Apple IOS Charger MACTANS Black Hat Hack Powered by Open Source?
From the 'Open Source BeagleBoard for Hackers' files:
The annual Black Hat USA security conference is coming up at the end of July and the hype around big attacks has already started. One of the early hyped talks is about hacking Apple power chargers to infect IOS (iPad,iPhone) devices.
"In this presentation, we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger," the talk abstract states.
This wouldn't be the first time that a 'power' related attack vector is used to infiltrate Apple. In 2011, Charlie Miller attempted to demonstrate (with very limited success) how he could attack Apple via the Mac battery.
The charger attack is somewhat different, in that the Black Hat speaker have built their own malicious charger called a Mactans. The interesting part (though not terribly surprising) is that they have used the open source Linux-powered BeagleBoardas the base of the Mactans.
The newest BeagleBoard is an ARM Cortex-A8 based system. It can run various flavors of Linux (including Ubuntu, Gentoo and Android) as its embedded OS.
While full details on this talk are not yet available - and with Black Hat there is always the possibility that a talk will be pulled - the reality is that since we already know the hardware base (and it's easily accessible) if the researchers ever decide to 'leak' their Mactans app, (*and assuming it works) there could be....trouble.
To be fair, hacking via a connected USB power supply source doesn't require open source hardware. Open source hardware just makes it easier to prototype and test. Still it's an interesting use-case and could serve to enable a new generation of hackers to hack on BeagleBoards (probably Raspberry Pi and Arduinos too!)
Sean Michael Kerner is a senior editor at InternetNews.com. Follow him on Twitter @TechJournalist.