W dniu 20.08.2022 o 17:56, Tony Harminc pisze:
On Sat, 20 Aug 2022 at 08:58, Radoslaw Skorupka <[email protected]>
wrote:
[...]
4. USB is just interface, it can be external (more popular) or internal.
That's quite obvious. Less obvious is what should be reported by HMC. In
my humble opinion there is no big reason to report internal devices like
HDD, LAN NIC, etc. However there is big reason to report external
devices, because there is much bigger chance/risk that someone plugged
something. We know about phony keyboards, pendrive, etc. Interface is
irrelevant here, but the only external interface in HMC is USB - no
external SATA, no FireWire, no external PCIe, no ThunderBolt...
Thing is, there is no difference in what the HMC software (or firmware,
even) sees between an internal and an external USB device. It can't see
what you can see, i.e. the routing of the wire (if any) to another place
inside the case, or to a jack that is accessible from outside. So it seems
only reasonable to report on all USB devices it sees.
If it reports only on what *should* be there, and *should* be internal,
then obviously you may receive an incomplete report on what *is* there.
Seems to me you received exactly what you needed: you were surprised at the
reported presence of a device that you hadn't known about, you made
inquiries, and got the answer.
Yes, you are right - there is no logical difference between internal and
external USB port. However I can imagine "whitelisted" internal ports,
because every port has its own ID.
Nevermind.
More important is device whitelist. Since *we know* there is something
inside the guts, there is no reason to inform about it everytime. Please
note there are no messages about LAN interfaces, disk, etc. It doesn't
require sophisticated code to put "if device belongs to whitelist then
NOP". Reason: avoid the noise and user confusion.
Or at least simply *document it*. I wish I would find somewhere in the
HMC manual, page 1289: "all usb devices are reported. Note, internal
SmartCard Reader is also reported, however you cannot even touch it".
I think the last one do not require costly coding, development,
deployment, project management... ;-)
OK, I still suspect the reader shouldn't be here. Yes, I suspect this is
accidentally taken SE hardware for HMC.
--
Radoslaw Skorupka
Lodz, Poland
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
