“You can’t be serious!” I exclaimed to myself when I saw this December 9 post on ghacks.net: “USB Condoms are a thing now.” Alas, it’s not a joke, but a deadly serious threat. Think about it: USB pinouts include a LOT more than power. Thus, for example, the USB 3.0 pinout chart shows 9 pins (10 if you count the shell, which also serves as an electrical shield). Every time you plug a USB cable into a USB port to charge something, you subject the charging device to inspection, attack, and possible exploits through those other data leads. And yes, I am talking about the USB ports you find all over airports, coffee shops, car dealerships, and on and on and on. You could be subject to attack unless you use — you guessed it — a USB condom.
There are many more lanes for data in a USB connector than there are power leads.
[Click on image for full-sized view. Source: USB3.com]
So Just What Is a USB Condom, Anyway?
Simple: it’s a USB adapter (male on one side, female on the other) into which you plug your USB cable on one side (the female). The other side (the male end) plugs into the charging receptacle whenever you might be in public or unsure about what’s really happening when you plug into a USB port under somebody else’s control. They work by connecting only the power pins between the “in” and “out” ends. Thus, they guarantee that data can’t transit the device, so no possibility of inspection, attack, or exploit. USB condoms cost under US$20, and it seems like they’re sure to become part of the standard traveling kit. Martin Brinkmann shows a hideous one in his article (linked earlier). I found a much nicer-looking one online for just over US$6 (shipping charge included, so double that amount for two of them, actually: picture below).
They don’t add much to the weight and bulk of your traveling gear, but they could offer additional security (and peace of mind). I just ordered two of them.
[Click image for full-sized view.]
Author: Ed Tittel
Ed Tittel is a 30-plus-year computer industry veteran. He’s a Princeton and multiple University of Texas graduate who’s worked in IT since 1981 when he started his first programming job. Over the past three decades he’s also worked as a manager, technical evangelist, consultant, trainer, and an expert witness. See his professional bio for all the details.