Juice Jacking - A hacker's tool to stealing your data when you charge your phone.

Why do you need a Data Blocker when charging your phone?


If you're charging your phone at public charge stations (airports, coffee shop) or anywhere where a USB adapter is already present; there could be covert hardware installed designed for #juicejacking which is a method by which hackers and other attackers use to steal data from unsuspecting people’s devices or infect them with malware.

Juice jacking is a type of cyber attack involving a charging port that doubles as a data connection, typically over USB. This often involves either installing malware or surreptitiously copying sensitive data from a smart phone, tablet, or other computer device.

 

The method of stealing data or installing malware via charging USB charging ports has existed at least since 2011 and big tech has tried to overcome it but as quickly as they make updates, hackers stay one step ahead.

Apple's iOS has taken multiple security measures to reduce the attack surface over USB including no longer allowing the device to automatically mount as a hard drive when plugged in over USB, as well as release security patches for vulnerabilities such as those exploited by Mactans.

Android devices commonly prompt the user before allowing the device to be mounted as a hard drive when plugged in over USB. Since release 4.2.2, Android has implemented a whitelist verification step to prevent attackers from accessing the Android Debug Bridge without authorization.

Juice jacking is not possible if a device is charged via the AC adapter shipped with the device, a battery backup device, or by utilizing a USB cable with only power wires and no data wires present. A tool originally called the USB Condom was released in 2012 with the sole purpose of disallowing data connections to be passed over a USB cable, there are many vendors now selling USB adapters which remove the data pins. This condom is a staple in Superesse's Blackout Kit.

If you plan on charging your device from a public USB port or computer then you need to block the data transfer. The other option is to carry the large AC adaptor but if you're like me, you like to EDC light or you may forget the AC adaptor. The image at the top of this page shows an AC adaptor, if it's yours, it's safe, if it's one left behind and you decide to use it, bad decision. 

So yea, we've got a kit for this and it's packed in a small tin. The Blackout Kit is specifically built for smartphone digital security. This tin can fit in your EDC, suitcase, or sunglasses case and be deployed when the time arises to go black. 📲 Buy the Blackout Kit here.

 BLACKOUT KIT FEATURES

MicLock: Microphone Blocker inserts in standard 3.5mm jack and uses a proprietary semiconductor circuit to simulate a live microphone mimicking expected electrical properties and then blocks audio input. #countereavesdropping


Data Blocker: Counter data transfer charging adapter for standard USB devices (compatible with all Apple/Android phones). Prevents the surreptitious capture of data or upload of malware by it's build with no data prongs and only electrical current prongs for 2.4A lightning charge. Simply plug your charging cable into phone, then into Data Blocker, then into wall or car adapter. #juicejacking #cybersecurity

Camera Shield: Polymer shield affixes to device camera with 3M adhesive and features slide allowing you to cover and uncover camera as needed. Designed for front facing or singular rear camera shielding. #antisurveilance

Vinyl Camera Shield Tape: Soft PVC coated spool of tape that can be dispensed and adhered to additional device cameras as a one-time use shield. Designed for coverage of 3 cameras. #countersurveillance

Fingerprint Eraser: MicroFiber cloth used to wipe latent prints from screen and sensor. #biometricstheft #prevention

Screen Blind & Touch Shield: This BDF NA20 privacy film adheres to a select section of a device screen and blocks 77% of light passage. It also blocks all haptic response meaning the area it is applied can't be touched, protects against accidents taps. #visualhacking

 

 

The Blackout Kit is packed in a 2x1x0.5 inch metal tin. Six of these tins fit in an altoids tin. Pair the Blackout Kit with 5 other kits. There are over 15 to choose from so check them out here.

Don't forget about audio surveillance. Did you ever assume Google was listening? or Apple. or someone who's accessed your phone via malware or held it for a few seconds (let someone you didn't know well make a phone call? they could install snooping malware in under 10 seconds). 

It turns out you were right. Every time you talk to your Google or Apple Assistant, there's a chance someone might listen to the audio from that conversation Google obviously records. Which is revealing for a few reasons, not the least of which is that , saves, and transmits your voice data in a way that can be accessed by actual people. 

Google's product manager says, "These language experts review and transcribe a small set of queries to help us better understand those languages. This is a critical part of the process of building speech technology, and is necessary to creating products like the Google Assistant."

Google says its reason for having human contractors listen to your conversations with Google Assistant is to improve performance in multiple languages. That revelation came in response to a leak of audio by a contractor Google refers to as a "language reviewer." 

The one sure way to stop audio recording on your smartphone is to us a Microphone Lock. We've included one in the Blackout Kit.

Smartphones are amazing tools, and necessary in our current digital world. There will always make you vulnerable but being vigilant to protect yourself form obvious hazards is key. 

We also suggest reading our entire guide on smartphones, Smartphones for Survival and SHTF.

Smartphone Survival Guide

Don't forget the only true way to protect yourself from all hacking, and maybe even EMPs, a Faraday Cage. We've built one into a Handkerchief.

Faraday Cage Bag

 


Leave a comment