
“All accredited journalists at the #KimTrumpSummit get a free USB fan.” - pavel_lishin
https://twitter.com/UID_/status/1005795008581169152
======
unit91
So at a meeting between the US and North Korea, somebody is handing out a free
USB device, but only to people with credentials. Call me crazy, but I would
never accept that Trojan horse...uh...I mean gift.

~~~
qwerty456127
You should accept it to avoid attracting attention. You can get rid of it
later.

~~~
cpeterso
Or ask a computer security expert to examine it. If the USB fans have spyware,
that would be a big news story!

------
ea016
Great opportunity to remind people: never ever plug an unknown USB device in
your computer. Even USB-C chargers can infect your machine as outlined here:
[https://twitter.com/_MG_/status/949684949614907395](https://twitter.com/_MG_/status/949684949614907395)

~~~
swebs
>Even USB-C chargers can infect your machine

Why would anyone assume otherwise?

~~~
eugeniub
Not everyone is an opsec expert

~~~
swebs
Ok, but why would you assume that USB-C is somehow more secure than USB-B?

~~~
okmokmz
My guess would be that many USB-C products are charging cables, dongles, and
other items that the average user would not associate with having the
capability to store data making them inherently "safe" in their eyes. USB-A,
on the other hand, is commonly associated with storing data, and the majority
of user awareness and education about the danger of unknown devices is focused
on flash drives. For these reasons I can see how someone without technical
experience may believe that flash drives specifically are potentially
dangerous, while believing that other USB-A/USB-C cables/adapters/chargers are
safe. In my experience most users don't even know what USB-B is

------
Daneel_
Easily solved with a USB Condom:

[http://syncstop.com/](http://syncstop.com/)

[http://portablepowersupplies.co.uk/home/portapow-data-
blocke...](http://portablepowersupplies.co.uk/home/portapow-data-blocker-usb-
adaptor)

Edit - note, this isn't properly secure! Please screen your devices properly
and consult your organisation's security team/local tinfoil hat wearer, or
educate yourself about side-channel attacks, monitoring, and the history of
surveillance devices.

~~~
tomarr
I mean not necessarily, although it stops data access to your computer you're
still powering a device close to your computer which could have
sniffer/camera/microphone

~~~
Daneel_
Very true! There's also potential side-channel attacks regarding noise in the
power supply (example:
[https://arxiv.org/pdf/1801.00932.pdf](https://arxiv.org/pdf/1801.00932.pdf)),
so it's definitely not a guarantee of safety.

Best to open it up for inspection, then destroy it. There's not a lot of room
inside the body, by the looks of it, but there could still be plenty of fun
stuff hidden in there anyway.

Thinking logically though: due to the public nature of the release, it might
actually just be a fan..

------
gpvos
The journalist in question appears genuinely happy with the fan, and reacts
incredulously to suggestions it might contain malware...

~~~
toomanybeersies
The chances of it containing malware are very slim, and it would be easy to
find out if they are malicious, with nothing more than a screwdriver.

------
evo_9
Additional context:
[https://en.wikipedia.org/wiki/Fan_death](https://en.wikipedia.org/wiki/Fan_death)

~~~
astine
That's more a South Korean thing and this particular summit is between the US
and the North. Even in the South that myth is on the wane so I doubt it has
much relevance here.

~~~
rdiddly
I'm guessing that's why it was labeled "additional context" and not "This
concept is totally a centrally-important and causal factor here."

~~~
pc86
It's the equivalent of posting a Wiki article on a random Israeli superstition
as "additional context" for a summit between the US and the Palestinian
Authority.

~~~
rdiddly
If South & North Koreans were as ethnically, culturally and religiously
distinct as Arabs & Jews that example would be more apt.

~~~
chc
It's not like this is some ancient tradition you'd expect them to share. The
fan death urban legend first arose in the last century, just shortly before
the countries were divided. They've been separate (and relatively isolated)
for most of the time the myth was spreading in South Korea. I don't know what
North Koreans think on the subject, but I wouldn't take it for granted that
the urban legend is relevant context here.

~~~
rdiddly
Neither would I; nor would I take it for granted that it's so emphatically
_irrelevant_ , as some have done here. I would in fact, simply take it as
"additional context."

------
api
The malware this USB device installs had better be called "Fan Death."

------
toomanybeersies
It's probably not malicious.

That's not to say it's definitely not malicious, and I certainly wouldn't be
plugging it into my phone. But it is Singapore, where it is hot, so I do
understand the rational of giving fans to the journos.

I suspect that the person in charge of the decision didn't consider the fact
that USB fans are a possible attack vector.

I think that some readers here have been reading too much Frederick Forsyth or
Tom Clancy, with these ideas about baiting and switching and bribing hotel
employees.

------
cm2012
Wow. I really want to see someone dig into these in a secure environment.

~~~
wanderingjew
All they need to do is open it up and take a look inside. There _should_ just
be a USB port and a pair of wires, _maybe_ a pair of resistors. If there's
anything else, this is a Trojan Horse. You can probably open this up with a
butter knife, maybe a small pair of pliers to open up the USB connector.

A reasonable security assessment of this device could be done in two minutes.
It would take longer to take pictures of the disassembly and post the pics on
twitter.

~~~
DaiPlusPlus
I imagine if this really is an attack the attacker would expect these devices
to be subject to scrutiny - perhaps the first set of fans released to
journalists are safe, but as the summit goes on and the initial reports
cleared them then just bribe hotel staffers to surreptitiously replace them
with Trojan Horse devices. Or have just a small subset of devices as THs and
hope the ones that get opened up are the safe ones.

~~~
redog
They're might only be one intended target.

------
astine
Who exactly is handing these out? I could be a trojan horse, but I'd be
interested who's trojan it actually is.

------
Luc
Sometimes a USB fan is just a USB fan.

~~~
raverbashing
True. Take the data pins out in this case and it should be ok.

~~~
qwerty456127
Can't it still contain a concealed microphone built into it that would record
voice and transfer it over radio?

~~~
raverbashing
There's a gap between "can" and "should"

As a targeted attack it makes sense. Still you would have to muffle the sound
of the fan.

------
asdojasdosadsa
Someone should get it, investigate and post results

------
nytesky
Is there any kind of serial dongle that way to filter out on necessary comm
circuits and simply provide power, they say just a pass-through to block the
data portion of USB

~~~
phito
they're called usb condoms

------
jstanley
I'd love to get one of these to play with.

~~~
toomanybeersies
Yours for only $1: [https://www.aliexpress.com/item/2016-Cute-Mini-mobile-
phone-...](https://www.aliexpress.com/item/2016-Cute-Mini-mobile-phone-USB-
Fan-Portable-Hand-Fan-for-Power-Bank-Android-OTG-Smartphone/32747151925.html)

------
notadoc
How generous!

Who handed these out? And what are the odds that any free USB device contains
malware or spyware of some sort?

~~~
lccarrasco
Yeah, my first thought as well, I hope no journalist working with sensitive
information just plugs the thing in.

~~~
frockington
Do journalist even have sensitive information anymore? It seems like the new
thing to do is write an article and find a "source" later.

~~~
okmokmz
Some relatively recent examples

[https://www.nytimes.com/2018/06/07/us/politics/times-
reporte...](https://www.nytimes.com/2018/06/07/us/politics/times-reporter-
phone-records-seized.html)

[https://www.jpost.com/Middle-East/PA-arrests-five-Pal-
journa...](https://www.jpost.com/Middle-East/PA-arrests-five-Pal-journalists-
for-leaking-sensitive-information-501991)

[https://cpj.org/2017/08/palestinian-security-forces-
arrest-f...](https://cpj.org/2017/08/palestinian-security-forces-arrest-five-
journalist.php)

------
rchrd2
Maybe they all have Alexa in listen-only mode.

------
qbaqbaqba
How nice.

------
knodi
free usb device? only Trump admin would be dumb enough to fall for this.
Imagine one of these back it to AirForce1 or God forbid the White House.
Fucking idiots.

------
staunch
The USB trojan connects back to the command and control server and waits to be
instructed to spray VX nerve gas into the fan. A refreshing cool breeze of
remote death.

