The new MacBook's single port comes with a security risk
theverge.comThis is a mostly useless article. Every computer with USB ports has this problem. If you want to use it as, you know, a computer, you're probably gonna need to plug some stuff into it at one time.
You could make the argument that now that it has one port, it's easier to secure because you only have to secure one side of the computer instead of two.
Are you kidding? It means that if you go to a coffes hop and plug your laptop, you can become compromised. Sure, random people in a starbucks won't, but it's a boon for industrial espionage!
Just wondering, how does that mean that? The way I understand things that is only possible if you use someone else's compromised power adapter.
I've never seen a coffee shop that supplied power adapters, it's always just a bunch of power outlets. I think your safe for now.
I see plenty of coffee shops with wall sockets with USB ports for charging. And they are typically being used. Same idea here.
USB-C wall sockets? For charging laptops? I don't think so.
You're worrying for a coffee shop that doesn't even exist.
You could have said the same about USB wall sockets when USB first came out.
yet
So... bring your own charger? Does your coffee shop normally provide you a laptop charger?
Coffee shops and airports don't provide laptop chargers, but they do sometimes provide USB chargers, which are now the same thing!
Are the power requirements the same? My assumption would be that usb wall chargers wouldn't have the juice to keep your laptop battery at a steady state, let alone charge.
The provided iphone wall charger is 5 watts, the provided apple laptop charger is 60 watts.
I suspect airport chargers are more like 1 watt, but the problem is whether end-users will hook their laptops up to the insecure charger, not the efficiency or lack thereof :)
I disagree. The author makes it clear they're referring to the added weakness of having a device charge via a non-secure port as compared to the inherent insecurity of USB ports.
The added vulnerability is based on the ease at which people will plug in a strangers power cable compared to plugging in a strangers USB stick.
Saying it's useless is being nice.
I upvoted, because it's a good thing to be aware of, but I don't think you can call this a "major" security risk. It's not like you're going to see a million people get attacked by a single charger cable out on the internet.
If you're someone who has a lot of really sensitive data on your laptop, sure. But, then, most of those people are probably not all that interested in the MacBook, and at any rate they should already be pretty cautious about physical access to the sensitive machine.
The article (especially the headline) implies that the new Macbook is somehow more at risk because of its reliance on one USB port. But if the root of the problem is USB more generally, wouldn't the only "secure" design preclude the inclusion of any USB ports whatsoever? My issue with the article is that by singling out the Macbook (due to its single port) they are not actually contributing any useful information back to the consumer about its potential security. If I'm missing something, I would appreciate clarification.
If there is a USB port and a power port a super parinoid person could never use the USB port, or even fill it with glue. Not an option here.
This is also talking about how combining them also allows for the potential of charger based attacks, a charger is something that absolutely has to be plugged in at some point.
I guess the paranoid user can use an usb condom if so.
Time to make usb-c syncsyop http://syncstop.com/
A paranoid user wouldn't use a power port, either. At least not without whipping out a multimeter first.
The article also ignores that many of these USB issues are actually solvable in software (both uEFI and in the OS).
The only USB issue which REALLY isn't solvable is the fact that USB devices can simulate a USB hub and then attach fictional human interface devices (i.e. keyboards and mice) which they can then use to take over the computer and or otherwise cause problems.
Well you could build a system which requires explicitly allowing HIDs. The only HID for which it's a serious issue might be a keyboard, and for those the OS could segregate the alleged keyboard and require specific actions to allow it.
Well, the main difference is that even just to charge your laptop you'll need to plug in a USB plug - and people share laptop chargers a lot.
Agree that the article is largely a fuss over nothing, though.
This is written like it is a novel situation. Smart phones have had this problem almost since inception.
Would be nice to see a hardware switch to deactivate the pins that aren't needed for power.
That switch sounds like a tech' support nightmare. Even WiFi switches are a massive PITA that are almost more trouble than they're worth.
I'd suggest that if people want safe USB that they just buy a USB "condom" (i.e. an adapter that goes between the power and port, and disconnects the data wires).
Although does USB-C use any of the data pins to determine if it is safe to transmit power? I just ask because Apple's USB implementation sends different amount of power based on how the device responds across several non-power related pins.
> Although does USB-C use any of the data pins to determine if it is safe to transmit power?
Power Delivery 2.0 signals via Vbus (the 5V line) and additionally via CC when using the Type C connector. PD2 is specified for Type A, Type B and Type C connectors.
Syncstop claims to work with any mobile device win/apple/android/blackberry. Anyone tried syncstop with apple devices? [edit] corrected typo
The difference is that smart phones (at least the iPhone) have a "trust this computer?" prompt. It is unclear whether the new Macbook will.
Edit: This will presumably disable any usage of the non-power lines.
USB Type C does not support DMA as the article states. I think there might be some confusion on the attack vector here. BadUSB requires cooperation from the OS/BIOS/a driver.
One of the suggested alternate modes in the specification is a PCIe bus. This would most likely support bus mastering, and thus a full DMA engine.
This certainly requires some host cooperation, but I imagine that the fear is that these drivers start to be distributed in the OS by default.
One of the BadUSB vectors is a USB keyboard, which is a fairly well expected driver to be included with the OS.
Is it possible to whitelist USB (or Thunderbolt for that matter) devices and prevent all others from connecting?
It is fairly common for me to connect a USB keyboard, but it is pretty rare for me to connect an unknown keyboard.
It's possible to filter based on vendor ID and device ID, but deviceid is shared (it's more of a product id), and both can be faked of course. On Linux it's handled via udev, on Windows via group policies (since Server 2008/Vista), on OSX it might be possible via MDM, in the Server application (I'm not sure)
Right. A USB device can't do anything unless the OS lets it.
We went through this with "autorun" on CDs and DVDs. For years, Windows would run anything that looked executable if you put it in the obvious place. That didn't end well. Those defaults were finally changed.
What's needed is to turn off automatic hot plugging for USB devices. The era when you can plug in a USB device and have it go live without user interaction is over. We're going to need clear OS dialogs - "The USB device you just plugged in claims to be a keyboard - did you just plug in a keyboard?" You should't be able to boot from a USB device without doing something to enter a maintenance mode.
There's nothing special about USB Type C here. It's just that the asymmetry of USB is being dealt with.
Asymmetrical USB has created an amusing hierarchy. Desktop computers were masters. Phones were slaves. Then came tablets. Are they masters or slaves?
> The USB device you just plugged in claims to be a keyboard - did you just plug in a keyboard?
The problem with that is that you inevitably run into this dialog with nothing else attached to the machine. How are you going to confirm the dialog?
Better to focus on isolating the keyboard driver from the rest of the OS, so the only thing it should be able to do is read in input from the keyboard and report it back to the OS.
> The problem with that is that you inevitably run into this dialog with nothing else attached to the machine. How are you going to confirm the dialog?
That's only a serious issue for a keyboard, and for this specific situation the keyboard could be segregated (globally inactive) and require a specific sequence of action to be activated.
> Better to focus on isolating the keyboard driver from the rest of the OS, so the only thing it should be able to do is read in input from the keyboard and report it back to the OS.
The virtual keyboard can send whatever keypresses (and thus indirectly commands) it wants to the system.
> We're going to need clear OS dialogs - "The USB device you just plugged in claims to be a keyboard - did you just plug in a keyboard?"
Of course there is the chicken-and-egg issue of allowing the first keyboard you plug into a machine which does not have any built-in input device.
"The USB device you plugged in claims to be a keyboard -- type the following randomly generated number to confirm."
I have a similar concern with charging my phone using USB ports in public places. Got a reminder last week while returning from an international trip. The plane had both power outlet and USB port for charging (Really glad they had them there). To charge my phone, first I connected to USB port (since I had the cable handy)and surprisingly got a message about authorizing the computer etc. I had the power adapter as well so pulled it out and charged using it instead.
We need a way to give us assurance that port is in just power mode.
Isn't USB-c more secure because it doesn't have DMA like Thunderbolt does?
I've seen several articles on HN in the past year that detail serious compromises that are possible via just plugging in a Thunderbolt cable.
I think so, but I am reminded of this sage advice: https://twitter.com/jdub/status/575887350158372864 > Never plug in an unknown USB key or cable. Never plug in an unknown Lightning cable. Never touch computers. Everything is a computer. Run.
"On a standard machine, users worried about USB attacks could simply tape over their ports"
^^ Oh yeah, that would do it. Damn Apple for disabling the tape-over fix!