A type of cyberattack that could set your smartphone on fire using its wireless charger (techxplore.com)
from Zerush@lemmy.ml to technology@lemmy.ml on 11 Mar 2024 09:05
https://lemmy.ml/post/13030852

#technology

threaded - newest

firefly@neon.nightbulb.net on 11 Mar 2024 09:53 next collapse
Let's pray they don't find a way to detonate the batteries!
Zerush@lemmy.ml on 11 Mar 2024 12:58 collapse

As in older iPhones? Without the need of an malicious charger

chahk@beehaw.org on 11 Mar 2024 13:57 collapse

Also Samsung Note 7 was da bomb!

Zerush@lemmy.ml on 11 Mar 2024 18:52 collapse

It is the result of, to make the phone thinner, putting a battery that is too thin for the necessary power and therefore it gets too hot. It happens when the design is governed by the commercial demands of managers rather than those of technicians.

gravitywell@sh.itjust.works on 11 Mar 2024 09:59 next collapse

According to the researchers, “A charger can be manipulated to control voice assistants via inaudible voice commands, damage devices being charged through overcharging or overheating, and bypass Qi-standard specified foreign-object-detection mechanism to damage valuable items exposed to intense magnetic fields.”

So if someone swaps your Qi charger for a malicious one they can ruin your phone (or some other device it’s supposed to detect as not a phone ?) and maybe execute arbitrary voice commands… 🥱

tias@discuss.tchncs.de on 11 Mar 2024 10:08 next collapse

I don’t really get how they consider this a meaningful attack vector at all. Of course I can set the phone on fire if I can replace the charger - that’s pretty much always going to be true and there’s no reasonable way to fix it. The only possible use I see is to do it when someone is not intentionally charging their phone, e.g. holding a malicious charger close enough when they have the phone in their pocket.

anachronist@midwest.social on 12 Mar 2024 04:21 collapse

Well now all we need is internet connected chargers with dodgy security…

michael_palmer@lemmy.sdf.org on 11 Mar 2024 11:30 collapse

Malicious charger:

<img alt="" src="https://lemmy.sdf.org/pictrs/image/5a2f2fde-721e-49c2-bd0b-d0fec79e6991.png">

M500@lemmy.ml on 11 Mar 2024 10:00 next collapse

Talk about a burner phone 😎☀️ Aaaaaeeeoooowwww

catfish@lemmy.ml on 11 Mar 2024 10:00 next collapse

Perhaps worth pointing out that the attacks require the attacker to position a piece of hardware between the Qi charger and the power source.

tourist@lemmy.world on 11 Mar 2024 11:59 collapse

Is that piece of hardware a bic lighter

jerrythegenius@lemmy.world on 11 Mar 2024 12:25 collapse

Could be

moosetwin@lemmy.dbzer0.com on 11 Mar 2024 17:02 next collapse

this is unrelated but that is a really nice diagram

Midnitte@beehaw.org on 11 Mar 2024 20:23 next collapse

A charger can be manipulated to control voice assistants via inaudible voice commands…

This seems like the scarier attack, to be honest…

Though, surely there’s filtering that can be performed to prevent that as an attack vector

[deleted] on 12 Mar 2024 07:12 collapse
.
Midnitte@beehaw.org on 12 Mar 2024 09:59 collapse

Right, and Google uses those frequencies to pair Chromecasts - my point was that if they’re using it (and aware of it), surely they have a way to detect (and filter) it.

[deleted] on 12 Mar 2024 17:57 collapse
.
DeltaTangoLima@reddrefuge.com on 12 Mar 2024 21:06 next collapse

If feel this is (unintentionally) stretching the use of the word cyberattack. Rightly or wrongly, most people consider a cyberattack a form of hacking/attack that’s executed via a network or the internet.

I know its true definition any form of attack against data, network, or computing device (including smartphones), but this headline could easily lead people to think their phones could be set on fire by some anonymous l337 hAx0r over the internet.

While technically true, it requires physical exploit first.

Zerush@lemmy.ml on 12 Mar 2024 21:10 collapse

Anyway it isn’t a good idea to use a cheap charger with unknown brand, or one which isn’t the own one at home.

jmbreuer@lemmy.ml on 13 Mar 2024 17:07 collapse

So… Considering necessary access, it’s a quarter step above “cooking a phone in a microwave oven might catch it on fire”, IMO.