Plug in at an NSA charging station

Phone owner: Bobby Droptables.

Does the NSA sanitize their inputs properly?

5 Likes

Congratulations! You’re one of today’s lucky 10,000 who is learning for the first time just what kind of things a malicious USB charge port can do to your phone! https://duckduckgo.com/?q=usb+charge+exploit&bext=msl&atb=v98-3_g&ia=web

3 Likes

No, the appeal is that it’s a mix of “is this for real? Do I get to see what the NSA will try to do to my phone? And can I catch them doing it?”

It’s almost certainly a benign charger, as the NSA wouldn’t publicly display any of their capabilities or offer up any of their covert hardware. Of course, it might have some publicly available component behind it, like a Bash Bunny, just to play around with the attendees. But they likely wouldn’t actively root someone’s phone.

7 Likes

When I first skimmed the story, I assumed it was car charging stations.

Is it time to worry about that too?

2 Likes

I suppose you could charge a power bank, then charge your phone off the power bank.

4 Likes

They need a sign that says “It’s OK, we already know”

5 Likes

If they really did have some device that would be automatically breaking into modern phones over USB, that device would be classified and they wouldn’t be allowed to leave it sitting on a table at a public conference. It’s just a charger.

1 Like

Semi-obligatory:

Good Will Hunting NSA scene

You can go outside and grab a burrito while your phone is charging:

3 Likes

IOS has a feature where it won’t allow data connections unless you explicitly allow it on a new device. Wouldn’t protect from this thing, assuming it was malicious?

Only if the NSA doesn’t have any exploits to get around that. Maybe a vulnerability in the USB controller firmware, or an edge case that iOS feature doesn’t handle properly, or something like that…

As a general rule, software protections or no, don’t plug a device you care about into strange USB ports.

2 Likes

PDVD_011_cropped

1 Like

Definitely, but there is a custom CAPCHA on the second layer of registration so it’s not a trivial solution. :slight_smile:

Unless they use their phones to corrupt or own the device at the other end. Then they get an interview on the spot.

So it’s really an intelligence test - for the intelligence comunitards.

The NSA is still smarting over losing some of their shiny toys because agents refused to follow basic opsec.

At the very least, they could be compiling a list of people not to hire

Nick Haflinger would have loaded his phone with a tasty worm.

I’m waiting for the first proof of concept that hacks a power bank charge controller to turn around an hack a connected device.

This is close, but using a Thunderbolt dongle:

Something similar should be possible by combining a BadUSB-type firmware exploit on a USB device with any old firmware exploit on the host computer that can be pulled off with keyboard input, but I couldn’t find a nice flashy video showing anyone doing that.

1 Like

A local big-box retailer has shiny new checkout stations.
With big screens.
With USB ports on the back that the keyboard, mouse and a few other things are plugged into.
And a few spare unused ones.
Facing the customer, mere cm from where one would naturally rest their arm while waiting.

I’m no uber haxxor taking over the world but holy fucksticks that is tempting! :smirk: