USB ports on receptacles


  #1  
Old 10-21-18, 06:01 AM
Geochurchi's Avatar
Member
Thread Starter
Join Date: Nov 2012
Posts: 5,073
Received 161 Upvotes on 147 Posts
USB ports on receptacles

Hi All, assuming that the receptacle is installed properly and no one has tampered with USB ports, how is it possible for Data to be stolen ?
Geo
 
  #2  
Old 10-21-18, 08:26 AM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts
Originally Posted by Geochurchi
Hi All, assuming that the receptacle is installed properly and no one has tampered with USB ports, how is it possible for Data to be stolen ?
Eh, might need some more details but, here goes with a basic answer-

As a general matter, USB chargers can be hacked, the term is "juice jacking".
https://www.howtogeek.com/166497/htg...should-you-be/
USB drives can be hacked, either with bad software (nasty user) OR bad firmware (nasty from the factory).

The USB cable used for charging is also used for data, and it is possible to create a "fake charger" with malware. cheap Chinese e-cigarette chargers have been used to steal corporate tech data.

see https://www.howtogeek.com/203061/don...urity-problem/

It sounds If you are talking about power plugs with USB charging, I don't know if anybody's documented that hack yet, but there's no reason it couldn't happen.

However, based on your choice of language, it sounds like this might be a NEW version of phone scam,
a warning that a USB device or charger has infected their computer/phone etc.
 
  #3  
Old 10-21-18, 11:43 AM
PJmax's Avatar
Group Moderator
Join Date: Oct 2012
Location: Jersey
Posts: 64,811
Received 3,922 Upvotes on 3,518 Posts
"Juice jacking" can occur because someone has modified the USB charger to grab data off the date pins on the charging cable. If you use public charging locations you should get a two wire charge cord where the data is not present on the cable.

If no one has tampered with the charger.... like in your home.... there is no issue.
 
  #4  
Old 10-21-18, 12:14 PM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts
Originally Posted by PJmax
IIf no one has tampered with the charger.... like in your home.... there is no issue.
Well, there are some e-cigarette chargers and bulk USB drives that come with malware, apparently from the factory. So it is at least possible to have from-the-factory USB charging equipment with malware in the firmware.

edit- When you plug a phone into the USB charger, malware goes from charger USB firmware to the phone USB firmware.
 

Last edited by Hal_S; 10-21-18 at 02:17 PM.
  #5  
Old 10-21-18, 12:21 PM
PJmax's Avatar
Group Moderator
Join Date: Oct 2012
Location: Jersey
Posts: 64,811
Received 3,922 Upvotes on 3,518 Posts
But if that tampered device has no wifi, bluetooth or other means of transmitting a signal.... it's pretty useless.

USB drives with malware hidden on them is a completely different beast to this thread.
 
  #6  
Old 10-21-18, 02:06 PM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts
Originally Posted by PJmax
USB drives with malware hidden on them is a completely different beast to this thread.
So, hypothetically, you purchase a 120V/USB receptacle from Amazon.
It comes with compromised USB firmware ("marketed as fast charge") in the USB receptacle.
You connect a phone for charging, USB charger firmware now injects malware into the phone's USB firmware.
Phone likely has wifi and data connectivity.
 

Last edited by Hal_S; 10-21-18 at 02:23 PM.
  #7  
Old 10-21-18, 04:37 PM
PJmax's Avatar
Group Moderator
Join Date: Oct 2012
Location: Jersey
Posts: 64,811
Received 3,922 Upvotes on 3,518 Posts
Those chargers are very compact and really jammed into that small receptacle case. Most of the ones I've come across are not "smart" chargers. They put out 5V and that's about it. I guess someone with a lot of money and backing could design a charger that had the ability to send out malware but I'd imagine you'd only come across that scenario in a government spy situation.
 
  #8  
Old 10-21-18, 04:49 PM
Z
Member
Join Date: Jan 2008
Location: Southeastern Pennsylvania
Posts: 3,375
Received 121 Upvotes on 112 Posts
Well just saw Pjmax’s post but I’ll post mine anyway –

@Geochurchi -

In the previous discussion here I think we are talking about USB receptacles that have been modified by people up to no good and which actually have a microprocessor hidden inside to run the malware – but look like normal USB receptacles on the outside. So that would be your only worry.
 
  #9  
Old 10-21-18, 05:16 PM
Geochurchi's Avatar
Member
Thread Starter
Join Date: Nov 2012
Posts: 5,073
Received 161 Upvotes on 147 Posts
As I stated in my original post, as long as no one tampered with them.
Geo
 
  #10  
Old 10-21-18, 08:20 PM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts
Um, what sort of USB receptacle do you mean?

The 2 prong chargers that come with phones, a combined 120V/USB outlet, the "ReadyShare USB receptacle on some routers?
 
  #11  
Old 10-22-18, 04:30 AM
Geochurchi's Avatar
Member
Thread Starter
Join Date: Nov 2012
Posts: 5,073
Received 161 Upvotes on 147 Posts
This is what I was thinking about.
https://store.leviton.com/products/u...e-15-amp-t5632
Geo
 
  #12  
Old 10-22-18, 06:41 AM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts


Ok, brand name 120V/USB charger with a control chip inside the USB.

Originally Posted by Geochurchi
how is it possible for Data to be stolen?
The wording makes it seem a though data had ALREADY been stolen, and you're trying to figure out the mechanism?
 
  #13  
Old 10-22-18, 06:51 AM
Z
Member
Join Date: Jan 2008
Location: Southeastern Pennsylvania
Posts: 3,375
Received 121 Upvotes on 112 Posts
An unmodified USB Receptacle is an unmodified USB receptacle. By definition and design an unmodified USB Receptacle has no data processing capabilities. There is no processing of the data lines: D+ and D- in the design. Without logic to process the data lines there can be no modification or stealing of data.

(just saw Hal_S post)
 
  #14  
Old 10-22-18, 10:20 AM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts
Originally Posted by zoesdad
An unmodified USB Receptacle is an unmodified USB receptacle. By definition and design an unmodified USB Receptacle has no data processing capabilities.
Correct, but, the stated description of THIS says it does process data.

the "smart chip" necessarily handshakes, queries what is attached, and changes how it charges based on the answer.

If the USB "recognizes ... the attached device" then it's got firmware which should be susceptible to BadUSB or Harpoon style re-write the firmware attacks.

Agreed that it's exceedingly unlikely to have a malware USB chip from the factory,
but downgrade that to merely unlikely regarding whether anybody with compromised USB firmware has EVER plugged in something that might mess with that smart USB charger chip and firmware.
 
  #15  
Old 10-23-18, 07:39 AM
Z
Member
Join Date: Jan 2008
Location: Southeastern Pennsylvania
Posts: 3,375
Received 121 Upvotes on 112 Posts
Correct, but, the stated description of THIS says it does process data.
There is no data processing. The kind of negotiation they use, by spec, is really down low at the HW level. They vary voltages on the VBus and data lines (D+/D-) and use timing between those lines to signal different charging capabilities when the charger first connects to the device. They can also renegotiate at any time.

The charger side has even fewer requirements than the device-to-be-charged side. They don’t send data back and forth and are not implementing message exchange to negotiate. In other words, there is no data processing.

The Leviton USB Charger may be implemented with a smart chip, maybe a microcontroller, but those are extremely limited in memory (program and data) and it I think it would be virtually impossible to implement enough of any protocol to fool the connected device and steal data. I debugged and modified PIC Microcontroller firmware decades ago, but they are still kind of the same, just somewhat more capable.

The kind of thing you can do with them, for example, is in the program, track the Up/Down voltages on an input data pin thus figuring out the 1’s and 0’s and putting those together to form a character, and then outputting the character, along with an interrupt(toggling another output pin), for another device to handle. You are really working down at a very low level. In other words, you would have no capability to form and process USB packets, etc.

I think you would be talking about implementing something from scratch to implement malware, in other words, a total redesign, not a change to the existing program, i.e., not by reprogramming the chip.
 
  #16  
Old 10-23-18, 08:18 AM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts
Originally Posted by zoesdad
The Leviton USB Charger may be implemented with a smart chip, maybe a microcontroller, but those are extremely limited in memory (program and data) and it I think it would be virtually impossible to implement enough of any protocol to fool the connected device and steal data.
Oh, agreed that it's hard to do, and quite unlikely to show up "in the wild".

It's not the size of the malicious code that's the problem, the problem is that people who know HOW to code can be maliciously in a very compact and malignantly elegant way.

An example would be a "zip bomb"- innocent looking 42 kb file, which unzips into ~4 million gigabytes worth of zeroes, enough to crash the file storage of almost any computer on Earth.
 
  #17  
Old 10-23-18, 10:35 AM
PJmax's Avatar
Group Moderator
Join Date: Oct 2012
Location: Jersey
Posts: 64,811
Received 3,922 Upvotes on 3,518 Posts
We've kind of strayed from the original question.

The likelihood of having any type of problem like this is at home is almost nil but can be a problem at an outside location. It is very possible to plug into what looks like a standard USB charger in the coffee shop and have issues. You can't tell by looking at the charger if it has been modified.
 
  #18  
Old 10-23-18, 12:24 PM
Z
Member
Join Date: Jan 2008
Location: Southeastern Pennsylvania
Posts: 3,375
Received 121 Upvotes on 112 Posts
It's not the size of the malicious code that's the problem, the problem is that people who know HOW to code can be maliciously in a very compact and malignantly elegant way.
A typical microcontroller that would be used in this type of application (USB Charger) most likely would only have 128 bytes of RAM and room for maybe 1K instructions. Albert Einstein couldn’t do it with 128 bytes of RAM.

But a USB Charger with a standard exterior face, but redesigned and upgraded, maybe with a microprocessor instead of a microcontroller, plus adequate RAM, and put in a coffee shop as stated above - could be a problem.

But I don’t think you would ever get a compromised charger like that through Amazon or your local store.
 
  #19  
Old 10-23-18, 01:52 PM
H
Member
Join Date: Nov 2012
Location: USA
Posts: 2,304
Received 292 Upvotes on 250 Posts
Originally Posted by zoesdad
Albert Einstein couldn’t do it with 128 bytes of RAM.
Agreed; but Alan Turing broke the ENIGMA code with ZERO ram, just firmware.
Turing Bombe Simulator

IBM's first "portable" 5 megabyte hard drive
 
 

Thread Tools
Search this Thread
 
Ask a Question
Question Title:
Description:
Your question will be posted in: