Apple wants to prevent you from using dangerous USB-C devices

0
16

Apple wants its customers to have more trouble using inexpensive USB-C cables for your personal good.

The risks of USB-C cables

The cables are complicated and that's why friends do not let their friends connect USB-C cables at discounted prices or otherwise unverified to their systems – and you will not be able to do that anymore.

Apple has warned its users to avoid using poor quality equipment for years. It was only in 2016 that it was revealed that hundreds of chargers sold at that time on Amazon and advertised as being made by Apple were actually dangerous counterfeits.

These counterfeits could cause an electric shock or ignite if exposed to high voltage, which is typical for surges.

Not only cheap cables can be poorly manufactured and may accidentally damage your device or ignite, but there are other risks.

Modified cables are also sometimes used as an attempt by hackers to install malicious software on their devices. This is even before we examine systems that use USB to penetrate the security of devices to steal your data, or USB drives used as exploits in organized attacks against key infrastructures.

With so much business data and stuffed personal data in our devices, most sensible people will want to protect themselves from one of these threats.

It seems that manufacturers, along with Apple and other members of the USB Forum Implementer's Forum (USB-IF), are announcing their intention to implement a USB-C authentication program that we hope will help us to protect ourselves against these risks.

How does USB Type-C authentication work?

The USB Type-C authentication program is a system in which computers, smartphones, and other "host systems" will be able to identify USB-C cables that do not match the required level.

Once in place, it will work like this:

  • You plug the cable into your device.
  • The system analyzes the cable to confirm that it conforms to the restrictions of the scheme.
  • If the cable is not compliant, it will simply not work – the data will not be transferred between the cable and the host system.
  • Alternatively, the power can be transferred but the data will not be transferred. Power transfers can reach a lower level to protect against overheating when using an unauthorized charging system, for example.
  • This protection will extend to cables, connected devices and chargers.
  • The important thing is that this protection is put in place before any exchange of energy or data between the systems. The certification authority is DigiCert.

    What it means for business users

    Business users know that their data is in danger.

    Data stacks generate infrastructure, proprietary data collections will generate future business opportunities, and recent events have highlighted how these collections of information can be exploited to create extremely difficult problems to solve.

    Obtaining information is a big deal – the following three attack vectors will have been exploited to access data – either by injecting malware to collect data and send it back to a central command server, or to penetrate the security of the devices. in another way.

  • USB power points at airports and other public spaces
  • USB devices, including USB sticks
  • USB used as a gateway to devices to access data that they contain
  • The USB-IF decision is a big step forward to ensure that your valuable business data is not stolen, damaged or ransomwareed as a result of this type of attack.

    Apple is already doing something like this.

    iOS 12 has introduced a new feature called USB Restricted Mode. You control this feature in Settings> Face ID and Access Code in the Allow access when locked section using the USB Accessories tool.

    Apple's decision to introduce these controls is part of its unwavering commitment to privacy in the age of the connected.

    It's the same commitment that means it develops artificial intelligence solutions that work on the edge, on your device.

    However, this commitment is also motivated by the many cases where systems have been damaged or, in some cases, fires are caused by the use of low quality and cheap charging systems.

    I doubt that some manufacturers will want to be held responsible if a person is injured or his property is damaged because the device in charge caught fire because his AC adapter was dangerous.

    Run backwards to stay still

    What's interesting about this pan-industrial initiative is that it reflects the fact that after a certain amount of time, the players in any industry are forced to spend more and more resources to secure their existing perimeter, simply to stay still.

    This is, of course, the nature of most empires: they reach a point where they can no longer manage and finance their own expansion, but they must begin to contract. History shows us that it is so that things happen.

    At the same time, initiatives like this one should help most of us to feel a little safer as some technology companies worry enough to invest to help us protect our data.

    We should probably ignore those who do not care about that.

    Please follow me on Twitterand join me in the groups AppleHolic's Bar & Grill and Apple Discussions on MeWe.