USB Type-C: Be Careful!
That unification brings with it one significant change: power is not power anymore. It is power AND DATA. Also Video Out is not just video nor out anymore. It is video AND DATA. In other words, plugging your phone or a laptop to a power source you consent to have a data connection with that power supply. And by plugging the same phone or a laptop to a projector in a conference room or on a presentation podium you consent to have a data connection with that other device.
This was not a problem before: power was just power and video out was just video out. There was nothing to worry except you could fry your device (but that is nothing compared to have your computer hijacked...). With USB Type-C it is all DATA.
That to some extent is not new, as all phones (Apple included) have been using a single connector for data and charging for many years. And this now extends fully to personal computers. Hacked iPhone chargers were reported as far as 5 years ago. Apple has taken some countermeasures since then, introducing some security steps in iOS. But the problem has escalated to the point that Apple has now gone out with educational material to help users identify counterfeit products (good luck with that...). BTW that sort of visual identification is no longer possible with the fully-shielded Type-C connector.
So what should we do? Use trusted products whenever possible: your own power supply, your own cables. Use some isolating dongles: your own Type-C-to-HDMI dongle rather than plugging to a 3rd party USB-C video projector. Generally: pay attention. Hardware hacking is not new. It is just getting significantly up to speed now.
Comments
Post a Comment