I believe their point was that if it is small enough to place a display it would be small enough to put a malicious chip inside.

Then again, this person discovered these cables this year and they've been out for awhile. And the OMG cable has been out for a few years now, which does exactly what they are afraid of. Which of course could be done by state actors for much longer.

This reminds me of the time when I held a cookout in my backyard and one of the guests came in through the supposedly locked back door. I realized that my lock was broken as the bolt didn't engage, and hadn't for years.

You can find them with full cell modems hidden in the cable end molding.

It's hard to discern if you're serious or joking. Is that an actual thing? I couldn't find anything by googling

I haven't heard of cell modems in particular, but I've used O.MG cables (described and sold here: https://shop.hak5.org/products/omg-cable; I am unaffiliated with either Hak5 or the team behind O.MG cables) which can create an ad-hoc Wi-Fi network for management/C2 reasons.

It's actually really easy to use (and almost scary, coming from never having used one of these).

They are quite pricey, but way less so than older cables used by security and jailbreak researchers in years past, which would run into the five figures.

I'm aware that there's are local keylogger/payload cables around which let you transmit data short range.

My surprise was specifically about the supposed cell modem within a 6€ cable

It's not that they're cheap cables - it's that they look like cheap cables (or better, middling expensive higher-quality ones).

Someone selling $200 cables for $2 just to spy on people reminds me of those stories of people supposedly giving out $10 pot lollipops to random children on Halloween

You're not going to sell them for $2 to random people on the street. You're going to sneakily replace the charging cord of some targeted $BIGCORP employee working in a Starbucks.

Yep - have a look at https://ha.cking.ch/s8_data_line_locator/

Since US doesnt have GDPR it would be the fiduciary duty to install mic's in all cables and record all conversations

I'm all for some privacy protections, but doesn't 2-party consent cover that particular use case already? In CA, it swings a bit far the other way, and if you have a hidden mic recording a business lying through their teeth with the intent to defraud you, you might have a little wiggle room, but the recording is likely to be thrown out of any civil actions (and some criminal actions).

In Kansas, we’re a 1-party consent state, which gets us back to the previous commenter.

Now pardon me while I scoot these potted flowers closer to you…

Don't you have to be party to the conversation to be 1-party? Should still be illegal to record one you're not a part of. (if such laws even apply in person rather than just over phones)

What's that, spider? move the flowers closer? Ok!

Such a recording can be used for parallel construction

Complexity usually makes it easier to hide stuff. Especially if the thing you want to hide and the thing you want to hide it in are highly similar.

I guess you can exfiltrate any data to nearby security cameras by randomly flashing sensitive bits every once in a while :)

Why would you do that with a display and visible light instead of a tiny antenna using basically any other part of the spectrum

Good thing the FCC doesn't regulate the visible spectrum. (We are assuming these malicious people also face the wrath of the FCC but somehow not the CFAA... right? :P)

There's more parts of the spectrum you can freely use that would work here.

It would certainly be more inconspicuous.