On Monday, June 26, 2017 at 10:25:23 PM UTC-4, cooloutac wrote: > On Monday, June 26, 2017 at 9:24:57 PM UTC-4, pixel fairy wrote: > > On Monday, June 26, 2017 at 6:15:58 PM UTC-7, Unman wrote: > > > > > intended to also handle not-mouse devices. Perhaps it could be done by > > > monitoring every insertion? I dont know. > > > > filter out anything that is not an HID mouse event packet. as i understand > > it, the usb device is attached over a userspace socket so sys-usb is > > constantly sending the usb data to the target. this is where said data can > > be filtered. > > > > in my faded memory (qubes 3.2 until last november), connecting mice and > > keyboards were recognized as such in the pop-up, and keyboards with built > > in pointing devices would have separate pop ups for those. > > I think just at least separating them from dom0 is a step up. In other words > don't allow any usb device to dom0. whether or not they can infect the vm or > other devices is another story. > > I tried once to have two sys-usb's and swap the same controller but > apparenlty it doesn't work or I might have to disable a security feature for > it to work so I said why bother. I consider anything I plug a usb device > into untrusted anyways. > > Which brings us to the good point you bought, many of us have thought about > before, which is the safest kb's and mice to use? I guess the simplest and > most legacy like? is pci>usb or does it matter at all? I really have no > idea and would like to know myself. > > But one things for sure I do consider storage devices, phones and tablets > way more insecure then keyboards and mice. But when I get to that point I > soon assume my other hardware is probably way more likely infected then my > kb. And then I just start to wonder why bother, do I have to buy all new > electronics hardware for my home top to bottom every year. Is security only > for rich people? > > anyone know whats the safest model kb's to use?
Actually I think if really paranoid might have to go buy it off the shelf in person in the store. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/35f7b3f9-a202-4f79-a740-84c84506e055%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
