotion." It's only over time, and undoubtedly of observation of those prone to emotional motive, that such a word came to imply something of the sort being, well, pathetic.
(Score: 1, Offtopic) by aristarchus on Monday November 18 2019, @06:36AM (3 children)
Irregardless of the passion you feel for the pathetic pathos of Modern American English, I must beg to differ.
If these boffins were saying "it begs for the question (to be asked)" or some variant thereof, there would be no issue, but people are plugging into strange USB ports because they do not understand their own native tongue! No, this is a dumbing down because it is based on lexical poverty, and the mistaking of usage for something it is not.
For example, slang can get away with all kinds of violence to the language, because it is completely self-aware. When "cool" became "hot", and that became "rad" or "phat", there was no confusion about what was going on. But if someone talks about "setting a president", they are not saying ex cathedra, they just do not know that "precedent" is a different word, or how it is spelled. Functional (barely) illiteracy is becoming the norm, for all intensive porpoises.
Do a search for "eggcorns", that name for such mistakes. (Someone's eggcorn for "acorn" was "eggcorn", which probably should have been Oakcorn, or Oakegg because what would be sassy and not just stupid.) A member of Congress in the US just recently said that certain proceedings were "a Captain Kangaroo Court", referring, one can only infer, to a children's TV program that has nothing to do with the origin of the term "kangaroo court". Ignorance is not bliss, it makes you look stupid, and embarrasses your mother.
(Score: 0) by Anonymous Coward on Monday November 18 2019, @08:55AM (2 children)
Compare "it begs the question - [question]", which you are trying to argue is not an obviously clear phrasing of "it begs for the question to be asked - [question]", to "It begs for money." Obviously the meaning there is that "it begs for money [to be given to it from other people]." Your extended version doesn't add any new insight or information to the phrase, it simply makes it longer to no end other than to point out the fallaciousness of your own argument.
In this particular case, I think the modern usage is rather even more appropriate than the archaic usage. In particular circular logic, assuming your conclusion, etc tend to all be much more clear, meaningful, and illustrative descriptions of what one means when using "begging the question" in the archaic fashion.
(Score: 1, Offtopic) by aristarchus on Monday November 18 2019, @04:24PM (1 child)
You may be entitled to your opinion, but your opinion is incorrect.
No one would say, "It begs THE money." "Begs money", alright, means "begging for money", but I must beg your pardon and insist that anyone who would "beg the money" would either be illiterate, or relying heavily on context, or challenging the legitimacy of fiat currency.
You may also be correct that logicians may be reduced to having to say silly things, like, "Don't make an ASS out of U and ME", or "your reasoning is circular", but that in no way vitiates the misuse of the phrase "begs THE question", or preferably, petitio principii.
(Score: -1, Troll) by Anonymous Coward on Tuesday November 19 2019, @09:00PM
There's also the minor detail that absolutely NOBODY uses it that way. Indeed, if they did, NOBODY would understand the meaning. Personally, I prefer to be understood. So get over your pedantium ad dysfunctium and join the human race.
(Score: 0) by Anonymous Coward on Monday November 18 2019, @04:31PM (1 child)
And you have incorrectly assumed that the use of the phrase refers to the proposed logical fallacy. It does not have to, [merriam-webster.com] even if that was its origin. But you argued that already.
Now if the author said that it raises peititio principii you might have a reason to question it as much as improper use of an ellipsis...
… But you still don't. The offered logic justifying the alert was first that there were existing East Coast cases which could not be named (i.e. one might assume this is false). But the second offered justification, paraphrased, is that the alert was offered because of an ongoing fraud education campaign. The premise being that one needs an ongoing fraud education campaign, which is not necessarily a correct premise. One might therefore question that premise directly to collapse whether or not the alert was raised. In other words, begging the question of why the alert was necessary by asking if ongoing fraud education campaigns are necessary. (And, secondarily, important enough to apparently utilize FUD by proposing armchair attacks).
(Score: 0) by Anonymous Coward on Monday November 18 2019, @10:00PM
I've always loved the irony from the people who argue for this new definition because "language changes" are in fact begging the question!
(Score: 0) by Anonymous Coward on Monday November 18 2019, @12:14AM (2 children)
And came looking for masturbation porn.
But I get USB charging? what a gyp!
(Score: 0) by Anonymous Coward on Monday November 18 2019, @01:32AM (1 child)
Hillary... I already told you to stop looking at Trufps website
(Score: 0) by Anonymous Coward on Monday November 18 2019, @03:02AM
Where's the '-2.34, WTF are you blathering on about?' mod when you need it?
(Score: 4, Funny) by driverless on Monday November 18 2019, @12:25AM (2 children)
To put it into perspective, imagine he'd said this instead, just a few words changed:
Do you still want to stick your USB into any random charging port you run into on the street...
(Score: 0) by Anonymous Coward on Monday November 18 2019, @12:31AM (1 child)
Ooh! Ooh! Can I? Can I? Pretty please?
I run so many apps on my
portable surveillance devicephone that it drains the battery in 12.6 minutes!Besides, everybody knows that HIV is
the invisible sky daddy'sgod's punishment for the fudge packers!What's more, I get to
overuse the strike-through tag because I'ma moronso very, very cool!(Score: 0) by Anonymous Coward on Monday November 18 2019, @12:39AM
And to think that I thought the Fine Article was about vaping! Which begs the other question, "Why not?"
(Score: 3, Interesting) by linkdude64 on Monday November 18 2019, @12:38AM (4 children)
Why on earth would public USB charging ports be anything but dumb chargers anyway? Were you hoping to get that data, Mr. Mayor?
(Score: 1, Troll) by Ethanol-fueled on Monday November 18 2019, @01:03AM (3 children)
Los Angeles and all of the people who choose to associate themselves with that horrible city are diseased. The Jewish mafia and their sherrifs are given free reign to murder.
The only cure for a city like Los Angeles, or San Francisco, is a weapon of mass-destruction. Or kicking out all the illegal residents. So if we tried to clear both LA and San Fran of illegal immigrants, how much would they fight back? Either way, should a battle ensue, I will reach out for jihad to assist the Korean storeowners with unfashionable spectacles and bad '80's haircuts against the globohomo.
(Score: 0) by Anonymous Coward on Monday November 18 2019, @01:23AM (2 children)
Lay off the methanol it's effecting your synapse.
(Score: 0) by Anonymous Coward on Monday November 18 2019, @03:17AM
I didn't realize Eth was a neural networks researcher.
The more you know [nocookie.net]...
(Score: 0) by Anonymous Coward on Monday November 18 2019, @03:17AM
I didn't realize Eth was a neural networks researcher.
The more you know [nocookie.net]...
(Score: 3, Interesting) by Mojibake Tengu on Monday November 18 2019, @01:17AM (3 children)
1. (quick, cheap) Use a crafted USB cable only with cut off data wires.
2. (recommended) Use a 5V/5V DC converter circuit, there are many regulator chips to do that out there.
Do not forget to include a measuring device in the contraption to verify voltage and current. Outlet itself may be badly broken.
There are some pass-through USB A-A meters to do that easily.
Do not trust unknown hardware. This is why we do teardowns, right?
Respect Authorities. Know your social status. Woke responsibly.
(Score: 0) by Anonymous Coward on Monday November 18 2019, @01:38AM (2 children)
1. The public chargers I see have cables built in.
And... who knows whats really inside the courtesy chargers installed by merchants. They could be doing anything with your data
(Score: 2) by jasassin on Monday November 18 2019, @09:12AM (1 child)
Then you'll need a micro usb to USB cable with no data pins, and another usb to micro usb cable! Easy (stupid)!
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 0) by Anonymous Coward on Monday November 18 2019, @04:08PM
You always carry around 2 USB cables?
(Score: 0) by Anonymous Coward on Monday November 18 2019, @01:46AM (3 children)
Always use protection!
http://syncstop.com/ [syncstop.com]
(Score: 2) by FatPhil on Monday November 18 2019, @09:43AM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by hendrikboom on Monday November 18 2019, @04:13PM
Does this handle the weirdness of USB/C?
(Score: 2) by All Your Lawn Are Belong To Us on Monday November 18 2019, @05:04PM
Or you could just get your own battery tank to charge your devices, then recharge the tank at the public charging stations (although it is usually a much longer wait...)
This sig for rent.
(Score: 3, Interesting) by VLM on Monday November 18 2019, @02:54PM
The weird dancing around in their language is because hired penetration testers have an absolute hardon for trojan horse chargers and it seems like every hired gun pen tester has a modified charger with special hardware they'll leave a microUSB cable to it laying around a waiting room or conference room and when anybody plugs in a device to charge it'll get logged and when they report that incredible security breach, then they slap each other on the back or on the ass or whatever folks like that do, as if they just shot a 48 point buck during deer season or as if some wanker plugging in his rechargeable vape dong is equivalent to powning the finance dept payroll laptop.
And there are well known incidents where the pen testers celebrate their "charger" logs proving they couldda powned a visiting CEOs cell phone thus proving their infosec theater is worth hiring them again for even more money, then later on security camera footage shows "the theoretically compromised device" is actually the receptionist charging her rechargeable remote vibrator when she thinks no one is watching and its all whoopsie daisy I guess we powned nobody but that receptionist is kinda hot so its all good anyway or something.
99.99% of "hacked chargers" are legally owned and operated by pen testers hired by the IT department, but we have to pretend its "real infosec in action" and not just dumb security theater.
That's where it gets really weird in the linked article language where "everybody knows" that all pen testers have a "hacked charger" for their security theater purposes, but all orgs that have ever hired pen testers likely had to sign a NDA as to not admitting techniques publicly so we all have to pretend its never happened despite everyone knowing everyone does it and you can buy stuff like this online or just stick some dual USB dev boards inline with a real charger and some simple logging firmware (theres some great STM32 boards for this with dual USBs, one for power/debugging and one officially-HID-use port to log "security incidents" where someone plugged in). Its the security theater equivalent of admitting everyone masturbates and its frankly just about as useful and important... and profitable.