Chinese researchers from Tencent Security Labs have found an exploit that lets them change the firmware on fast chargers and cause physical damage to anything that's plugged into them.
Remember the Note 7? This exploit can do the same thing to any phone.
When I say physical damage, I mean real and dangerous damage, like components popping and burning, which could lead to a very serious problem since these circuits are also connected to the battery. This is something everyone needs to know about and take precautions against until manufacturers fix the problem.
Here's what is happening. For any battery-powered device to use fast charging, the device and the charger need to communicate. For example, when you plug your phone into a fast charger, the charger needs to know how much battery charge is left, what the temperature is, and what voltage is being applied to the actual charging circuit inside the phone.
A fast charger can do this because it is actually a smart device and has a microprocessor and firmware that can collect this information from the phone through the cable. The firmware isn't a full-blown operating system or anything like that, but it is coded and written to some memory inside the charger.
Some fast chargers — Tencent tested 35 models from different manufacturers and found 18 of them from eight different brands had issues — can update the firmware through the USB port that you plug your phone into. The researchers were able to build a method to alter the firmware through a phone or another device, whereby that firmware could then send far too much voltage than it should and fry the device connected to it.
Tencent doesn't name the manufacturers that have built vulnerable equipment, but it's a safe bet to assume that some of us are using them. That means everyone needs to do one simple thing — never let anyone use your charger.
Tencent doesn't name the affected chargers or tell anyone how to do this, but we still need to be careful.
Besides people who might knowingly use a device that can wreck a fast charger, there is a possibility that someone could be a victim of malware that turns their phone into a BadPower machine that tries to send bad firmware to any charger it uses. Everyone needs to employ common sense practices such as 1) never install apps from shady sources, 2) let Google or another malware scanner do its thing, and 3) accept updates as soon as they are available. However, despite your best practices and intentions, just know that malware attacks can still happen.
Tencent says manufacturers need to do one of two things to fix this: 1) disable the ability to accept firmware updates, or 2) use a method like your phone does where only updates that are signed by the company that writes the original firmware can be accepted. Tencent has contacted the companies making the chargers in question and hasn't released any information about how to act on the exploit itself.
We already know that fast charging isn't very good for battery health and longevity, but the sky isn't falling, and nobody needs to throw away their chargers at this time. Just take the steps you need to keep the software on your phone in check, and don't share chargers or cables. You definitely do not want your phone to catch fire just because you plugged it in.
Here are tech media's hot takes on Surface Duo
Reactions to the Surface Duo after its launch earlier this week ranged from disappointed to elated. Among the media, in particular, there was a surprising amount of enthusiasm for Microsoft's dual-screen device. Here's a look at some of the chatter from around the web.
Everything about the Fortnite fiasco sucks for smartphone users
Even if you'll never play Fortnite, what Epic, Google, and Apple are doing should have you concerned.
Spotify no longer sucks on Android tablets and Chromebooks
Spotify is now rolling out a new update that optimizes its UI for Android tablets and Chromebooks.
These are the best screen protectors for the Galaxy S8
If you're still sporting around a Samsung Galaxy S8, you'll want to ensure it stays in pristine condition until you're ready to upgrade. Keep your Galaxy S8's curved display protected with a quality screen protector!