re: NYTimes warns of USB "juice jacking" VIEW POST


Never heard the term "juice-jacking" before today, but reports of the problem have been around for a while.

It used to be that phones would, by default, expose the filesystem to any USB connection. Newer Android devices require the user to actively choose to allow access.

My questions would be:

  • Is there still information exposed even if the user selects "power only"?
  • Are vulnerable devices still coming/popular? -What are they?

Several folks have advocated carrying a power-only cable. That's a reasonable preventative, but it's not a cure-all (more a defense in depth). Many charging stations don't offer ports, just hardwired cables with the various connectors.

code of conduct - report abuse