Data blockers — also known as USB condoms — are one of those cheap security tools that I recommend everyone who might find themselves using a random charger have in their pocket or bag. Along with a good VPN, antivirus software, and an encrypted flash drive, it’s one of those modern-day security tools that I think are essential.
OK, first off, what are data blockers? It’s a small dongle that adds a layer of protection between your device and the charging point you’re attaching it to, and it allows charging to happen but blocks any data from being communicated by physically severing the USB data lines, putting an air gap between the USB port and your smartphone, laptop, or whatever you are charging.
Why is this important? USB isn’t just a charging protocol, it also allows data to flow back and forth, and while most of the time this data flow is safe, it is possible to create a malicious charging port that can do bad things, such as plant malware on your device or steal your data.
I’m a big fan of the data blockers sold by PortaPow These are an inexpensive and super-simple solution to the problem of using untrusted USB charging devices.
2 x PortaPow 3rd-Gen USB Data Blockers
PortaPow has the only data blocker where the two wires which carry data have been physically removed, so you can be sure it is working.
Now, the other day a reader told me they were at an airport where someone was “handing out free USB data blockers,” and they wondered if I thought that was a bit strange.
Well, it is, because quite honestly, I wouldn’t trust a USB device that was handed out to me randomly. It could be anything, and after all, there are malicious data blockers out there in the wild.
Take a look at that image above and see if you can spot the fake data blocker there.
See it? No?
It’s this one.
That is a fake data blocker by a company called O.MG and it’s called the UnBlocker. While there are a lot of homebrew methods of making a malicious fake data blocker, this is a very high-quality commercial one that is hard to distinguish from a real data blocker — unless you know what to look for!
On the outside it looks like a regular data blocker, but on the inside it is packed with hardware that can be used to drop malicious payloads onto devices, and it can even be connected to remotely using Wi-Fi.
Here I’m using a special programmer to initialize the UnBlocker to get it ready for… well, whatever really.
OK, so how can you spot a fake data blocker?
Take a close look at the USB plug on the PortaPow data blocker and notice how there are only two connectors in the plug, and that the two middle pins — the pins that are used to transmit data — are missing. There’s even a cutout in the top of the USB plug and the words NO DATA printed on the connector.
For those who need more reassurance that their data blocker hasn’t been tampered with, PortaPow also make data blockers that are transparent.
Compare this to the UnBlocker which still has all four pins fitted. This is an immediate red flag.
Another way to spot a malicious data blocker (or cable or dongle — all these exist) is to use a malicious cable detector. Plug one end of the malicious cable detector into a USB adapter (not a device like a PC!), and the other end to a device you’re concerned about, and if the logo glows a bright red, something suspicious is going on.
At $150 a pop, I don’t think someone was handing out UnBlockers at an airport (unless hackers were targeting someone really important), but I still wouldn’t plug anything like this into any of my devices.
My recommendation is to buy your own data blockers — get a couple for USB-A and a couple for USB-C chargers — and maybe personalize them with stickers or some nail polish or scratch your name in them so they can’t be swapped or tampered with, and make them part of your travel kit.
Better to be safe than sorry!