'Once you establish a pairing record with a device over USB, it's possible to connect wirelessly to the device at any point in the future (until the user restores their device) and perform the same tasks (running the built-in packet sniffer, downloading personal data from the device, etc.) at any time and without the user's knowledge,' he said. 'Everyone in the community is already well aware that juice jacking is technically very easy to do.'įurthermore, Zdziarski said, if the malicious charger does what he thinks it will, it could grant a hacker permanent access to an iPhone or iPad - thanks to the way iOS handles USB connections. 'The talk does not appear to be anything particularly new, although I can only judge it based on the abstract,' Zdziarski told TechNewsDaily. 'All users are affected, as our approach requires neither a jailbroken device nor user interaction.'īoston-based security expert Jonathan Zdziarski, who designs iOS hacking tools for law enforcement, said he's long been aware that Apple devices are vulnerable to such attacks - and that the exploit the Georgia Tech researchers will show may be just the tip of the iOS-weakness iceberg.
'Despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software,' the briefing abstract posted on the Black Hat website said.
