You'd be pretty annoyed if the front door to your house, when you opened it, also opened up your document safe, emptied your wallet onto the floor and invited visitors to leave bugging devices to spy on you later.
Also, the defence of "just don't agree to pair your phone with an unknown USB device" can actually be tricky. On a flight, I plugged my phone into the USB port on the seatback to charge it. The phone repeatedly kept asking if I wanted to pair it with something (who knows what it was? the entertainment system, maybe?). If I had accidentally hit the wrong button only once (on a prompt that randomly appeared), my phone could have been owned, and there's no easy way to un-pair.
Why can something even repeatedly ask for permission? (My iPhone was asking me every 5 seconds the other day due to a faulty cable.) Even if there's a reason for that, why isn't there a "don't ask again" button?
Why doesn't such a thing need a pin code or iCloud password entry?
Why isn't services like file_relay or pcap a setting deep inside the Advanced section of Settings.app that requires password entry on enabling and features a warning message?
These things are advanced features. Few use them, why not make it a little more difficult?
Why can't I opt-out of Apples access to my files? Sure, I can say "No" when they ask at the store, but I could say no as well in the Settings app.
It's easier to enable packet capture than complete the Provisioning Profile process when releasing an app update to App Store.
These are the things Apple should be answering instead of the vague support note entry they published today.
The "Don't ask again" is a little tricky - is there enough information present for the phone to tell if it is plugged into the same or different computer?
A better UI would be for the phone to always default to not pairing. No popup choice would be shown at all. After all, how often do you need to pair to a new computer?
It does - any passcode/fingerprint locked device needs to be unlocked before granting trust.
I would like a 'don't ask again' option though...
1> Don't tether
2> Get only power
3> Give away the keys to the castle
Not really. the USB charging protocol requires data pins for chargers to communicate with the device about how much current it can draw. Suppose the data pins are left open, a compliant device can only draw <100mA, which is not even enough power to keep device from draining battery. Even if the data pins are shorted, I don't think it works with most apple devices, which use a different non-standard protocol.
Google shows some uses before hand, but Wayback Machine does not corroborate. I think Google is using the self-reported page date and pages dynamically update with "latest news' content.
1> Buy a shit Nokia, use the 2 pin charger. TBH if it goes flat it won't charge off USB anyway. Then use a microSD for transferring music/photos.
2> Buy an Android handset with USB OTG. Transfer files on and off via a USB stick that you control. Charge it with a USB cable with the data pins shorted (you can buy these off Amazon).
Both of these ignore the main attack vector that I'd be concerned about which is over-the-air (via GSM/packet data) and a fuck load more scary than plugging your USB thing into a dirty USB hole and getting some USB STD.
It's not like it's 2003 again and the only way to share a picture or a album is with a cable.
Not all things are equal on iOS which is my point above.
There is not that many reasons to plug a cable other than charging nowadays.