Originally Posted by
Visconti
Y'all here are pretty tech savvy!
Generally, I'm one of those when it comes to tech & cyber security, paranoid by nature always defaulting to the "out of abundance of caution" stance. Is it just an urban myth that charging my devices through public ports with the old USB has a risk, however minor, of having the data unwittingly transferred? And, assuming one day we'll public Thunderbolt ports, will this risk be eliminated?
Thanks!
Yes, there is a risk, though normally not considered to be significant. (Note: TB doesn’t do anything, may actually make it worse.) This article explains it pretty sufficiently, including the end comment:
https://www.zdnet.com/google-amp/art...ging-stations/
Essentially, 2 main types I am aware of:
1.
USB Killer devices can ‘surge’ electricity and short your devices USB port, if not damage your device (laptop, phone, etc). Some devices can build in extra protection, such as fuses.
2. A USB micro-computer / device disguised as a simple USB charger/ charging port./ cable. If an unsuspecting party plugs their device in, it tries to access the device using known vulnerabilities. If data access is obtained to your device, then good luck.
Having said that, risk of actually having this happen is minimal, especially as both Apple & Android phones have “trust this data connection” pop ups now which users have to approve. But then again, computers will just directly access any old USB device when plugged in, no?
Still, it’s seen as low risk because it’s not thought to happen too often.
But for peace of mind, I still don’t plug into public USB ports, just carry my own AC-USB adapter or battery pack.
(AC plugs could theoretically damage the charger and a connected device with a large enough power surge and insufficient protection… but that is more likely to just occur due to the bad power socket / wiring / grid.)