• Re: Malicious USB Interfaces In Airports

    From Ralph Fox@21:1/5 to Lawrence D'Oliveiro on Fri Jun 7 17:35:48 2024
    On Fri, 7 Jun 2024 04:02:13 -0000 (UTC), Lawrence D'Oliveiro wrote:

    Seems there have been cases of crims hijacking USB charging outlets in airports to connect special devices that can pwn your mobile device <https://www.nzherald.co.nz/travel/news/airport-passengers-warned-of-phone-charging-scams/RGBS35ORBVBUDJIVO466TIFNAQ/>.

    When I was in Hong Kong Airport a few years ago, it was very hard for
    me to find a mains outlet to charge my laptop. Just about all the
    ports built into the public seating areas were USB ones, for
    phones/tablets.

    It is possible to get USB cables that only connect the power wires for charging, without enabling data transfer. Alternatively, here <https://github.com/robertfisk/USG/wiki> is a USB “firewall”-type
    device that tries to protect you from malicious devices. If you don’t
    want to build your own, there’s a link in the readme to buy NZ-made
    ones.

    For charging my phone at the airport, a USB data blocker gives complete security for a tenth the price of that NZD $79.00 “firewall”-type device.

    <https://www.aliexpress.com/item/1005005162014091.html>
    <https://www.aliexpress.com/item/1005007101835777.html>

    <https://www.temu.com/nz/usb-data-blocker-protects-data-with-plug-and-play-usb-converter-head-g-601099557440405.html>


    Also, are there any *independent* tests of that $79.00 “USG” “firewall”-type
    device?


    --
    Kind regards
    Ralph Fox
    🦊

    The greatest talkers are always the least doers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ralph Fox@21:1/5 to Scott Alfter on Sat Jun 8 08:29:16 2024
    On Fri, 07 Jun 2024 14:12:23 GMT, Scott Alfter wrote:

    (Your newsreader is inserting CRs at the ends of lines, BTW...might want to fix that.)

    I see CRLF at the ends of lines in Andy Burns' message. Both in the
    raw message and in the base64-decoded text. I checked Andy's message
    on two different news servers.

    CRLF is the correct, standard on-the-wire format.


    --
    Kind regards
    Ralph Fox
    🦊

    A man must plow with such oxen as he hath.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)