Hello. My question is:
Do I remain anonymous by charging my laptop with qubes-whonix with the same USB-C charger as my personal (not anonymous) iOS smartphone?
Can an attacker identify me because I use the same charger for anonymous and non-anonymous devices?
Hi,
If you use an usb-A - usb-C cable, make sure it only has support for charge and not data, if you use it in public area offering USB charging ports. The charging station may be rogue and try to steal data over USB or at least gather information about connected devices. This is not possible if the USB cable only has the pins for energy transfer. See How to tell a USB charge-only cable from a USB data cable - Dignited
If you use a regular power supply you plug on a wall, this does not contain any data and you are safe.
1 Like
The USB-C charger with USB Power Delivery support does communicate with connected device:
1 Like
Hi,
Get dedicated data-link-removal USB-bridge for charging, or multiple. If your plug is USB-C look for one which is USB-C-in → no-data-lines → USB-C-out connect to your device. Check rating of power. Usually these just cost very little money and are as tiny as a simple USB-stick. That way you can almost use any plug. Tamper sealed bridges are more expensive of course. Make sure to use these always unless you really have to transfer data.
It uses USB Power Delivery since the USB Type-C without PD only supports up to 15 W (5V 3A).
But I’m not sure what unique info can device get from the charger.
I guess if you are using an offline sys-usb qube, any USB(-C) cable can’t connect to the Internet. In the worst case, it could only detect when it charges a device running Qubes OS and transfer this information via the phone to a remote server.
Whether this is a real problem, is up to your own threat model.
my laptop charges even with sys-usb turned off. How can I make usb-c charge via sys-usb vm?
The charging itself likely works via different pins than the data transfer, which is why it works without sys-usb (as it should).
As I understood, you are not trying to avoid charging itself but to avoid a possible leak of information about charging. This is done by using sys-usb (and thus isolating the charging device from dom0). When sys-usb is shutdown, there is no data transfer, so you are safe. When it’s running, the qube might access some data, but this data can’t escape and will be wiped after the reboot of the (disposable) sys-usb.
Also dom0 knows about charging but if you don’t run untrusted software there, it won’t leak any data, too.
Well, let’s be honest, a USB-C power cable would definitely be an excellent place to implant something.
@0nz0titu16, it all depends on the following:
- What part of your computer handles the charging
- Most likely the BIOS - Whether that part of your computer allows this information to be visible to any other software further up the stack (the Xen hypervisor, the Linux kernel, the VM kernel(s), userspace applications)
- If you’re curious, you can try
dmidecodein dom0 and see if there’s anything there of note. Compare it when your charger is plugged in , and when it’s unplugged.
- If you’re curious, you can try
Most likely your charge will have some kind of device ID, but it might not be accessible to the OS. The Linux kernel knows when a charger is plugged in, when a battery status is “charging”, but I’ve never seen a Linux kernel ever able to report which type of charger is plugged in.
But then again, anything is possible 