BADPOWER: a Chinese firm has demonstrated a working hack to convince the firmware in dozens of power banks to push enough power to make the connected device halt and catch fire (or, more likely, catch fire and halt)
via gizmodo, as I cannot read the Chinese blog post: https://gizmodo.com/new-hack-can-trick-power-bricks-into-starting-fires-1844441247
please about threat profiles, requirement for physical access, efficacy rate, or any such related to this hack. thank.
@djsundog Jesus Christ, this is terrifying.
@djsundog excuse me what
@dotUser when we define specifications for power delivery that include negotiation, we mandate that things like batteries end up with firmware 🤷
@djsundog So the bad firmware causes the power bank to raise its output voltage? The Gizmodo article was total junk, all "Sends more electricity than the device can handle" and stuff.
@ifixcoinops yeah, close as I can tell it's exploiting the negotiation between the power bank and the device and intentionally charging at a higher voltage than the device can handle without a thermal event
@djsundog And to think, not too very long ago, it was pretty well decided and established that USB meant 5 volts, no more, no less.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!