What ? How can you ask such a question ? Why isn’t it legal to grow tobacco in your backyard - because it can seriously harm you ?!?! It is the tech they provide that can be used to steal your data and miss lead you. No **** it shouldn’t be legal ?!! Good thing governments are debating pointless App Store payments and fees that don’t bother no one and only benefit large software companies looking to get rich, instead of banning those types of products.
Why would eBay sellers sell these at $7 when they would cost far more than a "normal" cable? The most likely use of these is people planting a cable on somebody they know and can monitor nearby (read the article). This has nothing to do with cheap knock-offs vs original Apple cables.
It's just a matter of time before the OS can detect these chips in the cables and refuse to work with them.
Please no. In addition to speed issues, it basically renders any device that relies on plugged connection useless, such as a car radio, unless you have a wireless connection that is securely attached; not to mention monitors, storage, keyboards, etc.
I assume the chip set and connectors, which is why the prices are so high, but I honestly don't know.
It looks like you can still trigger a duckscript payload, so that functionality is still available. But yeah, this is a non-event. BadUSB devices have been available for years that can fake out HID/Ethernet/whatever. The miniaturization is a cute trick, but there's no functional difference between this and what's been available in the past + a plug adapter.
IC organizations don't buy equipment from Hak5 for operations. They have their own devices.
If you think the price for a normal cable is high, you'll go nuts when you see the price for these guys:
Yup, it definitely isn't going to have GPS hardware inside.
I think it's fair to say he may have gotten a mile, but only under ideal conditions (e.g., direct line-of-sight in an outdoor environment on a clear day). Transmitting logged keystrokes requires almost no bandwidth — we're talking about something that a 40-year-old 300bps modem could handle — so you don't need a very strong Wi-Fi signal, and attenuation is therefore far less of a problem.
If you want to be safe from targeted attacks then always buy from stores. Your are a sitting duck when ordering online, because it is possibly to replace the ordered item with a doctored item en route to you.
The old news is that some guy developed and made these by hand. The new news is that they are now being mass-produced and sold by a security vendor (Hak5).Old news...
Security researcher says this modified Lightning cable can hack your Mac
It looks like a harmless Lightning cable but looks can be deceiving.www.imore.com
Nothing new it’s been around for 3yrs now and purchase on eBay originally but blocked so there are channels to essil find it.
What is sad about this (even though a security developer) is that I can no longer trust cheaper than Apple options for cables, even if legit. Good for Apple, bad to others...
A normal-looking Lightning cable that can used to steal data like passwords and send it to a hacker has been developed, Vice reports.
The "OMG Cable" compared to Apple's Lightning to USB cable.
The "OMG Cable" works exactly like a normal Lightning to USB cable and can log keystrokes from connected Mac keyboards, iPads, and iPhones, and then send this data to a bad actor who could be over a mile away. They work by creating a Wi-Fi hotspot that a hacker can connect to, and using a simple web app they can record keystrokes.
The cables also include geofencing features that allow users to trigger or block the device's payloads based on its location, preventing the leakage of payloads or keystrokes from other devices being collected. Other features include the ability to change keyboard mappings and the ability to forge the identity of USB devices.
The cables contain a small implanted chip and are physically the same size as authentic cables, making it extremely difficult to identify a malicious cable. The implant itself apparently takes up around half of the length of a USB-C connector's plastic shell, allowing the cable to continue to operate as normal.
An x-ray view of the implanted chip inside the USB-C end of an OMG Cable.
The cables, made as part of a series of penetration testing tools by the security researcher known as "MG," have now entered mass production to be sold by the cybersecurity vendor Hak5. The cables are available in a number of versions, including Lightning to USB-C, and can visually mimic cables from a range of accessory manufacturers, making them a noteworthy threat to device security.
Article Link: Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords
I would think going through extreme lengths to protect your privacy like using burner devices on the Internet and old hardware for your personal data would end up attracting more attention to yourself than just doing things like everyone else does.
