Skip to content

June 17, 2017

Don’t plug that e-cigarette into your PC unless you’re sure it’s safe

by John_A

Why it matters to you

If you use an e-cigarette, you might want to keep it away from your PC’s USB port.

Not a day goes by, it sometimes seems, that we don’t hear about another way that hackers can attack our systems and steal our information. Keeping a system locked down and secure can seem like an impossible task when it can be vulnerable in ways that we’d never suspect.

One recent example is some work done by researcher Ross Bevington, who showed that the seemingly innocuous and decidedly low-tech e-cigarette can be used to break into a machine, as ExtremeTech reports. Don’t panic yet, however, because it’s not the vaporous aspects of e-cigarettes themselves that are at fault.

Bevington demonstrated the method of attack using an e-cigarette in a video that he shared on Twitter:

Sorry if I get vape pens banned at your work place…… pic.twitter.com/VYhIIvyDEx

— Wll buy derby ticket (@FourOctets) May 25, 2017

Basically, e-cigarettes require power to function, given that they heat up liquids to create vapors that users inhale as a substitute for burning tobacco. As with many devices today, some rechargeable e-cigarettes come equipped with USB connections to draw power from PCs — providing a handy way to keep vaping when you can’t get to a wall socket.

The problem is that any device that can plug into a USB port can hide electronics that can host malware that executes commands when plugged in and wreak havoc on a system. PCs have been designed to make it easy to run programs when USB drives are plugged in and that very convenience can make a system vulnerable to attack. The problem is so severe that some people are making tools that sit between a USB port and the outside world to form an elaborate barrier.

USB-based malware attacks are nothing new, nor are tools that can literally fry a motherboard merely by plugging in what looks like a typical USB flash drive. While modern systems do have some safeguards built in to stop code from executing, plenty of examples exist that enable these systems to be bypassed. The simplest response is to follow a strict policy of never plugging anything into your USB port if you’re not 100-percent certain it’s safe — and that includes waiting until you get to a plug before charging up your e-cigarette for a quick fix.




Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: