Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Administered by:

Server stats:

496
active users

101010.pl: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-alpha.5

#juicejacking

0 posts0 participants0 posts today
nemo™ 🇺🇦

🔌 Juice jacking defenses on iOS & Android have been easy to bypass for years, say researchers! 😱 Public charging stations may not be as safe as you think. Stay alert & use trusted chargers only! Read more: arstechnica.com/security/2025/ #CyberSecurity #JuiceJacking #TechNews #newz

Ars Technica · iOS and Android juice jacking defenses have been trivial to bypass for yearsBy Dan Goodin
Shared Security Podcast :verified:

🎙️ New Podcast Episode Alert! 🎙️

🤔​Are you worried about the security of public charging stations?

👀​Our latest podcast episode debunks the myth of "juice jacking" and explains the real risks.

🤖​We also discuss the challenges of protecting your personal photos from being used in AI datasets without your consent.

👍​Finally, we explore the security risks of using Google Authenticator's cloud sync feature and recommend alternatives.

Tune in now!
sharedsecurity.net/2023/05/08/

Watch on YouTube:
youtu.be/MUZk4TUW0Z0

Subscribe wherever you like to get your podcasts:
sharedsecurity.net/subscribe

Shared Security PodcastJuice Jacking Debunked, Photographer vs. AI Dataset, Google Authenticator Risks - Shared Security PodcastDebunking the fearmongering surrounding "juice jacking", a photographer vs. an AI dataset, and why you should dump Google Authenticator.
#cybersecurity#juicejacking#AI
Replied in thread
Kevin Karhan :verified:

@YourAnonRiots In return people like @fuchsiii will rightfully point out that it's likely the only option to securely transfer an #update to a device that's most likely having a data-blocking circuit in it's USB cable to prevent #JuiceJacking attacks...

And everyone who has ever dealt with shitty #firmware will agree that having a convenient option will increase the likelyhood of people updating their shit.
youtube.com/watch?v=ExwqNreocp

YouTubeCan you fit a whole game into a QR code?By MattKC
*
J. R. DePriest :verified_trans: :donor: :Moopsy: :EA DATA. SF:

Why is ‘Juice Jacking’ Suddenly Back in the News?

Since I was just asking about this earlier today, I thought I'd share the nice article @briankrebs posted about it.

Probably the best known example is the OMG cable, a $180 hacking device made for professional penetration testers that looks more or less like an Apple or generic USB charging cable. But inside the OMG cable is a tiny memory chip and a Wi-Fi transmitter that creates a Wi-Fi hotspot, to which the attacker can remotely connect using a smartphone app and run commands on the device.

Brian Markus is co-founder of Aries Security, and one of the researchers who originally showcased the threat from juice jacking at the 2011 DEFCON. Markus said he isn’t aware of any public accounts of juice jacking kiosks being found in the wild, and said he’s unsure what prompted the recent FBI alert.

“The FBI replied that its tweet was a ‘standard PSA-type post’ that stemmed from the FCC warning,” Snopes reported. “An FCC spokesperson told Snopes that the commission wanted to make sure that their advisory on “juice-jacking,” first issued in 2019 and later updated in 2021, was up-to-date so as to ensure ‘the consumers have the most up-to-date information.’ The official, who requested anonymity, added that they had not seen any rise in instances of consumer complaints about juice-jacking.”
What can you do to avoid juice jacking? Bring your own gear. A general rule of thumb in security is that if an adversary has physical access to your device, you can no longer trust the security or integrity of that device. This also goes for things that plug into your devices.
Juice jacking isn’t possible if a device is charged via a trusted AC adapter, battery backup device, or through a USB cable with only power wires and no data wires present. If you lack these things in a bind and still need to use a public charging kiosk or random computer, at least power your device off before plugging it in.

krebsonsecurity.comWhy is ‘Juice Jacking’ Suddenly Back in the News? – Krebs on Security
#JuiceJacking
Simple Nomad

I find the people bitching about the #FBI and the #juicejacking warning kind of funny. Based on previous "warnings" I think this means they were/are dealing with a nation state attack against a specific target, and this is their way of letting the adversary know "we know what you did."

It's also funny because many of these same people bitching, while avid being security pros that lock down their personal computers still will physically cover the cameras, find nothing wrong with recommending camera blocking.

FWIW I use USB data blockers and block my cameras, and recommend it to everyone especially non-techie friends. I also point out that if they #patch regularly and are careful they should be fine, but the habits of using data and camera blockers is a good reminder for them to at least think about #security.

#HackerLife#infosec
ExploreLive feeds
About