We rely every day on our phones, tablets and laptops. There’s nothing worse than sitting in an airport lounge trying to search for the perfect turn of phrase to close your big presentation on a high note and having your battery go dead.
Increasingly, there are public ports you can use to charge your electronics. It’s tempting to plug into these. You just need a little power. What’s the worst that could happen?
Unfortunately, there’s a possibility to fall victim to “juice jacking.” Many of us have gotten savvy enough that we don’t install software we don’t trust on our phones, and we’re very protective of account information. However, everyone needs a power charge from time to time, and a bad apple can take over one of these public ports and use it to get data off your phone or deliver malicious software to you phone through the power cables can take over one of these.
We’ll give a high-level overview about how this works as well as the ramifications. Then we’ll take a look at some basic things you can do to protect yourself.
Understanding USB
Many phone, tablet and laptop devices charge via a universal serial bus (USB) port. USBs have been built up over time to be a very versatile standard. There are different sizes of USB devices and different capabilities – such as how quickly charge can be delivered and the speed of data transfer – depending on the device utilizing the USB port.
Basically, USB ports and plugs have the capability of transferring power and data. This is useful when you want to transfer documents from flash drives or external hard drives. USB cables also makes it possible to sync music to your phone or MP3 player when they’re plugged into your computer.
However, it’s the ability to transfer data that becomes dangerous when plugging into an unknown source.
The Danger of Public Ports
Let’s go back to the airport. In the terminal, you see a public charging station with multiple ports allowing many people to plug in their USB devices at the same time. By themselves, there’s nothing inherently wrong with any of these devices, but they can be modified by people who don’t have your best interest in mind.
Often, phones and tablets have built-in hard drives for storage. They are intended to be used for things like backing up your pictures.
However, on devices that have been compromised by a hacker, data can be taken off via Bluetooth or internet connection when they’re plugged in to charge.
A second type of attack that could occur when you plug into a public port is a code or program could be transferred via the USB cable and into your phone, often in the background without your knowledge. From then on, unless you wipe the device (and if you didn’t suspect anything, why would you?), the program is on your phone and can be used to collect data on what you’re doing or perhaps make your data inaccessible and tell you to pay a fee to the hacker for the fix.
Obviously, not every public port poses a danger, but you just don’t know what might be going on, so it’s definitely a possibility to be aware of.
Port Safety 101
They say you should never bring up a problem unless you have a solution. While juice jacking has the potential to be a serious problem, there are measures you can take to protect yourself.
BYOC: Bring Your Own Cables
When you go on a trip, don’t take advantage of the setup in the hotel room. Sure, three USB ports in a lamp is novel, but it’s not worth the risk.
If you bring your own cables and adapters, you know what’s been done with these devices and that they haven’t been tampered with.
You should also try to plug into a wall outlet whenever possible. Smart home technology is great when I’m at home and want to turn on the lights and TV with my voice. On the road, when you don’t know who’s been there before you, it’s not a bad idea to get your power from the dumbest source possible. Fortunately, wall outlets do absolutely nothing but deliver electricity. If you hook things directly into the wall, you should be fine.
If you absolutely need to plug into one of these potentially hijacked hub devices, maybe the best way to go about it is to keep a special cable that you use only for charging when you’re on the road. You can buy cables that have data transfer blocked.
Your iOS or Android device may ask you when you plug it in whether or not you trust the device you’re connecting to for data transfer.
While these types of screens are important and give some level of control, it’s important to not rely solely on the devices. If the device you’re using has already been hacked, or your software isn’t updated, you could still have an issue.
Run the Software Updates
If you’re cynical, software updates might seem like just another way for manufacturers to add features and eventually get you to upgrade your device every few years. While there’s no doubt that features are often added in these updates, there’s a security portion of this that’s just as important.
Every operating system manufacturer uses these updates to patch critical security flaws. So it’s important to run these updates, particularly if you’re going to be plugging into public access points for charging or Wi-Fi.
Battery Backup
Particularly with phones, you can buy external cases that will provide your phone with additional power that’s akin to an extra battery. Here’s how they work: You charge the case, and when your phone starts running low, you attach the case and continue on with your life. There are also external battery packs that you can keep charged and with you while you travel. They’re not much larger than the size of a smartphone.
For most phones and laptops, you could buy an extra battery to keep on hand. Keep them both charged when you’re in a safe zone and rotate through them when the time comes.
Juice jacking is just one way that hackers may try to get into your device; hopefully, these tips will help you stay safe in an increasingly connected world.
The post Need Juice? The Dangers of Plugging Your Phone Into Public Ports appeared first on ZING Blog by Quicken Loans.
from ZING Blog by Quicken Loans http://ift.tt/2t0oO2Q
via Zero Mortgage Insurance
No comments:
Post a Comment