Proposed new jargon: “toothbrush botnet” to mean “unfounded public panic about an information security threat derived from incompetent journalism about hypothetical scenarios”
Example usage: “it turns out juice jacking was just a toothbrush botnet”
@glyph Wait is juice jacking really a toothbrush botnet? I bought USB condoms for nothing?
I guess I always thought of it like plugging a random USB device into my computer. Actually a dangerous thing to do, but also if you spent all day plugging random USB drives you found or got at conferences into your device, the modal outcome is that nothing bad would happen to you.
@pganssle the panic and the warnings were specifically about skimmer-style attacks on travelers at airports and coffee shops, and that just never happened, not even once. There are plenty of malicious usb guest devices but they are typically a tool in a longer attack chain, not a threat in and of themselves.
@pganssle https://en.m.wikipedia.org/wiki/Juice_jacking
“As of April 2023 there have been no credible reported cases of juice jacking outside of research efforts.”