On 10/06/14 22:30, Poul-Henning Kamp wrote:
In message <201410061956.s96ju8s3089...@fire.js.berklix.net>, "Julian H. Stacey
I guess for serious security, every new device that is connected
& recognised by /sbin/devd should in future be personaly authorised
by a human ! One can no longer trust what reports itself to be
eg a keyboard to actually Be a keyboard, etc.
"no longer" ?
When you could you *ever* trust a USB device about anything ?
You should not assume you can trust hardware :-) Especially removable
It is possible to add a sysctl to halt the probing of USB devices, so
that USB devices can only be detached from the system. The problem is
that if the main input is a USB keyboard and that goes away, you have no
easy way to recover your system ...
Anyway, USB 2.0 and 1.0 are broadcast based, and technically one device
might highjack the traffic of another one.
email@example.com mailing list
To unsubscribe, send any mail to "freebsd-usb-unsubscr...@freebsd.org"