, 11 tweets, 3 min read
My Authors
Read all threads
This story is everything wrong with infosec. Yes, researchers have demonstrated there is a theoretical danger. No, as far as anybody can tell, it's not happening in practice. I've plugged into every USB outlet I've found in airports and found no attacks.
It might be appropriate for the government to issue warnings of criminal activity they find in the wild. It's pretty stupid issuing warnings for every theoretical thing that might happen. Sadly, infosec can't tell about the difference, or just doesn't care.
In infosec, we are on a moral crusade. Security is important, whether you agree or not. You need to stop doing what you are doing, pursuing your own concerns, and instead pursue our concerns.
Did you know that hackers can release air in your tires, causing you to have an accident? You need to make sure to check the air pressure of your tires before each and every time you go for a drive. Actually, anything less than an hour spent verifying your car is lax safety.
Nobody in infosec retweeting that article actually read it. Otherwise, they will have noticed this glaring error. That's a completely different, unrelated problem with USB chargers.
That other thing was an alert about a hostile radio device made to look like a USB charger, not about a charge that would attack your phone over the charging cable. The warning was about removing unused chargers, not using chargers.
Getting technical details right doesn't matter, because the real issue is the moral Crusade we are on. All that matters is that we scare people constantly and make them pay attention to our concerns. Explaining things correctly does not matter.
As this tweet points out, if we just neutrally measure the cost, the cost of avoiding USB chargers is clearly greater than the cost of using them. Infosec doesn't care about the costs of security, only hypothetical benefits.
Also, that story is also everything that's wrong with journalism. There's no attempt to get both sides of the story and provide perspective. It's trying to get eyeballs by hyping the danger. There no money educating people that while there's a danger, they are probably safe.
That's a bit cynical. The truth is that reporters aren't smart, and therefore can't conceive of there being another side to the story. Nobody would argue that you should be unsafe, would they???
But my cousin's girlfriend has a mechanic who heard from a friend that they've seen attacks on the East Coast.
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Rob ☃️ Graham

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!