This USB attack and LPE exploit by to completely compromise Android devices is absolutely incredible. bugs.chromium.org/p/project-zero - "communication with new USB devices should be limited while the screen is locked" -- 😂
Conversation
Attack vector still there in Android 9 on unlocked device by using e.g. a rogue charger. It was mitigated long time ago by in AndroidHardened by using deny_new_usb kernel patch from . Not implemented neither in aosp nor upstream kernel.
1
2
3
It hasn't worked that way for a long time and doesn't use an on/off toggle. That looks like an early release from several years ago. It uses code in the lockscreen and defaults to disabling new USB peripherals when locked with the option to always or never disallow them instead.
2
1
2
The sysctl won't ever be landed upstream because kernel.org/doc/Documentat is available and doesn't want an overlapping feature. The simpler approach can be mapped onto that without needing a patch.
Hooking it into the lockscreen is trivial: github.com/AndroidHardeni.


