This probably an outright hijack, but I suspect the answer will be a quick “no”:
Can “juice jacking” be done with a power source not directly connected to a data handling device–futzing with the electric current to jiggle the downstream operations?
Seems plausible to me. On a laptop, there is a chip monitoring the incoming power which regulates the voltage going to the battery to prevent over charging. That chip also communicates with the rest of the system to change performance settings depending on if the laptop is on AC or battery power. So if you can buffer overrun the power monitoring chip with the right voltage fluctuations you can get access to the system.
So yeah if you want to be 100 percent safe never plugin your laptop to public power either 
That’s a real stretch.
The power monitor chip probably communicates of some well-defined serial bus, like I2C or SPI. I can’t imagine any kind of exploit that would allow random data on either of those busses to re-program a processors’ Flash.
Yes its a real stretch, on the other hand its been demonstrated that you can read keyboard presses through power fluctuations:
The point I’m trying to make is that no USB power is not a major security risk, its a tiny insignificant security risk thats never been found in the wild. The number of phones you would infect per day is insignificant compared to an app based or MMS infection vector so why would the black hats bother with it? Not to mention the cost and difficulty of physically planting the infection devices in public places without being caught.
Cool. I wanted to mention, about juggling current surreptitiously for fun and profit, in conjunction with data monitoring of an effected device, seems highly doable: part of the big the Israeli-US hit on the Iranian centrifuges, some long time period, was to disrupt the spins minutely and seemingly randomly.
Actually, now I don’t know if the centriguges were attacked digitally themselves to read right, but get screwed with because of their current regulation, or to go ahead and get screwed with just a little.
But just as it was perhaps testing the malware (there’s some story of Honeywell or Siemens extraordinary dupe of the Iranian setup), wouldn’t surreptitious “meter readers” also be planted in the target stream, the data from which would be essential in the loop of these complex control/process data manipulation?
iOS devices have support for only a limited number of USB types, but that includes keyboards.
So iOS devices are susceptable to keyboard-imitation exploits.
Keyboard-imitation exploits require compromised USB controllers: it’s not something you can just load onto a thumb drive. Whether or not you call that a “major” security risk depends on your perspective.
All thumb drives contain sophisticated micro-processors used to handle the USB protocol and memory mapping/management, They also contain a huge amount of memory which can be used to store sophisticated malware.
You won’t be allowed to take any USB devices (including an USB power providers) into any seriously secure NSA-type facility.
We’re answering two different questions. Should security professionals worry about USB attacks to get data out of secure facilities? Yes absolutely.
Should random members of the public worry about plugging their phone into a USB jack at the airport? Nope, not really.
That exploit has been used since the the Selectric days…