Hacking a Power Supply
This hack targets the firmware on modern power supplies. (Yes, power supplies are also computers.)
Normally, when a phone is connected to a power brick with support for fast charging, the phone and the power adapter communicate with each other to determine the proper amount of electricity that can be sent to the phone without damaging the device—the more juice the power adapter can send, the faster it can charge the phone.
However, by hacking the fast charging firmware built into a power adapter, Xuanwu Labs demonstrated that bad actors could potentially manipulate the power brick into sending more electricity than a phone can handle, thereby overheating the phone, melting internal components, or as Xuanwu Labs discovered, setting the device on fire.
Research paper, in Chinese.
solaric • July 21, 2020 6:56 AM
…and? It says it requires physical access. I mean, I guess this is vaguely interesting in an abstract sense, but I honestly don’t see the difference vs a garbage $2.79 charger off of eBay that doesn’t even vaguely bother to follow UL standards and thus might send high voltage directly out. Which as the article notes may well have resulted in the electrocution of a woman in China many years back. Or for that matter, it’d be fairly trivial to make something that looked like a charger and simply piped mains right to the phone, that’s going cause the phone (or tablet or anything else wanting low voltage DC) to have a bad day too.
So I guess I don’t get the threat scenario here. The big risk of a lot of hacks is that they’re very (or at least fairly) silent, and can exfiltrate valuable information or perform valuable actions using the target’s resources for periods without detection. Or they don’t require physical access and thus can add scale and anonymity onto an existing threat, thus completely changing the economics of it. But of someone simply wants to cause raw damage in person, well there are plenty of ways to do that. If tons of places supplied public bricks I could see that offering some potential maybe for spread, but at least IME it seems like the normal is to just have plain old outlets everywhere, not power bricks directly (though probably primarily because they’d get stolen, standardization hasn’t existed, and travelers almost always have their own). Maybe that’s different in other places. I have seen more integrated wireless chargers, but as a basic matter of their tech I don’t think those are capable of sending much no matter what the firmware does (or we’d use them more). I know I’ve seen scares in the past that malicious people might leave fake chargers in airports that fry devices of the unwary, but by definition they’d be discovered almost immediately and I can’t remember reading about it ever happening for real (and ubiquitous surveillance in airports these days would mean a high risk of getting caught).
I mean, nothing technical stops people from throwing rocks from overpasses into traffic, that’d cause a lot of damage too. To some extent we just rely on the fact that most people aren’t jerks of that level and we have law enforcement for the rest. I think to be of interest a hack needs to have some sort of scaling or silent capability, an actual applicable unique threat scenario.