MuConnect Updates

Juice Jacking

juice-jacking

Our cellphones technology has taken a quantum leap within the last ten years - from the famed Nokia ‘brick’ - with keypad and small pixelated screens (and snake),  to the slim portable touchscreen computers they are now.

The price of this massive improvement in technology? The original snake, and battery life. A smartphone now has a maximum battery life of around a day, and even less when used to it’s full potential. Hence, very often, we avail of the services of a public charging kiosk, which leads to the problem at hand - juice jacking.

Juice Jacking For Beginners (Not a Guide!)

Technically: The access gained by a malicious user to a phone upon connection to a public charging kiosk, allowing said user to illegitimately use your phone’s data and insert malicious code.

Basically: Those innocent looking charging kiosks we see? They may not be there out of public goodwill (you win this time, cynics). The interesting whatsapp conversation for which you plugged in your dying phone? Someone else may be reading it, too.

singaporechangifreecharging-e1346037378929-225x300
A phone charging kiosk, commonly seen in airports.
The Cause:

Technically: Most smartphones use a common cable for both charging and data transfer. This setup allows a malicious user to gain access to your smartphone.

Basically: The technology which brought us the new charger cum data cables have led to this. We shall take a moment and miss the good old days when a charger was just a charger.

The Effect (How serious is it?):

1233326888178822760
A reference to juice jacking in CSI:Cyber.
Technically: The phone pairs with a hidden computer in the kiosk, wherein private photos, contact information and so on are transferred. A more serious invasion of privacy  involves injection of malicious data.

Even without the latter, the connection of your phone with the kiosk, may create a long-standing security problem - in the form of pairing. This is the mechanism by which the desktop establishes a trusted relationship with the device,so that iTunes, Xcode and so on can talk to it. The desktop will have access to personal information on the device, including your address book, notes, photos, music collection, sms database, typing cache, and can even initiate a full backup of the phone. This can be accessed anytime, wirelessly, after the connection is terminated, regardless of whether WiFi sync is turned on or not. Thus this pairing relationship and the security threat lasts until the phone is reset to factory settings.

Basically: It’s ……. serious. Very serious.

The Solution:

Averting this security crisis is actually simple - merely a matter of planning and precautionary action. Keeping your phone charged by plugging it in whenever it’s not used, carrying a power bank or your own charger, locking your phone when connected and using a charging only USB cable are some ideas.

MuConnect is a MagSafe inspired connector, which can be attached to a charging cable. Among it’s many advantages, it also offers the option to effectively disable data sync and enjoy safe charging anywhere. To read more, go to http://igg.me/at/muconnect/x/13008722

Sources: http://www.techadvisory.org/2014/09/whats-juice-jacking/ http://www.howtogeek.com/166497/htg-explains-what-is-juice-jacking-and-how-worried-should-you-be/

0 Comments

Leave a Comment