18
Jun 14

Gear to Block ‘Juice Jacking’ on Your Mobile

Ever since I learned about the threat of “juice-jacking” — the possibility that plugging your mobile device into a random power charging station using a USB cord could jeopardize the data on that device — I’ve been more mindful about bringing a proper power-outlet charging adapter on my travels. But in the few cases when I forgot or misplaced the adapter, I’ve found myself falling back on one of two devices I’ll review today that are both designed to block USB charging cords from transmitting data.

The USB Condom, in action at 35k feet.

The USB Condom, in action at 35k feet.

Juice-jacking as a threat probably first crept into the collective paranoia of gadget geeks in the summer of 2011, after I wrote a story about two researchers at the DefCon hacker convention in Vegas who’d set up a mobile charging station designed to educate the unwary to the fact that many mobile devices (particularly Apple devices) are set up to connect to a computer and immediately sync data.

Their proof-of-concept was a reminder that in the (admittedly unlikely) event that a clever attacker managed to hide a small computer inside of a USB charging kiosk, he might be able to slurp up your device’s data.

Since that story, several products have sprung up to help minimize such threats. These small USB pass-through devices are designed to allow charging yet block any data transfer capability. The two products I’ve been using over the past few months include the “USB Condom” and a device called the “Juice-Jack Defender.”

Both prophylactics (cue the crude jokes) function the same way — with male and female USB adapters at either end — but the two have a slightly different form factor and feel. True to its name, the USB Condom is a rectangular black circuit board wrapped in a clear plastic sheath, measuring approximately 54 millimeters/2 inches long and 20 mm/.75 inches wide.

The Juice-Jack Defender is slightly smaller — about 45 mm long and roughly 16 mm wide — and is wrapped in rubberized black plastic, although the device picture on the Web site of the vendor, chargedefense.com, shows a product coated in blue plastic.

juicejackdefender

Both perform their meager jobs admirably (without pause or interruption), and so from a functional perspective are indistinguishable. Overall, the Juice-Jack Defender feels much sturdier — as if it would hold up just fine to an inadvertent nudge in an upward or downward direction while charging. I’m not sure I could say the same about the USB Condom, although to be honest I didn’t stress-test either device.

Beyond size and durability, the only difference between the two products may be the price; Charge Defender is only taking pre-orders, and the company hasn’t yet listed a price for the Juice-Jack Defender. The USB Condom retails for $9.99 (with free shipping).

As I noted in my 2011 story, the safest route for charging your device on-the-go is to use the supplied power cord that plugs into a regular electrical outlet (assuming you can find an available outlet). Battery-powered mobile charging devices also work well in a pinch and are available at many airports. If you must use a random charging kiosk, the safest option may be to completely power off the device before plugging it in.

I’ve found myself digging through my backpack for these devices when I’m out and about and bereft of an outlet and the only option is juicing up at a public kiosk (or someone else’s computer!). If nothing else, these little buggers are a great conversation starter; the woman seated beside me on the plane where the above picture was taken had never heard of juice-jacking and was instantly fascinated. Turns out, she ran a small business and had no clue about the risks she faces when banking online with her business checking account (she does now!).

The USB Condom (top) and Juice-Jack Defender, side by side.

The USB Condom (top) and Juice-Jack Defender, side by side.

Tags: , ,

94 comments

  1. Pay 10$ for a USB “charge only” device you need to remember to bring with you, and can maybe charge at 1a . Or pay $10 for a 3a wall charger that will charge most phones to full in under 30 minutes.

    The USB “charge only” device wont charge your phone if it’s all your brought, the 3a wall charger will.

    What amazes me most, is that there are multiple of these USB prophylactic dongles on the market… of which they all simply encourage people to plug in to USB ports. It’s like saying it’s safe to eat shellfish just because you have an epinephrin pen available. why not just not take the risk if you’re allergic?

    I get it though. It’s fun to say dongle, prophylactic, condom, and my favorite “neutered” cable when talking about security/tech stuff. It makes for catchy headlines, and more readers 😉

    • If you look at the USB pinout[1], there are four pins: two for current, two for data. What this “device” (it isn’t even a device) should do is:

      – Let the two pins that carry voltage to pass through to the other connector.
      – Leave the other two data pins (D+, D-) unconnected.

      That’s it. It’s just wiring up the pins on the two connectors. No 1Amp limit. You’re completely safe, because no data can ever, ever arrive at your device, only the current.

      Now, there are *other* dongles that say to “protect” pen drives when they are connected to PCs. These are completely different since they allow some data to pass (so they’re vulnerable).

      Conclusion: these dongles do their job well. You can use them with whatever charger you like, they don’t have any current limit.

      Please correct me if I’m wrong.

      [1]: https://en.wikipedia.org/wiki/Universal_Serial_Bus#mediaviewer/File:USB.svg

      • Leaving the data pins disconnected reduces the maximum charge current to the original USB max of 500mA. You need to short them at the source end to get the maximum output (2.5A or 2,500mA) available from sockets meeting the newest USB charging standard (BC1.2).
        Either method will protect your device from being ‘jacked’ equally well.

  2. Mary Practical

    Maybe I’m a dope, but why don’t you use the power adapter that plugs into a wall outlet for charging? No data hijacking there, and outlets are everywhere in most waiting areas at airports and public buildings.

    • If you travel to other countries, the power sources are varied and do not accept the same types of plugs. If you forget your adapters, (which can get quite heavy), its nice to have an option to stay secure.

  3. I carry a small portable USB charger. I can charge my phone about 2.5 times on a single charge from the enclosed battery. It has 4 LED’s to indicate “full” to “empty” – and it will completely recharge to ‘full’ in 4-5 hours. It uses the same USB cable to either charge up its internal battery or to charge my different phones (square USB plug to micro-USB adapter). For some reason, I cannot charge a blackberry with it – but android phones (various models) and windows lumia charged without issue.

  4. Some additional “data points” for you. Kyle Osbourne and Michael Ossmann did a presentation at Infliltrate 2013 the same year we also spoke there on exploitation of ARM based devices (such as mobile phones). Their presentation showed how even with an Android “locked down” (ADB disabled, etc.) they were able to control the phone through the USB Port
    https://twitter.com/Gunther_AR/status/322958166264541184

    • Are you doing anything to “tighten up” the circuit board? I’d love to see something that wasn’t 2 inches long sticking out of the side of my laptop, and it sure looks like there’d be plenty of space to trim the current board down.

  5. Is there any difference between using one of these and one of those “dumb USB” cables that shorts out the data pins and allows faster charging?

    • Because these don’t short out the data wires, fast charging methods – which utilize all four pins in the USB connector – are theoretically available. With the data pins disconnected out the charge should be limited to USB specs (500ma for USB 1.1/2.0).

    • “Is there any difference between using one of these and one of those “dumb USB” cables that shorts out the data pins and allows faster charging?”
      Not much, no. I have a standard USB cable that I modified by cutting & shorting the data lines at both ends that I use as a secure charging cable for all my gizmos, & ensures that I get the maximum charging rate.

  6. Buy a pair of SainSonic 3D Active Shutter Glasses. They come with a USB cable for recharging that does not allow sync, at least between a W7 computer & Galaxy S3. $20 on ebay

  7. here is a cheaper and easier cheaper thing you can do if you want to make sure you don’t have to worry about your phone syncing with usb. get an uber cheap cord. Now USB only uses 4 pins 5v positive and negative for the power and then an Tx (outbound data) and Rx (inbound data). google the pin setting to make sure you get the right pins.

    now take a knife and scrape off the 2 metal contacts in the USB plug for the Rx and Tx. there problem fixed and the only thing going through the usb cable is power and 0 data since the data lines are not connected at all. that is all these condoms actually do and they charge way more than they are worth for them.

    if you chop open a usb charge only cable you will only have 2 wires in it instead of 4 and that is why. there you go quick DIY life hack to keep your life more secure

    • As I mentioned earlier in the thread and have explained probably thousands of times since I created the USB Condom…we did exactly that for years. But you’ll find that doing that wont work for IOS devices. Apple devices NEED the data pins just to “OK” the power pins. Apple did this to force you to buy “Apple compliant” USB cables. Furthermore if you read back through the thread here on this blogpost, you’ll also see that we also got tired of cannibalizing good USB cables in the name of security. With a USBCondom you can “clip the pins” without destroying a perfectly good cable. Leave it on to be safe and take it off when you’re ready to sync.

      • yeah after i posted i read through the comments and seen that. and it figures with apple. anything to force you to buy their products. i just carry 1 cannibalized and 1 regular cable. think the cannibalized one cost me like 2 bucks and the other came with the phone. of course i use android and only certain brands so i don’t really have the only can use so and so cord issue. easy to slip the mind that some of these brands are stupid picky so they can make even more money

  8. Cutting cable nearly complete solution. You have to short across the two data cables (middle two on USB), which tells your iPhone that you’re connected to a 3A power-only adapter, and will recharge quickly. In desperation once, I accomplished that with a bit of chewing gum foil (short) and transparent tape (to block pins from PC), and it worked great. Now, I don’t _know_ that that keeps the device safe, but it’s a reasonable assumption that, if your phone thinks you’re connected to a power-only adapter, and you’ve shorted the data cables, that you’re not going to sync data.

    • if the data pins are not connected to the pc no data can be sent so yes that setup would protect from juice jacking

  9. I bought myself a SKIVA portable charger that I keep on me for situations when I MUST charge my phone. That keeps me from having to charge via any unreliable source. I blogged about it just the other day.

  10. FYI. iOS7 asks for permission to trust the device you connect your iDevice to. If you don’t explicitly declare you trust the device, the only thing going through the cable is electricity. No data.
    Cheers,

    R

    • I don’t have any iPhone to test, but I’m pretty sure there’s always some data going through the cable even if you don’t trust the host. At least the handshake is done.

      Then, the iPhone probably denies all connections from the computer, but this is done via software, so you’re still vulnerable…

      If you want to be 1000% sure, “dongles” like this are the way to go, since they disconnect the cables that carry data.

    • iOS 6 won’t allow a USB data transfer unless the user has logged into the device. For example, if you connect an iOS device to a computer running iTunes, you’ll find that iTunes will not allow any data transfer until you log into your iOS device.

      The problem is figuring out what time frame and login situation iOS 6 judges as acceptable or not. I haven’t been able to figure it out except to say that, as Brian points out, the ideal situation is to shut down you iOS device before you charge it. That always locks up any data transfer while allowing charging to occur.

      And the problem with that situation is wetware error whereby the user forgets to shut down their device before plugging it into the potentially dangerous USB connection. Clearly, upgrade to iOS 7 if possible on your iOS devices for superior security.

  11. I wonder if some regular guy can use Beaglebone to make a home juicing kit to find out what the heck his sneaky wife is up to.

  12. I use the Powerocks (www.PowerocksUSA.com) line of mobile battery packs. I can keep the phone+powerpack in my lap, and the powerpack to outlet, and powerpack to iPhone, connections don’t exchange data. A $70 pack can charge an iPhone about 5 times.

  13. MyKey Technology has a cable designed to do this. Unlike the USB keys, it works on all phones even the iPhone. It’s been around for a couple of years now. They are the guys who have a patent on USB write blocking. Great company and product.

  14. If your mobile device is encrypted and you use passwords to access your device, is your data still at risk of being stolen at one of these charging stations?

    • Unless you use one of these things, your phone will always interact with whatever you connect it to, even if it’s just to say “hello”.

      Your phone will deny all attempts of the computer to access files, but there’s a risk there might be an undiscovered bug that allows the computer to bypass the restriction without knowing the password.

      So if you want to be 100% sure, you can use these dongles.

  15. just use a battery pack, and if it’s an unknown charging port, use the battery pack as a proxy.

    many decent brands allow you to charge the battery at the same time run it to your phone. it’s really that simple, you don’t need this ‘invention’ of an excess clutter.

    spend that 10 bucks on top whatever it costs to get a good battery or two.

  16. Wow. What a bunch of clueless blather mixed in with what would be an otherwise logical discussion focused on keeping one of today’s most vulnerable devices safe into which we place our most trusted stuff. A device so powerful, the US Supreme Court just ruled the authorities can’t poke about in it without probable cause and warrant. Complete Tx/Rx disconnect is the ONLY way to guarantee protection.
    1) For the slimmest, lightest mobile devices ever, instead of a Tx/RX blocked cable or dongle, always lug a battery pack of equal or greater mass, too. Sure.
    2) That battery pack? There’s NO WAY it carries a malicious payload. Especially the ones rolling off Chinese assembly lines. 110% clean. Trust me on this.
    3) Carry only a clunky hi-amp wall wart. Yup. ‘Cause there’s *always* a universal AC outlet within arms reach.
    4) Always carry a Tx/Rx blocked cable. ‘Cause you’ll NEVER need to transfer data.
    5) Block Tx/Rx and no more smart-fast charging? Gasp. How will we survive? First zombies; now this!
    6) What?! Apple wants everyone locked into their stuff? Since when? Who knew? Who do they think they are? Google? Someone should do something!!
    •I carry a tiny 0.5a wall wart, a six foot standard cable (for trusted data needs) and the dongle, all of 5 ounces which fit into a 3″ x 2″ elastic sack; that does it for 99.9% of my home continent. For outback excursions, I have an “imported” 5A pack designed with foreign AC plugs and a 1A “cigarette lighter” plug, both of which I use… with the dongle. Cheers!

  17. Absinthia Stacy (Anastasia Rousaki)

    Very insightful article. I have never fell victim to juice jacking, but who knows? It might happen to anyone at any time, so better be safe than say goodbye to my data privacy!