© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I opened a duplicate thread, in the following link:
https:/
The user "Seth Arnold" asked my several questions and I replied to them all.
Here are my answers to his questions:
-------
"- How would a user interact when plugging in the first keyboard or mouse?"
The first keyboard and mouse are normally connected when powering on the PC.
The behaviour should be like today - no restrictions for the first keyboard and mouse.
(Normally the USB flash drive is connected only *after* that the normal keyboard & mouse are already connected.)
"- What if the malicious device was first only because it was 'earlier' in the USB network?"
If by "earlier in the USB network" you mean :
* "connected before the keyboard and mouse" then for now there is not much I can think of. But normally that does not happen, and *some* protection is better than none.
* "connected in parallel (same time) to keyboard & mouse" then alert the user that he needs to remove one of them in order to proceed.
"- How would the system tell a keyboard-with-hub that a user intended to buy from a keyboard-with-hub that a user didn't intend to buy?"
Hubs aren't the norm.
In case that someone has a hub (doubtful..) then he can always disable the security behaviour. I sincerely believe that most of the people would prefer to have more protection and little discomfort than having this huge exploit.
"- What would the interaction look like on a computer with no displays? With a dozen displays? With a dozen seats?"
With no displays: Does it connect via ssh? If so, then he could see the message. If not then a sound/beep would be activated. If having no speakers then the user should understand that something is wrong... But I think that this is rarely happen, therefore if it does happen - then it is probably(??) the USB exploit.
With dozen of displays: Simply display an alert window of some sort on one of the desktop (is this really a problem? How does Ubuntu manages to display errors with dozen of displays?).
With a dozen seats: What do you mean by "seats" ?
USB is very flexible indeed, but most people would prefer to know that their system is secure than spending few minutes (or half an hour in worst case) in understanding the (rare) problem and fixing it.
-------
This security feature, that protects against badUSB, should be *DISABLED* by default.
BUT the user should have the option to easily enable the feature - this makes sure that the user is aware of the problems that could arose due to the security feature.
Even if this security feature is implemented in the most simplistic approach - by disabling/prompting for all keyboard & mouse devices which are connected after an existing keyboard & mouse - then it will protect from *most* of the badUSB attacks.
Please do note that Windows already has a protection against badUSB. ("why not linux?")