An Open-Source Justification for USB Cable Paranoia


A coiled black USB-C to USB-C cable is shown on a white background.

Most people know that they shouldn’t plug strange flash drives into their computers, but what about a USB cable? A cable doesn’t immediately register as an active electronic device to most people, but it’s entirely possible to hide a small, malicious microcontroller inside the shell of one of the plugs. [Joel Serna Moreno] and some collaborators have done just that with their Evil Crow Cable-Wind.This cable comes in two variants: one USB-A to USB-C, and one with USB-C to USB-C. A tiny circuit board containing an ESP32-S3 hides inside a USB-C plug on each cable, and can carry out a keystroke injection attack. The cable’s firmware is open-source, and has an impressive set of features: a payload syntax checker, payload autocompletion, OS detection, and the ability to impersonate the USB device of your choice.The cable provides a control interface over WiFi, and it’s possible to edit and deploy live payloads without physical access to the cable (this is where the syntax checker should be particularly useful). The firmware also provides a remote shell for computers without a network connection; the cable opens a shell on the target computer which routes commands and responses through the cable’s WiFi connection (demonstrated in the video below).The main advantage of the Evil Crow Cable Wind is its price: only about $25, at which point you can afford to lose a few during deployment. We’ve previously seen a malicious cable once before. Of course, these attacks aren’t limited to cables and USB drives; we’ve seen them in USB-C docks, in a gaming mouse, and the fear of them in fans.

Thanks to [rustysun9] for the tip!


From Blog – Hackaday via this RSS feed

Jellyfin assistance


Hello,
I yet again come, hat in hand, for assistance from those wiser in the ways of the Linux. I’m having a bit of an issue downloading Jellyfin on my ElementaryOS laptop. I’ve tried all the guide on the first few pages of ddg only to receive errors after entering the comman “ sudo apt-get update “. I get ERR:3 https//repo.jellyfin.org/debian circle Release 404 Not found.

If someone can point me the way I’d be most appreciative

Unknown parent

mastodon - Link to source

Consider The Raven

@Arthur_500 I think it’s because he wasn’t sure that being smart meant that he was any better than the people around him, but that it did lead to some difficulties.

People who are busy telling everyone else they know how smart they are, all day “Aut Universitay” have a different set of life experiences.

At least 3 Killed, 67 Hospitalized After Iran's Latest Attack on Israel - Reports sputnikglobe.com/20250616/at-l…

China and Africa consolidate dynamic partnership socialistchina.org/2025/06/16/…

LIVE BLOG: ‘Devastating’ Strikes Hit Tel Aviv, Haifa as Iran Vows Resilience | Scores Killed in Gaza – Day 618 #Palestine palestinechronicle.com/live-bl…

Al-Mashat confirms Yemen’s support for Iran’s right to defend its sovereignty en.ypagency.net/359677

I wrote about how to turn in-person meetings into Signal groups, how to manage large semi-public Signal groups while vetting new members, and how to use announcement-only Signal groups, perfect for rapidly responding to ICE raids micahflee.com/using-signal-gro…
This entry was edited (3 weeks ago)

Aral Balkan reshared this.

in reply to Sherri_Ingrey

Recall the Social Vulnerability Index? Blacks and Latinos seemed hesitant to take an experimental vaccine. Government spent lots to convince them to get jabbed. Equity! Here they paid hip hop rap artists to convince blacks to vax that thang up!🥴
youtu.be/z8CO-1liTFc

archive.cdc.gov/www_cdc_gov/co…

The Canadian government's border bill, Bill C-2, includes provisions that would allow police and CSIS to request information from service providers, such as doctors, abortion clinics, hotels, without a warrant.

The bill would give authorities the power to ask for information without a warrant if there are reasonable grounds to suspect a crime or a potential breach of law. Providers would be gagged from disclosing that a demand had been made.

theglobeandmail.com/politics/a…

#canada #cdnpoli

Plume 0.7.0 is out!


Mastodon integration improved

A happy new year!

This release include many changes from v0.6.0 because one year passed since it released. I write significant changes. See release note for all changes.

Federation with Mastodon


Now Plume sign outgoing ActivityPub GET requests. This means Mastodon instances with security mode on accept Plume's requests. It improves interoperability with Fediverse.

Security fixes


We update dependent crates, some includes security fixes. All administrators are encouraged to update Plume.

Features


RtoL support was improved. Thanks trinity-1686a, mskf1383, mareklach and ahangarha!

Changes

Post URI


Posts’ URIs was changed. Plume uses Posts’ title for URI (with percent-encoded), while capital-cased dash-inserted slug have been used for former versions. Already published posts URIs didn’t change. This affects only newly published posts.

Fixes

Remote interaction


Remote interaction including fav, boost and comment hasn’t worked for some time. It was fixed.

Menu opening


Menu opening button hasn’t worked for iOS. It was fixed.

And some fixes are included in new version. See release page for details.


Thank you for reading on, writing on, translating, reporting issues and development on Plume. We will continue development even if it is slow. Welcome any contributing!

in reply to KitaitiMakoto

Just had a great win on one of the newest titles from joker gaming — the animations were stunning and the free spins actually delivered! joker gaming

Canadian media’s anti-Palestinian bias & Jewish sensitivities thecanadafiles.com/articles/ca…

Two NASA employees are being honored as part of the Samuel J. Heyman Service to America Medals, also known as the Sammies, recognizing outstanding federal employees who are addressing many of our country’s greatest challenges. Rich Burns of NASA’s Goddard Space Flight Center in Greenbelt, Maryland, and John Blevins of Marshall Space Flight Center in […]

Transparent peer review to be extended to all of Nature's research papers

Link: nature.com/articles/d41586-025…
Discussion: news.ycombinator.com/item?id=4…

in reply to George E. 🇺🇸♥🇺🇦🇵🇸🏳️‍🌈🏳️‍⚧️

State officials can only bring state charges; federal officials can only bring federal charges; and neither can prevent the other from charging within their own legal system. If there’s a federal charge or a federal pardon, the state still gets to charge, prosecute, and punish after conviction.

President Donald Trump does not plan to sign a joint statement of G7 members calling for de-escalation between Iran and Israel as those nations clash over Iran's nuclear program.

justthenews.com/politics-polic…

This Pfizer patent application was approved August 31st, 2021, and is the very first patent that shows up in a list of over 18500 for the purpose of remote contact tracing of all vaccinated humans worldwide who will be or are now connected to the “internet of things" by a quantum link of pulsating microwave frequencies of 2.4 gHz or higher from cell towers and satellites directly to the graphene oxide held in the fatty tissues of all persons who’ve had the death-shot.

Read that AGAIN!

Provocation sous faux drapeau : plan ukraino-britannique, torpilles russes et navire américain
Le Service russe de renseignement extérieur a annoncé la préparation d'une provocation conjointe ukraino-britannique en mer Baltique. Selon le SVR :
« L'un des scénarios envisageables consiste à organiser une attaque à la torpille russe contre un navire de la marine américaine. »
❗️Il est souligné que des torpilles de fabrication soviétique/russe ont déjà été transférées par l'Ukraine aux Britanniques.
Selon le plan :
« Certaines d'entre elles exploseront à une distance de sécurité du navire américain, tandis qu'une autre ne fonctionnera pas et sera présentée au public comme une preuve de l'activité malveillante de la Russie. »
▪️Ce scénario vise à susciter un écho international et à aggraver la situation dans la région.
Ostashko

#Russie #Ukraine #OTAN #UK

Iran Strikes Tel Aviv, Haifa in Unprecedented Missile Barrage tn.ai/3336334

#PJAK: «During this critical and decisive phase, we view the cooperation of Kurdish parties and the transition from party-based rule to popular self-governance in #Kurdistan as a historic duty. We call on all forces, parties, and civil society organizations—with Iranian women at the forefront—to launch a new phase of the #JinJiyanAzadi revolution. We declare our readiness to help initiate it. We believe that transitioning to a Democratic Republic of Iran requires shifting perspectives and departing from power-seeking, nationalism, patriarchy, and centralism. [...] We call on all the people of Iran, especially those in Kurdistan, to organize within democratic, popular structures. Through complete solidarity, they can minimize the destructive impact of war on each other».

anfenglishmobile.com/news/pjak…

#Iran

So I just thought I’d put some kibble out for the hedgehog before I forgot - they were around at about 8:30pm yesterday. I’ve made a hedgehog feeding station out of a crate to stop the cat eating everything. I walk past the lawn and look who’s trundling about. They had a rummage about in the ivy then back onto the lawn in front of me. This is taken without zoom. Hope they’re ok, but they seem pretty active. Last seen headed towards the area where the food is, after which I heard crunching.

Finally Free - The Last Three Head Home - Ask You to Keep Mobilizing - Freedom Flotilla (2025-06-16)

freedomflotilla.org/2025/06/16…
———

>> The Freedom Flotilla Coalition confirms that all the international human rights defenders and journalists that were aboard the civilian aid ship #Madleen are now en route home. The twelve were forcibly abducted and detained by Israeli forces while attempting to break Israel’s illegal and inhumane siege of Gaza and deliver humanitarian aid to its besieged population.

>> The last three detained #FreedomFlotilla volunteers, Marco van Rennes, Pascal Maurieras, and Yanis Mhamdi, were released from Israeli detention this morning and have begun their return to their home countries via the Jordanian border…

#BreakTheSiege
@palestine@lemmy.ml @palestine@a.gup.pe @israel

in reply to AK

Stand for Justice with Adalah = The Legal Center for Arab Minority Rights in Israel

donate.adalah.org/?lang=en&v=1

via freedomflotilla.org/2025/06/16…

>> We [The #FreedomFlotilla Coalition] are grateful to #Adalah, the Legal Center for Arab Minority Rights in Israel, for their steadfast and professional representation of these detainees, and we call on our supporters everywhere to join us in donating to support their important work.

#Madleen #BreakTheSiege

@palestine@lemmy.ml @palestine@a.gup.pe @israel

🚅 Time to take the #OWI to Brussels!
We are excited to co-organize the morning sessions at this year's #NGIForum on 20 June.

Our project leader @grani will speak on the freshly launched #OWI, both looking back and forward.

Following his keynote, there will be exciting policy statements from MEPs Alexandra Geese & Lina Gálvez plus two panel discussions surrounding #WebSovereignty and the future of #OpenWebSearch.

Join NGI Forum in Brussels or online.
Register here: ti.to/ngi/ngi-forum-2025

This entry was edited (1 month ago)

"Facts are stubborn things:

🇻🇳 #Vietnam
The US lied about the Gulf of Tonkin incident to drag the nation into a needless conflict. (1964)
🇰🇼 #Kuwait
The US lied about Iraqi soldiers taking babies out of incubators to rally support for a war against Iraq. (1990)
🇷🇸 #Serbia
The US lied about Serbian actions in Kosovo to justify NATO bombings and expand Western influence in the Balkans. (1999)
"

Israel enters the conflict with Iran with a clear edge: a modern, battle-hardened force, backed by advanced Western weaponry and total air dominance. Iran’s arsenal, weakened by years of sanctions and recent precision strikes, is struggling to keep up. FRANCE 24's Yinka Oyetade has more on how the two rivals stack up against each other.
#Iran #Israel #war

youtube.com/watch?v=VakYIPSdov…

Did The SCO Keep India Out Of The Loop When Issuing Its Statement Condemning Israel? thealtworld.substack.com/p/did…

Mes amis, ça chante fort chez certains rabbins en ce moment à propos de l’Iran. Je ne sais pas ce qu’ils boivent, mais ça doit être sacrément fort !
Ils sont en extase à l’idée que l’Amérique va intervenir, que l’Iran sera détruit, et que selon leur prophétie le Machiah apparaîtra une fois l’Iran tombé des mains de Edom (l'occident).

Toute cette guerre contre l’Iran n’a rien à voir avec le nucléaire ou une prétendue menace militaire.
C’est entièrement motivé par un délire messianique : ils attendent un effondrement de l’Iran pour « accélérer » la venue de leur Messie.

Quant au Premier ministre, ce Polonais devenu fanatique, il semble totalement obsédé par ces récits religieux au point d’en faire une boussole stratégique. C’est inquiétant.