I've never put my phone into something to charge and thought "Hey, they might steal my data".
NSA hires hacker to install monitoring devices on all the samsung charging stations at O'Hare airport? Not out o the realm of possibility.
Six months ago, I would have called a comment like mine a little too tin foil hat, but not today.
I've also seen dedicated cell phone charging stations at other airports that have USB charging ports alone.
USB-only chargers in airports definitely exist, and are sometimes fought over in busier airports.
I believe there are more USB ports than generic power sockets.
In my experience, the USB ports are all in use at any gate with more than 10-15 people waiting at it.
Newer/remodeled hotels and airports are full of these things now. They don't exactly jump out at you, they would be easy enough to miss.
AFAIK these things are just dumb voltage sources, they don't have any USB controllers that could be hacked. At least, the ones you and I can buy don't. But there isn't, in principle, any reason why they couldn't have such controllers, either.
I can't speak for Android, but iOS 7 now has an automatic warning when you connect to new devices that asks if it should be trusted, presumably to mitigate this risk. However, I doubt anything less than a full hardware solution can actually eliminate the risk entirely.
There's a reason why conferences like DefCon warn you explicitly not to use power stations or ATMs nearby - they can be hijacked very easily.
New-ish Androids pop up a "USB connected, do you want to use this" prompt as well; but many devices (esp. embedded ones) don't.
The attacker is smarter than you, he has a bigger computer, he knows your own software better than you, and he is after you, specifically."
There are numerous ways this can go down without even having to have some cool hardware device.
After all, you never hear of a phone committing to just one outlet.
And consider how many people indiscriminately hookup with anonymous base stations at airports... That "Free Public Wifi" SSID is still being passed around.[^1]
― Joseph Heller, Catch-22
(There was at least one trojan USB charger at Defcon this year)
I often think about it, I guess that is proof that it happens...
1. The data lines can be very important in regulating power output for different devices, and there are different maximums for different versions of USB. Some devices require data communication to charge. Some require proprietary protocols. Implementing Apple product charging is somewhat convoluted, for example, and has changed over time.
2. A friend of mine is a computer engineer, and tells me that correctly implementing USB in hardware is incredibly difficult. It's possible that devices like these might be skimping on parts of the spec to more easily get a working product out the door.
If the host is capable of providing more power like 2.1A for example, how is that supposed to be signaled to the phone when the data lines are floating high? The way a USB charger that provides more current than the USB spec works is by pulling the data lines either to some voltage or shorting them together or to ground. Either way you need the data lines to negotiate that.
So it'll depend on how nice of a device you have.
Like the MAX14636: http://www.maximintegrated.com/datasheet/index.mvp/id/7968
There are always risks, so we just have to choose the less risky option available to us.
So between these two...
A. The black box charging station I know nothing about.
B. The simple device that I brought from home whose single purpose is to limit my exposure to external risk.
I'll take the latter.
Odds are I'm no worse off than had I plugged directly into the charging station.
If that and other things you claim are real issues then, every dumb usb power brick, every old computer/old charger, every non-apple charger, and others would all have problems.
It is? I've never had any problems with cheap AC to USB power adapters.
Note: I am in no way affiliated with the above kickstarter
(I have been doing this to charge my phone, as even the USB mount dialog confuses some apps)
Basically, it's a USB extender cable, with an extra pair of power wires soldered on and terminated in a USB male header - the original use is for power-hungry disks, where you'd plug both the male headers into the computer, increasing the available power (as USB 2.0 can only give 500 mA through a single port, per spec), at the cost of hogging two USB ports. It can be re-used as a USB condom as well.
Such a device will most probably restrict the device (if it properly implements charging) to a maximum charging current of 100mA. The data lines are used for identifying the maximum current allowed.
That said, if one desperately needs to charge a battery, one is likely to take even 100mA. Cutting two lines of a cable doesn't seem that hard and ugly compared to a un-encased PCB, though.
Edit: Actually, scratch that. Leave the data lines connected, but "short" them to the V- line (or shroud, should hopefully be the same thing) with a small capacitor to act as a low-pass filter. I don't have the specs in front of me, but it should be easy enough to filter > 1Mhz down by 3dB and still keep the DC "slew rate" enough to properly ID a charger.
Adding an inductor would screw with things, but if we're being really paranoid here, active circuits can measure the resonant frequency of the line and overcome it. Or, even if we're not being paranoid, you've now given someone a nice RCL trampoline to bounce a nice high current into your phone's USB data lines.
There are a few ways to protect against all of that if you want to be really paranoid. To start, you could go with a higher order active filter built from a cheap op-amp circuit.
More complex varieties could include the use of a tiny 8-bit uC programmed to control a digital pot on the protected side, and an optoisolator somewhere in there just in case there's some weird failure mode which causes a signal path to short from protected to unprotected. The benefit of something like this would be that the controller could also control a light or buzzer to alert the user when a signal is detected on the "unprotected" side.
Cheapest and most reliable might be to pump the output of a simple RC high-pass filter into a simple RC low-pass filter (translates to DC bias) then feed that to a comparator which latches the signal lines open (and sounds an alarm) if signal is detected. Or better yet, make it normally open and close only when signal isn't detected.
EDIT: if this thing actually had some diagnostic LED's that would show you that the 'power port' was trying to do something nefarious on the data lines, it'd be a lot more useful than an ultra-cheap snipped cable imho ..
You could just get two cables, and only patch one.
this works for any USB device
So would the cable option if you used a male / female cable instead of a male / male one.
Exactly. Better safe than sorry.
Can't USB sticks execute arbitrary code? Couldn't an attacker infiltrate the publically accessible computers that these people use and put a data-stealing trojan onto USB sticks used to bridge the air-gap?
Do other media that most computers accept these days e.g. sd cards support arbitrary code execution too? How can you get around this?
EDIT: it was DMA attacks that I was thinking off, and USB seems free of them at least. I guess, if you trust the robustness of your USB stack against exploit, that USB is a fairly safe bet. As these very people are reading the NSA secrets, one wonders what'd happen if they discovered some hint that that NSA could do precisely that - exploit via USB plugging in.
(Travis Goodspeed's "Writing a thumb drive from scratch" presentation. It's got some fascinating and potentially _very_ scarey ideas…)
Also note that the USB spec is rather complex, and some parts of it will be invariably implemented in software. Often in very high-privileged C code. As such, it is likely to contain critical errors. Heres one for the PlayStation 3 that emulates some garbage on a USB port to get fully privileged code execution:
To execute code on the host machine, either the host machine has to be stupid (like many Windows versions that try to automatically execute code from plugged-in devices without user interaction) or the device has to be malicious, trying to exploit weaknesses in the host machine.
Now, for the files being put on these sticks, there are probably many opportunities to inject a trojan.
USB is particularly interesting because a single USB device can turn into a hub or a completely different device at runtime. So you can have a USB flash drive suddenly become say a keyboard and start typing stuff in.
But I think it only works on certain OSs that have "autorun" or whatever enabled. Or perhaps a vulnerability in the USB stack.
Thunderbolt, on the other hand, has much more low level access to hardware and can apparently read raw memory/devices.
The USB stick would have to exploit some vulnerability in the handshake process to run attack code on the host. In order to prevent that, you'd need a "USB sanitizer" that proxies the communications over the data lines and prevents any traffic that it deems unsafe.
This device, off course, can also be the target of an attack.
Nitpick for interest's sake: apparently there's a new (2012) 'USB Power Delivery' spec which specifies two new voltage levels (12V & 20V) in addition to 5V, with higher current limits (2A at 5V, 3A at 12V or 20V for microUSB connectors). Obviously both ends (and the cable) have to support it; I don't know if anything actually does yet.
As for a well-behaved device - there aren't very many of those, either. Fortunately, this is less of a problem with USB3 - more devices follow the spec closely.
considering there are usb devices which are self powered, i doubt the host controller would be a problem in this situation.
without power on the bus, your phone or kindle might not realize they're connected to something, or wake up and try to communicate with it.
you basically just need to cut one wire of the cheapest usb cable you can get your hands on, and then you'll know for sure.
Love the humor, usbcondoms crew! Another one I hope you find a place for in the future: "In the dark, all cats are gray" -- Benjamin Franklin. Yes, really.
Just my 2 cents.
Why tell someone he can lose weight by working out and eating less, when you can sell them a pill that makes them lose weight while they sleep and get abs in 7 minutes?
Why learn programming in several years, when you can "learn programming in three days".
Why tell people to be cautious with their data, not to click on everything, when you can sell them a "condom" that enables them to remain reckless and careless and lazy ?
(of course, this just shifts the problem around: now you need to trust the "usb condom"; but given its simplicity, it should be much harder to put anything nefarious there)
However, what does that thing actually do ? How does it work? Signatures ? Block "autorun" or something ? I didn't see any details.