SECURITY: Don’t just take your power from any source?

Wednesday, April 30, 2025

https://arstechnica.com/security/2025/04/ios-and-android-juice-jacking-defenses-have-been-trivial-to-bypass-for-years/

SON OF JUICE JACKING ARISES

  • iOS and Android juice jacking defenses have been trivial to bypass for years
  • New ChoiceJacking attack allows malicious chargers to steal data from phones.

Dan Goodin – Apr 28, 2025 7:00 AM 

*** begin quote ***

Word that juice-jacking-style attacks are once again possible on some Android devices and out-of-date iPhones is likely to breathe new life into the constant warnings from federal authorities, tech pundits, news outlets, and local and state government agencies that phone users should steer clear of public charging stations.

As I reported in 2023, these warnings are mostly scaremongering, and the advent of ChoiceJacking does little to change that, given that there are no documented cases of such attacks in the wild. That said, people using Android devices that don’t support Google’s new authentication requirement may want to refrain from public charging.

*** end quote ***

This reinforces my personal preference for having an external battery for recharge.  All my cars and my EDC pack have an ANKER power block, my own power plug, and 3 short USB-A cables.  My SOP is to not use “public ports” unless I have no other choice.  Suggest that anyone who values their security should do the same.

—30—

Leave a Comment » | SECURITY | Tagged: , , , | Permalink
Posted by reinkefj