Why You Should Stop Using Other People’s iPhone Chargers
Why iPhone chargers can be dangerous
Android has never been more secure—but while it’s narrowing, there’s still a gap to iPhone that Google and Samsung are working hard to overcome. Android 15’s raft of security and privacy upgrades, the current clampdown on sideloading, and the cull of high-risk apps from Play Store are all game-changing updates.
But there are now areas where Android security actually beats iPhone, which is an interesting change. One is the new cellular network defense that Google has added to Android 15—albeit no phone hardware is yet cable of running this, and the other is a little-known new Samsung update that’s an exceptional security option for users, and one to keep in mind when you next plug in your iPhone to charge.
Theft protection notwithstanding, if you have physical control over an unlocked device and have access to its PIN code, then you can do pretty much as you wish. All data is at risk, including the decrypted message stores for the likes of iMessage, WhatsApp and Signal, and even access to stored usernames and passwords.
But an attacker can gain quasi physical access to a device with a cable plugged into a phone in an unlocked state. So-called juice-jacking warnings are over-hyped—attackers are not really eyeing your phone in an airport lounge to steal your holiday snaps when you plug it in to charge. But targeted attacks—for example against those on overseas business trips or journalists, activists and dissidents, are very real.
OMG attack cable
I’ve covered Mike Grover’s infamous OMG cables before. Yours for just $179.99 and available in either USB-C or Lightning format, the cable is “a hand made USB cable with an advanced implant hidden inside.” Sold as an aid to Red Team pen-testing or training, they showcase the art of the possible. And while costing more than $180, intel and security agencies the world over have similar capabilities.
This is where Samsung’s new update comes in. By enabling Maximum Restrictions on your Galaxy phone—now the default for new devices, the setting blocks USB data access to the device. It’s strictly charging only. “Malicious chargers, computers, and other devices won’t be able to send commands to your phone when connected using a USB cable,” Samsung says. “This prevents unauthorised access and manipulation of your device and data through USB commands.” It will also block the installation of software onto your phone via a USB connection.
Maximum Restrictions
As reported by Samsung Magazine, “Samsung started rolling out the November security patch late last month. This one doesn't change much, but it modifies how the Auto Block function works. It now blocks all USB connections except for charging.”
There are some inadvertent issues with this new update, which while “good for security, hinders the application Android Car in operation on devices Galaxy, at least over a cable connection.” You can fix the issues by playing with the settings, but my recommendation would be to keep the restriction enabled.
iOS 18 USB data connection restriction
So, let’s turn to the way iPhones handle this risk. Unless you want to hamper your device by putting it into Lockdown mode, iPhone’s default is assumed consensus when unlocked. But in your FaceID and Passcode setting, you have an “Accessories” option which you should toggle off. This prevents data connections when your phone has been locked for an hour or more, but doesn’t block data connections when unlocked—although exfiltrated data cannot be decrypted off-device.
The way the iPhone data connection restrictions works is as follows:
Regardless of whether juice-jacking is overhyped or not, it’s good to be wary of plugging a charging cable into an unknown socket in a public place. I recommend using your own charger or buying a physical data blocker that sits between your cable and the socket. These are cheap and readily available online. With hotels and lounges starting to default to USB sockets, there are good to have on-hand.
When travelling overseas or if you’re potentially a target given your politics or profile, then it’s definitely not recommended. If someone does want access to your phone and your data, make it as difficult as possible to do so.
One Community. Many Voices. Create a free account to share your thoughts.
Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.
In order to do so, please follow the posting rules in our site's Terms of Service. We've summarized some of those key rules below. Simply put, keep it civil.
Your post will be rejected if we notice that it seems to contain:
User accounts will be blocked if we notice or believe that users are engaged in:
So, how can you be a power user?
Thanks for reading our community guidelines. Please read the full list of posting rules found in our site's Terms of Service.