 |
|
| UK diy (uk.d-i-y) For the discussion of all topics related to diy (do-it-yourself) in the UK. All levels of experience and proficency are welcome to join in to ask questions or offer solutions. |
| Reply |
|
|
LinkBack | Thread Tools | Display Modes |
|
#1
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
USB risk (slightly OT)
http://www.theinquirer.net/inquirer/...hacking-threat
FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" |
|
#2
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On Fri, 27 May 2016 21:42:59 +0100, newshound
wrote: http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" iOS does - if it hears data on the line it pops up "Do you want to trust this computer?", and if you say no it'll just take power. Since 2011, I think. Cheers - Jaimie -- "I clipped your toenails while you slept. So I could make them part of my COLLECTION." -- Pintsize, questionable content #730 |
|
#3
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On 5/27/2016 9:45 PM, Jaimie Vandenbergh wrote:
On Fri, 27 May 2016 21:42:59 +0100, newshound wrote: http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" iOS does - if it hears data on the line it pops up "Do you want to trust this computer?", and if you say no it'll just take power. Since 2011, I think. Cheers - Jaimie Journalists! :-) |
|
#4
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On Fri, 27 May 2016 21:45:54 +0100, Jaimie Vandenbergh
wrote: On Fri, 27 May 2016 21:42:59 +0100, newshound wrote: http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" iOS does - if it hears data on the line it pops up "Do you want to trust this computer?", and if you say no it'll just take power. Since 2011, I think. Oh, The Inquirer, they're always reliable. And Kaspersky, they've definitely never tried to spread FUD to sell you their security gear. At least Kaspersky make it fairly clear that what they're talking about is the USB device acknowledgement handshake, which *has* to be provided otherwise your kit isn't USB compatible. And part of that is a unique identifier like the MAC on a network card. Then they bait and switch halfway through the article, going from "Android and Apple Phones Are USB devices That Talk USB shocker!!!!!1!!" to "a smartphone" without any detail as to what model or OS. Nice. Cheers - Jaimie -- 207 BC: Chrysippus, Greek stoic philosopher, is believed to have died of laughter after watching his drunken donkey attempt to eat figs. |
|
#5
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On Fri, 27 May 2016 21:42:59 +0100, newshound wrote:
http://www.theinquirer.net/inquirer/...s-and-android- devices-at-risk-from-usb-charger-data-hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" My (stock Android) phone does that. It starts off doing power only, and you ca pull down a menu with the other options (file transfer, photo transfer, MIDI). That's a Nexus 5 with Android 6.0.1. -- My posts are my copyright and if @diy_forums or Home Owners' Hub wish to copy them they can pay me £1 a message. Use the BIG mirror service in the UK: http://www.mirrorservice.org *lightning surge protection* - a w_tom conductor |
|
#6
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
newshound wrote
http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" iOS does, it asks 'trust this computer' if anything tries to communicate. |
|
#7
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On Fri, 27 May 2016 21:42:59 +0100, newshound wrote:
http://www.theinquirer.net/inquirer/...s-and-android- devices-at-risk-from-usb-charger-data-hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" Mine - ancient Android - does. |
|
#8
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On 27/05/2016 21:45, Jaimie Vandenbergh wrote:
iOS does - if it hears data on the line it pops up "Do you want to trust this computer?", and if you say no it'll just take power. Since 2011, I think. This is an old story. And it can't be fixed. Device says "I am an Apple keyboard". iOS says that's alright then... A few chosen "keypresses" later and you've been pwned. It's the same on all operating systems, with various devices. MS's autorun is perhaps the worst. Andy |
|
#9
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On Sun, 29 May 2016 21:39:58 +0100, Vir Campestris
wrote: On 27/05/2016 21:45, Jaimie Vandenbergh wrote: iOS does - if it hears data on the line it pops up "Do you want to trust this computer?", and if you say no it'll just take power. Since 2011, I think. This is an old story. And it can't be fixed. Device says "I am an Apple keyboard". iOS says that's alright then... A few chosen "keypresses" later and you've been pwned. It's the same on all operating systems, with various devices. MS's autorun is perhaps the worst. Sure, hardware access almost always gives you ownership of the device - although Apple at least are working hard at making that untrue, with encrypted storage, signatures on all executables, and encryption keys that are only accessible with a microtome and scanning electron microscope. I don't follow what other manufacturers are up to. But that's not what this story is on about. It's just FUD. There's no info here that can't be tracked much more easily by listening to the devices cellular communication/wifi/bluetooth footprint. Cheers - Jaimie -- Good judgement comes from experience. Experience comes from bad judgement. |
|
#10
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On 29/05/2016 21:39, Vir Campestris wrote:
It's the same on all operating systems, with various devices. MS's autorun is perhaps the worst. Thats probably why windows doesn't autorun by default these days. |
|
#11
Posted to uk.d-i-y,uk.comp.homebuilt
|
|||
|
|||
|
USB risk (slightly OT)
On Fri, 27 May 2016 21:42:59 +0100
newshound wrote: http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" That appears to be a trashy website for the hard of thinking. Does anyone here have anything good to say about it? |
|
#12
Posted to uk.d-i-y
|
|||
|
|||
|
USB risk (slightly OT)
On Friday, 27 May 2016 21:43:03 UTC+1, newshound wrote:
http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" I was there when someone plugged an iphone 4 into a PC, and after a bit realised the PC was downloaded data in bulk without any permission or knowledge. Lots of people still use 4s. So that much is certainly real. NT |
|
#13
Posted to uk.d-i-y
|
|||
|
|||
|
USB risk (slightly OT)
wrote
newshound wrote http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" I was there when someone plugged an iphone 4 into a PC, and after a bit realised the PC was downloaded data in bulk Because permission, in fact instructions, had previously been given to backup the iphone to the PC. without any permission or knowledge. Wrong, as always. Lots of people still use 4s. And do have itunes back up their 4s whenever it is plugged into their PC after having previously not only given permission to do that, but have in fact told it to do that. So that much is certainly real. And so is your completely pig ignorance of why that happens. |
|
#14
Posted to uk.d-i-y
|
|||
|
|||
|
USB risk (slightly OT)
On Monday, 30 May 2016 10:12:53 UTC+1, Rod Speed wrote:
tabbypurr wrote newshound wrote http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" I was there when someone plugged an iphone 4 into a PC, and after a bit realised the PC was downloaded data in bulk Because permission, in fact instructions, had previously been given to backup the iphone to the PC. No they hadn't. But congrats on completely missing the main point. Rodney's bo--cks snipped. NT |
|
#15
Posted to uk.d-i-y
|
|||
|
|||
|
USB risk (slightly OT)
wrote in message ... On Monday, 30 May 2016 10:12:53 UTC+1, Rod Speed wrote: tabbypurr wrote newshound wrote http://www.theinquirer.net/inquirer/...hacking-threat FFS how difficult would it be for IOS / Android to pop up a message saying "Is it OK to talk to this port, or should I just get power?" I was there when someone plugged an iphone 4 into a PC, and after a bit realised the PC was downloaded data in bulk Because permission, in fact instructions, had previously been given to backup the iphone to the PC. No they hadn't. Corse they had. |
| Reply |
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Forum | |||
| Kettle risk | UK diy | |||
| Risk assessment my arse | UK diy | |||
| Risk Of Explsion ? | UK diy | |||
| Risk reminder | Woodturning | |||
Linear Mode
