In addition to their suggested method of using a USB battery one can bring along a USB Data Blocker sometimes also known as a USB Condom. [1] example only, there are probably cheaper versions
Apple devices always ask for confirmation of permissions when I plug in USB charging cable, right? If I don’t confirm and provice permissions, will we still get ‘juice jacked’?
If there's an exploit that allows bypassing that, yes.
However, if such an exploit were to exist, it would be too valuable to Cellebrite/law enforcement/state-sponsored hacking that there's no way it would be wasted at random airports for drive-by attacks.
I have yet to find credible "juice jacking" stories. Can you put something malicious in a charger? Yes. Will it work against a decades-old Android phone or a stupid user that clicks "yes" to all the prompts? Probably. But I'm not aware of something that would work against modern devices - if it exists, it would only be deployed for targeted attacks because it would be too valuable to risk it leaking and subsequently getting patched.
In addition to their suggested method of using a USB battery one can bring along a USB Data Blocker sometimes also known as a USB Condom. [1] example only, there are probably cheaper versions
[1] - https://www.amazon.com/JSAUX-Blocker-Transparent-Protect-Cha...
Apple devices always ask for confirmation of permissions when I plug in USB charging cable, right? If I don’t confirm and provice permissions, will we still get ‘juice jacked’?
If there's an exploit that allows bypassing that, yes.
However, if such an exploit were to exist, it would be too valuable to Cellebrite/law enforcement/state-sponsored hacking that there's no way it would be wasted at random airports for drive-by attacks.
I have yet to find credible "juice jacking" stories. Can you put something malicious in a charger? Yes. Will it work against a decades-old Android phone or a stupid user that clicks "yes" to all the prompts? Probably. But I'm not aware of something that would work against modern devices - if it exists, it would only be deployed for targeted attacks because it would be too valuable to risk it leaking and subsequently getting patched.