Headlines don’t always make it so.
Scary news headlines abounded in recent weeks as the FBI warned against something called “juice jacking”.
Is it really a threat?
No. Not really.
Well, OK, maybe. But that’s a really really big maybe.
Become a Patron of Ask Leo! and go ad-free!
While theoretically possible, “juice jacking”, or the malicious transfer of data while connected to an unknown USB charging port, is both rare and easily thwarted. Most current mobile devices won’t even allow data connections by default, and using a wall charger or USB data blocker also neutralizes the threat.
The Denver office of the FBI posted a warning on Twitter.
“Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead.”
The implied threat is that charging your device at a randomly available USB socket could result in malware making its way to your device.
Your USB connection is used for two separate functions:
- Power and recharging
- Data transfer, such as to or from your computer
It’s the latter item that is of concern. The concept is that a random socket of unknown origin offering the first could also be used to do the second maliciously. In other words, it could be used to surreptitiously copy your data from your phone or transfer malware to your phone.
It’s referred to as “juice jacking” because they’re supposedly hacking your data while you’re “juicing” (charging) your device.
But are they really?
This might have been a threat once upon a time, but today’s devices are smarter than that.
To begin with, most require an additional step for data transfer. By default, the device ignores all data, connecting only to power up. You need to take an additional, manual1 step to enable data transfer each time you want it.
The other reality? To the best of my knowledge, there have been zero reports of juice jacking ever happening.
There’s no harm in protecting yourself, particularly since it’s easy. There are two approaches.
Use a wall charger2. Anything that plugs into a power outlet is safe to use to charge your device. There’s no data involved.
These devices connect only the power connections between your cable and untrusted USB sockets. The data lines never make contact.
Travel safely. Honestly, I don’t want to worry about this for the reasons I’ve mentioned above, but if you like, using the solutions listed will keep you safe.
Perhaps the biggest takeaway here is not to let headlines scare you — even, apparently, if they come from the FBI.
Want something you can believe? Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.