• catfish@lemmy.ml
    link
    fedilink
    arrow-up
    63
    ·
    9 months ago

    Perhaps worth pointing out that the attacks require the attacker to position a piece of hardware between the Qi charger and the power source.

  • Gravitywell@sh.itjust.works
    link
    fedilink
    arrow-up
    26
    arrow-down
    1
    ·
    9 months ago

    According to the researchers, “A charger can be manipulated to control voice assistants via inaudible voice commands, damage devices being charged through overcharging or overheating, and bypass Qi-standard specified foreign-object-detection mechanism to damage valuable items exposed to intense magnetic fields.”

    So if someone swaps your Qi charger for a malicious one they can ruin your phone (or some other device it’s supposed to detect as not a phone ?) and maybe execute arbitrary voice commands… 🥱

    • tias@discuss.tchncs.de
      link
      fedilink
      arrow-up
      21
      ·
      9 months ago

      I don’t really get how they consider this a meaningful attack vector at all. Of course I can set the phone on fire if I can replace the charger - that’s pretty much always going to be true and there’s no reasonable way to fix it. The only possible use I see is to do it when someone is not intentionally charging their phone, e.g. holding a malicious charger close enough when they have the phone in their pocket.

      • anachronist
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Well now all we need is internet connected chargers with dodgy security…

  • M500@lemmy.ml
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    1
    ·
    9 months ago

    Talk about a burner phone 😎☀️ Aaaaaeeeoooowwww

  • DeltaTangoLima@reddrefuge.com
    link
    fedilink
    English
    arrow-up
    8
    ·
    9 months ago

    If feel this is (unintentionally) stretching the use of the word cyberattack. Rightly or wrongly, most people consider a cyberattack a form of hacking/attack that’s executed via a network or the internet.

    I know its true definition any form of attack against data, network, or computing device (including smartphones), but this headline could easily lead people to think their phones could be set on fire by some anonymous l337 hAx0r over the internet.

    While technically true, it requires physical exploit first.

    • Zerush@lemmy.mlOP
      link
      fedilink
      arrow-up
      3
      ·
      9 months ago

      Anyway it isn’t a good idea to use a cheap charger with unknown brand, or one which isn’t the own one at home.

  • Midnitte@beehaw.org
    link
    fedilink
    English
    arrow-up
    5
    ·
    9 months ago

    A charger can be manipulated to control voice assistants via inaudible voice commands…

    This seems like the scarier attack, to be honest…

    Though, surely there’s filtering that can be performed to prevent that as an attack vector

  • Joe Breuer@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    9 months ago

    So… Considering necessary access, it’s a quarter step above “cooking a phone in a microwave oven might catch it on fire”, IMO.