Project

General

Profile

USB connexion

Added by E D almost 9 years ago

Hello,

I recently linked my i9300 to my professional computer with one USB cable in order to refill the battery.

I noticed that the PC instantly recognized the smartphone and offered me to display its whole content, not only the external SD card but also the internal one.

I was first afraid that there was no authentification process to prevent anyone from thus seeing (and possibly modifying) the whole smartphone content.

Later I understood that the PC could access the smartphone only if it was already unlocked (I use password).

Nevertheless, it seems to me a big security hole that the smartphone content could be accessed in such a way.

Indeed, anyone wanting to do so just needs an USB cable, a PC with Samsung drivers installed. Of course, it also needs some physical access to my
smartphone ... but they are, to my opinion, to many occasions ... The first one being that when I have to recharge the battery, I would have to trust
a Windows computer on which I have no admin rights.

So, I wanted to completely disable the smartphone from offering itself to the computer, but is seems impossible, at least through the UI,
which gives the choice of either MTP or PTP connexion.

Is there a way to completely disable the USB connexion ? I rarely need it.

One way would be to use a degraded USB cable, sometimes you get with mass storage purchase, whose purpose is to provide only additional power.
But I would have then to take with me to kind of USB cables.

Thank you for your attention and suggestions

Best regards


Replies (3)

RE: USB connexion - Added by My Self almost 9 years ago

[...] Later I understood that the PC could access the smartphone only if it was already unlocked (I use password).

Jip. Nothing will be mounted until you unlock your device (before or while it's connected to your PC).
It seems that there is no option to unmount the once unlocked device on Windows. (On Linux you're able to unlock it again).

[...] Indeed, anyone wanting to do so just needs an USB cable, a PC with Samsung drivers installed. Of course, it also needs some physical access [...]

(On Linux, you don't need to install more drivers, it'll work out of the box). And yes, physical access to your devices is the worst case.

So, I wanted to completely disable the smartphone from offering itself to the computer, but is seems impossible, at least through the UI,
which gives the choice of either MTP or PTP connexion.

Nope, it's possible over the UI:
  • Settings -> Storage -> tap on the three dot menu (top right) -> USB computer connection
    and switch to "Mass storage".
The same is possible over the shell:
  • setprop persist.sys.usb.config mass_storage,adb

(You can set this back to MTP over: setprop persist.sys.usb.config mtp,adb)

So you'll be asked every time you connect your device over USB with the button (an your Android device): [Turn on USB storage]
If you like to do so, you're able to unmount the internal and/or external storage separately, followed by the tap on the button (on your Android device again): [Turn off USB storage].

Is there a way to completely disable the USB connexion ? I rarely need it.

The first idea I have, is to set the USB connection to "charge only"-mode over the shell:
  • setprop persist.sys.usb.config adb
(Then neither MTP nor USB mass storage will be used). Additionally you should consider to disable ADB over:
  • Settings -> Developer Options -> Android Debugging

to avoid further connectivity vulnerabilities, (like the "P2P-ADB attack").

Hope this helps a bit.

RE: USB connexion - Added by E D almost 9 years ago

Hello,

Thank you for your answeer,

"setprop persist.sys.usb.config adb" was all I wanted to know.

Best regards.

PS : do you know where I may find some documentation about these settings "setprop ..."

RE: USB connexion - Added by My Self almost 9 years ago

PS : do you know where I may find some documentation about these settings "setprop ..."

Here is an (example) page <how the property system works>:
http://rxwen.blogspot.de/2010/01/android-property-system.html

For further details or documentation, please consult the search engine of you choice.

    (1-3/3)