USB power in airports
I noticed that the Denver airport has upgraded its power stands to include USB ports that presumably give power to recharge devices like cell phones, iPhones, and iPods. What I wonder is how I know that’s all that’s going on. I know that, at least for my old iPod shuffle and one of my cell phones, some of these devices don’t authenticate the computers they plug into, but simply appear as R/W flash drives. What’s to stop a malicious version of this kiosk from
- taking inventory of my files?
- figuring out who I am and tracking me?
- installing autorun software (like a virus) onto my device?
- copying my contacts, my email, my cell phone pictures, my mp3s, etc?
- <your idea here>?
I don’t know whether this particular power stand does anything more complicated than supplying power and ground to the right two pins, and I suppose that by paying attention (to the screen on a cell phone or the lights on an iPod shuffle) you might be able to tell if serial communication were initiated and something fishy was going on. But that doesn’t provide much comfort; in the end what we need is a good way for portable devices to verify the authenticity of the device to which they connect.
Comment by Tim Crossley
February 10, 2009 @ 7:18 am
I suppose that authentication over a directly wired connection like USB was seen as unnecessary, if it was thought of at all. The physical act of plugging a mobile device in provides security; relying on the user to perform higher level authentication of whatever he/she is plugging the device into. Only in rare cases, like airport chargers, does an untrusted third party control the endpoint of the connection.
Wireless protocols like bluetooth have, of course, had host and device authentication since day one. Perhaps it is time that the same level of security is incorporated into wired connections as well.
Comment by Jim
February 11, 2009 @ 10:24 pm
I saw something similar to that at an international airport but wasn’t to sure if I wanted to use it or not, something did seem kind of strange to me.
Comment by Ryan McElroy
February 12, 2009 @ 4:05 pm
Tim raises a good point, but the need to authenticate is a big can of worms: it requires a user interface to supply authentication credentials (how does one authenticate with a 1×1 cm usb thumb drive?), a protocol that will probably be insecure and often be mostly ignored (think WEP and bluetooth’s default 0000 passkey), and so forth.
An easier solution would be ensuring that only the 1st and 4th pins of the USB cable were connected. This could be done as a part of the device (ie, a “power only” or “connection enable” switch), or the airport chargers could use connectors/cables that omit the two two center signal pins.
Comment by Dan Halperin
February 13, 2009 @ 9:31 am
You both have great comments. Ryan, of course it seems to be the case now, and likely will be increasing as we move forward, that connecting with unknown devices will actually be the norm. Think about iPods, for which a million-and-ten accessories have been built: I’ve been in hotels that have the iPod alarm clock, cars already do and airplanes might start to provide iPod docks to keep you powered while you fly. It’s entirely conceivable that I will be plugging my devices into (potentially) hostile power/data networks in the regular course of my day. So I suspect we will want to think about stronger security and privacy mechanisms for these types of scenarios.
Relying on the airport to power only the right pins is of course the solution as it is today. And I may want to plug into the network to e.g. browse the web while I charge. The existence therefore of grey areas between “connection enabled” and “power only” modes makes me worry that the device manufacturer and/or user won’t have the right mental models for handling these situations.