Here’s a not so fun fact … apparently now you can’t even trust the charger you have your phone plugged into to not attack. OK, before you break out the tin foil hats, it might not be as bad as all that but there is a bit of fire amidst all the smoke.
A researcher at Georgia Tech revealed details at the latest Black Hat security conference that a modified USB charger could install malicious apps on a connected iPhone. According to a PCWorld article:
Once you plug your iPhone, the Universal Device ID (UDID) can be extracted just as long as the device doesn’t have a passcode unlock. The Mactans then claims your device as a test subject with any validated Apple developer ID and you can’t reject it since it doesn’t ask for their permission or offer any visual evidence that there’s anything going on in the background.
So far there is no evidence that anyone has actually tried to exploit this vulnerability and the good news is that Apple says they have a fix coming in iOS 7 which will notify you before it’s too late. Also, you can help yourself considerably by adding a passcode to the phone, which is something you should do anyway.
The reason I find this interesting is that it exposes yet another area of “presumed security.” No one thinks that a charger could do harm to your phone (assuming it doesn’t zap the circuitry). In fact, most don’t even consider the fact that the same connection that supplies power is also used for data transfer — a great idea for simplifying the design of mobile devices but not so good from a security perspective, where isolation of functions is preferable.
We are conditioned to think of a power outlet as a relatively passive connection that does nothing more than supply juice to our gadgets but, in reality, it can do much more and, since it can, just as we all leverage that fact to our advantage, you can bet that a bad guy will try to do the same.
So the lesson here is not so much about iPhone chargers as it is about questioning long held assumptions because that what the hackers are already doing. The only thing in doubt is which side will figure this stuff out first…
Inside Internet Security 