Attacker with physical USB access (e.g., public charging station with data):

Mitigation: Production devices should disable SCI in kernel config (CONFIG_SPRD_DIAG=n) or require USB authorization popup.

Example minimal Linux steps to confirm and open a port:

  • If /dev/ttyUSB0 appears, open:

  • Verify drivers

  • Watch system logs

  • Power and mode

  • Permissions (Linux/macOS)

  • Conflicting programs

  • Different adapter or cable