Technology

Could Your Privacy Be Compromised by Using Public Charging Stations?

Posted on August 19, 2011 at 5:10pm by Liz Klimas
Print »
Email »

You may want to think twice the next time you next fuel up. Your phone that is. Public charging stations, like those that you can’t seem to get enough of in airports, have the potential to be another breeding ground for hackers to steal your information.

At DefCon, an annual conference for hackers (who are often security professionals) in Las Vegas, Aires Security built a charging station to help educate fellow security professionals on the risk of these charging stations. Krebs on Security reports that most of these people had not considered potential reifications of hooking up.

The few people I’ve asked while researching this story said they use these charging kiosks all the time (usually while on travel), but then said they’d think twice next time after I mentioned the possible security ramifications of doing so. Everyone I asked was a security professional.

. . .

At a conference where attendees are warned to stay off the wireless networks and avoid using the local ATMs, one might expect that security experts and enthusiasts would avoid using random power stations.

The creators said that at least 360 conference attendees readily connected their phones without thinking and were greeted by this message:

“You should not trust public kiosks with your smart phone. Information can be retrieved or downloaded without your consent. Luckily for you, this station has taken the ethical route and your data is safe. Enjoy the free charge!”

Even still, the comments for Brian Marcus, president of Aires Security, were the most rewarding — an probably telling — part of this awareness exercise.

“One guy that clearly seemed stressed and in a hurry to get his phone topped off said, ‘I don’t care, take my data, I need my phone charged to make a phone call!’” Others said they planned to wipe their phones after leaving the hacker conference anyway.

. . .

Another DefCon attendee remarked, “This freaked my boss out so much he sent an email across the entire company stating employees are now required to bring power cables and/or extra batteries on travel, and no longer allowed to use charging kiosks for smart devices in open public areas.”

PC World points out that most smartphones are often automatically programmed to transfer data or sync when connected to a USB port, making them susceptible to malware. Krebs on Security includes this comment from a conference attendee, which proves that even when you think you’re phone is secure, it may not be:

“One attendee claimed his phone had USB transfer off and he would be fine. When he plugged in, it instantly went into USB transfer mode,” Markus recalls. “He then sheepishly said, ‘Guess that setting doesn’t work.’”

Though charging stations may be an attractive option to juice up — Aires Security purposely made theirs attractive with many loose hang, free USB hook-ups — bringing your own plug adapter to charge your phone bay be the safest bet.

[H/T PC World]

Back to The Blaze »

Comments (32)

Dinkiecb
Posted on August 22, 2011 at 9:16am
Why would you even consider leaving home or the office for a trip where you KNOW your gonna be away for a few days with out taking your charger with you??? HOW IGNORANT!!! You know your gonna use your electronics… you know battery goes down… can we say “ da ” … hey stupid take your charger with ya…
Report Post » Log in to Reply Reply
Mr Sanders
Posted on August 22, 2011 at 8:49am
Think about the Smart Grid – they can monitor power usage, if you have the 3rd generation meter/pedistal, they can even breakout the bill by what you’re using; servers, refrigerators, heating/cooling, cable, radio, light fixtures…. and even chargers. I bring this up because a Green Conference rep stated, “…. we can turn off a piece of machinery at a residence if its using too much power.” WOW! Thus, the tech is out there whereby communications linked into the power grid. RESULT: more overall control and LESS freedom. The walls of your home & business have been penetrated – Privacy is becoming, more and more, a fluid concept.

Security Firms ought to be working on scrambler systems for Smart Grid tech. You can avoid the public charging stations, that’s a smart move, maybe get a Solar generator to re-charge devices?
Report Post » Log in to Reply Reply
TxMadMac
Posted on August 21, 2011 at 12:25pm
He!! I don’t even understand my phone !!!!! Now I can’t even charge the d@mn thing. Do you remember the good old days when you could go on vacation and noone could get ahold of you ?
Report Post » Log in to Reply Reply
MollyTheWhiteWolf
Posted on August 20, 2011 at 3:08pm
The problem is that these idiot designers are multi-tasking their power cables because the people want the smaller and “sleeker.” As a result, most of the cables that can be used as power adapters can also tranfer data to another computer. This is especially true (as well as annoying) with USB adapters. It’s bad enough that I have to leave my computer on over-night to charge a phone, MP3 player, etc., but it also can tranfer data from the device. All you’d need to do is add a little more to the device so that you can charge it, and ONLY charge it, with a standard AC adapter.
Report Post » Log in to ReplyReply
- Attention2Detail
  Posted on August 22, 2011 at 11:13am
  MOLLY, these chargers you wish they would invent already exist. They are sold in such high tech shops as Wal-Mart. All you need is an AC USB charger. I actually use an old USB hub which is not connected to a computer to charge several devices at once. I’m just a hardware guy, not a brilliant hacker, but I would have thought this should be obvious to anyone with any kind of tech savvy at all.
  Report Post »
christianUSA
Posted on August 20, 2011 at 3:02am
What clear needs to be done is a simple wire addapter that only connects the power wire connector and not the data to protect people data.
Report Post » Log in to ReplyReply
- Wilkins
  Posted on August 21, 2011 at 7:58pm
  Someone with a micro amount of tech savy can make a USB adaptor plug with no data connection.
  USB pinout:
  1 +5VDC
  2 Data -
  3 Data +
  4 Ground
  Leaving 2 & 3 disconnected will prevent data transfer.
  Someone ought to market this as an accessory, if it’s not already available.
  Report Post »
dupaws
Posted on August 19, 2011 at 6:56pm
When you find a hacker, shoot him. He no different than a parasite. And the law ie. government seam to be able to do nothing about them.
Report Post » Log in to ReplyReply
- v12tommy
  Posted on August 19, 2011 at 11:35pm
  Not really. Most “hackers” are actually the good guys working to prevent your info from being stolen and other bad things from happening. Only a small percentage are the ones who use their knowledge to try and scam people and what not.
  Report Post »
- DTOM_Jericho (Creator vindicator)
  Posted on August 20, 2011 at 12:34am
  Please, share the stats of this common myth. How small is the percentage? How many hackers are there? What is the measure of a good hacker versus a bad one and who decides that?
  
  “I only robbed the bank and used the money to prove that we should be protected from robbing banks.”
  
  Dumb*ss.
  Report Post »
- MollyTheWhiteWolf
  Posted on August 20, 2011 at 2:56pm
  V2tommy is right. A “hacker” is just a computer programmer. I’m a game hacker, but you’ll never see me ruining some MMORPG. I only hack MY games (console games) that I’m the only one playing.
  Most hackers, in general, are what are called, “light hackers.” They are just regular programmers or people that use their knowledge to develop anti-virus/spyware programs. Some even are hired by companies to test their security systems. The term has become bastardized over the years into what the hacker community calls, “dark hackers,” people who break into other peoples’ computers for either monetary gain or thirlls (sadly, yes, there are people who break into computers for thrills). If it wasn’t for light hackers, you wouldn’t have theat firewall on your computer. If it waan’t for dark hackers, you would NEED that firewall on your computer. Know the difference!
  Report Post »
neverending
Posted on August 19, 2011 at 6:21pm
No worse then it is already. We have no privacy left and if one thinks they do they better pull their heads out of the sand.
Report Post » Log in to ReplyReply
- one years food ration like glenn says
  Posted on August 20, 2011 at 7:38am
  DTOM_JERICHO (CREATOR VINDICATOR): Great analogy lmao… Now can you do something about the side “next story ” pop up ? It’s very annoying …. lol
  Report Post »
LIBERALSBEDAMNED
Posted on August 19, 2011 at 6:19pm
EVERYONE IN AMERICA!!! YOU must bow TO YOUR KING obama
Report Post » Log in to Reply Reply
Slowman101
Posted on August 19, 2011 at 6:13pm
Great! Just what we need. More snooping into our personal lives!
Report Post » Log in to ReplyReply
- Jack MeOff
  Posted on August 19, 2011 at 8:21pm
  No snooping necessary! Don’t use the charging stations! Simple, A.
  Report Post »
Rice Water
Posted on August 19, 2011 at 6:11pm
How in the world could my privacy be compromised by using a public changing station?
Report Post » Log in to ReplyReply
- The-Monk
  Posted on August 19, 2011 at 6:36pm
  @Rice Water
  Most phones use a USB port to charge them up. A USB port has 4 pins, Vcc, D-, D+ and ground.
  Vcc is the 5+ volt and the ground is, well, ground. Think of battery. D- and D+ are the 2 data transfer lines. A charger is supposed to only use only Vcc and ground to supply the 5 volts to charge your phone. If someone “rigs” a charging station to utilize D- and D+ it’s possible to get to any data on your phone.
  Report Post »
- Rice Water
  Posted on August 19, 2011 at 7:17pm
  (sigh)
  Report Post »
- The-Monk
  Posted on August 19, 2011 at 8:09pm
  @Rice Water
  At least someone answered your question. Do you understand the answer?
  Report Post »
- Jack MeOff
  Posted on August 19, 2011 at 8:25pm
  Monk
  Yea, any dumb-azz stupid enough to plug their constantly online smartphone into a ‘charging station’ deserves to get everything that ends up happening to them by the hacks… You can’t fix stupid!!
  Report Post »
- Wyatt's Torch
  Posted on August 21, 2011 at 5:08pm
  You shouldn’t be “changing” in public if you want privacy! Keep yer giblets covered when in public :)
  Report Post »
fastfacts
Posted on August 19, 2011 at 6:07pm
GET READY TO LOSE ALL PRIVACY…

Look at what Facebook has been up to lately. Spying and divulging personal info.
Look at what is happening with the TSA.

Here is another one, look at what is happening with the webcam that is on your computer, have you heard about people peeping in on you over the internet, this is just one case: http://url2it.com/grmi . There was also a college that watch people on the computers within the dorm. That was not that long ago.
Report Post » Log in to Reply Reply
johnsell
Posted on August 19, 2011 at 5:47pm
I would think that this only applies to those devices that don’t have a separate power charging port as opposed to those that have only one plug which carries all data to and from the phone including charging power.

They didn’t make that point very clear which could panic those that data could be downloaded through a power only port on your device.
Report Post » Log in to Reply Reply
KickinBack
Posted on August 19, 2011 at 5:34pm
If not stolen info, they could always be another tool for big brother. This doesn’t surprise me.
Report Post » Log in to ReplyReply
- Ron_WA
  Posted on August 19, 2011 at 6:00pm
  Big Brother doesn’t need to use this technique – it can read everything on your phone anytime it is powered up IF they choose to target you; you don’t have to be plugged into anything; the phone doesn’t even have to be turned on – the device only has to have a power source attached to it (battery, USB connection, external charger).
  
  The professional bad guys know the vulnerabilities & thus only power up their phones at pre-arranged times to send/receive, use only throw-away phones, never store anything on them, & would NEVER use stick their phone into strange places.
  
  These kiosks are the perfect place for common crooks to steal from the average schmuck.
  Report Post »
- Forced_Union_Worker
  Posted on August 20, 2011 at 12:12pm
  People just don’t realize how at risk their cell phones are. I’ve posted this before, but it doesn’t hurt to do it again. Those free apps people love to down load are often riddled with viruses. Apple recently had to remove hundreds of apps from their apps store because of viruses.
  Report Post »
JoMo
Posted on August 19, 2011 at 5:21pm
There is no such thing as privacy on cell phones, internet, etc.
It really cracks me up when someone won’t use their cell phone or go online to order anything because their account will be “out there for anyone to steal” but that same person uses the debit card at a grocery store or gas station. HHHMMMMM where do they think the info is going??? Yep, everything is now “out there” so there is no such thing as privacy anymore…….
Report Post » Log in to Reply Reply
MODEL82A1
Posted on August 19, 2011 at 5:15pm
Oh goody! Yet another boogeyman for the conspiracy-theory nut jobs to wring their hands about.
Report Post » Log in to ReplyReply
- THX-1138
  Posted on August 19, 2011 at 5:22pm
  If there’s money to be made….
  Report Post »
- chips1
  Posted on August 19, 2011 at 5:26pm
  The ovens are almost heated up, and your next.
  Report Post »
- Bullhorn Guy
  Posted on August 19, 2011 at 7:19pm
  That’s right, Model82a, keep your blinders on. You have no idea the kind of world you live in.
  Report Post »

It appears that you have Javascript Disabled. Please enable Javascript in your browser preferences for a better user experience on TheBlaze. You can not comment without Javascript enabled.