Much has been made in the media about a recent FBI warning about “juice jacking,” the theoretical act of installing malware on or stealing data from an iPhone connected to a public charging station while you’re “juicing” up your battery. Researchers first demonstrated juice jacking in 2011 at the Defcon security conference.
There’s no harm in following the FBI’s advice, but why raise the topic now? When questioned by the fact-checking site Snopes, the Denver office of the FBI said it was a standard public-service announcement tweet. It was not based on specific intelligence.
More importantly, there’s no indication that there’s any reason to worry. The security site Krebs On Security quoted one of the original juice jacking researchers as saying that he isn’t aware of any known juice jacking kiosks existing in a public place outside of a security conference.
Making the risk of juice jacking even less concerning are security changes that Apple has made to iOS and iPadOS in response to the proof of concept at Defcon 2011. For several years now (since at least iOS 10 or maybe earlier), when you connect a device to a USB charger or device that does anything beyond providing power, you’ll see a prompt asking if you trust it. Given that there are no documented instances of juice jacking outside of a demonstration, it’s highly improbable that you’d get such a prompt when connecting to a public charging station, but if that were to happen, tap Don’t Trust and unplug your device just to be safe.
Honestly, just as with warnings about poisoned Halloween candy, these juice-jacking warnings don’t seem to be based on any documented instances. My take? It’s sensible to bring a USB charger when traveling and carry a battery pack as a backup because those will likely charge your phone faster than a public charger, but there’s no reason to worry about security when using a public charger. If you want to read further, Ars Technica published a lengthy piece on the subject.
(Featured image by iStock.com/ClaireLucia)