Chargers should only charge, there shouldn't be any data transfer.
When it comes to security, we should not give something more privileges than it requires to do its job.
Why do laptop chargers have data wires?<p>Maybe you have heard of usb condoms? It's a usb-c to usb or vice versa adapter where you modify it by removing the data wires which are on the sides. Then there is only power. Why don't the charger manufacturers do this themselves and remove the data wires if there is no purpose for them? It creates an unnecessary security risk by having the data wires.<p>What are your opinions on this? How do you approach this security threat? Or do you not do anything about it at all?
The marginal happiness for 1% of security nerds would be vastly outweighed by frustration for 99% of people who don’t care.<p>I don’t want a bunch of broken fake USB-C cables lying around that work for slow charging only and will totally fail when used with my mouse, keyboard, running an external display, etc. I get these kinds of USB-C cables from time to time in boxes with mediocre gadgets and throw them out! Anker’s whole brand was originally based on testing USB cables to weed out the broken ones after all.<p>What is the threat model here anyways? My approach to security when charging my devices is:<p>1. Use my own charger and cable<p>I am not worried about my power supply brick getting pwned by a rootkit delivered via the airplane’s AC power mains and then that pivoting to my laptop.<p>So is the threat that my power brick got pwned on its way from the factory to me?
The USB standard only allows 7.5W (5V @ 1.5A) of power. By negotiating over the data lines, the supplier and consumer can agree to higher amperage and voltage (up to 100W in USB3, 240W in USB3.1) - but you need data lines for this feature.<p>Some USB condoms include a chip to do this negotiation (with the other device) for you - but you still have to trust the chip.<p>You may very well have experienced this with a very basic USB cable (with just the power lines) - people call them cheap or bad quality, but because of the lack of data lines - only 7.5W can be delivered.<p><a href="https://en.wikipedia.org/wiki/USB" rel="nofollow">https://en.wikipedia.org/wiki/USB</a>
It tells the laptop how much power is available. And with USB-PD charging it is used for voltage negotiation which removes the risk of destroying a laptop with the wrong voltage charger, while still allowing chargers to be swappable and interchangeable.<p>I believe they adapt charging speed to available power in some cases. Without the data pin, what if you wanted to make a a car charger, but the cigarette lighter couldn't support enough current for a full power charger? Or what if you wanted an ultra portable charger?<p>It's a useful feature for a pretty small extra risk.
There are two things to remember: one is that “juice jacking” is an urban legend hyped up by gullible police departments since the 2000s which just doesn’t happen in real life. Making computing clunkier for everyone doesn’t make any more sense than it does to put roofs over the keyboards in your server room to stop Tom Cruise from rappelling down from the ceiling.<p>Second, the same risk applies to every other device. Even if we eliminated charger docks and smart charging, we’d still have keyboards, mice, network adapters, storage, MFA tokens, etc. to worry about and that’s why your computer doesn’t blindly trust every device you connect any more. In 2004 you probably could have caused problems by presenting as a storage device with an auto run installer but now all you’re going to get are prompts.
I generally only charge with devices I own:<p>I charge my laptops with the charger from the manufacturer, where the data cables are used to control voltage and wattage; or from a docking station from the manufacturer. If Apple / Dell are trying to hack me, well, I'm screwed!<p>I charge my phone with my own charger (wall) and wireless stand that I bought from the manufacturer. If I want to travel light, I charge it with my laptop charger. (Thanks to USB C) Again, I don't think Apple / Dell are trying to hack me.<p>Other devices are charged with chargers I bought on Amazon. I haven't taken them apart, but I don't think they have some hidden 5G chip that's being used to hack me.<p>If you're worried about security, _carry your own charger_ instead of plugging into random public USB ports.<p>---<p>But, I want to point something out about security: At some point you have to trust someone. If you're nervous, I would stick to a set of chargers that you screen carefully, and carry them with you.
It's just so convenient to be able to use the same charger for every device, and to use the same port for either charging or connecting peripherals. Is it ideal from a security standpoint? Not at all. Does that matter? Not in 99+% of contexts. Security is just not a real issue for the vast, vast majority of people. Those who really have significant risks to consider should adjust their habits and lives accordingly, but nobody else is going to go back to the days of a different, incompatible, power supply for every piece of equipment.
There's a few cases where this makes sense:<p>* The laptop supports one or more power supplies, but with different current ratings, and the laptop needs to know how much it can safely draw. (This can be done with passives)<p>* The charger has dynamic power availability, possibly because it charges multiple devices, and the amount of power available varies with other factors, such as temperature.<p>* The charger has various output modes available, only some of which align with the device to be charged. Therefore, the two devices must negotiate a common set of parameters.<p>On the note of USB Condoms, they only interrupt the data lines, USB's power negotiation (nowadays) mostly happens on the power line itself. Though usually, the device's OS (if it has one) has limited/no visiblity to this, and a dedicated port controller handles this interaction, possibly passing higher-level information to the rest of the device.<p>There are some things that can be done to reduce the threat surface:<p>* Build the protocol parser as a FSM.<p>* Formal methods for critical systems.<p>* Severely restrict the expressiveness of the protocol, particularly any variable-length fields.
> Why do laptop chargers have data wires?<p>Charging cables have data wires because then they can be used as data cables, meaning you can pull the end out of the charger and plug it into some other device, since the USB-C port on the laptop that accepts charge is certain to be a dual-role port. If charging cables didn’t have data wires, you’d have to swap cables in this use case.<p>> Why don’t the charger manufacturers do this themselves and remove the data wires if there is no purpose for them? It creates an unnecessary security risk by having the data wires.<p>Because then everyone would have to buy additional USB-C data cables, and then (because it is more convenient) they’d use those with the charger anyway, and the only product would be more e-waste. I mean, the charger <i>already</i> is probably going to last much longer than the supplied cable, and eventually people are going to be using a separate cable with it, using a useless-for-other-purposes cable just accelerates that.<p>And the security risk is from untrusted chargers. For the charger manufacturer, their charger isn’t untrusted. If the buyer doesn’t trust them, they won’t trust them to supply a safe cable whether or not they actually do, so its not even a useful “secure” sales gimmick. If someone has security concerns about the charger manufacturer, they’ll get a power-only cable from a trusted party and use that, there is no benefit <i>to anyone</i> from the charger manufacturer providing a power-only cable except, I guess, for customers for whom the charger manufacturer is a trusted party, who wants a cable they can use with the original charger and also when they are charging from untrusted other chargers on the road, but compared to people who are better served by dual use cables <i>and</i> people who will use a separately-acquired “safe” cable with any charger, that’s going to be a <i>very</i> small audience.
> It creates an unnecessary security risk by having the data wires.
What are your opinions on this?<p>That you are correct. It creates no small security risk (as does the
overly-chatty relation between batteries and function boards nowadays)<p>(I am not sure you could produce a battery bomb without a separate
back-signal to detonate it)<p>USB was never a very far sighted show, It's undergone so many
revisions to squeeze more transfer of power and data out of it than is
good.<p>There are analogue methods. Current sensing and current limiting
circuits are ancient. You can build really sophisticated power supply
designs that match supply and sense problems. You can even encode data
as a side channel on the power lines themselves. But that would be
more expensive and since the separate data lines were already there
few designers thought to prioritise security over simplicity and cost.
USB-PD negotiation can be done before reaching the laptop, using a fixed-function adapter for the desired voltage and current. Then the final leg of the connection can be power-only. This is used to power older laptops via USB-c and barrel connector.
I'm assuming you're talking about the newer USB-C laptop chargers, instead of the old traditional "barrel plug" laptop chargers.<p>The main reason a data connection of some kind is necessary, is because it allows for universal chargers (the U in USB means "universal", after all). The same charger can be used for a laptop charging at 36V and 5A (<a href="https://frame.work/blog/framework-laptop-16-deep-dive---180w-power-adapter" rel="nofollow">https://frame.work/blog/framework-laptop-16-deep-dive---180w...</a>), and a phone which cannot tolerate anything above 5V and needs less than 3A. Even old "barrel plug" laptop chargers often already had some kind of data connection (for instance, old Dell chargers, which output a fixed 19V, could tell the laptop whether they are a 65W or a 95W charger, you can see it on the BIOS screen).<p>And for compatibility, the USB 2.0 wires (the negotiation described above happens on the separate CC wire) are also necessary. The way old USB-A phone chargers told the phone (which usually had a micro-B plug) they're a charger was through the USB 2.0 wires. The standard way of doing that is shorting both USB 2.0 wires together, but there are proprietary alternatives which do something else with these wires. A USB-C charger can charge these old phones through either a USB-C to micro-B adapter together with a USB-C cable, or a USB-C to micro-B cable.<p>> How do you approach this security threat? Or do you not do anything about it at all?<p>Frankly speaking, the security threat I'm more worried about is a low-quality or damaged charger accidentally putting unfiltered 127V AC into the USB port. The best way to protect against that threat, which also protects against the "charger is a malicious USB data device" threat you're worried about, is to carry and use only your own high-quality charger, together with a portable surge suppressor (which has a MOV with a fuse).
My guess is that in part chargers have data wires for the reasons you fear because there are people with the political capital, money, technical expertise, and motivation to shape consumer facing technologies to the interests of nation states. These people are dedicated professionals and to not achieve the simple things you fear would be grossly unprofessional.<p>But data cables in USB chargers also provide conveniences to ordinary people (which other comments mention). TANSTAAFL