The board looks a little fragile. A tool like this (which is going to be used on the road) needs to be as solid as possible. For $10/unit it seems like they could afford to at least give it an epoxy surround.
They're using PCBs from oshpark.com which are quite thick (1.6 mm). I've made a USB dongle using their PCBs and it's actually fine. The connectors have sturdy tabs on the sides that go through the board.
I doubt it - it's because it's pretty trivial to make a PCB like that with components - one could design the PCB in maybe an hour and then manufacture is really easy and cheap - probably about $1 each for those boards even in low numbers (check OSHPark.com).
In contrast, making a case is much much harder. There really aren't any good low-volume case making methods. Injection moulding is out. Machining from aluminium is an option here, but it's very expensive. There's resin casting, but that's difficult and I don't know if it's really suited to manufacture.
Honestly, making the case is 10-100 times harder than the PCB (for such a simple one like this anyway).
I say "looks cooler" and you respond by saying that it's easier to make. Since when does "cool" equal "difficult to produce"? And why didn't anyone tell me about that rule in high school?
He's saying that they didn't do it because it's cool, they did it because it's harder to make a case than a PCB. And I agree. It's insane how many "I made this board, how do I get a case for it?" posts I see online from n00b hardware hackers. An engineer with experience will consider packaging from the outset. Thinking about it after the fact can make the manufacture much more difficult and expensive.
That said, I think $10 is a good price for something like this. I, personally, would look for a corporate/industrial application that would justify a price 10x that.
Or you just cut two wires in a normal USB cable. No need to buy condoms!
I think the board is because some power sources might go "hey I'm leaking, there is no device but I draw power!" and cut it off, but I only ever heard about it and never encountered it. My USB ports nicely power fans without ever having a data connection to anything.
You can get a certain amount of power from USB without a data connection but to get more (which higher powered devices need to charge quickly or, in some cases, at all) you need to send a data signal to request it. So cutting those wires sort of works but will leave you with slow charging for some devices and no charging for a few others.
This is not true of most chargers. It is true of some devices that they look for the data lines to have some voltage rather than be left floating. There are 6 different 'standards' for this so you end up needing an IC like this[1] to detect which one the device is using.
Note: USB-PD changes the game a huge amount. You do need to speak USB to upgrade power there. But I've yet to see USB-PD in the flesh.
Actually this is true for MOST charger, the one that don't usually end up overheating and having a very short life spam. the reason why most people think this is the case is because when the device cannot be identify the charger default to the the data line shorted and to provide the typical power for which ti was design. https://lockedusb.com/pages/
For iPads and some other devices which require a 'signal' on the data pins, you would need an adapter to force the thing to charge. These adapters also act as a data condom, and are super-cheap:
Different manufacturers' devices expect different voltages on the data pins. A voltage which says "yeah, draw 2 amps" to an iPad may not indicates the same thing to a Samsung device.
USB charging ports use the data pins to signal a request for more than 500mA. If you disconnect the data pins, how can any device (apple or anyone else) get more?
Couldn't charger have a current limiter set for charger load capacity and the device could just have resistance such that at 5V it would draw as much power as it can handle?
The obvious drawback would be that such device connected to charger without current limiter would burn it.
Then again I just burned a charger that had multiple sockets by connecting Samsung Galaxy Note 3 and iPad2 to it. It advertised via data lines capacity for 2A charging on all five USB sockets, but had total capacity of just 2.5 A.
I didn't know any single USB 2.0 port could serve more than 500mA regardless? Alas charging through the powergrid is way faster than through your laptop.
In any case I think that USBcondom is talking about is power hubs (i.e. custom hardware that could spread malware) and not specifically laptops.
The charge pins on a battery charging input could be used as a makeshift i2c to communicate with a smart battery chipset, thus communicating the same intentions ("hay! give me more!") without any additional wiring or need for access to the USB subsystem, while making use of the USB form-factor that's so ubiquitous today.
if lithium batteries weren't so problematic when overcharged you could float-charge everything pretty efficiently, then you wouldn't even need a management system.
Our current way of doing things is probably here to stay, though.
Since the whole concept of this 'usb condom' is to physically disconnect the data communication, re-designing the protocol to use the remaining pins as a data channel would defeat the whole point.
No, the point in the redesign of the protocol would be to eliminate the need for a 'USB condom'.
A data channel isn't a data channel. USB is designed to be widely used by many industries, as such the standard has provisions for many use-cases. A battery data channel is only for the charging equipment to communicate with the battery's chipset a limited amount of parameters. The data being transferred is incredibly limited, and can thus be sanitized easier when compared to USB.
A protocol designed in such a way would also be easier to test, as the scope of vulnerabilities would be much more limited than a general purpose data channel.
Regardless, it was merely a possible answer to
> If you disconnect the data pins, how can any device (apple or anyone else) get more?"
and really wasn't meant to be a valid product or concept. Just a fleeting thought.
Yeah, i'll just tell my mom how to do that... one sec. It's a lot easier for me to go "hey mom, evil hackers can get you if you plug into an airport" "use this"
Of course this only prevents the USB host, you'd have to disable all USB-gadget daemons on your android phone to not have the charger tinker with the phones's data.
NOTE/added: I just realized that the main purpose this is marketed is to protect the phone's data. I'd me more worried about the computer if someone asks me to lend some juice...
Or you could buy one of the charge-only USB cables I saw all over Asia. They are a bit cheaper than the normal data-carrying ones as they have fewer wires.
Electronics people: why are there any components in this at all? If it's just about disconnecting certain pins, couldn't it just pass the power lines through and be half the size without a PCB at all? For example, it could easily be a cable missing two wires, right? (Note: I'm an idiot when it comes to electronics, so I'm genuinely interested.)
According to the USB spec, a device must complete a protocol handshake and declare a desired voltage level before the host is allowed to supply anything more than a minimum voltage. In case of the USB condom, this handshake would have to be executed by the condom.
I'm not sure how widely implemented this behavior is for "dumb" USB chargers though, as opposed to actual hosts though.
But it might be that they want to preserve compatibility with actual hosts, in case that you i.e. want to charge on a public PC. Or they want to make sure that even if your charger is actually a disguised malicious device, you can still use it as a charger, which would be kinda ironic.
That's correct. LockedUSB adapter disconnect the data lines however it have an internal controller that still negotiate and complete the USB handshakes so the device can charger faster while being safe. http://www.lockedusb.com
The USB spec identifies different types of charging ports based on the resistance / voltage connected to the data pins. Here's a chart with the USB spec (on the ends) and a couple manufacturer variants: http://i.stack.imgur.com/gWODO.jpg
Maybe some devices don't charge at max rate when they sense something "wrong" with the cable. Or the other way around, a computer may not deliver power if it doesn't sense anything actually connected to the power. Just speculation.
What are the fundamental flaws in the USB protocol that make it insecure? I know firewire allows for DMA, but I didn't think USB, besides being a complex serial protocol, had any intrinsically unsafe features?
It's not the protocol but the fact that USB devices are just too trusting. Plug your phone into a USB socket and you've little protection against it communicating with whoever is on the other end of the USB connection.
Is this not why my phone asks me what I want to do when I plug it into the computer? USB debugging mode, charge only, and another option or two that I can't remember right now. If I select "charge only" will I be secure in the same way?
This really varies from phone to phone, sadly. When I plug mine in I am only given a choice of which protocol to use to give the host computer access to all my files (and it connects using the default one as soon as you plug it in).
There's not a fundamental flaw with the USB protocol per se.
It's more about USB being implicitly trusted by the software/OS - in addition to that there's driver bugs to be exploited. Here's a few fun things you can do https://www.youtube.com/watch?v=x-7ezoFju6I
It's the fact that you're using the same cable to charge and for data (which is also one of the things that makes USB really useful), now add that the devices tend to not to be hugely secure and to just trust whatever they've plugged into (or at least trust after popping up an easy to miss dialog) and you have a (potential) problem.
Do a search for "Facedancer". The USB hardware can be attacked as well as the host operating system over the USB interface. All of the same kinds of bounds-checking and parsing errors that can happen in the network stack can also happen in device drivers.
There are multiple projects/products out there for this, some of which are linked here and some of which are not. Not all are currently available. There was a fair amount of discussion and useful information in a Brian Krebs article: http://krebsonsecurity.com/2014/06/gear-to-block-juice-jacki...
UmbrellaUSB: ~$12, available soon? More polished/finished looking than the USBCondom, got their information on voltages from the USBCondom folks (see comments in the Krebs article above). Working on fulfillment of their Kickstarter (funded July 3). (http://www.umbrellausb.com/)
ChargeDefense: ~$??, a "coming soon" page, a picture of a prototype, and maybe more in September. (http://www.chargedefense.com/)
LockedUSB: ~$20, available. More technical details available, more expensive and very blocky looking - expect it to block any adjacent ports. Technical information indicates that the single unit should work with both Apple and non-Apple devices (https://lockedusb.com/product/lockedusb-adapter-charger-fire...)
PortPilot: ~$60, not yet available. Much more expensive, MUCH more informative, switchable between data/no data. Includes a display showing possible and actual power draw, etc. Almost a development/diagnostic device. (https://hakshop.myshopify.com/products/portpilot)
I've got the LockedUSB device. A bit clumsy, but it works as described.
I have several PortaPow devices too, and they work great (except for creaky connectors and plastic), so if I hadn't already the LockedUSB I wouldn't have a second thought buying their USB Fast Charge device since it's smaller and cheaper.
If you carry a USB cable around you might as well carry one of these. (But then again, you might as well carry a charger too, so I'm not entirely conviced -- but I did have use for mine once or twice so I can't really regret it.)
Which apparently signals to the charging device to output higher amperage, as cutting the data connection will make some devices only provide 0.5 amps. Not sure why this one is branded "for Galaxy", as the charging device shouldn't really matter.
Because iPads expect a different voltage, so the device has different resistors inside. The one I used for my original iPad is by the same brand, but says 'for iPad':
Enabling for read-only in the general case simply wouldn't be possible. The device would have to know every USB protocol that could possibly be spoken and which commands are for reading and which for writing (and what to do with commands that do both).
You could maybe make now that only worked for USB storage devices and only allowed reading, but it would likely be complex and have other downsides (lack of performance and compatability issues probably) that would make it not worth it.
This would basically be a packet-inspecting firewall for USB instead of IP. I agree that this would pose a number of technical challanges as a lot of the tools and optimizations we have in IP stacks don't exist for USB, but I don't see how that would be principally impossible.
In fact, as there is a lot more standardization in USB profiles than in IP protocols, it might even be easier. I.e. if you just inspected messages of the mass storage profile and blocked everything else, you might already get pretty far. I agree that the performance problem would stay though.
You'd have to have knowledge of what protocol was being spoken. Otherwise, you don't know of if a packet going back the "wrong" direction is a control mechanism (request for data, flow control, etc) or data itself. In terms of ethernet, you could possibly do UDP, but you lose any sort of error handling or flow control.
Honestly the Wired quote is a much better summary and gets right to the point.
"Many public locations now offer USB charging stations, but it's a trivial task to modify one of these to allow an attacker to access your data. Int3.cc's device cuts off access to the data transfer pins on the USB port, while still permitting access to the power supply."
Way too many words on that page before just getting to the damned point.
It's worth noting that this is unnecessary for iOS devices, where plugging your device into an unknown USB port prompts you to either "trust" or "not trust" the computer in question (with "not trust" disabling data transfer).
Do you trust your "trust" and "not trust" settings? Are you sure that there are no backdoors in there, or bugs that could still lead to device getting hacked?
Honestly? No. There's a bit too much electronics in that one for my taste. I'd happily trust the one designs of which I audited, and board I soldered myself. But until I get over to doing this, I'll be stuck with just cutting data wires.
EDIT: I retract that. From what I can tell, it's just three SMT resistors on that board. So it seems fine to me.
knowing how well apple does embedded security, there's probably a vulnerability that'll allow bypass of that feature - it's just a matter of how long you want to invest in finding it.
Most iOS jailbreaks have required a USB connection, so it seems the USB port was/is an attack surface. I haven't looked at the individual exploits used in each jailbreak, though.
It's been a while since I looked at it, but they were often used to get the phone into DFU mode and upload data that way. Seeing as DFU mode requires the phone itself to be rebooted, you'd likely notice what was going on unless you left it unattended.
Mobile USB charging ports (as found in airports etc) are more of a gimmick than anything else. A shoddy one will easily damage your device, and if you're constantly plugging into different ones, that seems like just a matter of time. Plus, an unknown one will most likely just put out 500mA (slower charging), and USB A connectors aren't made for high insertion cycles so expect flaky connections. Plus you still have to carry the bulkiest part (the cable) so you still need kit.
I personally just carry a three way AC power splitter cube while traveling, which gives me enough ports for laptop+phone+whomever I ask to share with.
ChargeDefense's website is live and we are taking pre-orders. We have our Juice-Jack Defender (500mA) for $12 and our Juice-Jack Defender Turbo (1A) for $15. We have volume prices and can do customized case with your company colors and company logos. ChargeDefense also had a array of other products, wall charges, battery pack, and cables. We will start shipping orders out this month. Please visit our website for more information.
In terms of a protective cover/case, maybe there is a cheap, everyday item or container it would fit into nicely. I put pen springs around all of my cable heads.
I feel someone should point out that the iPhone charger uses the data lines to basically ask for the available amperage, and charger faster if the charger is "iPhone compatible". So something like this will still work for iPhone but it will force it to charge much slower then it would otherwise.
I wonder if it would be possible to use a similar system to make a usb hard disk read-only. This would make it easy to avoid malicious computers transferring pesky autoexec.inf files and things like that.
I use a $10 usb 'lipstick' battery for the same thing - it charges itself and the phone, no data. Plus I get a free battery to charge my phone when there isn't an outlet available...
Had hoped from the title the product would be a way to switch a USB drive from read/write to enforced read-only mode to protect from malware on unknown hosts. Would be a nice product in itself.
I'd pay more for something like a "smart usb condom" which does allow data but only just for power negotiation, so that my devices can still negotiate for higher power when available.
$10 is expensive for such simple electronics! I understand that the price of the first piece is the highest, but if this gets mass-produced I think the price can easily drop to something like $1.
I can't help but wonder if we'll see USB condoms that help to protect against spying through EM/power draw changes, i.e. to spy on decryption activities.
Is it a joke? IMO the name is bad and would put me off using it in professional/business situations, but everything else about the project seems serious to me.
