British firms working for the UK’s military or intelligence services are advising staff not to connect their mobile phones to Chinese-made electric cars over fears that Beijing could steal sensitive national security data.
Executives at two of the nation’s leading defence giants have told The i Paper that the entire sector is taking a “cautious” and “belt and braces” approach to the possibility of the Chinese state spying on staff via the country’s electric vehicles (EVs).
The security clampdown within the UK’s highly secretive defence sector follows revelations from The i Paper that the Ministry of Defence (MoD) has banned cars relying on Chinese technology from sensitive military sites across the country. In some cases, the MoD has asked staff to park their EVs at least two miles from their workplace.
[…]
The latest disclosure of security worries relating to Chinese EVs could also raise concern among some EV buyers, who are increasingly turning to brands like BYD because of their affordability and longer range.
The role of Chinese companies and equipment in critical infrastructure was brought sharply into focus after the government was recently forced to take control of British Steel from its Chinese owner, Jingye Group, to prevent it from closing blast furnaces at the country’s last virgin steelmaking site.
It is understood that the UK’s leading military production groups, including BAE Systems, Rolls Royce, and Raytheon, as well as US defence giant Lockheed Martin and French defence and cyber security firm Thales, are among those firms that have taken precautions against the potential for Chinese EVs to spy on their staff.
[…]
We all need to learn to use charging cables for charging, and data cables for data connections, and not use these general purpose cables anymore. Maybe not today, but sooner or later there will be some widespread malware that teaches us the hard way.
Your phone should be configured to only allow charging and no data transfer by default. This is not a hardware issue and can be solved by just training employees properly.
Depends how paranoid you want to be, what if there’s an exploit that allows the bypass of the USB connection mode?
Yeah thats a valid concern
Thanks. It never occurred to me to do that. I rarely connect my phone to anything other than a wall socket anyway, but just in case…
Took me a few minutes to find the setting. It turned out I needed to have developer mode enabled to change it on Android, so it’s probably not something that a lot of people are aware of.
Thats fucked wtf?? Im on CalyxOS so idk whats normal but do normal android roms not have this exposed to the user without manual intervention? What company is your phone from if i might ask?
On my Pixel if I plug into a usb data connection it defaults to charge and gives me a notification that lets me switch USB mode. Think this flow has been standard for a while, also seen it on Samsung devices.
Might be there’s some other option under developer options.
Problem is that with USB-C, every time you plug a device to charge, it’s negotiating voltage and amperage with the charger via the data lines.
5V2A is all you need. Simply wait for the phone to charge or carry additional batteries if you need more power
maybe we need cable with a switch on them?
Phones need way more physical switches on them.
One for camera (maybe for mic, not sure how that would work out with the “phone” aspect for any of those deviants who still use their phones for voice calls), one for GPS. Maybe we could add one for USB data, next to the port. Actually even better for the camera would be a little slidey plastic cover like the old SGI webcams. One for a kill-switch that stops all battery power so it’s not pinging towers while it’s “off”.
IDK, it seems kind of silly that the solution to this particular problem is not hardened phones for defense personnel of which no ability to transfer data over the cable whatsoever would be a fairly good early step (one among many). There are lots more malicious chargers in the world other than Chinese vehicles. In general phones are just a nightmare.
The mic switch could be implemented as a combined accept call, record and enable mic button.
So you would only have to hit one button to accept a call and activate the mic.
@PhilipTheBucket @pulsey
Yeah. That’s the way. Maybe one physical switch for “answer call and enable mic” and one for “enable camera and open camera app”. And, if for some reason you want to, you can exit the camera app with it still turned on, but the normal recommended process is to flip it back closed when you’re done which takes you back to the home screen. (And, if being in the “wrong” position when you want it, if you exited the “wrong” way the last time, serves as a gentle reminder to be better about your data security.) I like it.
Your post got me thinking. For hardening, they could issue a special adapter which site between your phone and the cable connector, which blocks any data pins.
You’re onto something
USB condoms are a thing. I should get one in USB-C; mine only do A.
Remember the physical switch on floppy disks that enable or disable writing?
Good times.
I recently had to copy old photos from floppy disks that my dad has lying around. 3 images per disk, lol.
I rememeber downloading a little 20-second audio clip of some interesting radio traffic, and I think it took about 15 minutes to download.
Guess where those cables will be made.