
BadPower attack corrupts fast chargers to melt or set devices on fire - teruakohatu
https://www.zdnet.com/article/badpower-attack-corrupts-fast-chargers-to-melt-or-set-your-device-on-fire/
======
thedanbob
> The bad news is that the research team also analyzed 34 fast-charging chips,
> around which the fast charger models had been built. Researchers said that
> 18 chip vendors did not ship chips with a firmware update option, meaning
> there was no way to update the firmware on some fast charger chips.

Isn't this a good thing? If you can't update the firmware you can't infect it.
Conversely, if you still _can_ infect it via some vulnerability then the same
technique can be used to "infect" it with fixed firmware.

------
teruakohatu
> The Tencent team said they verified their BadPower attack in practice.
> Researchers said they selected 35 fast chargers from 234 models available on
> the market and found that 18 models from 8 vendors were vulnerable.

I would rather throw my charger out if it had a bug and buy a new one than
risk someone intentionly or accidentally (compromised phone) turning it into
an electric match.

------
floatingatoll
Whether firmware can be updated or not, how will any of these charges ever be
found and replaced/repaired?

What are the logistics of executing such a recall _successfully_ , such that
people aren’t vulnerable?

