Android has never been more secure—but while it’s narrowing, there’s still a gap to iPhone that Google and Samsung are working hard to overcome. Android 15’s raft of security and privacy upgrades, the current clampdown on sideloading, and the cull of high-risk apps from Play Store are all game-changing updates.
But there are now areas where Android security actually beats iPhone, which is an interesting change. One is the new cellular network defense that Google has added to Android 15—albeit no phone hardware is yet cable of running this, and the other is a little-known new Samsung update that’s an exceptional security option for users, and one to keep in mind when you next plug in your iPhone to charge.
Theft protection notwithstanding, if you have physical control over an unlocked device and have access to its PIN code, then you can do pretty much as you wish. All data is at risk, including the decrypted message stores for the likes of iMessage, WhatsApp and Signal, and even access to stored usernames and passwords.
But an attacker can gain quasi physical access to a device with a cable plugged into a phone in an unlocked state. So-called juice-jacking warnings are over-hyped—attackers are not really eyeing your phone in an airport lounge to steal your holiday snaps when you plug it in to charge. But targeted attacks—for example against those on overseas business trips or journalists, activists and dissidents, are very real.
I’ve covered Mike Grover’s infamous OMG cables before. Yours for just $179.99 and available in either USB-C or Lightning format, the cable is “a hand made USB cable with an advanced implant hidden inside.” Sold as an aid to Red Team pen-testing or training, they showcase the art of the possible. And while costing more than $180, intel and security agencies the world over have similar capabilities.
This is where Samsung’s new update comes in. By enabling Maximum Restrictions on your Galaxy phone—now the default for new devices, the setting blocks USB data access to the device. It’s strictly charging only. “Malicious chargers, computers, and other devices won’t be able to send commands to your phone when connected using a USB cable,” Samsung says. “This prevents unauthorised access and manipulation of your device and data through USB commands.” It will also block the installation of software onto your phone via a USB connection.
As reported by Samsung Magazine, “Samsung started rolling out the November security patch late last month. This one doesn’t change much, but it modifies how the Auto Block function works. It now blocks all USB connections except for charging.”
There are some inadvertent issues with this new update, which while “good for security, hinders the application Android Car in operation on devices Galaxy, at least over a cable connection.” You can fix the issues by playing with the settings, but my recommendation would be to keep the restriction enabled.
So, let’s turn to the way iPhones handle this risk. Unless you want to hamper your device by putting it into Lockdown mode, iPhone’s default is assumed consensus when unlocked. But in your FaceID and Passcode setting, you have an “Accessories” option which you should toggle off. This prevents data connections when your phone has been locked for an hour or more, but doesn’t block data connections when unlocked—although exfiltrated data cannot be decrypted off-device.
The way the iPhone data connection restrictions works is as follows:
- If your device has been locked for an hour, data connections are disabled. “This limits the attack surface against physically connected devices such as malicious chargers while still enabling usage of other accessories within reasonable time constraints.”
- Restrictions still apply during that hour in locked state. “Only data connections from accessories that have been previously connected to the device while in an unlocked state will be allowed. These accessories are remembered for 30 days after the last time they were connected.”
- If an unknown cabled accessory does try to establish a data connection during that hour, iPhone “will disable all accessory data connections over those connections until the device is unlocked again.”
- If no cabled data connection has been established for three plus days, iPhone “will disallow new data connections immediately after it locks. This is to increase protection for users who don’t often make use of such accessories.”
- If iPhone “is in a state where it requires a passcode to re-enable biometric authentication,” then all data connections are disabled.
Regardless of whether juice-jacking is overhyped or not, it’s good to be wary of plugging a charging cable into an unknown socket in a public place. I recommend using your own charger or buying a physical data blocker that sits between your cable and the socket. These are cheap and readily available online. With hotels and lounges starting to default to USB sockets, there are good to have on-hand.
When travelling overseas or if you’re potentially a target given your politics or profile, then it’s definitely not recommended. If someone does want access to your phone and your data, make it as difficult as possible to do so.
Read the full article here