What is the point of this article? ”Cable advertised as containing a microchip and antenna revealed to contain microchip and antenna!”?
I had been neutral on this particular outlet, but on the search filter it goes.
I think it’s more like “look how easy it would be to hide complex electronics in your regular cables”
Yeah but this was much easier with USBA so its not really “news”
Being that it’s USB-C, which is much smaller, yes, it’s news.
There are a lot of C-to-C connections today, with A on its way out. Seeing the same tech embedded in C is rather worrisome - I don’t have an electron microscope to examine the cables I buy.
I meant the concept of compromised plugs and sockets in general shouldnt be news to anyone. I guess it is tho and that is not good.
I mean… Yeah… That’s what the cable is designed for.
Cool images through.
To be honest, the article wasn’t very clear on this, but do we know that the “secondary die hidden under the primary microcontroller” was for malicious purposes?
I would expect a pen-testing cable to be for more sophisticated than a regular USB-C cable.
It seems like tomshardware is hinting at the possibility of supply chain attacks, without referencing any newly identified examples.
I’m not sure I understand what you’re trying to ask.
The cable exists for malicious purposes. That’s the purpose of the cable.
The article seems to be just comparing it to standard cables which just have the circuitry for charging. Since this cable has additional capabilities, can host its own wifi network, etc. it needs additional controllers and antennae to support that.
Actually reading more of the article… It seems like the author doesn’t really know what the OMG cable is and is trying to frame it as some sort of unexpected thing. Comparing it to a standard USB cable makes no sense.
I thought the pen-testing cable was compromised. Which would make for an interesting supply chain attack.
The article wasn’t really clear on this, but I did get that they were simply referring to the large amount of circuitry.
Yeah it’s a weirdly written article if it’s just comparing the OMG cable to regular ones. Doesn’t really explain well what they’re trying to say.
At first I was going to say that’s silly, why wouldn’t they target more volume.
But then I realized that it would be interesting to have a focused ability to see what black hats and whitehats are working on at any given time.
And yeah that is an interesting angle…
Not to mention mass scale HW supply chain attack would likely have massive geopolitical and economic risks.
Image from the article:
