Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

USB-C security risk

KrisLord said:
More terrible reporting. Existing vulnerability stills exists with new connector.
Click to expand...

This.

I read that article and realized it was click-bate. USB-C suffers from USB security issues. It's a shame they weren't fixed, but your behavior doesn't need to change. Don't plug in strange wires.
 
Traverse said:
I read that article and realized it was click-bate. USB-C suffers from USB security issues. It's a shame they weren't fixed, but your behavior doesn't need to change. Don't plug in strange wires.
Click to expand...
Did anyone even read the article? The point is that you cannot share someone else's charger anymore without risking an attack through the USB port. This was not an issue when the charge port was separate from the data ports. The article is correct in warning users from connecting this computer to untrusted chargers.
 
Rigby said:
Did anyone even read the article? The point is that you cannot share someone else's charger anymore without risking an attack through the USB port. This was not an issue when the charge port was separate from the data ports. The article is correct in warning users from connecting this computer to untrusted chargers.
Click to expand...

I repeat: don't plug in strange wires.
 
Rigby said:
There is absolutely no risk in sharing someone else's Magsafe charger with the current Macs.
Click to expand...

Yes, but don't plug strange data (USB) cables in your computer. The only difference is now it doubles as a charger port.
 
Traverse said:
Yes, but don't plug strange data (USB) cables in your computer. The only difference is now it doubles as a charger port.
Click to expand...

Pretty much this. Don't try and charge it from a hub or some unfamiliar charging brick if you are worried.
 
Almost every data-enabled port has a security issue because nobody really thought of the potential that it could be abused if the data goes both ways. It's a good thing we're talking about it now but the problem is that it's too late for USB 3 and TB. We can probably patch it via OS level by asking the user if the device is trusted or if possible, enable charging only transfer, meaning no data is allowed.

Thunderbolt has a different security issue, it allows for DMA access. This is also true for Firewire and it's been out for a few decades.

Right now, the only thing you can do is don't trust anybody else's cables.
 
Rigby said:
Did anyone even read the article? The point is that you cannot share someone else's charger anymore without risking an attack through the USB port. This was not an issue when the charge port was separate from the data ports. The article is correct in warning users from connecting this computer to untrusted chargers.
Click to expand...

This exploit only works if the usb device has a micro controller with a re-writable firmware. Most usb devices, including the macbook charger will have fixed firmware because its much cheaper. Therefore not vulnerable to the mentioned exploit.
 
lchlch said:
This exploit only works if the usb device has a micro controller with a re-writable firmware. Most usb devices, including the macbook charger will have fixed firmware because its much cheaper. Therefore not vulnerable to the mentioned exploit.
Click to expand...
You don't understand. The primary concern is not that your charger may be "infected". The concern is that a borrowed charger may be modified to attack Macbooks that are being connected to it. That could be as simple as the charger acting as a USB keyboard and "typing" commands. Or it could act as a USB network adapter and highjack your Internet traffic. Or it could use USB-C's DMA to access the computer's memory. Or perhaps there is an exploit to attack the computer's USB controller itself. There are countless attack vectors.

What all this means is that you should never share someone else's charger. Users of the new Macbook have to be even more careful than smartphone users, since the Macbook doesn't even ask the user if a device is to be considered "trusted" when first connecting (like e.g. the iPhone does when you connect it to a computer).
 
Rigby said:
You don't understand. The primary concern is not that your charger may be "infected". The concern is that a borrowed charger may be modified to attack Macbooks that are being connected to it. That could be as simple as the charger acting as a USB keyboard and "typing" commands. Or it could act as a USB network adapter and highjack your Internet traffic. Or it could use USB-C's DMA to access the computer's memory. Or perhaps there is an exploit to attack the computer's USB controller itself. There are countless attack vectors.
Click to expand...

If you mean that someone had gone to the length of physically modifying the hardware of the charger (taking out the ic inside and replacing it with something else entirely, plus write the firmware to control it, plus making it all seem untempered with) , than your point is correct and i'll agree with you. Although i would applaud the guy for going through all that effort.

However do note that it's impossible to modify the the charger via software.
 
lchlch said:
If you mean that someone had gone to the length of physically modifying the hardware of the charger (taking out the ic inside and replacing it with something else entirely, plus write the firmware to control it, plus making it all seem untempered with) , than your point is correct and i'll agree with you. Although i would applaud the guy for going through all that effort.
Click to expand...
It's been done (see e.g. here). Also note that since USB-C is not Apple-proprietary, it could be an entirely different charger as well. There will likely be many 3rd-party chargers for USB-C.
However do note that it's impossible to modify the the charger via software.
Click to expand...
Probably not, since it's probably not a USB device out of the box. But if it is (e.g. acting as a USB hub), you don't know that it can't be modified. Almost all cheap USB devices today have writable firmware, and very few have protections against unauthorized modifications (e.g. by signing the firmware using cryptographic keys).
 
Rigby said:
It's been done (see e.g. here). Also note that since USB-C is not Apple-proprietary, it could be an entirely different charger as well. There will likely be many 3rd-party chargers for USB-C.
Probably not, since it's probably not a USB device out of the box. But if it is (e.g. acting as a USB hub), you don't know that it can't be modified. Almost all cheap USB devices today have writable firmware, and very few have protections against unauthorized modifications (e.g. by signing the firmware using cryptographic keys).
Click to expand...

I agree it can be done i just question the practicality of building a charger for the sake of hacking someones computer. A worm on a usb would be much easier.

All cheap devices will definitely have un-writable firmware, because its cheaper.
 
The issue isn't the charger, the issue is a USB port also makes a data connection if there is one available.

If the charger is just a charger and the voltage and wattage are correct the is zero risk.
 
Surely using someone else's charger is even less likely than using someone else's USB stick?
 
lchlch said:
All cheap devices will definitely have un-writable firmware, because its cheaper.
Click to expand...
I don't think that's true. According to the people who demonstrated the "BadUSB" exploits, the vast majority of the USB controllers they looked at had writable firmware. Flashing the firmware during manufacturing may actually be cheaper than producing a PROM.
----------
bjet767 said:
The issue isn't the charger, the issue is a USB port also makes a data connection if there is one available.

If the charger is just a charger and the voltage and wattage are correct the is zero risk.
Click to expand...
The problem with USB-C chargers is that the user has no way of telling whether it's just a charger (short of taking it apart). This problem only arises since the new Macbook doesn't have a separate charge port anymore.
 
Rigby said:
I don't think that's true. According to the people who demonstrated the "BadUSB" exploits, the vast majority of the USB controllers they looked at had writable firmware. Flashing the firmware during manufacturing may actually be cheaper than producing a PROM.

...
Click to expand...

The people who demonstrated the exploit always had one thing in common. That is they use the micro controllers from Phison. There's a reason you don't see them using other micro controllers.

Most manufacturers use asics as their firmware which is cheap and is not writable at all. Couple that with the fact that most manufacturers will cut down unnecessary USB endpoints to further reduce cost. (i.e a usb stick only have endpoints for USB Mass Storage Class)

Therefore making it impossible to alter the firmware of most usb devices.
 
Traverse said:
Yes, but don't plug strange data (USB) cables in your computer. The only difference is now it doubles as a charger port.
Click to expand...

Sort of like the usb charging ports that some airlines have now. I plugged my iPhone into it, and a warning popped up about establishing a data connection with a new source. What? I just wanted to charge...
 
tmarks11 said:
Sort of like the usb charging ports that some airlines have now. I plugged my iPhone into it, and a warning popped up about establishing a data connection with a new source. What? I just wanted to charge...
Click to expand...

Qatar Airways can pull music from your iPhone into their entertainment systems and onto headphone jack in the armrest. That's useful if you forgot to bring your own headphones and the airline provided headphones have two-pin connectors.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back