-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 09/01/2016 06:55 PM, johnyju...@sigaint.org wrote: > I was thinking earlier that some form of a "USB Firewall" hardware > device might be cool to create; one that goes into each USB port in > between each device and the PC, and only passes a specific device, > or only a HID device (and doesn't permit a drive to add another HID > identity). Yet another side project for winter. :) There may be > existing products.
Ahem. Allow me to introduce you to a project I have been working on for a while now: https://github.com/robertfisk/usg/wiki https://github.com/robertfisk/USG/wiki/FAQ The USG (which is Good, not Bad) is a hardware firewall for your USB ports. It connects between your computer and your untrusted USB device, isolating the badness with two dedicated processors. Features: - Isolates low-level USB exploits by using a simple internal protocol with minimal attack surface - No hub support blocks 'hidden' malicious devices - Prevents devices changing their enumerated class after connection, stopping malicious class changes. Device support: mass storage (flash drives), keyboards, mice. Project status: You can build your own USG v0.9 hardware out of development boards if you are handy with a soldering iron. End user hardware is approaching production-ready status, samples will be available in the coming months. Feedback / pull requests / sales leads are welcome! Robert -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJXy8C+AAoJEN65WsAVra66zQEP/jJMgf8FnaLW9jLCb13dZbkM IQQ50CgOFyzVF+S//FlZ794k9qfMFxumxfVMATawsTBooNhlTa9ASedMrcoWMuZI fuYNMeVoSYijyavqvimHMS8axiKwaI48q6olrTsOKwDM6joBb3rKQnsv63NJlbH3 +qUOY9IVDSoFKG9ki9TpltknlYuI3NDIkPRr07Ekx5XiCs92CihuNn1xTlCtweEt 4Y1YtPv2HfYFGcbQk2w17efp0mFweiqZldsxbwNLEPv03GvrNg54vlxC1Yr8ByGB nSPHslfgaCOqv4/XMvYAUA+22b7+d6VxRIYFojetdmmCi5u5fIFGv+6ErLIpPTVs wNZOli0npmLeuAnYME+6wKw0ozsYtKQNudIATHy6t6IwWBew+SCoWnCdlJZQFx0i YZwv8kJXzqTGU50vxad1FsDYQL1AaBEJBwqAGS9vV5OsyvAqpXuUacZWzrLgT4hM +HupcnoWErFMZzbNZeTMMFHuP6yTwV0mh3jP99vLtLYyjYmq6qoy+aDCQUTvtH+Y 4wEq4h7VRY9U0HI5hq0B/5LyJw4KKpimYzNmSyiDi9/FSyRa9tPe1idYjHEQsCuU sTybVvwCocIKF23XV4vPHNYydcdMvG8aHHQSeZ9ywLEkmxTeL0s9SL1+qaOOcqPC c2HOcC6+FigpPFwrGvgC =Hvzi -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/57CBC0BE.6070709%40fastmail.fm. For more options, visit https://groups.google.com/d/optout.