Thursday, April 30, 2015

JuiceJacking - hijacking your smartphone data via public USB charging ports.

CSI:Cyber (S01E09) was about "JuiceJacking" where plugging your smartphone into a public USB charging station MAY allow your smartphone data to be stolen (see 3-minute clip below).

Best defense against JuiceJacking is to carry your own AC adapter...

...and not trust any public USB-only charging ports.

Security researcher Brian Krebs wrote a column on this...

... in August 2011.  At the time, iPhones/iPads/iPod Touch were vulnerable to JuiceJacking (up to and including iOS v6).  As of iOS v7, Apple added a "Trust this Computer"...

...query when plugging into an unknown USB data port -- answer "Don't Trust" or "NO" if it's not your computer; your iDevice battery will still recharge).

So, an up to date iPhone is protected.  Not sure about your Android / Windows Phone / Blackberry ?  Bring your own AC charger as public AC outlets with your adapter are OK.

More up to date info from a Google search of "JuiceJacking":

No comments:

Post a Comment