On Thu, 14 May 2026 23:32:20 -0500 David Wright <[email protected]> wrote:
> On Thu 14 May 2026 at 23:18:41 (-0400), Stefan Monnier wrote: > > To bring this discussion back to Debian: does someone here know of a way > > to configure Debian so it asks for explicit confirmation before > > accepting new USB devices? > > Just don't run an automounter? That's all well and good if the hostile USB thingy acts like a thumbdrive. If the hostile USB thingy (which to casual inspection might just appear to be a USB cable) acts like a keyboard, I'm not sure what the computer would do. I'm not sure what would happen if I were to connect a second (normal) USB keyboard to my debian computer. I'll have to test that sometime. I would hope there were some configuration options to make things more secure about this. I would think if such options existed, they would be udev-related. I'm too lazy/busy/something to do a deep dive on this right now, but a while back I did some research on configuring a computer to load a different keyboard map depending on which keyboard was attached. As with many topics, the Arch Wiki has a lot of information: https://wiki.archlinux.org/title/Udev At a quick glance, there doesn't appear to be a "security" section to that wiki article, unfortunately. I'm also curious: besides keyboards, what other peripheral would a hostile USB device want to impersonate? Are there other attack methods to consider?
