{"id":14243,"date":"2019-01-04T08:30:02","date_gmt":"2019-01-04T16:30:02","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/01\/04\/news-7995\/"},"modified":"2019-01-04T08:30:02","modified_gmt":"2019-01-04T16:30:02","slug":"news-7995","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/01\/04\/news-7995\/","title":{"rendered":"Apple wants to stop you using dangerous USB-C devices"},"content":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Fri, 04 Jan 2019 07:16:00 -0800<\/strong><\/p>\n

Apple wants to make it harder for its customers to use cheap USB-C cables \u2013 and it\u2019s for your own good.<\/p>\n

These are the risks of USB-C cables<\/strong><\/p>\n

Cables are complicated and that\u2019s why friends don\u2019t let friends connect cut-price or otherwise unverified USB-C cables to their systems \u2013and soon, you won\u2019t be able to.<\/p>\n

Apple has warned its users to avoid using low-quality equipment for years. It was only in 2016 that it was revealed that hundreds of chargers at that time sold on Amazon and advertised as being made by Apple were in fact dangerous fakes<\/a>.<\/p>\n

These fakes were\u00a0likely to cause electric shock or burst into flames if exposed to high voltage, typical in the event of a power surge.<\/p>\n

Not only might cheap cables be poorly made and liable to accidentally damaging your device or setting themselves on fire, but there are other risks.<\/p>\n

Modified cables are also sometimes used as an exploit attempt by hackers eager to install malware inside of your devices. That\u2019s even before we look at systems that use USB to penetrate device security to steal your data, or USB thumb drives used as exploits in organised attacks against key infrastructure<\/a>.<\/p>\n

With so much enterprise and personal data stuffed inside our devices, most right-thinking people will want to protect themselves against any of these threats.<\/p>\n

So, it seems, do the manufacturers, with Apple and other members of the USB Implementer\u2019s Forum<\/a> (USB-IF) announcing<\/a> plans to introduce a USB-C authentication program they hope will help protect us against these risks.<\/p>\n

The USB Type-C Authentication Program is a scheme in which computers, smartphones and other \u201chost systems\u201d will be able to identify USB-C cables that don\u2019t meet the grade.<\/p>\n

When in place it will work like this:<\/p>\n

What\u2019s really important is that this protection is put in place before any power or data is exchanged between the systems. The certification authority is DigiCert<\/a>.<\/p>\n

Enterprise users know their data is at risk.<\/p>\n

Data stacks are driving infrastructure, proprietary data collections will drive future business opportunity and recent events have underlined how these collections of information\u00a0can be abused<\/a> to create incredibly difficult to fix problems.<\/p>\n

Getting hold of that information is a big business \u2013 all three of the following attack vectors will have been exploited in order to access data — either by injecting malware to gather data and send it back to a central command server, or to penetrate device security in another way.<\/p>\n

The USB-IF decision is a big step toward ensuring your valuable enterprise data is not stolen, damaged or subjected to ransomware as a result of this kinds of attacks.<\/p>\n

Apple already does something like this.<\/p>\n

iOS 12 introduced a new feature called USB Restricted Mode<\/a>. You control this feature in Settings>Face ID & Passcode\u00a0<\/em>in the Allow Access When Locked <\/em>section using the USB Accessories tool.<\/p>\n

In part, Apple\u2019s decision to introduce these controls reflects its crystal-clear commitment to privacy in a connected age.<\/p>\n

That\u2019s the same commitment that means it is developing AI solutions that work at the edge, on your device.<\/p>\n

However, it\u2019s a commitment that is also driven by all the many instances in which systems have been damaged or in some cases fires started through use of poor-quality cheap recharging systems.<\/p>\n

I doubt there are any manufacturers that want to be seen as responsible if someone is hurt or their property damaged because the device they were charging caught fire because its power adaptor was unsafe.<\/p>\n

What I think is interesting about this pan-industry initiative is how much it reflects that after a certain amount of time, players in any industry are forced to expend increasing quantities of resources securing their existing perimeter simply in order to stand still.<\/p>\n

That\u2019s the nature of most empires, of course: they reach a point at which they can no longer manage and finance their own expansion, at which time they must begin to contract<\/a>.\u00a0History shows us this tends to be how things work.<\/p>\n

Meanwhile, initiatives like this one should help make most of us feel a little more secure that some technology companies care enough to invest in order to help keep our data safe.<\/p>\n

We should probably ignore the ones that don\u2019t care about this.<\/p>\n

Please follow me on\u00a0Twitter<\/a>, and join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Fri, 04 Jan 2019 07:16:00 -0800<\/strong><\/p>\n

\n
\n

Apple wants to make it harder for its customers to use cheap USB-C cables \u2013 and it\u2019s for your own good.<\/p>\n

These are the risks of USB-C cables<\/strong><\/p>\n

Cables are complicated and that\u2019s why friends don\u2019t let friends connect cut-price or otherwise unverified USB-C cables to their systems \u2013and soon, you won\u2019t be able to.<\/p>\n

Apple has warned its users to avoid using low-quality equipment for years. It was only in 2016 that it was revealed that hundreds of chargers at that time sold on Amazon and advertised as being made by Apple were in fact dangerous fakes<\/a>.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[11078,6606,714],"class_list":["post-14243","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple-mac","tag-computer-hardware","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14243","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14243"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14243\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14243"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14243"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14243"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}