Linux and Tech News

1467 readers

1 users here now

This is where all the News about Linux and Linux adjacent things goes. We'll use some of the articles here for the show! You can watch or listen at:

You can also get involved at our forum here on Lemmy:

User Space Forum

Or just get the most recent episode of the show here:

The Show

founded 2 years ago

MODERATORS

leo@lemmy.linuxuserspace.show

iOS and Android juice jacking defenses have been trivial to bypass for years (arstechnica.com)

submitted 3 weeks ago by leo@lemmy.linuxuserspace.show to c/news@lemmy.linuxuserspace.show

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] fubarx@lemmy.world 0 points 3 weeks ago (1 children)

If you plug in to charge your phone somewhere, and it asks you to 'trust' this device, just say NO.

Even worse: https://counterespionage.com/malicious-usb-cables/

If you want to try it yourself: https://counterespionage.com/malicious-usb-cables/

[–] tyler@programming.dev 4 points 3 weeks ago

🎶Someone didn’t read the article 🎶

The attacks then exploit various weaknesses in the OS that allow the charger to autonomously inject “input events” that can enter text or click buttons presented in screen prompts as if the user had done so directly into the phone. In all three, the charger eventually gains two conceptual channels to the phone: (1) an input one allowing it to spoof user consent and (2) a file access connection that can steal files.