CHARGING YOUR PHONE WITHOUT BEING HACKED
You need this condom when you charge your phone in public.
Why do you need a Data Blocker when charging your phone?
If you’re charging your phone at public charge stations (airports, coffee shop) or anywhere where a USB adapter is already present; there could be covert hardware installed designed for #juicejacking which is a method by which hackers and other attackers use to steal data from unsuspecting people’s devices or infect them with malware.
Juice jacking is a type of cyber attack involving a charging port that doubles as a data connection, typically over USB. This often involves either installing malware or surreptitiously copying sensitive data from a smart phone, tablet, or other computer device.
JUICE JACKING & AUDIO EAVESDROPPING
The method of stealing data or installing malware via charging USB charging ports has existed at least since 2011 and big tech has tried to overcome it but as quickly as they make updates, hackers stay one step ahead.
Apple’s iOS has taken multiple security measures to reduce the attack surface over USB including no longer allowing the device to automatically mount as a hard drive when plugged in over USB, as well as release security patches for vulnerabilities such as those exploited by Mactans.
Android devices commonly prompt the user before allowing the device to be mounted as a hard drive when plugged in over USB. Since release 4.2.2, Android has implemented a whitelist verification step to prevent attackers from accessing the Android Debug Bridge without authorization.
Juice jacking is not possible if a device is charged via the AC adapter shipped with the device, a battery backup device, or by utilizing a USB cable with only power wires and no data wires present. A tool originally called the USB Condom was released in 2012 with the sole purpose of disallowing data connections to be passed over a USB cable, there are many vendors now selling USB adapters which remove the data pins. This condom is a staple in Superesse’s Blackout Kit.
If you plan on charging your device from a public USB port or computer then you need to block the data transfer. The other option is to carry the large AC adaptor but if you’re like me, you like to EDC light or you may forget the AC adaptor. The image at the top of this page shows an AC adaptor, if it’s yours, it’s safe, if it’s one left behind and you decide to use it, bad decision.
GRAYMAN BLACKOUT KIT FEATURES
MicLock: Microphone Blocker inserts in standard 3.5mm jack and uses a proprietary semiconductor circuit to simulate a live microphone mimicking expected electrical properties and then blocks audio input. #countereavesdropping
Data Blocker: Counter data transfer charging adapter for standard USB devices (compatible with all Apple/Android phones). Prevents the surreptitious capture of data or upload of malware by it’s build with no data prongs and only electrical current prongs for 2.4A lightning charge. Simply plug your charging cable into phone, then into Data Blocker, then into wall or car adapter. #juicejacking #cybersecurity
Camera Shield: Polymer shield affixes to device camera with 3M adhesive and features slide allowing you to cover and uncover camera as needed. Designed for front facing or singular rear camera shielding. #antisurveilance
Vinyl Camera Shield Tape: Soft PVC coated spool of tape that can be dispensed and adhered to additional device cameras as a one-time use shield. Designed for coverage of 3 cameras. #countersurveillance
Fingerprint Eraser: MicroFiber cloth used to wipe latent prints from screen and sensor. #biometricstheft #prevention
Screen Blind & Touch Shield: This BDF NA20 privacy film adheres to a select section of a device screen and blocks 77% of light passage. It also blocks all haptic response meaning the area it is applied can’t be touched, protects against accidents taps. #visualhacking
The Grayman Blackout Kit is packed in a 2x1x0.5 inch metal tin. Six of these tins fit in an altoids tin. Pair the Blackout Kit with 5 other kits. There are over 15 to choose from so check them out here.
Don’t forget about audio surveillance. Did you ever assume Google was listening? or Apple. or someone who’s accessed your phone via malware or held it for a few seconds (let someone you didn’t know well make a phone call? they could install snooping malware in under 10 seconds).
It turns out you were right. Every time you talk to your Google or Apple Assistant, there’s a chance someone might listen to the audio from that conversation Google obviously records. Which is revealing for a few reasons, not the least of which is that , saves, and transmits your voice data in a way that can be accessed by actual people.
Google’s product manager says, “These language experts review and transcribe a small set of queries to help us better understand those languages. This is a critical part of the process of building speech technology, and is necessary to creating products like the Google Assistant.”
Google says its reason for having human contractors listen to your conversations with Google Assistant is to improve performance in multiple languages. That revelation came in response to a leak of audio by a contractor Google refers to as a “language reviewer.”
The one sure way to stop audio recording on your smartphone is to us a Microphone Lock. The Grayman included one in their Blackout Kit.
Smartphones are amazing tools, and necessary in our current digital world. There will always make you vulnerable but being vigilant to protect yourself form obvious hazards is key.
We also suggest reading the Grayman’s entire guide on smartphones, Smartphones for Survival and SHTF.
Don’t forget the only true way to protect yourself from all hacking, and maybe even EMPs, a Faraday Cage. We’ve built one into a Handkerchief.
These blackout style kits can fit in the Grayman EDC tins too. That’s how we carry our travel kits.
This article was originally written by the Grayman Briefing. Stay in the know, sign up for Intel and Situational Awareness alerts pushed to your phone on emerging threats and preparedness warnings. Click HERE to subscribe to the Grayman Briefing.