USB-C security risk

Discussion in 'MacBook' started by Wreckus, Mar 16, 2015.

  1. Wreckus, Mar 16, 2015
    Last edited by a moderator: Mar 16, 2015
  2. KrisLord macrumors 6502a

    Joined:
    Sep 12, 2008
    Location:
    Northumberland, UK
    #2
    More terrible reporting. Existing vulnerability stills exists with new connector.
     
  3. racer1441 macrumors 68000

    Joined:
    Jul 3, 2009
    #3
    Does anyone else remember when the Verge wasn't a steaming pile of horse crap?
     
  4. MisterPunchy macrumors regular

    Joined:
    Sep 19, 2013
    Location:
    CA
    #4
    I do. So long ago, when they all left Engadget because it was becoming a steaming pile of horse crap.
     
  5. Traverse macrumors 603

    Traverse

    Joined:
    Mar 11, 2013
    Location:
    Here
    #5
    This.

    I read that article and realized it was click-bate. USB-C suffers from USB security issues. It's a shame they weren't fixed, but your behavior doesn't need to change. Don't plug in strange wires.
     
  6. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #6
    Did anyone even read the article? The point is that you cannot share someone else's charger anymore without risking an attack through the USB port. This was not an issue when the charge port was separate from the data ports. The article is correct in warning users from connecting this computer to untrusted chargers.
     
  7. Traverse macrumors 603

    Traverse

    Joined:
    Mar 11, 2013
    Location:
    Here
    #7
    I repeat: don't plug in strange wires.
     
  8. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #8
    There is absolutely no risk in sharing someone else's Magsafe charger with the current Macs.
     
  9. Traverse macrumors 603

    Traverse

    Joined:
    Mar 11, 2013
    Location:
    Here
    #9
    Yes, but don't plug strange data (USB) cables in your computer. The only difference is now it doubles as a charger port.
     
  10. bhayes444 macrumors 6502a

    Joined:
    Jul 13, 2013
    #10
    Pretty much this. Don't try and charge it from a hub or some unfamiliar charging brick if you are worried.
     
  11. MikhailT macrumors 601

    Joined:
    Nov 12, 2007
    #11
    Almost every data-enabled port has a security issue because nobody really thought of the potential that it could be abused if the data goes both ways. It's a good thing we're talking about it now but the problem is that it's too late for USB 3 and TB. We can probably patch it via OS level by asking the user if the device is trusted or if possible, enable charging only transfer, meaning no data is allowed.

    Thunderbolt has a different security issue, it allows for DMA access. This is also true for Firewire and it's been out for a few decades.

    Right now, the only thing you can do is don't trust anybody else's cables.
     
  12. lchlch macrumors 6502a

    Joined:
    Mar 12, 2015
    #12
    This exploit only works if the usb device has a micro controller with a re-writable firmware. Most usb devices, including the macbook charger will have fixed firmware because its much cheaper. Therefore not vulnerable to the mentioned exploit.
     
  13. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #13
    You don't understand. The primary concern is not that your charger may be "infected". The concern is that a borrowed charger may be modified to attack Macbooks that are being connected to it. That could be as simple as the charger acting as a USB keyboard and "typing" commands. Or it could act as a USB network adapter and highjack your Internet traffic. Or it could use USB-C's DMA to access the computer's memory. Or perhaps there is an exploit to attack the computer's USB controller itself. There are countless attack vectors.

    What all this means is that you should never share someone else's charger. Users of the new Macbook have to be even more careful than smartphone users, since the Macbook doesn't even ask the user if a device is to be considered "trusted" when first connecting (like e.g. the iPhone does when you connect it to a computer).
     
  14. lchlch macrumors 6502a

    Joined:
    Mar 12, 2015
    #14
    If you mean that someone had gone to the length of physically modifying the hardware of the charger (taking out the ic inside and replacing it with something else entirely, plus write the firmware to control it, plus making it all seem untempered with) , than your point is correct and i'll agree with you. Although i would applaud the guy for going through all that effort.

    However do note that it's impossible to modify the the charger via software.
     
  15. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #15
    It's been done (see e.g. here). Also note that since USB-C is not Apple-proprietary, it could be an entirely different charger as well. There will likely be many 3rd-party chargers for USB-C.
    Probably not, since it's probably not a USB device out of the box. But if it is (e.g. acting as a USB hub), you don't know that it can't be modified. Almost all cheap USB devices today have writable firmware, and very few have protections against unauthorized modifications (e.g. by signing the firmware using cryptographic keys).
     
  16. lchlch macrumors 6502a

    Joined:
    Mar 12, 2015
    #16
    I agree it can be done i just question the practicality of building a charger for the sake of hacking someones computer. A worm on a usb would be much easier.

    All cheap devices will definitely have un-writable firmware, because its cheaper.
     
  17. bjet767 macrumors 6502a

    Joined:
    Oct 2, 2010
    #17
    The issue isn't the charger, the issue is a USB port also makes a data connection if there is one available.

    If the charger is just a charger and the voltage and wattage are correct the is zero risk.
     
  18. tillsbury macrumors 65816

    Joined:
    Dec 24, 2007
    #18
    Surely using someone else's charger is even less likely than using someone else's USB stick?
     
  19. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #19
    I don't think that's true. According to the people who demonstrated the "BadUSB" exploits, the vast majority of the USB controllers they looked at had writable firmware. Flashing the firmware during manufacturing may actually be cheaper than producing a PROM.
    ----------
    The problem with USB-C chargers is that the user has no way of telling whether it's just a charger (short of taking it apart). This problem only arises since the new Macbook doesn't have a separate charge port anymore.
     
  20. lchlch macrumors 6502a

    Joined:
    Mar 12, 2015
    #20
    The people who demonstrated the exploit always had one thing in common. That is they use the micro controllers from Phison. There's a reason you don't see them using other micro controllers.

    Most manufacturers use asics as their firmware which is cheap and is not writable at all. Couple that with the fact that most manufacturers will cut down unnecessary USB endpoints to further reduce cost. (i.e a usb stick only have endpoints for USB Mass Storage Class)

    Therefore making it impossible to alter the firmware of most usb devices.
     
  21. swordfish5736 macrumors 68000

    swordfish5736

    Joined:
    Jun 29, 2007
    Location:
    Cesspool
    #21
    we won't know till these hit the streets but maybe apple is doing the same thing they do with iOS devices.

    a simple trust this device popup whenever a new device is plugged in that could do anything besides transmit power.
    https://support.apple.com/en-us/HT202778
     
  22. tmarks11 macrumors 6502

    Joined:
    May 3, 2010
    #22
    Sort of like the usb charging ports that some airlines have now. I plugged my iPhone into it, and a warning popped up about establishing a data connection with a new source. What? I just wanted to charge...
     
  23. mtneer macrumors 68020

    mtneer

    Joined:
    Sep 15, 2012
    #23
    Qatar Airways can pull music from your iPhone into their entertainment systems and onto headphone jack in the armrest. That's useful if you forgot to bring your own headphones and the airline provided headphones have two-pin connectors.
     

Share This Page