89

On a long haul flight, I imagine that charging a phone (in flight mode) with the inbuilt USB port on the head rest would be a security risk.

Could I mitigate that risk by taking a regular USB cable and cutting the data (but not the power) cables? Or does the USB protocol need a data handshake to begin charging? Or is there another better solution?

Peter Mortensen
  • 877
  • 5
  • 10
DarcyThomas
  • 1,298
  • 1
  • 10
  • 15
  • 81
    I can already go and buy power-only USB cables which have no data connection. They are already on the market. – Michael Hampton May 25 '16 at 10:11
  • 3
    Brace yourself, DRM (aka protection against malicious chargers) is coming: http://www.androidauthority.com/usb-type-c-authentication-spec-wants-address-hazardous-cables-686304/ – Noir May 25 '16 at 13:07
  • 35
    @Noir DRM is never the correct answer :/ – cat May 25 '16 at 15:37
  • 2
    Why is this a cable issue? My phone connects in "charge only mode" by default, and will only initiate data transfers if I manually tell it to open itself up to what it's connected to. – Mason Wheeler May 25 '16 at 21:14
  • 8
    @MasonWheeler That is assuming that it is telling the truth or bad guy has not found a zero day flaw that gets around that. – DarcyThomas May 25 '16 at 21:21
  • 6
    @MasonWheeler I am guessing that it may be possible to finger print a device even in charge mode. A bit paranoid perhaps, but still a (small) security risk. – DarcyThomas May 25 '16 at 21:25
  • Related question: [How to disable MTP and PTP file sharing via USB on Android 5?](https://android.stackexchange.com/q/136435/5934) – l0b0 May 26 '16 at 07:19
  • 2
    @Noir how much do you want to bet it's going to be cracked in a matter of days after its release? – André Borie May 26 '16 at 09:05
  • @Noir et al, see the discussion starting at http://www.metzdowd.com/pipermail/cryptography/2016-April/029106.html – user May 26 '16 at 11:40
  • 1
    I'd be curious to know why everyone is saying that this is a security risk. A lot of USB port on head rests provides power only, no data. The only time this could be an issue is when you have an entertainment center which can playback from a USB, but even then, wouldn't it be limited to your entertainment center? – jValdron May 27 '16 at 18:06
  • 2
    Some equipment comes with such a cable out of the box. For instance I have a Logitech G930 headset, which came with a charging cable without data connectivity. – kasperd May 28 '16 at 10:18
  • The data pins are required to charge an iPhone http://electronics.stackexchange.com/questions/123172/what-is-the-ideal-way-to-handle-data-pins-d-and-d-on-a-usb-power-adapter-to-be – David Corbin May 28 '16 at 17:25
  • 2
    @DavidCorbin: no they are not required to charge, they are required to negotiate a charge rate (amperage) higher than the official (known-safe) USB current parameters; instead of 500ma for usb2, it can ask for up to 1500. – dandavis May 29 '16 at 04:57
  • 1
    I own an old Blackberry 8700 device that cannot be charged with charge-only cables, AC-to-USB adapters or even an always-on USB port, only when connected to a running computer. – törzsmókus May 29 '16 at 16:56
  • 1
    I usually carry two phones. My personal, work and everything phone, and another one with a bigger screen and lots of storage for reading and games. The bigger one doesn't even have a cel line - I just share Wifi when I need internet on it. I also keep the bigger phone without any sensitive data, so if I even happen to be assaulted on the street I just give it up while keeping the sensitive phone safely hidden inside the hidden pockets of my jacket. Yes, I'm _THAT_ paranoid. – T. Sar May 30 '16 at 13:36

9 Answers9

75

Could I mitigate that risk by taking a regular usb cable and cutting the data (but not the power) cables? Or does the usb protocol needs a data handshake to begin charging?

Such a cable does exist, so a data handshake must not be required.

Such cords are discussed on some Stack Exchange sites:

So yes, using such a cable or making one using a DIY approach could mitigate a risk that depends on the 2 data pins. Of course, a different kind of attack where unexpected power is sent, possibly with the intent to damage the device, would still be possible.

Alexander O'Mara
  • 8,774
  • 6
  • 34
  • 38
  • 3
    In my scenario (on a commercial plane) you would need to have a pretty malicious attacker, who if they can't hack you they resort to breaking your toys. Unlikely if they are trying to otherwise keep a low profile. – DarcyThomas May 25 '16 at 04:31
  • Usually shorting the two data pins on the phone's side of the cable is enough to allow it to charge. – Hitechcomputergeek May 25 '16 at 17:28
  • 1
    @called2voyage: That is not quite enough, fuses react very slowly, and if you shove 1kV into it, no fuse will protect you. You need some heavier gear like MOVs and all the standard overvoltage (and under) protection – PlasmaHH May 25 '16 at 21:39
  • 1
    @called2voyage: It won't work at all. The time a fuse reacts everything is destroyed already. Even with 10V likely the fuse does nothing but the chipset is fried. – PlasmaHH May 25 '16 at 21:41
  • 2
    @PlasmaHH is right (and probably knows more about these things than I do): You could presumably do something with a Zener diode to shunt the high current caused by the overvoltage, combined with a fuse. But a transorb would probably be better. This has been discussed in [How to decide between a TVS or Zener diode for overvoltage protection?](http://electronics.stackexchange.com/questions/50563/how-to-decide-between-a-tvs-or-zener-diode-for-overvoltage-protection) at electroni.cs.se – Chris H May 26 '16 at 08:28
51

USB devices can negotiate the provided current from the host device. If power negotiation is not possible (because you cut the data wires), a maximum of 100 mA is supplied. This means you can charge devices, but it may be slower than usual.

Devices such as LockedUSB do the power negotiation on both sides, while not allowing data to pass between devices. This charges your devices faster, but arguably may be less secure than cut wires.

Sjoerd
  • 28,707
  • 12
  • 74
  • 102
  • Why would it be less secure? As long as no data wire is in the cable, how would the negotiating circuit introduce any security risk? Especially as it is non-re-programmable logic? – spectras May 25 '16 at 08:45
  • 16
    @spectras It's less secure in the sense that you have to trust the creators of the cable to a) be honest and b) have done their job right. – Pepijn Schmitz May 25 '16 at 09:46
  • 15
    In practice, quite a lot of dumb chargers don't do the negotiation and will happily let you pull 2A with no data lines. – pjc50 May 25 '16 at 09:53
  • 6
    Shorting out the data pins should trick the phone into believing it's connected to a 2 amp charger and is quite effective. If a host device really can't supply 2A its overcurrent protection would just shut it down preventing any damage. So it's a really good, simple and cost-effective solution compared to making a "firewall" that allows power negotiation to pass through while denying everything else. – André Borie May 25 '16 at 12:00
  • 7
    Note that most hosts ignore the spec and supply at least 500mA when no negotiation is done. On the other hand, some of the high power charging standards require specific resistance between the data wires to indicate the power capability of the supply. Thus shorting the lines incorrectly can cause damage. Better just leave the pins floating. – billc.cn May 25 '16 at 12:30
  • 1
    @PepijnSchmitz> in the device he linked, there is not data wire at all. Seems dubious that they could wire one accidentally. And for the trust part, that's true with any usb cable anyway, a usb controller with some micro chip easily fits inside the plug itself. – spectras May 25 '16 at 17:57
  • @billc.cn shorting the lines is perfectly acceptable according to the spec and it's actually how chargers tell phones how much current they can supply. – André Borie May 26 '16 at 09:02
  • 1
    Does LockedUSB also support the "charger protocols" (various voltages on the data pins, depending on the manufacturer, to show that the device is a charger that supports more than 500mA - or the standard protocol of shorting the data pins to show it supports 1A)? – Random832 May 27 '16 at 20:16
  • @Random832 It actually supports a lot of different "charger protocols" as you put it. If you want the messy details, search for "Technical Profiles Supported" on https://lockedusb.com/ for all the different options it will detect and support. – Patrick M May 29 '16 at 17:54
41

Although not entirely in line with the OP's question, I wanted to share a different solution.

You could take a powerbank with you. Small powerbanks capable of charging your phone at least 1 time don't take up too much space. You can charge the powerbank at the airport terminal, in your hotel, or even on the flight (as there's no risk for malicious data affecting the powerbank). When you need to charge your phone, you can use your freshly recharged powerbank to fill it up.

Another advantage of this solution is that you have a powerbank with you on your trip, should you ever need to recharge your phone in an area where no power outlet is available, or when you don't have your charging cable with you. You can even use the powerbank in other areas where you don't trust a USB outlet.

BlueCacti
  • 950
  • 7
  • 10
  • 3
    Of course, if you are really paranoid, you wouldn't charge your powerbank from an untrusted USB port, since a compromised powerbank could potentially compromise any device plugged into it. – MJeffryes May 25 '16 at 10:05
  • 38
    @MJeffryes If you are really paranoid, you don't use a mobile phone. – gerrit May 25 '16 at 10:55
  • 4
    @gerrit - If you've gotten that paranoid, holing up in an embassy or hiding in Russia may be your only hope... – Richard May 25 '16 at 12:24
  • 6
    @MJeffryes you can buy powerbanks with no capability to run code - they're the cheap ones. – Chris H May 26 '16 at 08:30
  • 9
    Just be aware that airlines and airport security are getting picky about power banks. Last time I flew they were not allowed in the checked luggage, but ok in the carry-on (in limited numbers). Badly designed ones are a potential fire hazard. – Tor Klingberg May 26 '16 at 13:10
  • Bonus: A huge number of these (possibly even most of them nowadays) double as a flashlight – Izkata May 28 '16 at 04:20
  • I think powerbanks have no firmware, they are dumb devices. No risk of compromising them. Use them as bridge between USB wall port and phone (they have often two USB ports). – FarO May 28 '16 at 23:01
  • @OlafM There are nowadays powerbanks that also act as external storage (over USB or WiFi), network adapter, USB hub, and so on. Those devices do have some firmware on them and could be used maliciously. You also never know if the cheap powerbank you bought from a Chinese web shop doesn't contain some microcomputer – BlueCacti Nov 18 '16 at 16:28
4

Modern smart devices are power hungry machines that require frequent charging. This problem is usually solved by bringing along portable power chargers that are expensive and bulky. As a solution to the power problem, many public facilities or events are starting to provide booths with USB ports for free charging. However, charging smart devices on unknown / public USB ports will make your device vulnerable to “juice jacking”, which allows unauthorized users access to data on your phone. Additionally, smart devices can be infected with malware through these unidentified USB ports.

The Solution  A “neutered” USB cable that allows the charging current to pass through but physically disabling all forms of data transmission. This essentially blocks out all forms of communication between the smart device and the source of power, regardless whether it is a computer or an adapter plugged into a wall socket. This can be achieved by physically disconnecting the data transmission wires between the device and the source of power. Doing this on a standard USB cable requires some technical knowledge and makes for an unsightly cable. This is where a USB condom comes in. Putting one on at the end of a standard USB cable will block the data transmission lines between the device and the power source.

How is it Made?  Solder the first and fourth pins of the male drive to the female drive and you have a USB condom that works with most devices. //For the device to work with iPhones, you’ll have to include an additional circuit board to fake a voltage charge.

Note: The current design shown above works for all devices, even iPhones!

http://m.instructables.com/id/Making-a-USB-Condom/?download=pdf

Maker Credit: Tan Guo Wei, Creative Technologist at Metalworks by Maxus

http://m.instructables.com/id/Making-a-USB-Condom/

Pedro Lobito
  • 524
  • 3
  • 13
4

A slightly different take, but you can use a trusted wall-to-USB charger. This is the approach I take when charging from a public/shared facility.

Most (if not all) flights I've been on with power, offer both a wall-compatible outlet as well as USB.

Unsigned
  • 137
  • 4
2

Yes, there is a good solution. The Portpilot is a USB power analyzer which gives you control over locking down data and checking modes, http://portpilot.net/. Shoutout to Hak5, it is available at http://hakshop.myshopify.com/products/portpilot. Not affiliated in any way, but it is on my wish list.

Ok, I read the question again. If you want to dissect the cable and cut parts of it I guess that would work. If you want a solution that works with any USB cable and any device, I would vote for Portpilot.

1

Most (all?) phones will not have any "data" connection without specifically having been authorised by an affirmative action by the user, e.g. unlocking the phone and accepting a dialog.

So the use of some special (expensive) "secure" USB charging cable is not required.

Coxy
  • 119
  • 3
  • 3
    I didn't downvote, but I disagree. Perhaps this is the trend on newer and more expensive devices, but no phone I have ever owned had this feature. If a users phone has this feature, and they frequently attach their phone to their laptop to transfer data, they might turn this feature off to avoid the hassle of answering "allow" all the time, and then promptly forget the phone had that feature. Also, some phones that may have this feature may have a setting to control this that is defaulted to off and the user may not know the feature is even available. – Kevin Fegan May 28 '16 at 00:24
  • It's a per-device nag and as far as I know you can't turn it off, but I suppose on Android there would no doubt be some way to disable it. – Coxy May 28 '16 at 07:08
  • 1
    @Coxy Your phone can still be fingerprinted with USB. No bueno. – Navin May 30 '16 at 06:50
  • 1
    This feature comes standard in the stock ROM on Android. – Ajedi32 Jun 01 '16 at 18:59
1

TL;DR: yes, but connect a small resistor between the data lines at the host end.


USB protocols do support power delivery without data lines. According to the Wikipedia article,

The charging device identifies the type of port through non-data signalling on the D+ and D− signals immediately after attach. A [dedicated charging port] simply has to place a resistance not exceeding 200 Ω across the D+ and D− signals.

Without the connection between the data pins, the charging port would supply only 100 mA (a low-speed single unit load - the initial non-negotiated supply), but with this modification (at the power supply end), you should get at least 1.5 A and (at the port's discretion) up to 5A without further action.

For further information, you'll want to consult USB Battery Charging Specification (sorry, that's a Zip archive containing PDFs). There are higher-current modes that may be enabled by FSK signalling on the power lines themselves (USB Power Delivery), but you can safely ignore those.


Note that in this answer, I'm only addressing data risks, that might subvert your device without your knowledge. You are still subject to the usual Denial of Service risks such as over-voltage and reverse voltage, but you will obviously at least know if your device is destroyed by the outlet. I'm assuming you have decent backups of your device (including any removable media you were foolish enough to leave inserted), and that you're not someone who is likely to be specifically targeted - if a charging port is indiscriminately destroying users' devices, it will get noticed!

Toby Speight
  • 1,214
  • 9
  • 17
0

I've seen one Nokia phone that would charge via USB only when connected to PC, but in most cases it would just work with data wires cut
But there are other risks involved: unstable power source may damage your device, even if it is not intended to be malicious.
To be 100% sure I'd recommend using the powerbank solution, effectively having safety buffer between the pricey device and untrusted power (and possibly data) source

zakius
  • 23
  • 4
  • Surely an unstable powersupply would be a risk (money, not security) even when using with the data cables intact. I.e., what muggle would normally use. (And I am not aware of that being a major problem). A power brick could also have stability problems (although probably less so ) – DarcyThomas May 25 '16 at 21:16
  • @DarcyThomas well yes, but you could always test your powerbank beforehand, and also it protects you from intentionally malicious power sources, or at least the more valuable hardware, as powerbank could get fried or even explode (but that's better than explosion of your flagship phone I think) if connected to something designed to damage stuff – zakius May 27 '16 at 08:18
  • While the personal loss from the powerbank's explosion might be less than from that of the phone, the explosion itself is likely to be far worse as its size will generally be proportional to the capacity of the power cells, and most powerbanks have more capacity than most smartphone batteries. – Dan Henderson May 27 '16 at 13:13